Added Cyg-Win

This commit is contained in:
Frank Harris 2026-06-06 18:46:40 -04:00
parent 82cbc206eb
commit 413c315806
10586 changed files with 3806249 additions and 0 deletions

View file

@ -0,0 +1,311 @@
Program: GnuPG
Homepage: https://www.gnupg.org
Download: https://gnupg.org/ftp/gcrypt/gnupg/
Repository: git://git.gnupg.org/gnupg.git
Bug reports: https://bugs.gnupg.org
Security related bug reports: <security@gnupg.org>
Maintainer: Werner Koch <wk@gnupg.org>
License: GPL-3.0-or-later
GnuPG is free software. See the files COPYING for copying conditions.
License copyright years may be listed using range notation, e.g.,
2000-2013, indicating that every year in the range, inclusive, is a
copyrightable year that would otherwise be listed individually.
List of Copyright holders
=========================
Copyright (C) 1997-2019 Werner Koch
Copyright (C) 2003-2025 g10 Code GmbH
Copyright (C) 1994-2021 Free Software Foundation, Inc.
Copyright (C) 2002 Klarälvdalens Datakonsult AB
Copyright (C) 1995-1997, 2000-2007 Ulrich Drepper <drepper@gnu.ai.mit.edu>
Copyright (C) 1994 X Consortium
Copyright (C) 1998 by The Internet Society.
Copyright (C) 1998-2004 The OpenLDAP Foundation
Copyright (C) 1998-2004 Kurt D. Zeilenga.
Copyright (C) 1998-2004 Net Boolean Incorporated.
Copyright (C) 2001-2004 IBM Corporation.
Copyright (C) 1999-2003 Howard Y.H. Chu.
Copyright (C) 1999-2003 Symas Corporation.
Copyright (C) 1998-2003 Hallvard B. Furuseth.
Copyright (C) 1992-1996 Regents of the University of Michigan.
Copyright (C) 2000 Dimitrios Souflis
Copyright (C) 2008,2009,2010,2012-2016 William Ahern
Copyright (C) 2015-2019 IBM Corporation
Copyright (C) 2017 Bundesamt für Sicherheit in der Informationstechnik
Copyright (C) 2021 James Bottomley <James.Bottomley@HansenPartnership.com>
Authors with a FSF copyright assignment
=======================================
Ales Nyakhaychyk <nyakhaychyk@i1fn.linux.by> Translations [be]
Andrey Jivsov <openpgp@brainhub.org> Assigns past and future changes for ECC.
(g10/ecdh.c. other changes to support ECC)
Ben Kibbey <bjk@luxsci.net> Assigns past and future changes.
Birger Langkjer <birger.langkjer@image.dk> Translations [da]
Daniel Cerqueira <dan.git@lispclub.com> Translations [pt]
Pedro Morais <morais@poli.org> Translations [pt_PT]
Daniel Resare <daniel@resare.com> Translations [sv]
Per Tunedal <per@clipanish.com> Translations [sv]
Daniel Nylander <po@danielnylander.se> Translations [sv]
Daiki Ueno <ueno@unixuser.org> Assigns Past and Future Changes.
(changed:passphrase.c and related code)
David Shaw <dshaw@jabberwocky.com> Assigns past and future changes.
(all in keyserver/,
a lot of changes in g10/ see the ChangeLog,
bug fixes here and there)
Dokianakis Theofanis <madf@hellug.gr> Translations [el]
Edmund GRIMLEY EVANS <edmundo@rano.org> Translations [eo]
Florian Weimer <fw@deneb.enyo.de> Assigns past and future changes
(changed:g10/parse-packet.c, include/iobuf.h, util/iobuf.c)
g10 Code GmbH <info@g10code.com> Assigns past and future changes
(all work since 2001 as indicated by mail addresses in ChangeLogs)
Assignment for future changes terminated on 2012-12-04
(mail 87boe9x0e3.fsf@vigenere.g10code.de)
Gaël Quéri <gael@lautre.net> Translations [fr]
(fixed a lot of typos)
Gregory Steuck <steuck@iname.com> Translations [ru]
Maxim Britov <maxim.britov@gmail.com> Translations [ru]
Nagy Ferenc László <nfl@nfllab.com> Translations [hu]
Ivo Timmermans <itimmermans@bigfoot.com> Translations [nl]
Jacobo Tarri'o Barreiro <jtarrio@iname.com> Translations [gl]
Janusz Aleksander Urbanowicz <alex@bofh.torun.pl> Translations [pl]
Jakub Bogusz <qboosh@pld-linux.org> Translations [pl]
Jedi Lin <Jedi@idej.org> Translations [zh-tw]
Jouni Hiltunen <jouni.hiltunen@kolumbus.fi> Translations [fi]
Tommi Vainikainen <Tommi.Vainikainen@iki.fi> Translations [fi]
Laurentiu Buzdugan <lbgnupg@rolix.org> Translations [ro]
Magda Procha'zkova' <magda@math.muni.cz> Translations [cs]
Michael Roth <mroth@nessie.de> Assigns changes.
(wrote cipher/des.c., changes and bug fixes all over the place)
Michal Majer <mmajer@econ.umb.sk> Translations [sk]
Marco d'Itri <md@linux.it> Translations [it]
Marcus Brinkmann <marcus@g10code.de>
(gpgconf and fixes all over the place)
Matthew Skala <mskala@ansuz.sooke.bc.ca> Disclaimer
(wrote cipher/twofish.c)
Moritz Schulte <moritz@g10code.com>
(ssh support gpg-agent)
Niklas Hernaeus <nh@df.lth.se> Disclaimer
(weak key patches)
Nilgun Belma Buguner <nilgun@technologist.com> Translations [tr]
Nils Ellmenreich <nils 'at' infosun.fmi.uni-passau.de>
Assigns past and future changes
(configure.in, cipher/rndlinux.c, FAQ)
Paul Eggert <eggert@twinsun.com>
(configuration macros for LFS)
Pavel I. Shajdo <pshajdo@gmail.com> Translations [ru]
(man pages)
Rémi Guyomarch <rguyom@mail.dotcom.fr> Assigns past and future changes.
(g10/compress.c, g10/encr-data.c,
g10/free-packet.c, g10/mdfilter.c, g10/plaintext.c, util/iobuf.c)
Stefan Bellon <sbellon@sbellon.de> Assigns past and future changes.
(All patches to support RISC OS)
Timo Schulz <twoaday@freakmail.de> Assigns past and future changes.
(util/w32reg.c, g10/passphrase.c, g10/hkp.c)
Tedi Heriyanto <tedi_h@gmx.net> Translations [id]
Thiago Jung Bauermann <jungmann@cwb.matrix.com.br> Translations [pt_BR]
Rafael Caetano dos Santos <rcaetano@linux.ime.usp.br> Translations [pt_BR]
Toomas Soome <tsoome@ut.ee> Translations [et]
Urko Lusa <ulusa@euskalnet.net> Translations [es_ES]
Walter Koch <koch@u32.de> Translations [de]
Werner Koch <wk@gnupg.org> Assigns GNU Privacy Guard and future changes.
(started the whole thing, wrote the S/MIME extensions, the
smartcard daemon and the gpg-agent)
Assignment for future changes terminated on 2013-03-29
(mail 878v6dbut0.fsf@vigenere.g10code.de dated 2013-02-24).
Yosiaki IIDA <iida@ring.gr.jp> Translations [ja]
Yuri Chornoivan, yurchor at ukr dot net: Translations [uk]
Yutaka Niibe Assigns Past and Future Changes
(scd/)
Authors with a DCO
==================
Andre Heinecke <aheinecke@intevation.de>
2014-09-19:4525694.FcpLvWDUFT@esus:
Andreas Schwier <andreas.schwier@cardcontact.de>
2014-07-22:53CED1D8.1010306@cardcontact.de:
Arnaud Fontaine <arnaud.fontaine at ssi.gouv.fr>
2016-10-17:580484F4.8040806@ssi.gouv.fr:
Ben McGinnes <ben@adversary.org>
2017-12-16:20171216002102.l6aejk5xdp6xhtfi@adversary.org:
Christian Aistleitner <christian@quelltextlich.at>
2013-05-26:20130626112332.GA2228@quelltextlich.at:
Collin Funk <collin.funk1@gmail.com>
2025-04-29:87y0vi5imt.fsf@gmail.com:
Damien Goutte-Gattat <dgouttegattat@incenp.org>
2015-01-17:54BA49AA.2040708@incenp.org:
Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2014-09-24:87oau6w9q7.fsf@alice.fifthhorseman.net:
Hans of Guardian <hans@guardianproject.info>
2013-06-26:D84473D7-F3F7-43D5-A9CE-16580B88D574@guardianproject.info:
Ineiev <ineiev@gnu.org>
2017-05-09:20170509121611.GH25850@gnu.org:
Jakub Jelen <jjelen@redhat.com>
2021-04-06:606c816b.3jWNtfUlv+V/i0eS%jjelen@REDHAT.COM:
James Bottomley <James.Bottomley@HansenPartnership.com>
2018-02-01:1517501629.3145.9.camel@HansenPartnership.com:
Jiri Kerestes <jiri.kerestes@trustica.cz>
2018-07-25:<d77cfcda-bbc3-0620-4e81-10dff33a94ca@trustica.cz>:
Jonas Borgström <jonas@borgstrom.se>
2013-08-29:521F1E7A.5080602@borgstrom.se:
Joey Berkovitz <joeyberkovitz@gmail.com>
2022-07-05:CAKz+fXOKg3XDXbtHUo74Hmzo=h-AqBftLNGqF2nyAo+_Az+XCw@mail.gmail.com:
Joshua Rogers <git@internot.info>
2014-12-22:5497FE75.7010503@internot.info:
Jussi Kivilinna <jussi.kivilinna@iki.fi>
2018-02-11:2d8b7014-ff67-1e73-1152-9ff9fb8c10d7@iki.fi:
Kyle Butt <kylebutt@gmail.com>
2013-05-29:CAAODAYLbCtqOG6msLLL0UTdASKWT6u2ptxsgUQ1JpusBESBoNQ@mail.gmail.com:
Mario Haustein <mario.haustein@hrz.tu-chemnitz.de>
2022-09-26:8149069.T7Z3S40VBb@localdomain:
Michael Haubenwallner <michael.haubenwallner@ssi-schaefer.com>
2018-07-13:c397e637-f1ce-34f0-7e6a-df04a76e1c35@ssi-schaefer.com:
Phil Pennock <phil.pennock@spodhuis.org>
Phil Pennock <phil@pennock-tech.com>
2017-01-19:20170119061225.GA26207@breadbox.private.spodhuis.org:
Rainer Perske <rainer.perske@uni-muenster.de>
2017-10-24:permail-2017102014511105be2aed00002fc6-perske@message-id.uni-muenster.de:
Ramón García Fernández <ramon.garcia.f@gmail.com>
2015-02-09:CA+=ghChvG7GqRhb25eTSxXT16z-qah2tWwCaxp5xQ4PZt2TF1w@mail.gmail.com:
Stefan Tomanek <tomanek@internet-sicherheit.de>
2014-01-30:20140129234449.GY30808@zirkel.wertarbyte.de:
Tobias Mueller <muelli@cryptobitch.de>
2016-11-23:1479937342.11180.3.camel@cryptobitch.de:
Werner Koch <wk@gnupg.org>
2013-03-29:87620ahchj.fsf@vigenere.g10code.de:
William L. Thomson Jr. <wlt@o-sinc.com>
2017-05-23:assp.0316398ca8.20170523093623.00a17d03@o-sinc.com:
Yann E. MORIN <yann.morin.1998@free.fr>
2016-07-10:20160710093202.GA3688@free.fr:
Other authors
=============
The need for copyright assignments to the FSF has been waived on
2013-03-29; the need for copyright disclaimers for translations
already in December 2012.
The RPM specs file scripts/gnupg.spec has been contributed by
several people.
The function build_argv in agent/w32main.c is based on code from
Alexandre Julliard.
The gpg-zip documentation is based on the manpage for gpg-zip, written
by Colin Tuckley and Daniel Leidert for the GNU/Debian distribution.
The DNS resolver code is libdns by William Ahern; see COPYING.other.
The test driver is based on TinySCHEME by Dimitrios Souflis and
available under a permissive license; see COPYING.other.
Regular expression implementation is taken from Jim Tcl, originally
by Henry Spencer, and modified by others; see COPYING.other.
License
========
GnuPG is distributed under the GNU General Public License, version 3
or later (see file COPYING).
Note that some files are under a combination of the GNU Lesser General
Public License, version 3 (see file COPYING.LGPL3) and the GNU General
Public License, version 2 (see file COPYING.GPL2). Some files are
under the GNU Lesser General Public License, version 2.1 (see file
COPYING.LGPL21). A few files carry an all permissive license note as
found at the bottom of this file. A few files are distributed under
permissive licenses as listed in the file COPYING.other. Some other
small files are distributed under the Creative Commons Zero license
(see file COPYING.CC0) which basically puts them into the public
domain.
=========
Copyright 1998-2018 Free Software Foundation, Inc.
Copyright 1997-2018 Werner Koch
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

View file

@ -0,0 +1,676 @@
GNU GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The GNU General Public License is a free, copyleft license for
software and other kinds of works.
The licenses for most software and other practical works are designed
to take away your freedom to share and change the works. By contrast,
the GNU General Public License is intended to guarantee your freedom to
share and change all versions of a program--to make sure it remains free
software for all its users. We, the Free Software Foundation, use the
GNU General Public License for most of our software; it applies also to
any other work released this way by its authors. You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
them if you wish), that you receive source code or can get it if you
want it, that you can change the software or use pieces of it in new
free programs, and that you know you can do these things.
To protect your rights, we need to prevent others from denying you
these rights or asking you to surrender the rights. Therefore, you have
certain responsibilities if you distribute copies of the software, or if
you modify it: responsibilities to respect the freedom of others.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must pass on to the recipients the same
freedoms that you received. You must make sure that they, too, receive
or can get the source code. And you must show them these terms so they
know their rights.
Developers that use the GNU GPL protect your rights with two steps:
(1) assert copyright on the software, and (2) offer you this License
giving you legal permission to copy, distribute and/or modify it.
For the developers' and authors' protection, the GPL clearly explains
that there is no warranty for this free software. For both users' and
authors' sake, the GPL requires that modified versions be marked as
changed, so that their problems will not be attributed erroneously to
authors of previous versions.
Some devices are designed to deny users access to install or run
modified versions of the software inside them, although the manufacturer
can do so. This is fundamentally incompatible with the aim of
protecting users' freedom to change the software. The systematic
pattern of such abuse occurs in the area of products for individuals to
use, which is precisely where it is most unacceptable. Therefore, we
have designed this version of the GPL to prohibit the practice for those
products. If such problems arise substantially in other domains, we
stand ready to extend this provision to those domains in future versions
of the GPL, as needed to protect the freedom of users.
Finally, every program is threatened constantly by software patents.
States should not allow patents to restrict development and use of
software on general-purpose computers, but in those that do, we wish to
avoid the special danger that patents applied to a free program could
make it effectively proprietary. To prevent this, the GPL assures that
patents cannot be used to render the program non-free.
The precise terms and conditions for copying, distribution and
modification follow.
TERMS AND CONDITIONS
0. Definitions.
"This License" refers to version 3 of the GNU General Public License.
"Copyright" also means copyright-like laws that apply to other kinds of
works, such as semiconductor masks.
"The Program" refers to any copyrightable work licensed under this
License. Each licensee is addressed as "you". "Licensees" and
"recipients" may be individuals or organizations.
To "modify" a work means to copy from or adapt all or part of the work
in a fashion requiring copyright permission, other than the making of an
exact copy. The resulting work is called a "modified version" of the
earlier work or a work "based on" the earlier work.
A "covered work" means either the unmodified Program or a work based
on the Program.
To "propagate" a work means to do anything with it that, without
permission, would make you directly or secondarily liable for
infringement under applicable copyright law, except executing it on a
computer or modifying a private copy. Propagation includes copying,
distribution (with or without modification), making available to the
public, and in some countries other activities as well.
To "convey" a work means any kind of propagation that enables other
parties to make or receive copies. Mere interaction with a user through
a computer network, with no transfer of a copy, is not conveying.
An interactive user interface displays "Appropriate Legal Notices"
to the extent that it includes a convenient and prominently visible
feature that (1) displays an appropriate copyright notice, and (2)
tells the user that there is no warranty for the work (except to the
extent that warranties are provided), that licensees may convey the
work under this License, and how to view a copy of this License. If
the interface presents a list of user commands or options, such as a
menu, a prominent item in the list meets this criterion.
1. Source Code.
The "source code" for a work means the preferred form of the work
for making modifications to it. "Object code" means any non-source
form of a work.
A "Standard Interface" means an interface that either is an official
standard defined by a recognized standards body, or, in the case of
interfaces specified for a particular programming language, one that
is widely used among developers working in that language.
The "System Libraries" of an executable work include anything, other
than the work as a whole, that (a) is included in the normal form of
packaging a Major Component, but which is not part of that Major
Component, and (b) serves only to enable use of the work with that
Major Component, or to implement a Standard Interface for which an
implementation is available to the public in source code form. A
"Major Component", in this context, means a major essential component
(kernel, window system, and so on) of the specific operating system
(if any) on which the executable work runs, or a compiler used to
produce the work, or an object code interpreter used to run it.
The "Corresponding Source" for a work in object code form means all
the source code needed to generate, install, and (for an executable
work) run the object code and to modify the work, including scripts to
control those activities. However, it does not include the work's
System Libraries, or general-purpose tools or generally available free
programs which are used unmodified in performing those activities but
which are not part of the work. For example, Corresponding Source
includes interface definition files associated with source files for
the work, and the source code for shared libraries and dynamically
linked subprograms that the work is specifically designed to require,
such as by intimate data communication or control flow between those
subprograms and other parts of the work.
The Corresponding Source need not include anything that users
can regenerate automatically from other parts of the Corresponding
Source.
The Corresponding Source for a work in source code form is that
same work.
2. Basic Permissions.
All rights granted under this License are granted for the term of
copyright on the Program, and are irrevocable provided the stated
conditions are met. This License explicitly affirms your unlimited
permission to run the unmodified Program. The output from running a
covered work is covered by this License only if the output, given its
content, constitutes a covered work. This License acknowledges your
rights of fair use or other equivalent, as provided by copyright law.
You may make, run and propagate covered works that you do not
convey, without conditions so long as your license otherwise remains
in force. You may convey covered works to others for the sole purpose
of having them make modifications exclusively for you, or provide you
with facilities for running those works, provided that you comply with
the terms of this License in conveying all material for which you do
not control copyright. Those thus making or running the covered works
for you must do so exclusively on your behalf, under your direction
and control, on terms that prohibit them from making any copies of
your copyrighted material outside their relationship with you.
Conveying under any other circumstances is permitted solely under
the conditions stated below. Sublicensing is not allowed; section 10
makes it unnecessary.
3. Protecting Users' Legal Rights From Anti-Circumvention Law.
No covered work shall be deemed part of an effective technological
measure under any applicable law fulfilling obligations under article
11 of the WIPO copyright treaty adopted on 20 December 1996, or
similar laws prohibiting or restricting circumvention of such
measures.
When you convey a covered work, you waive any legal power to forbid
circumvention of technological measures to the extent such circumvention
is effected by exercising rights under this License with respect to
the covered work, and you disclaim any intention to limit operation or
modification of the work as a means of enforcing, against the work's
users, your or third parties' legal rights to forbid circumvention of
technological measures.
4. Conveying Verbatim Copies.
You may convey verbatim copies of the Program's source code as you
receive it, in any medium, provided that you conspicuously and
appropriately publish on each copy an appropriate copyright notice;
keep intact all notices stating that this License and any
non-permissive terms added in accord with section 7 apply to the code;
keep intact all notices of the absence of any warranty; and give all
recipients a copy of this License along with the Program.
You may charge any price or no price for each copy that you convey,
and you may offer support or warranty protection for a fee.
5. Conveying Modified Source Versions.
You may convey a work based on the Program, or the modifications to
produce it from the Program, in the form of source code under the
terms of section 4, provided that you also meet all of these conditions:
a) The work must carry prominent notices stating that you modified
it, and giving a relevant date.
b) The work must carry prominent notices stating that it is
released under this License and any conditions added under section
7. This requirement modifies the requirement in section 4 to
"keep intact all notices".
c) You must license the entire work, as a whole, under this
License to anyone who comes into possession of a copy. This
License will therefore apply, along with any applicable section 7
additional terms, to the whole of the work, and all its parts,
regardless of how they are packaged. This License gives no
permission to license the work in any other way, but it does not
invalidate such permission if you have separately received it.
d) If the work has interactive user interfaces, each must display
Appropriate Legal Notices; however, if the Program has interactive
interfaces that do not display Appropriate Legal Notices, your
work need not make them do so.
A compilation of a covered work with other separate and independent
works, which are not by their nature extensions of the covered work,
and which are not combined with it such as to form a larger program,
in or on a volume of a storage or distribution medium, is called an
"aggregate" if the compilation and its resulting copyright are not
used to limit the access or legal rights of the compilation's users
beyond what the individual works permit. Inclusion of a covered work
in an aggregate does not cause this License to apply to the other
parts of the aggregate.
6. Conveying Non-Source Forms.
You may convey a covered work in object code form under the terms
of sections 4 and 5, provided that you also convey the
machine-readable Corresponding Source under the terms of this License,
in one of these ways:
a) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by the
Corresponding Source fixed on a durable physical medium
customarily used for software interchange.
b) Convey the object code in, or embodied in, a physical product
(including a physical distribution medium), accompanied by a
written offer, valid for at least three years and valid for as
long as you offer spare parts or customer support for that product
model, to give anyone who possesses the object code either (1) a
copy of the Corresponding Source for all the software in the
product that is covered by this License, on a durable physical
medium customarily used for software interchange, for a price no
more than your reasonable cost of physically performing this
conveying of source, or (2) access to copy the
Corresponding Source from a network server at no charge.
c) Convey individual copies of the object code with a copy of the
written offer to provide the Corresponding Source. This
alternative is allowed only occasionally and noncommercially, and
only if you received the object code with such an offer, in accord
with subsection 6b.
d) Convey the object code by offering access from a designated
place (gratis or for a charge), and offer equivalent access to the
Corresponding Source in the same way through the same place at no
further charge. You need not require recipients to copy the
Corresponding Source along with the object code. If the place to
copy the object code is a network server, the Corresponding Source
may be on a different server (operated by you or a third party)
that supports equivalent copying facilities, provided you maintain
clear directions next to the object code saying where to find the
Corresponding Source. Regardless of what server hosts the
Corresponding Source, you remain obligated to ensure that it is
available for as long as needed to satisfy these requirements.
e) Convey the object code using peer-to-peer transmission, provided
you inform other peers where the object code and Corresponding
Source of the work are being offered to the general public at no
charge under subsection 6d.
A separable portion of the object code, whose source code is excluded
from the Corresponding Source as a System Library, need not be
included in conveying the object code work.
A "User Product" is either (1) a "consumer product", which means any
tangible personal property which is normally used for personal, family,
or household purposes, or (2) anything designed or sold for incorporation
into a dwelling. In determining whether a product is a consumer product,
doubtful cases shall be resolved in favor of coverage. For a particular
product received by a particular user, "normally used" refers to a
typical or common use of that class of product, regardless of the status
of the particular user or of the way in which the particular user
actually uses, or expects or is expected to use, the product. A product
is a consumer product regardless of whether the product has substantial
commercial, industrial or non-consumer uses, unless such uses represent
the only significant mode of use of the product.
"Installation Information" for a User Product means any methods,
procedures, authorization keys, or other information required to install
and execute modified versions of a covered work in that User Product from
a modified version of its Corresponding Source. The information must
suffice to ensure that the continued functioning of the modified object
code is in no case prevented or interfered with solely because
modification has been made.
If you convey an object code work under this section in, or with, or
specifically for use in, a User Product, and the conveying occurs as
part of a transaction in which the right of possession and use of the
User Product is transferred to the recipient in perpetuity or for a
fixed term (regardless of how the transaction is characterized), the
Corresponding Source conveyed under this section must be accompanied
by the Installation Information. But this requirement does not apply
if neither you nor any third party retains the ability to install
modified object code on the User Product (for example, the work has
been installed in ROM).
The requirement to provide Installation Information does not include a
requirement to continue to provide support service, warranty, or updates
for a work that has been modified or installed by the recipient, or for
the User Product in which it has been modified or installed. Access to a
network may be denied when the modification itself materially and
adversely affects the operation of the network or violates the rules and
protocols for communication across the network.
Corresponding Source conveyed, and Installation Information provided,
in accord with this section must be in a format that is publicly
documented (and with an implementation available to the public in
source code form), and must require no special password or key for
unpacking, reading or copying.
7. Additional Terms.
"Additional permissions" are terms that supplement the terms of this
License by making exceptions from one or more of its conditions.
Additional permissions that are applicable to the entire Program shall
be treated as though they were included in this License, to the extent
that they are valid under applicable law. If additional permissions
apply only to part of the Program, that part may be used separately
under those permissions, but the entire Program remains governed by
this License without regard to the additional permissions.
When you convey a copy of a covered work, you may at your option
remove any additional permissions from that copy, or from any part of
it. (Additional permissions may be written to require their own
removal in certain cases when you modify the work.) You may place
additional permissions on material, added by you to a covered work,
for which you have or can give appropriate copyright permission.
Notwithstanding any other provision of this License, for material you
add to a covered work, you may (if authorized by the copyright holders of
that material) supplement the terms of this License with terms:
a) Disclaiming warranty or limiting liability differently from the
terms of sections 15 and 16 of this License; or
b) Requiring preservation of specified reasonable legal notices or
author attributions in that material or in the Appropriate Legal
Notices displayed by works containing it; or
c) Prohibiting misrepresentation of the origin of that material, or
requiring that modified versions of such material be marked in
reasonable ways as different from the original version; or
d) Limiting the use for publicity purposes of names of licensors or
authors of the material; or
e) Declining to grant rights under trademark law for use of some
trade names, trademarks, or service marks; or
f) Requiring indemnification of licensors and authors of that
material by anyone who conveys the material (or modified versions of
it) with contractual assumptions of liability to the recipient, for
any liability that these contractual assumptions directly impose on
those licensors and authors.
All other non-permissive additional terms are considered "further
restrictions" within the meaning of section 10. If the Program as you
received it, or any part of it, contains a notice stating that it is
governed by this License along with a term that is a further
restriction, you may remove that term. If a license document contains
a further restriction but permits relicensing or conveying under this
License, you may add to a covered work material governed by the terms
of that license document, provided that the further restriction does
not survive such relicensing or conveying.
If you add terms to a covered work in accord with this section, you
must place, in the relevant source files, a statement of the
additional terms that apply to those files, or a notice indicating
where to find the applicable terms.
Additional terms, permissive or non-permissive, may be stated in the
form of a separately written license, or stated as exceptions;
the above requirements apply either way.
8. Termination.
You may not propagate or modify a covered work except as expressly
provided under this License. Any attempt otherwise to propagate or
modify it is void, and will automatically terminate your rights under
this License (including any patent licenses granted under the third
paragraph of section 11).
However, if you cease all violation of this License, then your
license from a particular copyright holder is reinstated (a)
provisionally, unless and until the copyright holder explicitly and
finally terminates your license, and (b) permanently, if the copyright
holder fails to notify you of the violation by some reasonable means
prior to 60 days after the cessation.
Moreover, your license from a particular copyright holder is
reinstated permanently if the copyright holder notifies you of the
violation by some reasonable means, this is the first time you have
received notice of violation of this License (for any work) from that
copyright holder, and you cure the violation prior to 30 days after
your receipt of the notice.
Termination of your rights under this section does not terminate the
licenses of parties who have received copies or rights from you under
this License. If your rights have been terminated and not permanently
reinstated, you do not qualify to receive new licenses for the same
material under section 10.
9. Acceptance Not Required for Having Copies.
You are not required to accept this License in order to receive or
run a copy of the Program. Ancillary propagation of a covered work
occurring solely as a consequence of using peer-to-peer transmission
to receive a copy likewise does not require acceptance. However,
nothing other than this License grants you permission to propagate or
modify any covered work. These actions infringe copyright if you do
not accept this License. Therefore, by modifying or propagating a
covered work, you indicate your acceptance of this License to do so.
10. Automatic Licensing of Downstream Recipients.
Each time you convey a covered work, the recipient automatically
receives a license from the original licensors, to run, modify and
propagate that work, subject to this License. You are not responsible
for enforcing compliance by third parties with this License.
An "entity transaction" is a transaction transferring control of an
organization, or substantially all assets of one, or subdividing an
organization, or merging organizations. If propagation of a covered
work results from an entity transaction, each party to that
transaction who receives a copy of the work also receives whatever
licenses to the work the party's predecessor in interest had or could
give under the previous paragraph, plus a right to possession of the
Corresponding Source of the work from the predecessor in interest, if
the predecessor has it or can get it with reasonable efforts.
You may not impose any further restrictions on the exercise of the
rights granted or affirmed under this License. For example, you may
not impose a license fee, royalty, or other charge for exercise of
rights granted under this License, and you may not initiate litigation
(including a cross-claim or counterclaim in a lawsuit) alleging that
any patent claim is infringed by making, using, selling, offering for
sale, or importing the Program or any portion of it.
11. Patents.
A "contributor" is a copyright holder who authorizes use under this
License of the Program or a work on which the Program is based. The
work thus licensed is called the contributor's "contributor version".
A contributor's "essential patent claims" are all patent claims
owned or controlled by the contributor, whether already acquired or
hereafter acquired, that would be infringed by some manner, permitted
by this License, of making, using, or selling its contributor version,
but do not include claims that would be infringed only as a
consequence of further modification of the contributor version. For
purposes of this definition, "control" includes the right to grant
patent sublicenses in a manner consistent with the requirements of
this License.
Each contributor grants you a non-exclusive, worldwide, royalty-free
patent license under the contributor's essential patent claims, to
make, use, sell, offer for sale, import and otherwise run, modify and
propagate the contents of its contributor version.
In the following three paragraphs, a "patent license" is any express
agreement or commitment, however denominated, not to enforce a patent
(such as an express permission to practice a patent or covenant not to
sue for patent infringement). To "grant" such a patent license to a
party means to make such an agreement or commitment not to enforce a
patent against the party.
If you convey a covered work, knowingly relying on a patent license,
and the Corresponding Source of the work is not available for anyone
to copy, free of charge and under the terms of this License, through a
publicly available network server or other readily accessible means,
then you must either (1) cause the Corresponding Source to be so
available, or (2) arrange to deprive yourself of the benefit of the
patent license for this particular work, or (3) arrange, in a manner
consistent with the requirements of this License, to extend the patent
license to downstream recipients. "Knowingly relying" means you have
actual knowledge that, but for the patent license, your conveying the
covered work in a country, or your recipient's use of the covered work
in a country, would infringe one or more identifiable patents in that
country that you have reason to believe are valid.
If, pursuant to or in connection with a single transaction or
arrangement, you convey, or propagate by procuring conveyance of, a
covered work, and grant a patent license to some of the parties
receiving the covered work authorizing them to use, propagate, modify
or convey a specific copy of the covered work, then the patent license
you grant is automatically extended to all recipients of the covered
work and works based on it.
A patent license is "discriminatory" if it does not include within
the scope of its coverage, prohibits the exercise of, or is
conditioned on the non-exercise of one or more of the rights that are
specifically granted under this License. You may not convey a covered
work if you are a party to an arrangement with a third party that is
in the business of distributing software, under which you make payment
to the third party based on the extent of your activity of conveying
the work, and under which the third party grants, to any of the
parties who would receive the covered work from you, a discriminatory
patent license (a) in connection with copies of the covered work
conveyed by you (or copies made from those copies), or (b) primarily
for and in connection with specific products or compilations that
contain the covered work, unless you entered into that arrangement,
or that patent license was granted, prior to 28 March 2007.
Nothing in this License shall be construed as excluding or limiting
any implied license or other defenses to infringement that may
otherwise be available to you under applicable patent law.
12. No Surrender of Others' Freedom.
If conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot convey a
covered work so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you may
not convey it at all. For example, if you agree to terms that obligate you
to collect a royalty for further conveying from those to whom you convey
the Program, the only way you could satisfy both those terms and this
License would be to refrain entirely from conveying the Program.
13. Use with the GNU Affero General Public License.
Notwithstanding any other provision of this License, you have
permission to link or combine any covered work with a work licensed
under version 3 of the GNU Affero General Public License into a single
combined work, and to convey the resulting work. The terms of this
License will continue to apply to the part which is the covered work,
but the special requirements of the GNU Affero General Public License,
section 13, concerning interaction through a network will apply to the
combination as such.
14. Revised Versions of this License.
The Free Software Foundation may publish revised and/or new versions of
the GNU General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the
Program specifies that a certain numbered version of the GNU General
Public License "or any later version" applies to it, you have the
option of following the terms and conditions either of that numbered
version or of any later version published by the Free Software
Foundation. If the Program does not specify a version number of the
GNU General Public License, you may choose any version ever published
by the Free Software Foundation.
If the Program specifies that a proxy can decide which future
versions of the GNU General Public License can be used, that proxy's
public statement of acceptance of a version permanently authorizes you
to choose that version for the Program.
Later license versions may give you additional or different
permissions. However, no additional obligations are imposed on any
author or copyright holder as a result of your choosing to follow a
later version.
15. Disclaimer of Warranty.
THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. Limitation of Liability.
IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES.
17. Interpretation of Sections 15 and 16.
If the disclaimer of warranty and limitation of liability provided
above cannot be given local legal effect according to their terms,
reviewing courts shall apply local law that most closely approximates
an absolute waiver of all civil liability in connection with the
Program, unless a warranty or assumption of liability accompanies a
copy of the Program in return for a fee.
END OF TERMS AND CONDITIONS
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
state the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
<one line to give the program's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <https://www.gnu.org/licenses/>.
Also add information on how to contact you by electronic and paper mail.
If the program does terminal interaction, make it output a short
notice like this when it starts in an interactive mode:
<program> Copyright (C) <year> <name of author>
This program comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
This is free software, and you are welcome to redistribute it
under certain conditions; type `show c' for details.
The hypothetical commands `show w' and `show c' should show the appropriate
parts of the General Public License. Of course, your program's commands
might be different; for a GUI interface, you would use an "about box".
You should also get your employer (if you work as a programmer) or school,
if any, to sign a "copyright disclaimer" for the program, if necessary.
For more information on this, and how to apply and follow the GNU GPL, see
<https://www.gnu.org/licenses/>.
The GNU General Public License does not permit incorporating your program
into proprietary programs. If your program is a subroutine library, you
may consider it more useful to permit linking proprietary applications with
the library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License. But first, please read
<https://www.gnu.org/philosophy/why-not-lgpl.html>.

View file

@ -0,0 +1,509 @@
[Note that only a few files are distributed under this license.]
GNU LESSER GENERAL PUBLIC LICENSE
Version 2.1, February 1999
Copyright (C) 1991, 1999 Free Software Foundation, Inc.
59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
[This is the first released version of the Lesser GPL. It also counts
as the successor of the GNU Library Public License, version 2, hence
the version number 2.1.]
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
Licenses are intended to guarantee your freedom to share and change
free software--to make sure the software is free for all its users.
This license, the Lesser General Public License, applies to some
specially designated software packages--typically libraries--of the
Free Software Foundation and other authors who decide to use it. You
can use it too, but we suggest you first think carefully about whether
this license or the ordinary General Public License is the better
strategy to use in any particular case, based on the explanations
below.
When we speak of free software, we are referring to freedom of use,
not price. Our General Public Licenses are designed to make sure that
you have the freedom to distribute copies of free software (and charge
for this service if you wish); that you receive source code or can get
it if you want it; that you can change the software and use pieces of
it in new free programs; and that you are informed that you can do
these things.
To protect your rights, we need to make restrictions that forbid
distributors to deny you these rights or to ask you to surrender these
rights. These restrictions translate to certain responsibilities for
you if you distribute copies of the library or if you modify it.
For example, if you distribute copies of the library, whether gratis
or for a fee, you must give the recipients all the rights that we gave
you. You must make sure that they, too, receive or can get the source
code. If you link other code with the library, you must provide
complete object files to the recipients, so that they can relink them
with the library after making changes to the library and recompiling
it. And you must show them these terms so they know their rights.
We protect your rights with a two-step method: (1) we copyright the
library, and (2) we offer you this license, which gives you legal
permission to copy, distribute and/or modify the library.
To protect each distributor, we want to make it very clear that
there is no warranty for the free library. Also, if the library is
modified by someone else and passed on, the recipients should know
that what they have is not the original version, so that the original
author's reputation will not be affected by problems that might be
introduced by others.
^L
Finally, software patents pose a constant threat to the existence of
any free program. We wish to make sure that a company cannot
effectively restrict the users of a free program by obtaining a
restrictive license from a patent holder. Therefore, we insist that
any patent license obtained for a version of the library must be
consistent with the full freedom of use specified in this license.
Most GNU software, including some libraries, is covered by the
ordinary GNU General Public License. This license, the GNU Lesser
General Public License, applies to certain designated libraries, and
is quite different from the ordinary General Public License. We use
this license for certain libraries in order to permit linking those
libraries into non-free programs.
When a program is linked with a library, whether statically or using
a shared library, the combination of the two is legally speaking a
combined work, a derivative of the original library. The ordinary
General Public License therefore permits such linking only if the
entire combination fits its criteria of freedom. The Lesser General
Public License permits more lax criteria for linking other code with
the library.
We call this license the "Lesser" General Public License because it
does Less to protect the user's freedom than the ordinary General
Public License. It also provides other free software developers Less
of an advantage over competing non-free programs. These disadvantages
are the reason we use the ordinary General Public License for many
libraries. However, the Lesser license provides advantages in certain
special circumstances.
For example, on rare occasions, there may be a special need to
encourage the widest possible use of a certain library, so that it
becomes a de-facto standard. To achieve this, non-free programs must
be allowed to use the library. A more frequent case is that a free
library does the same job as widely used non-free libraries. In this
case, there is little to gain by limiting the free library to free
software only, so we use the Lesser General Public License.
In other cases, permission to use a particular library in non-free
programs enables a greater number of people to use a large body of
free software. For example, permission to use the GNU C Library in
non-free programs enables many more people to use the whole GNU
operating system, as well as its variant, the GNU/Linux operating
system.
Although the Lesser General Public License is Less protective of the
users' freedom, it does ensure that the user of a program that is
linked with the Library has the freedom and the wherewithal to run
that program using a modified version of the Library.
The precise terms and conditions for copying, distribution and
modification follow. Pay close attention to the difference between a
"work based on the library" and a "work that uses the library". The
former contains code derived from the library, whereas the latter must
be combined with the library in order to run.
^L
GNU LESSER GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License Agreement applies to any software library or other
program which contains a notice placed by the copyright holder or
other authorized party saying it may be distributed under the terms of
this Lesser General Public License (also called "this License").
Each licensee is addressed as "you".
A "library" means a collection of software functions and/or data
prepared so as to be conveniently linked with application programs
(which use some of those functions and data) to form executables.
The "Library", below, refers to any such software library or work
which has been distributed under these terms. A "work based on the
Library" means either the Library or any derivative work under
copyright law: that is to say, a work containing the Library or a
portion of it, either verbatim or with modifications and/or translated
straightforwardly into another language. (Hereinafter, translation is
included without limitation in the term "modification".)
"Source code" for a work means the preferred form of the work for
making modifications to it. For a library, complete source code means
all the source code for all modules it contains, plus any associated
interface definition files, plus the scripts used to control
compilation and installation of the library.
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running a program using the Library is not restricted, and output from
such a program is covered only if its contents constitute a work based
on the Library (independent of the use of the Library in a tool for
writing it). Whether that is true depends on what the Library does
and what the program that uses the Library does.
1. You may copy and distribute verbatim copies of the Library's
complete source code as you receive it, in any medium, provided that
you conspicuously and appropriately publish on each copy an
appropriate copyright notice and disclaimer of warranty; keep intact
all the notices that refer to this License and to the absence of any
warranty; and distribute a copy of this License along with the
Library.
You may charge a fee for the physical act of transferring a copy,
and you may at your option offer warranty protection in exchange for a
fee.
2. You may modify your copy or copies of the Library or any portion
of it, thus forming a work based on the Library, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) The modified work must itself be a software library.
b) You must cause the files modified to carry prominent notices
stating that you changed the files and the date of any change.
c) You must cause the whole of the work to be licensed at no
charge to all third parties under the terms of this License.
d) If a facility in the modified Library refers to a function or a
table of data to be supplied by an application program that uses
the facility, other than as an argument passed when the facility
is invoked, then you must make a good faith effort to ensure that,
in the event an application does not supply such function or
table, the facility still operates, and performs whatever part of
its purpose remains meaningful.
(For example, a function in a library to compute square roots has
a purpose that is entirely well-defined independent of the
application. Therefore, Subsection 2d requires that any
application-supplied function or table used by this function must
be optional: if the application does not supply it, the square
root function must still compute square roots.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Library,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Library, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote
it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Library.
In addition, mere aggregation of another work not based on the Library
with the Library (or with a work based on the Library) on a volume of
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may opt to apply the terms of the ordinary GNU General Public
License instead of this License to a given copy of the Library. To do
this, you must alter all the notices that refer to this License, so
that they refer to the ordinary GNU General Public License, version 2,
instead of to this License. (If a newer version than version 2 of the
ordinary GNU General Public License has appeared, then you can specify
that version instead if you wish.) Do not make any other change in
these notices.
^L
Once this change is made in a given copy, it is irreversible for
that copy, so the ordinary GNU General Public License applies to all
subsequent copies and derivative works made from that copy.
This option is useful when you wish to copy part of the code of
the Library into a program that is not a library.
4. You may copy and distribute the Library (or a portion or
derivative of it, under Section 2) in object code or executable form
under the terms of Sections 1 and 2 above provided that you accompany
it with the complete corresponding machine-readable source code, which
must be distributed under the terms of Sections 1 and 2 above on a
medium customarily used for software interchange.
If distribution of object code is made by offering access to copy
from a designated place, then offering equivalent access to copy the
source code from the same place satisfies the requirement to
distribute the source code, even though third parties are not
compelled to copy the source along with the object code.
5. A program that contains no derivative of any portion of the
Library, but is designed to work with the Library by being compiled or
linked with it, is called a "work that uses the Library". Such a
work, in isolation, is not a derivative work of the Library, and
therefore falls outside the scope of this License.
However, linking a "work that uses the Library" with the Library
creates an executable that is a derivative of the Library (because it
contains portions of the Library), rather than a "work that uses the
library". The executable is therefore covered by this License.
Section 6 states terms for distribution of such executables.
When a "work that uses the Library" uses material from a header file
that is part of the Library, the object code for the work may be a
derivative work of the Library even though the source code is not.
Whether this is true is especially significant if the work can be
linked without the Library, or if the work is itself a library. The
threshold for this to be true is not precisely defined by law.
If such an object file uses only numerical parameters, data
structure layouts and accessors, and small macros and small inline
functions (ten lines or less in length), then the use of the object
file is unrestricted, regardless of whether it is legally a derivative
work. (Executables containing this object code plus portions of the
Library will still fall under Section 6.)
Otherwise, if the work is a derivative of the Library, you may
distribute the object code for the work under the terms of Section 6.
Any executables containing that work also fall under Section 6,
whether or not they are linked directly with the Library itself.
^L
6. As an exception to the Sections above, you may also combine or
link a "work that uses the Library" with the Library to produce a
work containing portions of the Library, and distribute that work
under terms of your choice, provided that the terms permit
modification of the work for the customer's own use and reverse
engineering for debugging such modifications.
You must give prominent notice with each copy of the work that the
Library is used in it and that the Library and its use are covered by
this License. You must supply a copy of this License. If the work
during execution displays copyright notices, you must include the
copyright notice for the Library among them, as well as a reference
directing the user to the copy of this License. Also, you must do one
of these things:
a) Accompany the work with the complete corresponding
machine-readable source code for the Library including whatever
changes were used in the work (which must be distributed under
Sections 1 and 2 above); and, if the work is an executable linked
with the Library, with the complete machine-readable "work that
uses the Library", as object code and/or source code, so that the
user can modify the Library and then relink to produce a modified
executable containing the modified Library. (It is understood
that the user who changes the contents of definitions files in the
Library will not necessarily be able to recompile the application
to use the modified definitions.)
b) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (1) uses at run time a
copy of the library already present on the user's computer system,
rather than copying library functions into the executable, and (2)
will operate properly with a modified version of the library, if
the user installs one, as long as the modified version is
interface-compatible with the version that the work was made with.
c) Accompany the work with a written offer, valid for at least
three years, to give the same user the materials specified in
Subsection 6a, above, for a charge no more than the cost of
performing this distribution.
d) If distribution of the work is made by offering access to copy
from a designated place, offer equivalent access to copy the above
specified materials from the same place.
e) Verify that the user has already received a copy of these
materials or that you have already sent this user a copy.
For an executable, the required form of the "work that uses the
Library" must include any data and utility programs needed for
reproducing the executable from it. However, as a special exception,
the materials to be distributed need not include anything that is
normally distributed (in either source or binary form) with the major
components (compiler, kernel, and so on) of the operating system on
which the executable runs, unless that component itself accompanies
the executable.
It may happen that this requirement contradicts the license
restrictions of other proprietary libraries that do not normally
accompany the operating system. Such a contradiction means you cannot
use both them and the Library together in an executable that you
distribute.
^L
7. You may place library facilities that are a work based on the
Library side-by-side in a single library together with other library
facilities not covered by this License, and distribute such a combined
library, provided that the separate distribution of the work based on
the Library and of the other library facilities is otherwise
permitted, and provided that you do these two things:
a) Accompany the combined library with a copy of the same work
based on the Library, uncombined with any other library
facilities. This must be distributed under the terms of the
Sections above.
b) Give prominent notice with the combined library of the fact
that part of it is a work based on the Library, and explaining
where to find the accompanying uncombined form of the same work.
8. You may not copy, modify, sublicense, link with, or distribute
the Library except as expressly provided under this License. Any
attempt otherwise to copy, modify, sublicense, link with, or
distribute the Library is void, and will automatically terminate your
rights under this License. However, parties who have received copies,
or rights, from you under this License will not have their licenses
terminated so long as such parties remain in full compliance.
9. You are not required to accept this License, since you have not
signed it. However, nothing else grants you permission to modify or
distribute the Library or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Library (or any work based on the
Library), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Library or works based on it.
10. Each time you redistribute the Library (or any work based on the
Library), the recipient automatically receives a license from the
original licensor to copy, distribute, link with or modify the Library
subject to these terms and conditions. You may not impose any further
restrictions on the recipients' exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties with
this License.
^L
11. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Library at all. For example, if a patent
license would not permit royalty-free redistribution of the Library by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Library.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply, and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
12. If the distribution and/or use of the Library is restricted in
certain countries either by patents or by copyrighted interfaces, the
original copyright holder who places the Library under this License
may add an explicit geographical distribution limitation excluding those
countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
13. The Free Software Foundation may publish revised and/or new
versions of the Lesser General Public License from time to time.
Such new versions will be similar in spirit to the present version,
but may differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the Library
specifies a version number of this License which applies to it and
"any later version", you have the option of following the terms and
conditions either of that version or of any later version published by
the Free Software Foundation. If the Library does not specify a
license version number, you may choose any version ever published by
the Free Software Foundation.
^L
14. If you wish to incorporate parts of the Library into other free
programs whose distribution conditions are incompatible with these,
write to the author to ask for permission. For software which is
copyrighted by the Free Software Foundation, write to the Free
Software Foundation; we sometimes make exceptions for this. Our
decision will be guided by the two goals of preserving the free status
of all derivatives of our free software and of promoting the sharing
and reuse of software generally.
NO WARRANTY
15. BECAUSE THE LIBRARY IS LICENSED FREE OF CHARGE, THERE IS NO
WARRANTY FOR THE LIBRARY, TO THE EXTENT PERMITTED BY APPLICABLE LAW.
EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR
OTHER PARTIES PROVIDE THE LIBRARY "AS IS" WITHOUT WARRANTY OF ANY
KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE
LIBRARY IS WITH YOU. SHOULD THE LIBRARY PROVE DEFECTIVE, YOU ASSUME
THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
16. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN
WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY
AND/OR REDISTRIBUTE THE LIBRARY AS PERMITTED ABOVE, BE LIABLE TO YOU
FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR
CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
LIBRARY (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING
RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A
FAILURE OF THE LIBRARY TO OPERATE WITH ANY OTHER SOFTWARE), EVEN IF
SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH
DAMAGES.
END OF TERMS AND CONDITIONS
^L
How to Apply These Terms to Your New Libraries
If you develop a new library, and you want it to be of the greatest
possible use to the public, we recommend making it free software that
everyone can redistribute and change. You can do so by permitting
redistribution under these terms (or, alternatively, under the terms
of the ordinary General Public License).
To apply these terms, attach the following notices to the library.
It is safest to attach them to the start of each source file to most
effectively convey the exclusion of warranty; and each file should
have at least the "copyright" line and a pointer to where the full
notice is found.
<one line to give the library's name and a brief idea of what it does.>
Copyright (C) <year> <name of author>
This library is free software; you can redistribute it and/or
modify it under the terms of the GNU Lesser General Public
License as published by the Free Software Foundation; either
version 2.1 of the License, or (at your option) any later version.
This library is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public
License along with this library; if not, write to the Free Software
Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
Also add information on how to contact you by electronic and paper mail.
You should also get your employer (if you work as a programmer) or
your school, if any, to sign a "copyright disclaimer" for the library,
if necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the
library `Frob' (a library for tweaking knobs) written by James
Random Hacker.
<signature of Ty Coon>, 1 April 1990
Ty Coon, President of Vice
That's all there is to it!

View file

@ -0,0 +1,167 @@
[Note that only a few files are distributed under this license.]
GNU LESSER GENERAL PUBLIC LICENSE
Version 3, 29 June 2007
Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
This version of the GNU Lesser General Public License incorporates
the terms and conditions of version 3 of the GNU General Public
License, supplemented by the additional permissions listed below.
0. Additional Definitions.
As used herein, "this License" refers to version 3 of the GNU Lesser
General Public License, and the "GNU GPL" refers to version 3 of the GNU
General Public License.
"The Library" refers to a covered work governed by this License,
other than an Application or a Combined Work as defined below.
An "Application" is any work that makes use of an interface provided
by the Library, but which is not otherwise based on the Library.
Defining a subclass of a class defined by the Library is deemed a mode
of using an interface provided by the Library.
A "Combined Work" is a work produced by combining or linking an
Application with the Library. The particular version of the Library
with which the Combined Work was made is also called the "Linked
Version".
The "Minimal Corresponding Source" for a Combined Work means the
Corresponding Source for the Combined Work, excluding any source code
for portions of the Combined Work that, considered in isolation, are
based on the Application, and not on the Linked Version.
The "Corresponding Application Code" for a Combined Work means the
object code and/or source code for the Application, including any data
and utility programs needed for reproducing the Combined Work from the
Application, but excluding the System Libraries of the Combined Work.
1. Exception to Section 3 of the GNU GPL.
You may convey a covered work under sections 3 and 4 of this License
without being bound by section 3 of the GNU GPL.
2. Conveying Modified Versions.
If you modify a copy of the Library, and, in your modifications, a
facility refers to a function or data to be supplied by an Application
that uses the facility (other than as an argument passed when the
facility is invoked), then you may convey a copy of the modified
version:
a) under this License, provided that you make a good faith effort to
ensure that, in the event an Application does not supply the
function or data, the facility still operates, and performs
whatever part of its purpose remains meaningful, or
b) under the GNU GPL, with none of the additional permissions of
this License applicable to that copy.
3. Object Code Incorporating Material from Library Header Files.
The object code form of an Application may incorporate material from
a header file that is part of the Library. You may convey such object
code under terms of your choice, provided that, if the incorporated
material is not limited to numerical parameters, data structure
layouts and accessors, or small macros, inline functions and templates
(ten or fewer lines in length), you do both of the following:
a) Give prominent notice with each copy of the object code that the
Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the object code with a copy of the GNU GPL and this license
document.
4. Combined Works.
You may convey a Combined Work under terms of your choice that,
taken together, effectively do not restrict modification of the
portions of the Library contained in the Combined Work and reverse
engineering for debugging such modifications, if you also do each of
the following:
a) Give prominent notice with each copy of the Combined Work that
the Library is used in it and that the Library and its use are
covered by this License.
b) Accompany the Combined Work with a copy of the GNU GPL and this license
document.
c) For a Combined Work that displays copyright notices during
execution, include the copyright notice for the Library among
these notices, as well as a reference directing the user to the
copies of the GNU GPL and this license document.
d) Do one of the following:
0) Convey the Minimal Corresponding Source under the terms of this
License, and the Corresponding Application Code in a form
suitable for, and under terms that permit, the user to
recombine or relink the Application with a modified version of
the Linked Version to produce a modified Combined Work, in the
manner specified by section 6 of the GNU GPL for conveying
Corresponding Source.
1) Use a suitable shared library mechanism for linking with the
Library. A suitable mechanism is one that (a) uses at run time
a copy of the Library already present on the user's computer
system, and (b) will operate properly with a modified version
of the Library that is interface-compatible with the Linked
Version.
e) Provide Installation Information, but only if you would otherwise
be required to provide such information under section 6 of the
GNU GPL, and only to the extent that such information is
necessary to install and execute a modified version of the
Combined Work produced by recombining or relinking the
Application with a modified version of the Linked Version. (If
you use option 4d0, the Installation Information must accompany
the Minimal Corresponding Source and Corresponding Application
Code. If you use option 4d1, you must provide the Installation
Information in the manner specified by section 6 of the GNU GPL
for conveying Corresponding Source.)
5. Combined Libraries.
You may place library facilities that are a work based on the
Library side by side in a single library together with other library
facilities that are not Applications and are not covered by this
License, and convey such a combined library under terms of your
choice, if you do both of the following:
a) Accompany the combined library with a copy of the same work based
on the Library, uncombined with any other library facilities,
conveyed under the terms of this License.
b) Give prominent notice with the combined library that part of it
is a work based on the Library, and explaining where to find the
accompanying uncombined form of the same work.
6. Revised Versions of the GNU Lesser General Public License.
The Free Software Foundation may publish revised and/or new versions
of the GNU Lesser General Public License from time to time. Such new
versions will be similar in spirit to the present version, but may
differ in detail to address new problems or concerns.
Each version is given a distinguishing version number. If the
Library as you received it specifies that a certain numbered version
of the GNU Lesser General Public License "or any later version"
applies to it, you have the option of following the terms and
conditions either of that published version or of any later version
published by the Free Software Foundation. If the Library as you
received it does not specify a version number of the GNU Lesser
General Public License, you may choose any version of the GNU Lesser
General Public License ever published by the Free Software Foundation.
If the Library as you received it specifies that a proxy can decide
whether future versions of the GNU Lesser General Public License shall
apply, that proxy's public statement of acceptance of any version is
permanent authorization for you to choose that version for the
Library.

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,29 @@
GnuPG Developer's Certificate of Origin. Version 1.0
=====================================================
By making a contribution to the GnuPG project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the free software license
indicated in the file; or
(b) The contribution is based upon previous work that, to the
best of my knowledge, is covered under an appropriate free
software license and I have the right under that license to
submit that work with modifications, whether created in whole
or in part by me, under the same free software license
(unless I am permitted to submit under a different license),
as indicated in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including
all personal information I submit with it, including my
sign-off) is maintained indefinitely and may be redistributed
consistent with this project or the free software license(s)
involved.
Signed-off-by: [Your name and mail address]

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,13 @@
GnuPG Frequently Asked Questions
A FAQ is a fast moving target and thus we don't distribute it anymore
with GnuPG. You may retrieve the current FAQ in HTML format at
https://gnupg.org/faq/gnupg-faq.html
or in plain text format at
https://gnupg.org/faq/gnupg-faq.txt

View file

@ -0,0 +1,469 @@
# HACKING -*- org -*-
#+TITLE: A Hacker's Guide to GnuPG
#+TEXT: Some notes on GnuPG internals
#+STARTUP: showall
#+OPTIONS: ^:{}
# Note: This might be a copy; the original lives in gnupg/doc/HACKING.
* How to contribute
The following stuff explains some basic procedures you need to
follow if you want to contribute code or documentation.
** No more ChangeLog files
Do not modify any of the ChangeLog files in GnuPG. Starting on
December 1st, 2011 we put change information only in the GIT commit
log, and generate a top-level ChangeLog file from logs at "make dist"
time. As such, there are strict requirements on the form of the
commit log messages. The old ChangeLog files have all be renamed to
ChangeLog-2011
** Commit log requirements
Your commit log should always start with a one-line summary, the
second line should be blank, and the remaining lines are usually
ChangeLog-style entries for all affected files. However, it's fine
--- even recommended --- to write a few lines of prose describing the
change, when the summary and ChangeLog entries don't give enough of
the big picture. Omit the leading TABs that you are seeing in a
"real" ChangeLog file, but keep the maximum line length at 72 or
smaller, so that the generated ChangeLog lines, each with its leading
TAB, will not exceed 80 columns. If you want to add text which shall
not be copied to the ChangeLog, separate it by a line consisting of
two dashes at the begin of a line.
The one-line summary usually starts with a keyword to identify the
mainly affected subsystem (that is not the directory). If more than
one keyword is required they are delimited by a comma
(e.g. =scd,w32:=). Commonly found keywords are
- agent :: The gpg-agent component
- build :: Changes to the build system
- ccid :: The CCID driver in scdaemon
- common :: Code in common
- dirmngr :: The dirmngr component
- doc :: Documentation changes
- gpg :: The gpg or gpgv components
- sm :: The gpgsm component (also "gpgsm")
- gpgscm :: The regression test driver
- indent :: Indentation and similar changes
- iobuf :: The IOBUF system in common
- po :: Translations
- scd :: The scdaemon component
- speedo :: Speedo build system specific changes
- ssh :: The ssh-agent part of the agent
- tests :: The regressions tests
- tools :: Other code in tools
- w32 :: Windows related code
- wks :: The web key service tools
- yat2m :: The yat2m tool.
Typo fixes and documentation updates don't need a ChangeLog entry;
thus you would use a commit message like
#+begin_example
doc: Fix typo in a comment
--
#+end_example
The marker line here is important; without it the first line would
appear in the ChangeLog.
If you exceptionally need to have longer lines in a commit log you may
do this after this scissor line:
#+begin_example
# ------------------------ >8 ------------------------
#+end_example
(hash, blank, 24 dashes, blank, scissor, blank, 24 dashes).
Note that such a comment will be removed if the git commit option
=--cleanup=scissor= is used.
** License policy
GnuPG is licensed under the GPLv3+ with some files under a mixed
LGPLv3+/GPLv2+ license. It is thus important, that all contributed
code allows for an update of the license; for example we can't
accept code under the GPLv2(only).
GnuPG used to have a strict policy of requiring copyright
assignments to the FSF. To avoid this major organizational overhead
and to allow inclusion of code, not copyrighted by the FSF, this
policy has been relaxed on 2013-03-29. It is now also possible to
contribute code by asserting that the contribution is in accordance
to the "Libgcrypt Developer's Certificate of Origin" as found in the
file "DCO". (Except for a slight wording change, this DCO is
identical to the one used by the Linux kernel.)
If you want to contribute code or documentation to GnuPG and you
didn't sign a copyright assignment with the FSF in the past, you
need to take these simple steps:
- Decide which mail address you want to use. Please have your real
name in the address and not a pseudonym. Anonymous contributions
can only be done if you find a proxy who certifies for you.
- If your employer or school might claim ownership of code written
by you; you need to talk to them to make sure that you have the
right to contribute under the DCO.
- Send an OpenPGP signed mail to the gnupg-devel@gnupg.org mailing
list from your mail address. Include a copy of the DCO as found
in the official master branch. Insert your name and email address
into the DCO in the same way you want to use it later. Example:
Signed-off-by: Joe R. Hacker <joe@example.org>
(If you really need it, you may perform simple transformations of
the mail address: Replacing "@" by " at " or "." by " dot ".)
- That's it. From now on you only need to add a "Signed-off-by:"
line with your name and mail address to the commit message. It is
recommended to send the patches using a PGP/MIME signed mail. See
below on how to send patches.
** Coding standards
Please follow the GNU coding standards. If you are in doubt consult
the existing code as an example. Do no re-indent code without a
need. If you really need to do it, use a separate commit for such a
change.
- Only certain C99 features may be used (see below); in general
stick to C90.
- Please do not use C++ =//= style comments.
- Do not use comments like:
#+begin_src
if (foo)
/* Now that we know that foo is true we can call bar. */
bar ();
#+end_src
instead write the comment on the if line or before it. You may
also use a block and put the comment inside.
- Please use asterisks on the left of longer comments. This makes
it easier to read without syntax highlighting, on printouts, and
for blind people.
- Try to fit lines into 80 columns.
- Ignore signed/unsigned pointer mismatches
- No arithmetic on void pointers; cast to char* first.
- Do not use
#+begin_src
if ( 42 == foo )
#+end_src
this is harder to read and modern compilers are pretty good in
detecting accidental assignments. It is also suggested not to
compare to 0 or NULL but to test the value direct or with a '!';
this makes it easier to see that a boolean test is done.
- We use our own printf style functions like =es_printf=, and
=gpgrt_asprintf= (or the =es_asprintf= macro) which implement most
C99 features with the exception of =wchar_t= (which should anyway
not be used). Please use them always and do not resort to those
provided by libc. The rationale for using them is that we know
that the format specifiers work on all platforms and that we do
not need to chase platform dependent bugs. Note also that in
gnupg asprintf is a macro already evaluating to gpgrt_asprintf.
- It is common to have a label named "leave" for a function's
cleanup and return code. This helps with freeing memory and is a
convenient location to set a breakpoint for debugging.
- Always use xfree() instead of free(). If it is not easy to see
that the freed variable is not anymore used, explicitly set the
variable to NULL.
- New code shall in general use xtrymalloc or xtrycalloc and check
for an error (use gpg_error_from_syserror()).
- Init function local variables only if needed so that the compiler
can do a better job in detecting uninitialized variables which may
indicate a problem with the code.
- Never init static or file local variables to 0 to make sure they
end up in BSS.
- Put extra parenthesis around terms with binary operators to make
it clear that the binary operator was indeed intended.
- Use --enable-maintainer-mode with configure so that all suitable
warnings are enabled.
** Variable names
Follow the GNU standards. Here are some conventions you may want to
stick to (do not rename existing "wrong" uses without a good reason).
- err :: This conveys an error code of type =gpg_error_t= which is
compatible to an =int=. To compare such a variable to a
GPG_ERR_ constant, it is necessary to access the value like
this: =gpg_err_code(err)=.
- ec :: This is used for a gpg-error code which has no source part
(=gpg_err_code_t=) and will eventually be used as input to
=gpg_err_make=.
- rc :: Used for all kind of other errors; for example system
calls. The value is not compatible with gpg-error.
*** C99 language features
In GnuPG 2.x, but *not in 1.4* and not in most libraries, a limited
set of C99 features may be used:
- Variadic macros:
: #define foo(a,...) bar(a, __VA_ARGS__)
- The predefined macro =__func__=:
: log_debug ("%s: Problem with foo\n", __func__);
Although we usually make use of the =u16=, =u32=, and =u64= types,
it is also possible to include =<stdint.h>= and use =int16_t=,
=int32_t=, =int64_t=, =uint16_t=, =uint32_t=, and =uint64_t=. But do
not use =int8_t= or =uint8_t=.
** Commit log keywords
- GnuPG-bug-id :: Values are comma or space delimited bug numbers
from bug.gnupg.org pertaining to this commit.
- Debian-bug-id :: Same as above but from the Debian bug tracker.
- CVE-id :: CVE id number pertaining to this commit.
- Regression-due-to :: Commit id of the regression fixed by this commit.
- Fixes-commit :: Commit id this commit fixes.
- Updates-commit :: Commit id this commit updates.
- See-commit :: Commit id of a related commit.
- Reported-by :: Value is a name or mail address of a bug reporte.
- Suggested-by :: Value is a name or mail address of someone how
suggested this change.
- Co-authored-by :: Name or mail address of a co-author
- Some-comments-by :: Name or mail address of the author of
additional comments (commit log or code).
- Proofread-by :: Sometimes used by translation commits.
- Signed-off-by :: Name or mail address of the developer.
- Backported-from-master :: Value is the commit id of the original patch.
- Ported-from-stable :: Value is the commit id of the original patch.
- Cherry-picked-from :: Value is the commit id optionally followed
by a comment indicating the branch. This is
similar to the "git cherry-pick -x" way.
** Sending patches
Submitting patches, and subsequent discussions around them,
happens via the gnupg-devel@gnupg.org public mailing list.
Send your patches to that list, preferably PGP/MIME signed. Make sure
to include a mention of 'gnupg' (or gpgme, libassuan, etc) in the
subject line; the list is used for several different projects.
In general you should send patches only for the master branch; we may
later decide to backport to another branch. Please ask first before
sending patches for another branch.
If you're working from the Git repo, here's a suggested workflow:
- Configure git send-email defaults:
: git config format.subjectPrefix 'PATCH gnupg'
: git config sendemail.to gnupg-devel@gnupg.org
(For other sub-projects adjust accordingly)
- hack hack hack
- Commit your changes; group changes into easily-reviewable commit
units, feel free to submit several patches at once.
e.g. if you want to submit a single patch on top of master, do:
: git send-email --annotate -1
e.g. if you have two commits on top of master, do:
: git send-email --annotate --cover-letter -2
(that prompts you for a summary mail to precede your actual patch
mails)
- use Git's --dry-run option to test your setup
* Windows
** How to build an installer for Windows
Your best bet is to use a decent Debian System for development.
You need to install a long list of tools for building. This list
still needs to be compiled. However, the build process will stop
if a tool is missing. GNU make is required (on non GNU systems
often installed as "gmake"). The installer requires a couple of
extra software to be available either as tarballs or as local git
repositories. In case this file here is part of a gnupg-w32-2.*.xz
complete tarball as distributed from the same place as a binary
installer, all such tarballs are already included.
Cd to the GnuPG source directory and use one of one of these
command:
- If sources are included (gnupg-w32-*.tar.xz)
make -f build-aux/speedo.mk WHAT=this installer
- To build from tarballs
make -f build-aux/speedo.mk WHAT=release TARBALLS=TARDIR installer
- To build from local GIT repos
make -f build-aux/speedo.mk WHAT=git TARBALLS=TARDIR installer
Note that also you need to supply tarballs with supporting
libraries even if you build from git. The makefile expects only
the core GnuPG software to be available as local GIT repositories.
speedo.mk has the versions of the tarballs and the branch names of
the git repositories. In case of problems, don't hesitate to ask
on the gnupg-devel mailing for help.
* Debug hints
See the manual for some hints.
* Various information
** Directory Layout
- ./ :: Readme, configure
- ./agent :: Gpg-agent and related tools
- ./doc :: Documentation
- ./g10 :: Gpg program here called gpg2
- ./sm :: Gpgsm program
- ./jnlib :: Not used (formerly used utility functions)
- ./common :: Utility functions
- ./kbx :: Keybox library
- ./scd :: Smartcard daemon
- ./scripts :: Scripts needed by configure and others
- ./dirmngr :: The directory manager
** Detailed Roadmap
This list of files is not up to date!
- g10/gpg.c :: Main module with option parsing and all the stuff you
have to do on startup. Also has the exit handler and
some helper functions.
- g10/parse-packet.c ::
- g10/build-packet.c ::
- g10/free-packet.c :: Parsing and creating of OpenPGP message packets.
- g10/getkey.c :: Key selection code
- g10/pkclist.c :: Build a list of public keys
- g10/skclist.c :: Build a list of secret keys
- g10/keyring.c :: Keyring access functions
- g10/keydb.h ::
- g10/keyid.c :: Helper functions to get the keyid, fingerprint etc.
- g10/trustdb.c :: Web-of-Trust computations
- g10/trustdb.h ::
- g10/tdbdump.c :: Export/import/list the trustdb.gpg
- g10/tdbio.c :: I/O handling for the trustdb.gpg
- g10/tdbio.h ::
- g10/compress.c :: Filter to handle compression
- g10/filter.h :: Declarations for all filter functions
- g10/delkey.c :: Delete a key
- g10/kbnode.c :: Helper for the kbnode_t linked list
- g10/main.h :: Prototypes and some constants
- g10/mainproc.c :: Message processing
- g10/armor.c :: Ascii armor filter
- g10/mdfilter.c :: Filter to calculate hashes
- g10/textfilter.c :: Filter to handle CR/LF and trailing white space
- g10/cipher.c :: En-/Decryption filter
- g10/misc.c :: Utility functions
- g10/options.h :: Structure with all the command line options
and related constants
- g10/openfile.c :: Create/Open Files
- g10/keyserver.h :: Keyserver access dispatcher.
- g10/packet.h :: Definition of OpenPGP structures.
- g10/passphrase.c :: Passphrase handling code
- g10/pubkey-enc.c :: Process a public key encoded packet.
- g10/seckey-cert.c :: Not anymore used
- g10/seskey.c :: Make session keys etc.
- g10/import.c :: Import keys into our key storage.
- g10/export.c :: Export keys to the OpenPGP format.
- g10/sign.c :: Create signature and optionally encrypt.
- g10/plaintext.c :: Process plaintext packets.
- g10/decrypt-data.c :: Decrypt an encrypted data packet
- g10/encrypt.c :: Main encryption driver
- g10/revoke.c :: Create recovation certificates.
- g10/keylist.c :: Print information about OpenPGP keys
- g10/sig-check.c :: Check a signature
- g10/helptext.c :: Show online help texts
- g10/verify.c :: Verify signed data.
- g10/decrypt.c :: Decrypt and verify data.
- g10/keyedit.c :: Edit properties of a key.
- g10/dearmor.c :: Armor utility.
- g10/keygen.c :: Generate a key pair
** Memory allocation
Use only the functions:
- xmalloc
- xmalloc_secure
- xtrymalloc
- xtrymalloc_secure
- xcalloc
- xcalloc_secure
- xtrycalloc
- xtrycalloc_secure
- xrealloc
- xtryrealloc
- xstrdup
- xtrystrdup
- xfree
The *secure versions allocate memory in the secure memory. That is,
swapping out of this memory is avoided and is gets overwritten on
free. Use this for passphrases, session keys and other sensitive
material. This memory set aside for secure memory is linited to a few
k. In general the function don't print a memory message and
terminate the process if there is not enough memory available. The
"try" versions of the functions return NULL instead.
** Logging
TODO
** Option parsing
GnuPG does not use getopt or GNU getopt but functions of it's own.
See util/argparse.c for details. The advantage of these functions is
that it is more easy to display and maintain the help texts for the
options. The same option table is also used to parse resource files.
** What is an IOBUF
This is the data structure used for most I/O of gnupg. It is similar
to System V Streams but much simpler. Because OpenPGP messages are
nested in different ways; the use of such a system has big advantages.
Here is an example, how it works: If the parser sees a packet header
with a partial length, it pushes the block_filter onto the IOBUF to
handle these partial length packets: from now on you don't have to
worry about this. When it sees a compressed packet it pushes the
uncompress filter and the next read byte is one which has already been
uncompressed by this filter. Same goes for enciphered packet,
plaintext packets and so on. The file g10/encode.c might be a good
starting point to see how it is used - actually this is the other way:
constructing messages using pushed filters but it may be easier to
understand.
** Notes on how to create test data
On 2016-02-28 we created a lot of AEAD test data using a command
similar to this:
--8<---------------cut here---------------start------------->8---
for algo in eax ocb; do
for csize in 6 7 12 13 14 30; do
for len in 0 $(seq 0 200) $(seq 8100 8200) $(seq 16350 16400) \
$(seq 20000 20100); do
awk </dev/null -v i=$len 'BEGIN{while(i){i--;printf"~"}}' \
| gpg --no-options -v --rfc4880bis --batch --passphrase "abc" \
--s2k-count 1025 --s2k-digest-algo sha256 -z0 \
--force-aead --aead-algo $algo --cipher aes -a \
--chunk-size $csize -c >symenc-aead-eax-c$csize-$len.asc
done
done
done
--8<---------------cut here---------------end--------------->8---

View file

@ -0,0 +1,83 @@
Format of keyserver colon listings
==================================
David Shaw <dshaw@jabberwocky.com>
The machine readable response begins with an optional information
line:
info:<version>:<count>
<version> = this is the version of this protocol. Currently, this is
the number 1.
<count> = the number of keys returned in this response. Note this is
the number of keys, and not the number of lines returned.
It should match the number of "pub:" lines returned.
If this optional line is not included, or the version information is
not supplied, the version number is assumed to be 1.
The key listings are made up of several lines per key. The first line
is for the primary key:
pub:<fingerprint>:<algo>:<keylen>:<creationdate>:<expirationdate>:<flags>
<fingerprint> = this is either the fingerprint or the keyid of the
key. Either the 16-digit or 8-digit keyids are
acceptable, but obviously the fingerprint is best.
Since it is not possible to calculate the keyid from a
V3 key fingerprint, for V3 keys this should be either
the 16-digit or 8-digit keyid only.
<algo> = the algorithm number from RFC-2440. (i.e. 1==RSA, 17==DSA,
etc).
<keylen> = the key length (i.e. 1024, 2048, 4096, etc.)
<creationdate> = creation date of the key in standard RFC-2440 form
(i.e. number of seconds since 1/1/1970 UTC time)
<expirationdate> = expiration date of the key in standard RFC-2440
form (i.e. number of seconds since 1/1/1970 UTC time)
<flags> = letter codes to indicate details of the key, if any. Flags
may be in any order.
r == revoked
d == disabled
e == expired
Following the "pub" line are one or more "uid" lines to indicate user
IDs on the key:
uid:<escaped uid string>:<creationdate>:<expirationdate>:<flags>
<escaped uid string> == the user ID string, with HTTP %-escaping for
anything that isn't 7-bit safe as well as for
the ":" character. Any other characters may
be escaped, as desired.
creationdate, expirationdate, and flags mean the same here as before.
The information is taken from the self-sig, if any, and applies to the
user ID in question, and not to the key as a whole.
Details:
* All characters except for the <escaped uid string> are
case-insensitive.
* Obviously, on a keyserver without integrated crypto, many of the
items given here are not fully trustworthy until the key is
downloaded and signatures checked. For example, the information
that a key is flagged "r" for revoked should be treated as
untrustworthy information until the key is checked on the client
side.
* Empty fields are allowed. For example, a key with no expiration
date would have the <expirationdate> field empty. Also, a keyserver
that does not track a particular piece of information may leave that
field empty as well. I expect that the creation and expiration
dates for user IDs will be left empty in current keyservers. Colons
for empty fields on the end of each line may be left off, if
desired.

File diff suppressed because it is too large Load diff

View file

@ -0,0 +1,116 @@
GnuPG and OpenPGP
=================
See RFC-4880 for a description of OpenPGP. These notes are older
than RFC-4880 and refer to the predecessor of the specs (RFC-2440).
Compatibility Notes
===================
GnuPG (>=1.0.3) is in compliance with RFC2440 despite these exceptions:
* With GnuPG >= 2.1.0 all support for version 3 keys has been
removed. Thus there is no more compatibility with PGP-2. Users
who need to be able to decrypt old PGP 2 messages should use
GnuPG 1.4.x along with the option --allow-weak-digest-algos.
* With GnuPG >= 2.1.0 all signatures (on messages and keys) are
created using version 4 signatures. Support for verifying
version 3 signature is still available.
* (9.2) states that IDEA SHOULD be implemented. This is not done
due to patent problems.
UPDATE: Since version 1.4.13 (or GnuPG 2.x with Libgcrypt 1.6)
IDEA support has been added to allow decryption of old
PGP-2 encrypted material.
All MAY features are implemented with this exception:
* multi-part armored messages are not supported.
MIME (rfc2015) should be used instead.
Most of the OPTIONAL stuff is implemented.
There are a couple of options which can be used to override some
RFC requirements. This is always mentioned with the description
of that options.
A special format of partial packet length exists for v3 packets
which can be considered to be in compliance with RFC1991; this
format is only created if a special option is active.
UPDATE: This support has been removed with version 1.3.6.
GnuPG uses a S2K mode of 101 for GNU extensions to the secret key
protection algorithms. This number is not defined in OpenPGP, but
given that this number is in a range which is used at many other
places in OpenPGP for private/experimental algorithm identifiers,
this should be not a too bad choice. The 3 bytes "GNU" are used to
identify this as a GNU extension - see the file DETAILS for a
definition of the used data formats.
Some Notes on OpenPGP / PGP Compatibility:
==========================================
* PGP 5.x does not accept V4 signatures for anything other than
key material. The GnuPG option --force-v3-sigs mimics this
behavior.
* PGP 5.x does not recognize the "five-octet" lengths in
new-format headers or in signature subpacket lengths.
* PGP 5.0 rejects an encrypted session key if the keylength
differs from the S2K symmetric algorithm. This is a bug in its
validation function.
* PGP 5.0 does not handle multiple one-pass signature headers and
trailers. Signing one will compress the one-pass signed literal
and prefix a V3 signature instead of doing a nested one-pass
signature.
* When exporting a private key, PGP 2.x generates the header
"BEGIN PGP SECRET KEY BLOCK" instead of "BEGIN PGP PRIVATE KEY
BLOCK". All previous versions ignore the implied data type, and
look directly at the packet data type.
* In a clear-signed signature, PGP 5.0 will figure out the correct
hash algorithm if there is no "Hash:" header, but it will reject
a mismatch between the header and the actual algorithm used. The
"standard" (i.e. Zimmermann/Finney/et al.) version of PGP 2.x
rejects the "Hash:" header and assumes MD5. There are a number
of enhanced variants of PGP 2.6.x that have been modified for
SHA-1 signatures.
* PGP 5.0 can read an RSA key in V4 format, but can only recognize
it with a V3 keyid, and can properly use only a V3 format RSA
key.
* Neither PGP 5.x nor PGP 6.0 recognize ElGamal Encrypt and Sign
keys. They only handle ElGamal Encrypt-only keys.
Parts of this document are taken from:
======================================
OpenPGP Message Format
draft-ietf-openpgp-formats-07.txt
Copyright 1998 by The Internet Society. All Rights Reserved.
This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.
The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.

View file

@ -0,0 +1,332 @@
The GNU Privacy Guard
=======================
Version 2.5
Copyright 1997-2019 Werner Koch
Copyright 1998-2021 Free Software Foundation, Inc.
Copyright 2003-2026 g10 Code GmbH
* INTRODUCTION
GnuPG is a complete and free implementation of the OpenPGP standard
as defined by RFC4880 (also known as PGP). GnuPG enables encryption
and signing of data and communication, and features a versatile key
management system as well as access modules for public key
directories.
GnuPG, also known as GPG, is a command line tool with features for
easy integration with other applications. A wealth of frontend
applications and libraries are available that make use of GnuPG.
Starting with version 2 GnuPG provides support for S/MIME and Secure
Shell in addition to OpenPGP.
GnuPG is Free Software (meaning that it respects your freedom). It
can be freely used, modified and distributed under the terms of the
GNU General Public License.
Note that this is considered the stable version of GnuPG.
* BUILD INSTRUCTIONS
GnuPG 2.6 depends on the following GnuPG related packages:
npth (https://gnupg.org/ftp/gcrypt/npth/)
libgpg-error (https://gnupg.org/ftp/gcrypt/libgpg-error/)
libgcrypt (https://gnupg.org/ftp/gcrypt/libgcrypt/)
libksba (https://gnupg.org/ftp/gcrypt/libksba/)
libassuan (https://gnupg.org/ftp/gcrypt/libassuan/)
You should get the latest versions of course, the GnuPG configure
script complains if a version is not sufficient.
Several other standard libraries are also required. The configure
script prints diagnostic messages if one of these libraries is not
available and a feature will not be available.
You also need the Pinentry package for most functions of GnuPG;
however it is not a build requirement. Pinentry is available at
https://gnupg.org/ftp/gcrypt/pinentry/ .
After building and installing the above packages in the order as
given above, you may continue with GnuPG installation (you may also
just try to build GnuPG to see whether your already installed
versions are sufficient).
As with all packages, you just have to do
mkdir build
cd build
../configure
make
make check
make install
The "make check" is optional but highly recommended. To run even
more tests you may add "--enable-all-tests" to the configure run.
Before running the "make install" you might need to become root.
If everything succeeds, you have a working GnuPG with support for
OpenPGP, S/MIME, ssh-agent, and smartcards.
In case of problem please ask on the gnupg-users@gnupg.org mailing
list for advise.
Instruction on how to build for Windows can be found in the file
doc/HACKING in the section "How to build an installer for Windows".
This requires some experience as developer.
You may run
gpgconf -L
to view the directories used by GnuPG.
** Quick build method on Unix
To quickly build all required software without installing it, the
Speedo target may be used. But first you need to make sure that the
toolchain is installed. On a Debian based system it should be
sufficient to run as root:
apt-get install build-essential libusb-1.0-0-dev libsqlite3-dev \
libldap-dev libreadline-dev patchelf
(libldap-dev and libreadline-dev are not strictly necessary but
are highly suggested.)
Then as regular user run
make -f build-aux/speedo.mk native
This target downloads all required libraries and does a native build
of GnuPG to PLAY/inst/. After the build the entire software
including all libraries can be installed into an arbitrary location
using for example:
make -f build-aux/speedo.mk install SYSROOT=/usr/local/gnupg26
and run the binaries like
/usr/local/gnupg26/bin/gpg
which will also start any daemon from the same directory. Make sure
to stop already running daemons or use a different GNUPGHOME.
If you want to use the gnupg-w32-n.m.n_somedate.tar.xz tarball you
only need to change the first make invocation to
make -f build-aux/speedo.mk this-native
The advantage of this alternative tarball is that all libraries are
included and thus the Makefile does not need to download new
tarballs. Note that in any case all downloaded files come with
signatures which are verified by the Makefile commands. The
patchelf command is required to change the search path for the
shared libraries in the binaries to relative directories.
** Specific build problems on some machines:
*** Apple OSX 10.x using XCode
On some versions the correct location of a header file can't be
detected by configure. To fix that you should run configure like
this
./configure gl_cv_absolute_stdint_h=/usr/include/stdint.h
Add other options as needed.
*** Cygwin
Although Cygwin (Posix emulation on top of Windows) is not
officially supported, GnuPG can be build for that platform. It
might be required to invoke configure like this:
./configure ac_cv_type_SOCKET=no
*** Systems without a full C99 compiler
If you run into problems with your compiler complaining about dns.c
you may use
./configure --disable-libdns
Add other options as needed.
* RECOMMENDATIONS
** Key database daemon
Since version 2.3.0 it is possible to store the keys in an SQLite
database instead of the keyring.kbx file. This is in particular
useful for large keyrings or if many instances of gpg and gpgsm may
run concurrently. This is implemented using another daemon process,
the "keyboxd". To enable the use of the keyboxd put the option
"use-keyboxd" into the configuration file ~/.gnupg/common.conf or the
global /etc/gnupg/common.conf. See also doc/examples/common.conf.
Only public keys and X.509 certificates are managed by the keyboxd;
private keys are still stored as separate files.
Since version 2.4.1 the keyboxd will be used by default for a fresh
install; i.e. if a ~/.gnupg directory did not yet exist.
Note that there is no automatic migration; if the use-keyboxd option
is enabled keys are not taken from pubring.kbx. To migrate existing
keys to the keyboxd do this:
1. Disable the keyboxd (remove use-keyboxd from common.conf)
2. Export all public keys
gpg --export --export-options backup > allkeys.gpg
gpgsm --export --armor > allcerts.gpg
3. Enable the keyboxd (add use-keyboxd to common.conf)
4. Import all public keys
gpg --import --import-options restore < allkeys.gpg
gpgsm --import < allcerts.crt
In case the keyboxd is not able to startup due to a stale lockfile
created by another host, the command
gpgconf --unlock pubring.db
can be used to remove the lock file.
** Socket directory
GnuPG uses Unix domain sockets to connect its components (on Windows
an emulation of these sockets is used). Depending on the type of
the file system, it is sometimes not possible to use the GnuPG home
directory (i.e. ~/.gnupg) as the location for the sockets. To solve
this problem GnuPG prefers the use of a per-user directory below the
the /run (or /var/run) hierarchy for the sockets. It is thus
suggested to create per-user directories on system or session
startup. For example, the following snippet can be used in
/etc/rc.local to create these directories:
[ ! -d /run/user ] && mkdir /run/user
awk -F: </etc/passwd '$3 >= 1000 && $3 < 65000 {print $3}' \
| ( while read uid rest; do
if [ ! -d "/run/user/$uid" ]; then
mkdir /run/user/$uid
chown $uid /run/user/$uid
chmod 700 /run/user/$uid
fi
done )
** Conflicts with systemd socket activation
Some Linux distribution use the meanwhile deprecated --supervised
option with gpg-agent, dirmngr, and keyboxd. The idea is that the
systemd process launches the daemons as soon as gpg or gpgsm try to
access them. However, this creates a race condition with GnuPG's
own on-demand launching of these daemon. It also conflicts with the
remote use gpg-agent because the no-autostart feature on the remote
site will not work as expected.
If your systems already comes with a systemd enabled GnuPG, you
should thus tell it not to start its own GnuPG daemons by running
the following three commands once:
systemctl --user mask --now gpg-agent.service \
gpg-agent.socket gpg-agent-ssh.socket \
gpg-agent-extra.socket gpg-agent-browser.socket
systemctl --user mask --now dirmngr.service dirmngr.socket
systemctl --user mask --now keyboxd.service keyboxd.socket
This way all GnuPG components can handle the startup of their
daemons on their own and start the correct version.
The only problem is that for using GnuPG's ssh-agent protocol
support, the gpg-agent must have been started before ssh. This can
either be done with an ssh wrapper running
gpg-connect-agent updatestartuptty /bye
for each new tty or by using that command directly after login when
the anyway required SSH_AUTH_SOCK envvar is set (see the example in
the gpg-agent man page).
* DOCUMENTATION
The complete documentation is in the texinfo manual named
`gnupg.info'. Run "info gnupg" to read it. If you want a
printable copy of the manual, change to the "doc" directory and
enter "make pdf" For a HTML version enter "make html" and point your
browser to gnupg.html/index.html. Standard man pages for all
components are provided as well. An online version of the manual is
available at [[https://gnupg.org/documentation/manuals/gnupg/]] . A
version of the manual pertaining to the current development snapshot
is at [[https://gnupg.org/documentation/manuals/gnupg-devel/]] .
* Using the legacy version GnuPG 1.4
The 1.4 version of GnuPG is only intended to allow decryption of old
data material using legacy keys which are not anymore supported by
GnuPG 2.x. To install both versions alongside, it is suggested to
rename the 1.4 version of "gpg" to "gpg1" as well as the
corresponding man page. Newer releases of the 1.4 branch will
likely do this by default.
* HOW TO GET MORE INFORMATION
A description of new features and changes since version 2.1 can be
found in the file "doc/whats-new-in-2.1.txt" and online at
"https://gnupg.org/faq/whats-new-in-2.1.html" .
The primary WWW page is "https://gnupg.org"
The primary FTP site is "https://gnupg.org/ftp/gcrypt/"
See [[https://gnupg.org/download/mirrors.html]] for a list of
mirrors and use them if possible. You may also find GnuPG mirrored
on some of the regular GNU mirrors.
We have some mailing lists dedicated to GnuPG:
gnupg-announce@gnupg.org For important announcements like new
versions and such stuff. This is a
moderated list and has very low traffic.
Do not post to this list.
gnupg-users@gnupg.org For general user discussion and
help.
gnupg-devel@gnupg.org GnuPG developers main forum.
You subscribe to one of the list by sending mail with a subject of
"subscribe" to x-request@gnupg.org, where x is the name of the
mailing list (gnupg-announce, gnupg-users, etc.). See
https://gnupg.org/documentation/mailing-lists.html for archives
of the mailing lists.
Please direct bug reports to [[https://bugs.gnupg.org]] or post them
direct to the mailing list <gnupg-devel@gnupg.org>.
Please direct questions about GnuPG to the users mailing list or one
of the PGP newsgroups; please do not direct questions to one of the
authors directly as we are busy working on improvements and bug
fixes. The mailing lists are watched by the authors and we try to
answer questions as time allows us.
Commercial grade support for GnuPG is available; for a listing of
offers see https://gnupg.org/service.html . Maintaining and
improving GnuPG requires a lot of time. Since 2001, g10 Code GmbH,
a German company owned and headed by GnuPG's principal author Werner
Koch, is bearing the majority of these costs.
# This file is Free Software; as a special exception the authors gives
# unlimited permission to copy and/or distribute it, with or without
# modifications, as long as this notice is preserved. For conditions
# of the whole package, please see the file COPYING. This file is
# distributed in the hope that it will be useful, but WITHOUT ANY
# WARRANTY, to the extent permitted by law; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
#
# Local Variables:
# mode:org
# End:

View file

@ -0,0 +1,297 @@
GnuPG was originally written by Werner Koch. Other people contributed
by reporting problems, suggesting various improvements or submitting
actual code. Here is a list of those people. Help us keep it
complete and free of errors.
Adam Mitchell adam at cafe21.org
Alain Guibert alguibert+gpd at free.fr
Albert Chin china at thewrittenword.com
Alec Habig habig at budoe2.bu.edu
Alexander Belopolsky belopolsky at mac.com
Allan Clark allanc at sco.com
Anand Kumria wildfire at progsoc.uts.edu.au
Andreas Haumer andreas at xss.co.at
Andrew J. Schorr aschorr at telemetry-investments.com
Anthony Carrico acarrico at memebeam.org
Anthony Mulcahy anthony at kcn.ne.jp
Ariel T Glenn ariel at columbia.edu
ARIGA Seiji ariga at os.rim.or.jp
Benjamin Donnachie benjamin at py-soft.co.uk
Bernhard Herzog bh at intevation.de
Bernard Leak thisisnotapipe.a-t.hotmail.com
Bernhard Reiter bernhard at intevation.de
Billy Halsey bshalsey at paxoo.com
Bob Dunlop bob at xyzzy.org.uk
Bob Mathews bobmathews at mindspring.com
Bodo Moeller Bodo_Moeller at public.uni-hamburg.de
Brendan O'Dea bod at debian.org
Brenno de Winter brenno at dewinter.com
Brian M. Carlson karlsson at hal-pc.org
Brian Moore bem at cmc.net
Brian Warner warner at lothar.com
Bryan Fullerton bryanf at samurai.com
Bryce Nichols bryce at bnichols.org
Carl Meijer carlm at prism.co.za
Caskey L. Dickson caskey at technocage.com
Cees van de Griend cees-list at griend.xs4all.nl
Charles Levert charles at comm.polymtl.ca
Charly Avital shavital at mac.com
Chip Salzenberg chip at valinux.com
Chris Adams cmadams at hiwaay.net
Christian Biere christianbiere at gmx.de
Christian Kurz shorty at debian.org
Christian von Roques roques at pond.sub.org
Christopher Oliver oliver at fritz.traverse.net
Christian Recktenwald chris at citecs.de
Colin Tuckley colin at tuckley.org
Daiki Ueno ueno at unixuser.org
Dan Winship danw at helixcode.com
Daniel Eisenbud eisenbud at cs.swarthmore.edu
Daniel Kahn Gillmor dkg at fifthhorseman dot net
Daniel Koening dan at chaosdorf.de
Daniel Leidert daniel leidert at wgdd.de
Daniel Resare daniel at resare.com
Dany Nativel dany at natzo.com
Dave Dykstra dwd at bell-labs.com
David C Niemi niemi at tuxers.net
David Champion dgc at uchicago.edu
David D. Scribner dscribner at bigfoot.com
David Ellement ellement at sdd.hp.com
David Hallinan hallinan at rtd.com
David Hollenberg dhollen at ISI.EDU
David Mathog MATHOG at seqaxp.bio.caltech.edu
David R. Bergstein dbergstein at home.com
David Shaw dshaw at jabberwocky.com
Detlef Lannert lannert at lannert.rz.uni-duesseldorf.de
Dimitri dmitri at advantrix.com
Dirk Lattermann dlatt at t-online.de
Dirk Meyer dirk.meyer at dinoex.sub.org
Disastry Disastry at saiknes.lv
Douglas Calvert dfc at anize.org
Ed Boraas ecxjo at esperanto.org
Edmund GRIMLEY EVANS edmundo at rano.org
Edwin Woudt edwin at woudt.nl
Enzo Michelangeli em at MailAndNews.com
Ernst Molitor ernst.molitor at uni-bonn.de
Evgeny Legerov
Fabian Keil fk at fabiankeil de
Fabio Coatti cova at ferrara.linux.it
Felix von Leitner leitner at amdiv.de
fish stiqz fish at analog.org
Florian Weimer Florian.Weimer at rus.uni-stuttgart.de
Francesco Potorti pot at gnu.org
Frank Donahoe fdonahoe at wilkes1.wilkes.edu
Frank Heckenbach heckenb at mi.uni-erlangen.de
Frank Stajano frank.stajano at cl.cam.ac.uk
Frank Tobin ftobin at uiuc.edu
Gabriel Rosenkoetter gr at eclipsed.net
Gaël Quéri gael at lautre.net
Gene Carter gcarter at lanier.com
Geoff Keating geoffk at ozemail.com.au
Georg Schwarz georg.schwarz at iname.com
Giampaolo Tomassoni g.tomassoni at libero.it
Gilbert Fernandes gilbert_fernandes at hotmail.com
Grant Olson kgo at grant-olson net
Greg Louis glouis at dynamicro.on.ca
Greg Troxel gdt at ir.bbn.com
Gregory Steuck steuck at iname.com
Harald Denker harry at hal.westfalen.de
Holger Baust Holger.Baust at freenet-ag.de
Henrik Nordstrom henrik at henriknordstrom.net
Hendrik Buschkamp buschkamp at rheumanet.org
Holger Schurig holger at d.om.org
Holger Smolinski smolinsk at de.ibm.com
Holger Trapp Holger.Trapp at informatik.tu-chemnitz.de
Hugh Daniel hugh at toad.com
Huy Le huyle at ugcs.caltech.edu
Ian Abbott abbotti at mev.co.uk
Ian McKellar imckellar at harvestroad.com.au
Ingo Klöcker kloecker at kde.org
Ivo Timmermans itimmermans at bigfoot.com
Jan Krueger max at physics.otago.ac.nz
Jan Niehusmann jan at gondor.com
Jan-0liver Wagner jan @ intevation.de
Janusz A. Urbanowicz alex at bofh.torun.pl
James Troup james at nocrew.org
Jean-loup Gailly gzip at prep.ai.mit.edu
Jeff Long long at kestrel.cc.ukans.edu
Jeffery Von Ronne jronne at ics.uci.edu
Jens Bachem bachem at rrz.uni-koeln.de
Jens Seidel jensseidel at users.sf.net
Jeroen C. van Gelderen jeroen at vangelderen.org
Jeroen Schot schot at a-eskwadraat nl
J Horacio MG homega at ciberia.es
J. Michael Ashley jashley at acm.org
Jim Bauer jfbauer at home.com
Jim Small cavenewt at my-deja.com
Joachim Backes backes at rhrk.uni-kl.de
Joe Rhett jrhett at isite.net
Joerg Honegger Joerg.Honegger at hp.com
John A. Martin jam at jamux.com
John Clizbe JPClizbe at comcast.net
John R. Shannon john at johnrshannon.com
Johnny Teveßen j.tevessen at gmx.de
Jörg Schilling schilling at fokus.gmd.de
Jos Backus Jos.Backus at nl.origin-it.com
Joseph Walton joe at kafsemo.org
Juan F. Codagnone juam at arnet.com.ar
Jun Kuriyama kuriyama at sky.rim.or.jp
Kahil D. Jallad kdj4 at cs.columbia.edu
Karl Fogel kfogel at guanabana.onshore.com
Karsten Thygesen karthy at kom.auc.dk
Katsuhiro Kondou kondou at nec.co.jp
Kazu Yamamoto kazu at iij.ad.jp
Kazuyoshi Kakihara
Keith Clayton keith at claytons.org
Ken Takusagawa ken.takusagawa.2 at gmail.com
Kevin Ryde user42 at zip.com.au
Kiss Gabor kissg at ssg.ki.iif.hu
Klaus Flittner klaus at flittner org
Klaus Singvogel ks at caldera.de
Kurt Garloff garloff at suse.de
Lars Kellogg-Stedman lars at bu.edu
L. Sassaman rabbi at quickie.net
M Taylor mctaylor at privacy.nb.ca
Marcel Waldvogel mwa at arl.wustl.edu
Marco d'Itri md at linux.it
Marco Parrone marc0 at autistici.org
Marcus Brinkmann Marcus.Brinkmann at ruhr-uni-bochum.de
Mark Adler madler at alumni.caltech.edu
Mark Elbrecht snowball3 at bigfoot.com
Mark Pettit pettit at yahoo-inc.com
Markus Friedl Markus.Friedl at informatik.uni-erlangen.de
Martin Kahlert martin.kahlert at provi.de
Martin Hamilton
Martin Schulte schulte at thp.uni-koeln.de
Matt Kraai kraai at alumni.carnegiemellon.edu
Matthew Skala mskala at ansuz.sooke.bc.ca
Matthew Wilcox matthew at wil.cx
Matthias-Christian Ott ott at mirix.org
Matthias Urlichs smurf at noris.de
Max Valianskiy maxcom at maxcom.ml.org
Michael Engels michael.engels at uni-duesseldorf.de
Michael Fischer v. Mollard mfvm at gmx.de
Michael Nottebrock michaelnottebrock at gmx.net
Michael Roth mroth at nessie.de
Michael Sobolev mss at despair.transas.com
Michael Tokarev mjt at tls.msk.ru
Mike Dowling ML.Dowling at tu-bs.de
Mike McEwan mike at lotusland.demon.co.uk
Moritz Schulte moritz at chaosdorf.de
Neal H Walfield neal at cs.uml.edu
Nelson H. F. Beebe beebe at math.utah.edu
Nicolas Graner Nicolas.Graner at cri.u-psud.fr
NIIBE Yutaka gniibe at chroot.org
Niklas Hernaeus
Nimrod Zimerman zimerman at forfree.at
Norihiko Murase skeleten at shillest.net
N J Doye nic at niss.ac.uk
Oliver Haakert haakert at hsp.de
Oskari Jääskeläinen f33003a at cc.hut.fi
Pascal Scheffers Pascal at scheffers.net
Paul D. Smith psmith at baynetworks.com
Per Cederqvist ceder at lysator.liu.se
Petr Cerny pcerny at suse.cz
Phil Blundell pb at debian.org
Philippe Laliberte arsphl at oeil.qc.ca
Peter Fales psfales at lucent.com
Peter Gutmann pgut001 at cs.auckland.ac.nz
Peter Marschall Peter.Marschall at gedos.de
Peter Valchev pvalchev at openbsd.org
Petr Uzel petr.uzel at suse cz
Phong Nguyen Phong.Nguyen at ens.fr
Piotr Krukowiecki piotr at pingu.ii.uj.edu.pl
QingLong qinglong at bolizm.ihep.su
Ralph Gillen gillen at theochem.uni-duesseldorf.de
Rat ratinox at peorth.gweep.net
Ray Link rlink at pitt.edu
Reinhard Wobst R.Wobst at ifw-dresden.de
Rémi Guyomarch rguyom at mail.dotcom.fr
Reuben Sumner rasumner at wisdom.weizmann.ac.il
Richard Lefebvre rick at cerca.umontreal.ca
Richard Outerbridge outer at interlog.com
Richard Patterson vectro at yahoo.com
Robert Joop rj at rainbow.in-berlin.de
Roddy Strachan roddy at satlink.com.au
Roger Sondermann r.so at bigfoot.com
Roland Rosenfeld roland at spinnaker.rhein.de
Roman Pavlik rp at tns.cz
Ross Golder rossigee at bigfoot.com
Russell Coker russell at coker.com.au
Ryan Malayter rmalayter at bai.org
Sam Roberts sam at cogent.ca
Sami Tolvanen sami at tolvanen.com
Sascha Kiefer sk at intertivity.com
Scott Worley sworley at chkno.net
Sean MacLennan seanm at netwinder.org
Sebastian Klemke packet at convergence.de
Serge Munhoven munhoven at mema.ucl.ac.be
SL Baur steve at xemacs.org
Sten Lindgren ged at solace dot miun dot se
Stefan Bellon sbellon at sbellon.de
Dr.Stefan.Dalibor Dr.Stefan.Dalibor at bfa.de
Stefan Karrmann S.Karrmann at gmx.net
Stefan Keller dres at cs.tu-berlin.de
Steffen Ullrich ccrlphr at xensei.com
Steffen Zahn zahn at berlin.snafu.de
Steven Bakker steven at icoe.att.com
Steven Murdoch sjmurdoch at bigfoot.com
Stoyan Angelov s_angelov at filibeto.org
Susanne Schultz schultz at hsp.de
Tavis Ormandy taviso at gentoo.org
Ted Cabeen secabeen at pobox.com
Thiago Jung Bauermann jungmann at cwb.matrix.com.br
Thijmen Klok thijmen at xs4all.nl
Thomas Roessler roessler at guug.de
Tim Mooney mooney at dogbert.cc.ndsu.nodak.edu
Timo Schulz twoaday at freakmail.de
Tobias Winkler tobias.winkler at s1998.tu-chemnitz.de
Todd Vierling tv at pobox.com
TOGAWA Satoshi Satoshi.Togawa at jp.yokogawa.com
Tom Duerbusch DuerbuschT at stlouiscity.com
Tom Pegios tomp at idirect.com
Tom Spindler dogcow at home.merit.edu
Tom Zerucha tzeruch at ceddec.com
Tomas Fasth tomas.fasth at twinspot.net
Tommi Komulainen Tommi.Komulainen at iki.fi
Thomas Klausner wiz at danbala.ifoer.tuwien.ac.at
Tomasz Kozlowski tomek at rentec.com
Thomas Mikkelsen tbm at image.dk
Ulf Möller 3umoelle at informatik.uni-hamburg.de
Urko Lusa ulusa at euskalnet.net
Vincent P. Broman broman at spawar.navy.mil
Volker Quetschke quetschke at scytek.de
W Lewis wiml at hhhh.org
Walter Hofmann Walter.Hofmann at physik.stud.uni-erlangen.de
Walter Koch koch at hsp.de
Wayne Chapeskie waynec at spinnaker.com
Werner Koch wk at gnupg.org
Wim Vandeputte bunbun at reptile.rug.ac.be
Winona Brown win at huh.org
Yosiaki IIDA iida at ring.gr.jp
Yoshihiro Kajiki kajiki at ylug.org
nbecker at hns.com
Thanks to the German Unix User Group for sponsoring this project,
Martin Hamilton for hosting the first mailing list and OpenIT for
hosting the server.
The development of this software has partly (i.e. the Windows port)
been funded by the German Ministry for Economics and Technology under
grant VIB3-68553.168-001/1999.
Many thanks to my wife Gerlinde for having so much patience with
me while hacking late in the evening.
Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004
2006 Free Software Foundation, Inc.
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even the
implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

View file

@ -0,0 +1,118 @@
-*- outline -*-
* src/base64
** Make parsing more robust
Currently we don't cope with overlong lines in the best way.
** Check that we really release the ksba reader/writer objects.
* sm/call-agent.c
** Some code should go into import.c
** When we allow concurrent service request in gpgsm, we
might want to have an agent context for each service request
(i.e. Assuan context).
* sm/certchain.c
** Try to keep certificate references somewhere
This will help with some of our caching code. We also need to test
that caching; in particular "regtp_ca_chainlen".
* sm/decrypt.c
** replace leading zero in integer hack by a cleaner solution
* sm/gpgsm.c
** Implement --default-key
** support the anyPolicy semantic
** Should we prefer nonRepudiation certs over plain signing certs?
Also: Do we need a way to allow the selection of a qualSig cert
over a plain one? The background is that the Telesec cards have 3
certs capable of signing all with the same subject name.
* sm/keydb.c
** Check file permissions
** Check that all error code mapping is done.
** Remove the inter-module dependencies between gpgsm and keybox
** Add an source_of_key field
* agent/
** If we detect that a private key has been deleted
Bump the key event counter.
* agent/command.c
** Make sure that secure memory is used where appropriate
* agent/pkdecrypt.c, agent/pksign.c
** Support DSA
* Move pkcs-1 encoding into libgcrypt.
* Use a MAC to protect sensitive files.
The problem here is that we need yet another key and it is unlikely
that users are willing to remember that key too. It is possible to
do this with a smartcard, though.
* sm/export.c
** Return an error code or a status info per user ID.
* common/tlv.c
The parse_sexp function should not go into this file. Check whether
we can change all S-expression handling code to make use of this
function.
* scd
** Application context vs. reader slot
We have 2 concurrent method of tracking whether a reader is in use:
Using the session_list in command.c and the lock_table in app.c. It
would be better to do this just at one place. First we need to see
how we can support cards with multiple applications.
** Resolve fixme in do_sign of app-dinsig.
** Disconnect
Card timeout is currently used as a boolean.
Add disconnect support for the ccid driver.
* Regression tests
** Add a regression test to check the extkeyusage.
* Windows port (W32)
** Regex support is disabled
We need to adjust the test to find the regex we have anyway in
gpg4win. Is that regex compatible to the OpenPGP requirement?
* sm/
** check that we issue NO_SECKEY xxx if a -u key was not found
We don't. The messages returned are also wrong (recipient vs. signer).
* g10/
** issue a NO_SECKEY xxxx if a -u key was not found.
* Extend selinux support to other modules
See also http://etbe.coker.com.au/2008/06/06/se-linux-support-gpg/
* UTF-8 specific TODOs
None.
* Manual
** Document all gpgsm options.
* Pinpad Reader
We do not yet support P15 applications. The trivial thing using
ASCII characters will be easy to implement but the other cases need
some more work.
* Bugs
* Howtos
** Migrate OpenPGP keys to another system
* Gpg-Agent Locale
Although we pass LC_MESSAGE from gpgsm et al. to Pinentry, this has
only an effect on the stock GTK strings (e.g. "OK") and not on any
strings gpg-agent generates and passes to Pinentry. This defeats
our design goal to allow changing the locale without changing
gpg-agent's default locale (e.g. by the command updatestartuptty).
* RFC 4387: Operational Protocols: Certificate Store Access via HTTP
Do we support this?

View file

@ -0,0 +1,61 @@
$Id$
Note for translators
--------------------
Some strings in GnuPG are for matching user input against. These
strings can accept multiple values that mean essentially the same
thing.
For example, the string "yes" in English is "sí" in Spanish. However,
some users will type "si" (without the accent). To accommodate both
users, you can translate the string "yes" as "sí|si". You can have
any number of alternate matches separated by the | character like
"sí|si|seguro".
The strings that can be handled in this way are of the form "yes|yes",
(or "no|no", etc.) There should also be a comment in the .po file
directing you to this file.
Help files
----------
GnuPG provides a little help feature (entering a ? on a prompt). This
help used to be translated the usual way with gettext but it turned
out that this is too inflexible and does for example not allow
correcting little mistakes in the English text. For some newer features
we require editable help files anyway and thus the existing help
strings have been moved to plain text files names "help.LL.txt". We
distribute these files and allow overriding them by files of that name
in /etc/gnupg. The syntax of these files is documented in
doc/help.txt. This is also the original we use to describe new
possible online help keys. The source files are located in doc/ and
need to be in encoded in UTF-8. Strings which require a translation
are disabled like this
.#gpgsm.some.help-item
This string is not translated.
After translation you should remove the hash mark so that the
entry looks like.
.gpgsm.some.help-item
This string has been translated.
The percent sign is not a special character and if there is something
to watch out there will be a remark.
Sending new or updated translations
-----------------------------------
Please note that we do not use the TP Robot but require that
translations are to be send by mail to translations@gnupg.org. We
also strongly advise to get subscribed to i18n@gnupg.org and request
assistance if it is not clear on how to translate certain strings. A
wrongly translated string may lead to a security problem.
A copyright disclaimer to the FSF is not anymore required since
December 2012.

View file

@ -0,0 +1,13 @@
Files in this directory:
scd-event A handler script used with scdaemon
trustlist.txt A list of trustworthy root certificates
(Please check yourself whether you actually trust them)
gpgconf.conf A sample configuration file for gpgconf.
qualified.txt Sample file for qualified.txt.
common.conf Sample file for common options.

View file

@ -0,0 +1,22 @@
# common.conf - common defaults for all components.
#
# This file may provide defaults as well as options which needs to be
# synchronized between components. As usual this file is read from
# the system wide config directory (e.g. /etc/gnupg/common.conf) as
# well as from the home directory (e.g. ~/.gnupg/common.conf).
# Uncomment to enable the use of the keybox daemon (keyboxd) by gpg
# and gpgsm.
#use-keyboxd
# For testing it is sometimes useful to use a different binary
# of keybox. This option can be used to specify this.
#keyboxd-program /foo/bar/keyboxd
# For the daemons (gpg-agent, scdaemon, dirmngr, keyboxd) it is often
# useful to define a shared logging destination. This is either the
# standard logging socket (socket://) or a tcp server (tcp://ip:port).
# If a file name is given the name of the component is internally
# appended.
#log-file socket://

View file

@ -0,0 +1,66 @@
# gpgconf.conf - configuration for gpgconf
#----------------------------------------------------------------------
#
# === The use of this feature is deprecated ===
# == Please use the more powerful global options. ==
#
# This file is read by gpgconf(1) to setup defaults for all or
# specified users and groups. It may be used to change the hardwired
# defaults in gpgconf and to enforce certain values for the various
# GnuPG related configuration files.
#
# NOTE: This is a legacy mechanism. The modern way is to use global
# configuration files like /etc/gnupg/gpg.conf which are more
# flexible and better integrated into the configuration system.
#
# Empty lines and comment lines, indicated by a hash mark as first non
# white space character, are ignored. The line is separated by white
# space into fields. The first field is used to match the user or
# group and must start at the first column, the file is processed
# sequential until a matching rule is found. A rule may contain
# several lines; continuation lines are indicated by a indenting them.
#
# Syntax of a line:
# <key>|WS <component> <option> ["["<flag>"]"] [<value>]
#
# Examples for the <key> field:
# foo - Matches the user "foo".
# foo: - Matches the user "foo".
# foo:staff - Matches the user "foo" or the group "staff".
# :staff - Matches the group "staff".
# * - Matches any user.
# All other variants are not defined and reserved for future use.
#
# <component> and <option> are as specified by gpgconf.
# <flag> may be one of:
# default - Delete the option so that the default is used.
# no-change - Mark the field as non changeable by gpgconf.
# change - Mark the field as changeable by gpgconf.
#
# Example file:
#==========
# :staff gpg-agent min-passphrase-len 6 [change]
#
# * gpg-agent min-passphrase-len [no-change] 8
# gpg-agent min-passphrase-nonalpha [no-change] 1
# gpg-agent max-passphrase-days [no-change] 700
# gpg-agent enable-passphrase-history [no-change]
# gpg-agent enforce-passphrase-constraints [default]
# gpg-agent enforce-passphrase-constraints [no-change]
# gpg-agent max-cache-ttl [no-change] 10800
# gpg-agent max-cache-ttl-ssh [no-change] 10800
# gpgsm enable-ocsp
# gpg compliance [no-change]
# gpgsm compliance [no-change]
#===========
# All users in the group "staff" are allowed to change the value for
# --allow-mark-trusted; gpgconf's default is not to allow a change
# through its interface. When "gpgconf --apply-defaults" is used,
# "allow-mark-trusted" will get enabled and "min-passphrase-len" set
# to 6. All other users are not allowed to change
# "min-passphrase-len" and "allow-mark-trusted". When "gpgconf
# --apply-defaults" is used for them, "min-passphrase-len" is set to
# 8, "allow-mark-trusted" deleted from the config file and
# "enable-ocsp" is put into the config file of gpgsm. The latter may
# be changed by any user.
#-------------------------------------------------------------------

View file

@ -0,0 +1,12 @@
# gpgconf-rnames.lst
# Additional registry settings to be shown by "gpgconf -X".
#
# Example: HKCU\Software\GNU\GnuPG:FooBar
#
# HKCU := The class. Other supported classes are HKLM, HKCR, HKU,
# and HKCC. If no class is given and the string thus starts
# with a backslash HKCU with a fallback to HKLM is used.
# Software\GNU\GnuPG := The actual key.
# FooBar := The name of the item. if a name is not given the default
# value is used.
#

View file

@ -0,0 +1,48 @@
# pwpattern.list -*- default-generic -*-
#
# This is an example for a pattern file as used by gpg-check-pattern.
# The file is line based with comment lines beginning on the *first*
# position with a '#'. Empty lines and lines with just spaces are
# ignored. The other lines may be verbatim patterns and match as they
# are (trailing spaces are ignored) or extended regular expressions
# indicated by a / in the first column and terminated by another / or
# end of line. All comparisons are case insensitive.
# Reject the usual metavariables. Usual not required because
# gpg-agent can be used to reject all passphrases shorter than 8
# characters.
foo
bar
baz
# As well as very common passwords. Note that gpg-agent can be used
# to reject them due to missing non-alpha characters.
password
passwort
passphrase
mantra
test
abc
egal
# German number plates.
/^[A-Z]{1,3}[ ]*-[ ]*[A-Z]{1,2}[ ]*[0-9]+/
# Dates (very limited, only ISO dates). */
/^[012][0-9][0-9][0-9]-[012][0-9]-[0123][0-9]$/
# Arbitrary strings
the quick brown fox jumps over the lazy dogs back
no-password
no password
12345678
123456789
1234567890
87654321
987654321
0987654321
qwertyuiop
qwertzuiop
asdfghjkl
zxcvbnm

View file

@ -0,0 +1,237 @@
# This is the list of root certificates used for qualified
# certificates. They are defined as certificates capable of creating
# legally binding signatures in the same way as a handwritten
# signatures are. Comments like this one and empty lines are allowed
# Lines do have a length limit but this is not a serious limitation as
# the format of the entries is fixed and checked by gpgsm: A
# non-comment line starts with optional whitespaces, followed by
# exactly 40 hex character, whitespace and a lowercased 2 letter
# country code. Additional data delimited with by a whitespace is
# current ignored but might late be used for other purposes.
#
#*******************************************
#
# Belgium
#
# Need to figure out a reliable source.
#*******************************************
#*******************************************
#
# Germany
#
# The information for Germany is available
# at http://www.bundesnetzagentur.de
#*******************************************
#Serial number: 32D18D
# Issuer: /CN=6R-Ca 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
# fÈur Telekommunikation und Post/C=DE
# Subject: /CN=6R-Ca 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
# fÈur Telekommunikation und Post/C=DE
# validity: 2001-02-01 09:52:17 through 2005-06-01 09:52:17
# key type: 1024 bit RSA
# key usage: certSign crlSign
#[checked: 2005-11-14]
EA:8D:99:DD:36:AA:2D:07:1A:3C:7B:69:00:9E:51:B9:4A:2E:E7:60 de
#Serial number: 00C48C8D
# Issuer: /CN=7R-CA 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
# fÈur Telekommunikation und Post/C=DE
# Subject: /CN=7R-CA 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
# fÈur Telekommunikation und Post/C=DE
# validity: 2001-10-15 11:15:15 through 2006-02-15 11:15:15
# key type: 1024 bit RSA
# key usage: certSign crlSign
#[checked: 2005-11-14]
DB:45:3D:1B:B0:1A:F3:23:10:6B:DE:D0:09:61:57:AA:F4:25:E0:5B de
#Serial number: 01
# Issuer: /CN=8R-CA 1:PN/O=Regulierungsbehörde für
# Telekommunikation und Post/C=DE
# Subject: /CN=8R-CA 1:PN/O=Regulierungsbehörde für
# Telekommunikation und Post/C=DE
# validity: 2004-11-25 14:10:37 through 2007-12-31 14:04:03
# key type: 1024 bit RSA
# key usage: certSign
# policies: 1.3.36.8.1.1:N:
# chain length: unlimited
#[checked: 2005-11-14]
42:6A:F6:78:30:E9:CE:24:5B:EF:41:A2:C1:A8:51:DA:C5:0A:6D:F5 de
#Serial number: 02
# Issuer: /CN=9R-CA 1:PN/O=Regulierungsbehörde für
# Telekommunikation und Post/C=DE
# Subject: /CN=9R-CA 1:PN/O=Regulierungsbehörde für
# Telekommunikation und Post/C=DE
# validity: 2004-11-25 14:59:11 through 2007-12-31 14:56:59
# key type: 1024 bit RSA
# key usage: certSign
# policies: 1.3.36.8.1.1:N:
# chain length: unlimited
#[checked: 2005-11-14]
75:9A:4A:CE:7C:DA:7E:89:1B:B2:72:4B:E3:76:EA:47:3A:96:97:24 de
#Serial number: 2A
# Issuer: /CN=10R-CA 1:PN/O=Bundesnetzagentur/C=DE
# Subject: /CN=10R-CA 1:PN/O=Bundesnetzagentur/C=DE
# validity: 2005-08-03 15:30:36 through 2007-12-31 15:09:23
# key type: 1024 bit RSA
# key usage: certSign
# policies: 1.3.36.8.1.1:N:
# chain length: unlimited
#[checked: 2005-11-14]
31:C9:D2:E6:31:4D:0B:CC:2C:1A:45:00:A6:6B:97:98:27:18:8E:CD de
#Serial number: 2D
# Issuer: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE
# Subject: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE
# validity: 2005-08-03 18:09:49 through 2007-12-31 18:04:28
# key type: 1024 bit RSA
# key usage: certSign
# policies: 1.3.36.8.1.1:N:
# chain length: unlimited
#[checked: 2005-11-14]
A0:8B:DF:3B:AA:EE:3F:9D:64:6C:47:81:23:21:D4:A6:18:81:67:1D de
# ID: 0x5B4757B0
# S/N: 0139
# Issuer: /CN=12R-CA 1:PN/O=Bundesnetzagentur/C=DE
# Subject: /CN=12R-CA 1:PN/O=Bundesnetzagentur/C=DE
# validity: 2007-05-25 11:01:44 through 2012-05-25 10:56:07
# key type: 2048 bit RSA
# key usage: certSign
# policies: 1.3.36.8.1.1:N:
# chain length: unlimited
# [checked: 2008-06-25]
44:7E:D4:E3:9A:D7:92:E2:07:FA:53:1A:2E:F5:B8:02:5B:47:57:B0 de
# ID: 0x46A2CC8A
# S/N: 013C
# Issuer: /CN=13R-CA 1:PN/O=Bundesnetzagentur/C=DE
# Subject: /CN=13R-CA 1:PN/O=Bundesnetzagentur/C=DE
# validity: 2007-05-29 11:02:37 through 2012-05-29 10:55:54
# key type: 2048 bit RSA
# key usage: certSign
# policies: 1.3.36.8.1.1:N:
# chain length: unlimited
# [checked: 2008-06-25]
AC:A7:BE:45:1F:A6:BF:09:F2:D1:3F:08:7B:BC:EB:7F:46:A2:CC:8A de
#
# D-Trust root certificates. Probably by shifting a lot of Euros to
# laywer companies, German CAs achieved to get the permission to
# create their own legally binding root certificates - independent of
# the Bundesnetzagentur. The main problem with this is that it is
# hard to figure out what qualified root certificates are actually
# active. There is now no way to be sure whether a signature is a
# qualified one. A pettifogger's way of validating certificates.
#
#Serial number: 00B95F
# Issuer: /CN=D-TRUST Qualified Root CA 1 2006:PN/O=D-Trust GmbH/C=DE
# Subject: /CN=D-TRUST Qualified Root CA 1 2006:PN/O=D-Trust GmbH/C=DE
# aka: info@d-trust.net
# aka: (uri http://www.d-trust.net)
# validity: 2006-04-27 12:40:54 through 2011-04-27 12:40:54
# key type: 2048 bit RSA
# key usage: certSign crlSign
# policies: 1.3.6.1.4.1.4788.2.30.1:N:
# chain length: unlimited
#[checked: 2007-01-31 by phone 030-259391-0 and callback by Mrs. Enke]
E0:BF:1B:91:91:6B:88:E4:F1:15:92:22:CE:37:23:96:B1:4A:2E:5C de
#Serial number: 00B960
# Issuer: /CN=D-TRUST Qualified Root CA 2 2006:PN/O=D-Trust GmbH/C=DE
# Subject: /CN=D-TRUST Qualified Root CA 2 2006:PN/O=D-Trust GmbH/C=DE
# aka: info@d-trust.net
# aka: (uri http://www.d-trust.net)
# validity: 2006-04-27 12:40:54 through 2011-04-27 12:40:54
# key type: 2048 bit RSA
# key usage: certSign crlSign
# policies: 1.3.6.1.4.1.4788.2.30.1:N:
# chain length: unlimited
#[checked: 2007-01-31 by phone 030-259391-0 and callback by Mrs. Enke]
98:2A:75:67:0F:F8:28:4A:94:E0:9D:23:D8:E7:62:C8:BD:A4:54:04 de
#
# S-Trust root certificates.
#
#Serial number: 00DF749F80AA51F0EDC0CB1FC183E97EE2
# Issuer: /CN=S-TRUST Qualified Root CA 2006-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart
# /ST=Baden-Wuerttemberg (BW)/C=DE
# Subject: /CN=S-TRUST Qualified Root CA 2006-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart
# /ST=Baden-Wuerttemberg (BW)/C=DE
# validity: 2006-01-01 00:00:00 through 2010-12-30 23:59:59
# key type: 2048 bit RSA
# key usage: certSign crlSign
# chain length: 1
#[checked: 2007-01-31 by phone 0711-782-0 Mr. Brommer]
7D:DC:76:1C:FD:AF:4C:E0:3A:B5:3A:DD:C9:FA:13:35:19:A3:DE:C9 de
#Serial number: 00BC098E0402E92956B8D7DE74977E26F7
# Issuer: /CN=S-TRUST Qualified Root CA 2007-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart
# /ST=Baden-Wuerttemberg (BW)/C=DE
# Subject: /CN=S-TRUST Qualified Root CA 2007-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart
# /ST=Baden-Wuerttemberg (BW)/C=DE
# validity: 2007-01-01 00:00:00 through 2011-12-30 23:59:59
# key type: 2048 bit RSA
# key usage: certSign crlSign
# chain length: 1
#[checked: 2007-01-31 by phone 0711-782-0 Mr. Brommer]
7A:3C:1B:60:2E:BD:A4:A1:E0:EB:AD:7A:BA:4F:D1:43:69:A9:39:FC de
# ID: 0xA8FEA3CA
# S/N: 00B3963E0E6C2D65125853E970665402E5
# Issuer: /CN=S-TRUST Qualified Root CA 2008-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
# Subject: /CN=S-TRUST Qualified Root CA 2008-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
# validity: 2008-01-01 00:00:00 through 2012-12-30 23:59:59
# key type: 2048 bit RSA
# key usage: certSign crlSign
# chain length: 1
#[checked: 2007-12-13 via received ZIP file with qualified signature from
# /CN=Dr. Matthias Stehle/O=Deutscher Sparkassenverlag
# /C=DE/SerialNumber=DSV0000000008/SN=Stehle/GN=Matthias Georg]
C9:2F:E6:50:DB:32:59:E0:CE:65:55:F3:8C:76:E0:B8:A8:FE:A3:CA de
# ID: 0x3A7D979B
# S/N: 00C4216083F35C54F67B09A80C3C55FE7D
# Issuer: /CN=S-TRUST Qualified Root CA 2008-002:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
# Subject: /CN=S-TRUST Qualified Root CA 2008-002:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
# validity: 2008-01-01 00:00:00 through 2012-12-30 23:59:59
# key type: 2048 bit RSA
# key usage: certSign crlSign
# chain length: 1
#[checked: 2007-12-13 via received ZIP file with qualified signature from
# /CN=Dr. Matthias Stehle/O=Deutscher Sparkassenverlag
# /C=DE/SerialNumber=DSV0000000008/SN=Stehle/GN=Matthias Georg"]
D5:C7:50:F2:FE:4E:EE:D7:C7:B1:E4:13:7B:FB:54:84:3A:7D:97:9B de
#*******************************************
#
# End of file
#
#*******************************************

View file

@ -0,0 +1,102 @@
#!/bin/sh
# Sample script for scdaemon event mechanism.
#exec >>/tmp/scd-event.log
PGM=scd-event
reader_port=
old_code=0x0000
new_code=0x0000
status=
tick='`'
prev=
while [ $# -gt 0 ]; do
arg="$1"
case $arg in
-*=*) optarg=$(echo "X$arg" | sed -e '1s/^X//' -e 's/[-_a-zA-Z0-9]*=//')
;;
*) optarg=
;;
esac
if [ -n "$prev" ]; then
eval "$prev=\$arg"
prev=
shift
continue
fi
case $arg in
--help|-h)
cat <<EOF
Usage: $PGM [options]
$PGM is called by scdaemon on card reader status changes
Options:
--reader-port N Reports change for port N
--old-code 0xNNNN Previous status code
--old-code 0xNNNN Current status code
--status USABLE|ACTIVE|PRESENT|NOCARD
Human readable status code
Environment:
GNUPGHOME=DIR Set to the active homedir
EOF
exit 0
;;
--reader-port)
prev=reader_port
;;
--reader-port=*)
reader_port="$optarg"
;;
--old-code)
prev=old_code
;;
--old-code=*)
old_code="$optarg"
;;
--new-code)
prev=new_code
;;
--new-code=*)
new_code="$optarg"
;;
--status)
prev=status
;;
--new-code=*)
status="$optarg"
;;
-*)
echo "$PGM: invalid option $tick$arg'" >&2
exit 1
;;
*)
break
;;
esac
shift
done
if [ -n "$prev" ]; then
echo "$PGM: argument missing for option $tick$prev'" >&2
exit 1
fi
cat <<EOF
========================
port: $reader_port
old-code: $old_code
new-code: $new_code
status: $status
EOF
if [ x$status = xUSABLE ]; then
gpg --batch --card-status 2>&1
fi

View file

@ -0,0 +1,64 @@
# This is the global list of trusted keys. Comment lines, like this
# one, as well as empty lines are ignored. Lines have a length limit
# but this is not serious limitation as the format of the entries is
# fixed and checked by gpg-agent. A non-comment line starts with
# optional white space, followed by the SHA-1 fingerprint in hex,
# optionally followed by a flag character which my either be 'P', 'S'
# or '*'. This file will be read by gpg-agent if no local trustlist
# is available or if the statement "include-default" is used in the
# local list. You should give the gpg-agent(s) a HUP after editing
# this file.
#Serial number: 32D18D
# Issuer: /CN=6R-Ca 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
# fÈur Telekommunikation und Post/C=DE
EA:8D:99:DD:36:AA:2D:07:1A:3C:7B:69:00:9E:51:B9:4A:2E:E7:60 S
#Serial number: 00C48C8D
# Issuer: /CN=7R-CA 1:PN/NameDistinguisher=1/O=RegulierungsbehÈorde
# fÈur Telekommunikation und Post/C=DE
DB:45:3D:1B:B0:1A:F3:23:10:6B:DE:D0:09:61:57:AA:F4:25:E0:5B S
#Serial number: 01
# Issuer: /CN=8R-CA 1:PN/O=Regulierungsbehörde für
# Telekommunikation und Post/C=DE
42:6A:F6:78:30:E9:CE:24:5B:EF:41:A2:C1:A8:51:DA:C5:0A:6D:F5 S
#Serial number: 02
# Issuer: /CN=9R-CA 1:PN/O=Regulierungsbehörde für
# Telekommunikation und Post/C=DE
75:9A:4A:CE:7C:DA:7E:89:1B:B2:72:4B:E3:76:EA:47:3A:96:97:24 S
#Serial number: 2A
# Issuer: /CN=10R-CA 1:PN/O=Bundesnetzagentur/C=DE
31:C9:D2:E6:31:4D:0B:CC:2C:1A:45:00:A6:6B:97:98:27:18:8E:CD S
#Serial number: 2D
# Issuer: /CN=11R-CA 1:PN/O=Bundesnetzagentur/C=DE
A0:8B:DF:3B:AA:EE:3F:9D:64:6C:47:81:23:21:D4:A6:18:81:67:1D S
# S/N: 0139
# Issuer: /CN=12R-CA 1:PN/O=Bundesnetzagentur/C=DE
44:7E:D4:E3:9A:D7:92:E2:07:FA:53:1A:2E:F5:B8:02:5B:47:57:B0 S
# S/N: 013C
# Issuer: /CN=13R-CA 1:PN/O=Bundesnetzagentur/C=DE
AC:A7:BE:45:1F:A6:BF:09:F2:D1:3F:08:7B:BC:EB:7F:46:A2:CC:8A S
# S/N: 00B3963E0E6C2D65125853E970665402E5
# Issuer: /CN=S-TRUST Qualified Root CA 2008-001:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
C9:2F:E6:50:DB:32:59:E0:CE:65:55:F3:8C:76:E0:B8:A8:FE:A3:CA S
# S/N: 00C4216083F35C54F67B09A80C3C55FE7D
# Issuer: /CN=S-TRUST Qualified Root CA 2008-002:PN
# /O=Deutscher Sparkassen Verlag GmbH/L=Stuttgart/C=DE
D5:C7:50:F2:FE:4E:EE:D7:C7:B1:E4:13:7B:FB:54:84:3A:7D:97:9B S
#Serial number: 00
# Issuer: /CN=CA Cert Signing Authority/OU=http:\x2f\x2fwww.
# cacert.org/O=Root CA/EMail=support@cacert.org
13:5C:EC:36:F4:9C:B8:E9:3B:1A:B2:70:CD:80:88:46:76:CE:8F:33 S