2010-11-24 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.3.5. * NEWS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * lib/crypto.c (init_gpgme): Set context locale, as recommended by documentation. 2010-11-22 Miloslav TrmaÄ <mitr@redhat.com> * lib/crypto.c (init_gpgme): Placate gpgme 1.2. 2010-10-20 Miloslav TrmaÄ <mitr@redhat.com> * contrib/email/README * contrib/email/escrow-receive * contrib/email/escrow-transit: New files, contributed by Marko Myllynen <myllynen@redhat.com>. * Makefile.am (EXTRA_DIST): Distribute the email scripts. 2010-10-18 Miloslav TrmaÄ <mitr@redhat.com> * src/volume_key.c (pos_interact): Split from pos_init (). (do_save, do_reencrypt): Call pos_init () as early as possible. Use pos_interact () at the original location. * lib/volume_luks.c (luks_apply_secret) * src/volume_key.c (pos_interact): Only tell the user about an incorrect passphrase once. * src/volume_key.c (passphrase_ui_cb): Tell the user when a non-NSS passphrase is incorrect. 2010-10-08 Miloslav TrmaÄ <mitr@redhat.com> * src/volume_key.c (get_password): New function. (nss_password_fn, generic_ui_cb, passphrase_ui_cb): Use get_password () instead of getpass (). 2010-09-29 Miloslav TrmaÄ <mitr@redhat.com> * lib/SSLerrs.h: New file. * Makefile.am (lib_libvolume_key_la_SOURCES): Add lib/SSLerrs.h. * lib/nss_error.c (mapping): Use SSLerrs.h. * README * doc/volume_key.8: Clarify which block device should be passed to volume_key(8). 2010-08-27 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.3.4. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. 2010-07-22 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Use AC_SYS_LARGEFILE, required by gpgme. 2010-06-14 Miloslav TrmaÄ <mitr@redhat.com> * src/volume_key.c (generate_random_passphrase): Use a character set with 2^N characters to make sure all choices are equally likely. Use 20 characters (in groups of 5), overall increasing the passphrase strength of 120 bits instead of 31.359 bits. * src/volume_key.c (do_save): Zero the generated passphrase before freeing it. * src/volume_key.c (generate_random_passphrase): Split from do_save (). 2010-06-12 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Define AC_PACKAGE_URL. * lib/kmip.h (kmip_libvk_packet_drop_secret): New declaration. * lib/kmip.c (kmip_libvk_packet_drop_secret): New function. * lib/volume_luks.h (struct luks_volume): Document that passphrase_slot can be valid without passphrase. * lib/volume_luks.c (luks_volume_dump_properties): Dump passphrase slot even if passphrase is unknown. (luks_parse_escrow_packet): Initialize passphrase slot if passphrase is unknown. Support packets that do not contain the encryption key or the passphrase. * lib/libvolume_key.h (LIBVK_ERROR_METADATA_ENCRYPTED): New error value. (libvk_packet_open_unencrypted): New declaration. * lib/libvolume_key.c (libvk_packet_open_unencrypted): New function. * python/volume_key.i (libvk_packet_open_unencrypted): Hide. (libvk_packet.open_unencrypted): New method. * src/volume_key.c (dump_unencrypted): New variable. (option_descriptions): New option `--unencrypted'. (parse_options): Validate dump_unencrypted. (do_dump): Use dump_unencrypted. * doc/volume_key.8 (--unencrypted): Document new option. 2010-06-11 Miloslav TrmaÄ <mitr@redhat.com> * lib/volume_luks.c (luks_load_packet): When loading a passphrase from a packet, set passphrase_slot to the slot the passphrase is physically located, regardless of the slot indicated in the packet. * lib/volume_luks.h: Beautify. 2010-06-07 Miloslav TrmaÄ <mitr@redhat.com> * src/volume_key.c (do_save) * doc/demo.py (do_save): Fix the random passphrase charset - add 'a', remove second 'z'. 2010-03-26 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.3.3. * NEWS: Update. * po/LINGUAS: Update. 2010-03-04 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.3.2. * NEWS: Update. * po/LINGUAS: Update. * configure.ac: Use xz to compress the distribution tarball. 2010-02-05 Miloslav TrmaÄ <mitr@redhat.com> * src/volume_key.c (pos_init): Set *error if passphrase_ui_cb () fails. 2009-12-11 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.3.1. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * lib/SECerrs.h * lib/nss_error.h * lib/nss_error.c: New file. * lib/crypto.c (error_from_pr) * src/volume_key.c (error_from_pr): Use libvk_nss_error_text__ (). * Makefile.am (lib_libvolume_key_la_SOURCES): Add lib/SECerrs.h, lib/nss_error.c and lib/nss_error.h. 2009-09-30 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.3. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * python/volume_key.i (%init): Call libvk_init (). (libvk_init): New %ignore directive. * configure.ac: Use pkg-config to search for for libcryptsetup. * Makefile.am (AM_CPPFLAGS): Add $(libcryptsetup_CFLAGS). (lib_libvolume_key_la_LIBADD): Replace -lcryptsetup with $(libcryptsetup_LIBS). * lib/volume_luks.c (dummy_luks_log): Remove. (open_crypt_device): New function. (g_free_key): Replace free_key (). (luks_volume_open, luks_get_secret, luks_load_packet) (luks_apply_secret, luks_add_secret, luks_open_with_packet): Update for final libcryptsetup API. * README: Update. * Makefile.am (python__volume_key_la_LIBADD) (tests_packet_roundtrips_LDADD): Add $(glib_LIBS), $(nss_LIBS). * src/volume_key.c (output_format, output_format_string): New variables. (option_descriptions): Add --output-format. (parse_options): Handle --output-format. (write_packet): Use output_format. * doc/volume_key.8 (--output-format): Document new option. * lib/libvolume_key.h (LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_SECRET_ONLY) (LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_SECRET_ONLY) (libvk_volume_create_packet_wrap_secret_symmetric) * lib/libvolume_key.c (libvk_volume_create_packet_asymmetric) (libvk_volume_create_packet_asymmetric_with_format) (libvk_volume_create_packet_wrap_secret_symmetric) (libvk_packet_open) * python/volume_key.i (PACKET_FORMAT_ASYMMETRIC_WRAP_SECRET_ONLY) (PACKET_FORMAT_SYMMETRIC_WRAP_SECRET_ONLY) (libvk_volume_create_packet_wrap_secret_symmetric) (Volume::create_packet_assymetric_from_cert_data) (Volume::create_packet_asymmetric_from_cert_data) * src/volume_key.c (do_dump) * tests/packet_roundtrips.c (test): s/wrap_key/wrap_secret/g. * src/volume_key.c (write_packet, do_dump): s/assymetric/asymmetric/g (do_dump): Add LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY and LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY support. * python/volume_key.i (PACKET_FORMAT_ASYMMETRIC) (PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY) (PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY): New definitions. (libvk_ui_set_sym_key_cb, libvk_volume_create_packet_asymmetric) (libvk_volume_create_packet_asymmetric_with_format) (libvk_volume_create_packet_wrap_key_symmetric): New %ignore directives. (%typemap(check) enum libvk_packet_format): New typemap. (libvk_volume_create_packet_asymmetric_from_cert_data): Move to top level, add "format" parameter. (Volume::create_packet_asymmetric): New declaration. (Volume::create_packet_assymetric_from_cert_data): New method. (Volume::create_packet_asymmetric_from_cert_data): New declaration, add default format value. * tests/packet_roundtrips.sh: New test. * tests/packet_roundtrips.c * tests/packet_roundtrips_luks_passphrase * tests/packet_roundtrips_luks_symmetric: New files. * tests/crypto_roundtrips.sh * tests/crypto_roundtrips.c * tests/kmip_roundtrip.c * tests/kmip_roundtrip_luks_passphrase * tests/kmip_roundtrip_luks_symmetric: Remove. * Makefile.am (TESTS): Replace previous tests with tests/packet_roundtrips.sh. (EXTRA_DIST, check_PROGRAMS): Update for test changes. * configure.ac: Disable static libraries, they are not necessary for tests any more. * lib/libvolume_key.h (LIBVK_ERROR_KMIP_UNSUPPORTED_FORMAT) (LIBVK_ERROR_UNSUPPORTED_WRAPPING_MECHANISM): New definitions. (libvk_ui_set_sym_key_cb): New declaration. (LIBVK_PACKET_FORMAT_ASYMMETRIC) (LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY) (LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY): New definitions. (libvk_volume_create_packet_asymmetric) (libvk_volume_create_packet_asymmetric_with_format) (libvk_volume_create_packet_wrap_key_symmetric): New declarations. * lib/libvolume_key.c (packet_prepend_header): New function, use in all packet creation functions. (libvk_volume_create_packet_asymmetric): New function. (libvk_volume_create_packet_asymmetric_with_format): New function, based in part on libvk_volume_create_packet_assymetric (). (libvk_volume_create_packet_assymetric): Replace by a call to libvk_volume_create_packet_asymmetric_with_format (). (libvk_volume_create_packet_wrap_key_symmetric): New function. (libvk_packet_open): Add support for LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY and LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY. * lib/volume.h (volume_create_escrow_packet) (volume_load_escrow_packet): Update prototypes. * lib/volume.c (volume_create_data_encryption_key_packet) (volume_create_passphrase_packet): Initialize wrapping-related fields. (volume_load_escrow_packet): Expect a decoded KMIP packet instead of raw bytes. All callers changed. (volume_create_escrow_packet): Return a KMIP packet structure instead of raw bytes. All callers changed. * lib/ui.h (struct libvk_ui): New members sym_key_cb, sym_key_data, sym_key_free_data. (ui_get_sym_key): New declaration. * lib/ui.c (libvk_ui_free): Handle sym_key_data. (libvk_ui_set_sym_key_cb, ui_get_sym_key): New function. * lib/kmip.h (KMIP_TAG_ENCRYPTION_KEY_INFO) (KMIP_TAG_IV_COUNTER_NONCE, KMIP_TAG_KEY_WRAPPING_DATA) (KMIP_TAG_UNIQUE_IDENTIFIER, KMIP_TAG_WRAPPING_METHOD) (struct kmip_encryption_key_info) (KMIP_LIBVK_IDENTIFIER_CERT_ISN_PREFIX) (KMIP_LIBVK_IDENTIFIER_SECRET_KEY): New definitions. (kmip_encryption_key_info_free): New declaration. (struct kmip_key_wrapping_data) (KMIP_WRAPPING_LIBVK_ENCRYPT_KEY_ONLY): New definitions. (kmip_key_wrapping_data_free): New declaration. (struct kmip_key_block): New members crypto_algorithm, crypto_length, wrapping. (kmip_libvk_packet_decode, kmip_libvk_packet_encode) (kmip_libvk_packet_wrap_secret_asymmetric) (kmip_libvk_packet_unwrap_secret_asymmetric) (kmip_libvk_packet_wrap_secret_symmetric) (kmip_libvk_packet_unwrap_secret_symmetric): New declarations. (kmip_encode_packet, kmip_decode_packet): Remove declarations. * lib/kmip.c (kmip_key_value_free_v): Split from kmip_key_value_free (). (kmip_key_value_set_bytes, kmip_key_value_set_symmetric_key): New functions. (kmip_encryption_key_info_free, kmip_key_wrapping_data_free) (kmip_key_block_set_clear_secret): New functions. (kmip_key_block_free): Free kmip_key_wrapping_data if present. (kmip_encode_encryption_key_info, kmip_encode_key_wrapping_data): New functions. (kmip_encode_key_block): Add support for wrapped secrets. (kmip_encode_libvk_packet): Rename from kmip_encode_packet (). Make static. (kmip_decode_encryption_key_info, kmip_decode_key_wrapping_data): New functions. (kmip_decode_key_block, kmip_decode_object_symmetric_key) (kmip_decode_object_secret_data): Add support for wrapped secrets. (kmip_decode_libvk_packet): Rename from kmip_decode_packet (). Make static. (struct mech_data, asymmetric_mechanisms, symmetric_mechanisms): New definitions. (kmip_libvk_packet_decode, kmip_libvk_packet_encode) (kmip_libvk_packet_wrap_secret_asymmetric) (kmip_libvk_packet_unwrap_secret_asymmetric) (kmip_libvk_packet_wrap_secret_symmetric) (kmip_libvk_packet_unwrap_secret_symmetric): New functions. * lib/crypto.c (encrypt_asymmetric): Rename from encrypt_assymetric (). All callers changed. (decrypt_asymmetric): Rename from decrypt_assymetric (). All callers changed. (wrap_asymmetric, unwrap_asymmetric, wrap_symmetric) (unwrap_symmetric): New functions. * lib/crypto.h (wrap_asymmetric, unwrap_asymmetric, wrap_symmetric) (unwrap_symmetric): New declarations. 2009-09-28 Miloslav TrmaÄ <mitr@redhat.com> * lib/kmip.h (KMIP_TAG_PADDING_METHOD): New definition. (struct kmip_crypto_params): Split from struct kmip_attribute. (KMIP_PADDING_*): New definitions. (kmip_crypto_params_free): New declaration. * lib/kmip.c (kmip_crypto_params_free, kmip_encode_crypto_params) (kmip_decode_crypto_params): New functions. (kmip_attribute_free, kmip_encode_attribute, kmip_decode_attribute): Use separate functions for crypto_params. * lib/volume_luks.c (add_attribute_luks_crypto_params): Update for split crypto_params. * lib/kmip.c (kmip_decode_attribute): Remove redundant k2.left checks. 2009-08-08 Miloslav TrmaÄ <mitr@redhat.com> * lib/volume.c (libvk_volume_open): Handle both "crypt_LUKS" and "crypto_LUKS" type value returned from libblkid. 2009-07-15 Miloslav TrmaÄ <mitr@redhat.com> * doc/demo.py (do_save): Fix passphrase generation. 2009-06-30 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Release 0.2. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. 2009-06-15 Miloslav TrmaÄ <mitr@redhat.com> * src/volume_key.c (yes_or_no, read_batch_string, generic_ui_cb): Use getline () and getdelim (). (pos_init): Use a more specific error message. * python/volume_key.i (struct libvk_volume::create_packet_assymetric_from_cert_data): New method. * po/POTFILES.in: Add python/volume_key.i. * doc/demo.py (PacketOutputState.__init__) (PacketOutputState.write_packet): Add assymetric encryption. * lib/libvolume_key.c (libvk_volume_create_packet_cleartext) (libvk_volume_create_packet_assymetric) (libvk_volume_create_packet_with_passphrase) (libvk_packet_get_format) * lib/volume_luks.c (luks_parse_escrow_packet): Use G_STATIC_ASSERT. * doc/demo.py (PacketOutputState.__init__): Fix failure counter. (PacketOutputState.__init__, PacketOutputState.write_packet): Add assymetric encryption. 2009-06-14 Miloslav TrmaÄ <mitr@redhat.com> * configure.ac: Add AC_CONFIG_MACRO_DIR. Update for libtool 2. * Makefile.am (AM_CPPFLAGS): Remove the G_* macros again, G_DISABLE_DEPRECATED is already defined by configure.ac. * Makefile.am (AM_CPPFLAGS): Define G_DISABLE_DEPRECATED and G_DISABLE_SINGLE_INCLUDES. 2009-06-05 Miloslav TrmaÄ <mitr@redhat.com> * python/volume_key.i (python_generic_cb, python_passphrase_cb): Remove obsolete FIXME. * po/cs.po: Update Czech translation. * python/volume_key.i: New file. * doc/demo.py: New file. * configure.ac: Add AM_PATH_PYTHON. * Makefile.am (PYTHON_CPPFLAGS): New setting. (pyexec_PYTHON, pyexec_LTLIBRARIES): New targets. Associated rules and dependency data added as well. * Makefile.as (lib_libvolume_key_la_LDFLAGS) (lib_libvolume_key_la_LIBADD): Move library references to _LIBADD. * src/volume_key.c (yes_or_no): Remove a stray nl_langinfo () call. (generic_ui_cb): Fix "echo" interpretation. (packet_matches_volume): Add missing \n. (do_reencrypt): Fix help output. * lib/libvolume_key.c (libvk_packet_open): Clear error pointer after each failed attempt. 2009-06-04 Miloslav TrmaÄ <mitr@redhat.com> * lib/volume_luks.c (luks_add_secret): Do not count terminating NUL in `size'. * lib/volume.c (libvk_volume_add_secret) * lib/libvolume_key.h (libvk_volume_add_secret): Update comment. * src/volume_key.c (do_save): Update. * lib/ui.c (libvk_ui_set_generic_cb, libvk_ui_set_passphrase_cb) (libvk_ui_set_nss_pwfn_arg): Free the previous data before overwriting it. * lib/libvolume_key.h: Update comments. * lib/libvolume_key.c (libvk_volume_create_packet_cleartext) (libvk_volume_create_packet_assymetric) (libvk_volume_create_packet_with_passphrase) * lib/volume.c (libvk_volume_get_secret) (libvk_volume_add_secret): Reject invalid negative enum libvk_secret values if the enum is compatible with a signed type. 2009-06-03 Miloslav TrmaÄ <mitr@redhat.com> * README: Write it. * po/Makevars (MSGID_BUGS_ADDRESS): Update. * configure.ac: Release 0.1. * tests/crypto_roundtrips.sh: Fix line wrapping. 2009-05-25 Miloslav TrmaÄ <mitr@redhat.com> * po/LINGUAS: Add "pl". 2009-05-25 Piotr DrÄ g <piotrdrag@gmail.com> * po/pl.po: New Polish translation.
distrib
>
Fedora
>
14
>
x86_64
>
media
>
updates
>
by-pkgid
>
be5c6441f9278da37dc12355dde4e177
>
files
>
6
