| non port: security/gnupg/files/patch-scd_scdaemon.h |
Number of commits found: 2 |
|
Thursday, 8 Apr 2021
|
18:45 Adam Weinberger (adamw) 
security/gnupg: Update to 2.3.0
Changes:
* A new experimental key database daemon is provided. To enable it
put "use-keyboxd" into gpg.conf and gpgsm.conf. Keys are stored
in a SQLite database and make key lookup much faster.
* New tool gpg-card as a flexible frontend for all types of
supported smartcards.
* New option --chuid for gpg, gpgsm, gpgconf, gpg-card, and
gpg-connect-agent.
* The gpg-wks-client tool is now installed under bin; a wrapper for
its old location at libexec is also installed.
* tpm2d: New daemon to physically bind keys to the local machine.
See https://gnupg.org/blog/20210315-using-tpm-with-gnupg-2.3.html
* gpg: Switch to ed25519/cv25519 as default public key algorithms.
* gpg: Verification results now depend on the --sender option and
the signer's UID subpacket. [#4735]
* gpg: Do not use any 64-bit block size cipher algorithm for
encryption. Use AES as last resort cipher preference instead of
3DES. This can be reverted using --allow-old-cipher-algos.
* gpg: Support AEAD encryption mode using OCB or EAX.
* gpg: Support v5 keys and signatures.
* gpg: Support curve X448 (ed448, cv448).
* gpg: Allow use of group names in key listings. [e825aea2ba]
* gpg: New option --full-timestrings to print date and time.
* gpg: New option --force-sign-key. [#4584]
* gpg: New option --no-auto-trust-new-key.
* gpg: The legacy key discovery method PKA is no longer supported.
The command --print-pka-records and the PKA related import and
export options have been removed.
* gpg: Support export of Ed448 Secure Shell keys.
* gpgsm: Add basic ECC support.
* gpgsm: Support creation of EdDSA certificates. [#4888]
* agent: Allow the use of "Label:" in a key file to customize the
pinentry prompt. [5388537806]
* agent: Support ssh-agent extensions for environment variables.
With a patched version of OpenSSH this avoids the need for the
"updatestartuptty" kludge. [224e26cf7b]
* scd: Improve support for multiple card readers and tokens.
* scd: Support PIV cards.
* scd: Support for Rohde&Schwarz Cybersecurity cards.
* scd: Support Telesec Signature Cards v2.0
* scd: Support multiple application on certain smartcard.
* scd: New option --application-priority.
* scd: New option --pcsc-shared; see man page for important notes.
* dirmngr: Support a gpgNtds parameter in LDAP keyserver URLs.
* The symcryptrun tool, a wrapper for the now obsolete external
Chiasmus tool, has been removed.
* Full Unicode support under Windows for the command line. [#4398]
Release-info: https://dev.gnupg.org/T5343
    433d2e2 |
|
Monday, 25 Nov 2019
|
23:49 asomers
security/gnupg: add the --shared-access option to scdaemon
gnupg's scdaemon opens smart cards in exclusive mode, which prevents other
applications (such as PKCS#11 libraries) from concurrently accessing the
card). Upstream refuses to fix the problem. This commit adds a
--shared-access option to scdaemon. When enabled, scdaemon will access the
smart card in shared mode, playing nicely with other applications. The
default behavior is unchanged.
See Also:
https://github.com/GPGTools/MacGPG2/commit/d6cb8039a0cdc74b9bdd89a3dfa93248aa2c4100
https://dev.gnupg.org/T3267
https://dev.gnupg.org/D320
https://github.com/OpenSC/OpenSC/issues/953
Reviewed by: adamw
Approved by: adamw (maintainer)
Obtained-from: GPGTools
Sponsored by: Axcient
Differential Revision: https://reviews.freebsd.org/D22473
  |
Number of commits found: 2 |
As an Amazon Associate I earn from qualifying purchases.