[gentoo-commits] dev/dilfridge:master commit in: app-crypt/gnupg/, app-crypt/gnupg/files/

[gentoo-commits] dev/dilfridge:master commit in: app-crypt/gnupg/, app-crypt/gnupg/files/

[Andreas Hüttel]

commit:     712d07c37a0845acc0bea99026fa73cf31d8b362
Author:     Andreas K. Huettel (dilfridge) <dilfridge <AT> gentoo <DOT> org>
AuthorDate: Sun Apr  7 12:40:09 2013 +0000
Commit:     Andreas Hüttel <dilfridge <AT> gentoo <DOT> org>
CommitDate: Sun Apr  7 12:40:09 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/dilfridge.git;a=commit;h=712d07c3

[app-crypt/gnupg] copy from main tree

Package-Manager: portage-2.2.0_alpha171

---
 app-crypt/gnupg/Manifest                           |    1 +
 .../gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch   |   34 +++++
 app-crypt/gnupg/gnupg-2.0.19-r1.ebuild             |  151 ++++++++++++++++++++
 app-crypt/gnupg/metadata.xml                       |   29 ++++
 4 files changed, 215 insertions(+), 0 deletions(-)

diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
new file mode 100644
index 0000000..27f9a10
--- /dev/null
+++ b/app-crypt/gnupg/Manifest
@@ -0,0 +1 @@
+DIST gnupg-2.0.19.tar.bz2 4187460 SHA256 efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622 SHA512 9bfc83ebca29ca8e3dde803ba494adb3c4e2fdcacbf33b5592764fe187dbe2433e04ff53734a9c3197358d559c1046098707089ddbea9fa63c849d48ce73ca51 WHIRLPOOL 026f9a8740322b951b256ec87fabb8a1b3ad2114208f52c2082b73b2193d1be8e276f0f526762bbebb04e612351162eb78c9c50eeb058e35fad9c4df1d7db540

diff --git a/app-crypt/gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch b/app-crypt/gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch
new file mode 100644
index 0000000..9506f81
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch
@@ -0,0 +1,34 @@
+From c34486a64c223bcbfbb57d9abcf107d684b815b6 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Diego=20Elio=20Petten=C3=B2?= <flameeyes@gmail.com>
+Date: Sun, 17 Apr 2011 01:34:39 +0200
+Subject: [PATCH] gpgsm-gencert.sh: make sure not to abort after creating temp
+ file.
+
+https://bugs.g10code.com/gnupg/issue1466
+
+---
+ tools/gpgsm-gencert.sh |    8 ++++----
+ 1 files changed, 4 insertions(+), 4 deletions(-)
+
+diff --git a/tools/gpgsm-gencert.sh b/tools/gpgsm-gencert.sh
+index b209c8e..e7c812f 100755
+--- a/tools/gpgsm-gencert.sh
++++ b/tools/gpgsm-gencert.sh
+@@ -178,10 +178,10 @@ Key-Length: $KEY_LENGTH
+ Key-Usage: $KEY_USAGE
+ Name-DN: $NAME
+ EOF
+-[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP"
+-[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES"
+-[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES"
+-[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES"
++[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP" || true
++[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES" || true
++[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES" || true
++[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES" || true
+ ) > "$file_parameter"
+ 
+ 
+-- 
+1.7.5.rc1
+

diff --git a/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild b/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild
new file mode 100644
index 0000000..b39f854
--- /dev/null
+++ b/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild
@@ -0,0 +1,151 @@
+# Copyright 1999-2013 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild,v 1.4 2013/02/21 19:29:59 zmedico Exp $
+
+EAPI="4"
+
+inherit eutils flag-o-matic toolchain-funcs
+
+DESCRIPTION="The GNU Privacy Guard, a GPL pgp replacement"
+HOMEPAGE="http://www.gnupg.org/"
+SRC_URI="mirror://gnupg/gnupg/${P}.tar.bz2"
+# SRC_URI="ftp://ftp.gnupg.org/gcrypt/${PN}/${P}.tar.bz2"
+
+LICENSE="GPL-3"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE="adns bzip2 doc ldap nls mta readline static selinux smartcard usb"
+
+COMMON_DEPEND_LIBS="
+	>=dev-libs/libassuan-2
+	>=dev-libs/libgcrypt-1.4
+	>=dev-libs/libgpg-error-1.7
+	>=dev-libs/libksba-1.0.7
+	>=dev-libs/pth-1.3.7
+	>=net-misc/curl-7.10
+	sys-libs/zlib
+	adns? ( >=net-libs/adns-1.4 )
+	bzip2? ( app-arch/bzip2 )
+	readline? ( sys-libs/readline )
+	smartcard? ( usb? ( virtual/libusb:0 ) )
+	ldap? ( net-nds/openldap )"
+COMMON_DEPEND_BINS="|| ( app-crypt/pinentry app-crypt/pinentry-qt )"
+
+# Existence of executables is checked during configuration.
+DEPEND="${COMMON_DEPEND_LIBS}
+	${COMMON_DEPEND_BINS}
+	static? (
+		>=dev-libs/libassuan-2[static-libs]
+		>=dev-libs/libgcrypt-1.4[static-libs]
+		>=dev-libs/libgpg-error-1.7[static-libs]
+		>=dev-libs/libksba-1.0.7[static-libs]
+		>=dev-libs/pth-1.3.7[static-libs]
+		>=net-misc/curl-7.10[static-libs]
+		sys-libs/zlib[static-libs]
+		bzip2? ( app-arch/bzip2[static-libs] )
+	)
+	nls? ( sys-devel/gettext )
+	doc? ( sys-apps/texinfo )"
+
+RDEPEND="!static? ( ${COMMON_DEPEND_LIBS} )
+	${COMMON_DEPEND_BINS}
+	mta? ( virtual/mta )
+	!<=app-crypt/gnupg-2.0.1
+	selinux? ( sec-policy/selinux-gpg )
+	nls? ( virtual/libintl )"
+
+REQUIRED_USE="smartcard? ( !static )"
+
+src_prepare() {
+	epatch "${FILESDIR}"/${PN}-2.0.17-gpgsm-gencert.patch
+}
+
+src_configure() {
+	local myconf
+
+	# 'USE=static' support was requested:
+	# gnupg1: bug #29299
+	# gnupg2: bug #159623
+	use static && append-ldflags -static
+
+	if use smartcard; then
+		myconf+=" --enable-scdaemon $(use_enable usb ccid-driver)"
+	else
+		myconf+=" --disable-scdaemon"
+	fi
+
+	econf \
+		--docdir="${EPREFIX}/usr/share/doc/${PF}" \
+		--enable-gpg \
+		--enable-gpgsm \
+		--enable-agent \
+		${myconf} \
+		$(use_with adns) \
+		$(use_enable bzip2) \
+		$(use_enable !elibc_SunOS symcryptrun) \
+		$(use_enable nls) \
+		$(use_enable mta mailto) \
+		$(use_enable ldap) \
+		$(use_with readline) \
+		CC_FOR_BUILD="$(tc-getBUILD_CC)"
+}
+
+src_compile() {
+	emake
+
+	if use doc; then
+		cd doc
+		emake html
+	fi
+}
+
+src_install() {
+	emake DESTDIR="${D}" install
+	emake DESTDIR="${D}" -f doc/Makefile uninstall-nobase_dist_docDATA
+	rm -r "${ED}usr/share/gnupg/help"*
+
+	dodoc ChangeLog NEWS README THANKS TODO VERSION doc/FAQ doc/DETAILS \
+		doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER doc/help*
+
+	dosym gpg2 /usr/bin/gpg
+	dosym gpgv2 /usr/bin/gpgv
+	dosym gpg2keys_hkp /usr/libexec/gpgkeys_hkp
+	dosym gpg2keys_finger /usr/libexec/gpgkeys_finger
+	dosym gpg2keys_curl /usr/libexec/gpgkeys_curl
+	if use ldap; then
+		dosym gpg2keys_ldap /usr/libexec/gpgkeys_ldap
+	fi
+	echo ".so man1/gpg2.1" > "${ED}usr/share/man/man1/gpg.1"
+	echo ".so man1/gpgv2.1" > "${ED}usr/share/man/man1/gpgv.1"
+
+	dodir /etc/env.d
+	echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >>"${ED}etc/env.d/30gnupg"
+
+	if use doc; then
+		dohtml doc/gnupg.html/* doc/*.png
+	fi
+}
+
+pkg_postinst() {
+	elog "If you wish to view images emerge:"
+	elog "media-gfx/xloadimage, media-gfx/xli or any other viewer"
+	elog "Remember to use photo-viewer option in configuration file to activate"
+	elog "the right viewer."
+	elog
+
+	if use smartcard; then
+		elog "To use your OpenPGP smartcard (or token) with GnuPG you need one of"
+		use usb && elog " - a CCID-compatible reader, used directly through libusb;"
+		elog " - sys-apps/pcsc-lite and a compatible reader device;"
+		elog " - dev-libs/openct and a compatible reader device;"
+		elog " - a reader device and drivers exporting either PC/SC or CT-API interfaces."
+		elog ""
+		elog "General hint: you probably want to try installing sys-apps/pcsc-lite and"
+		elog "app-crypt/ccid first."
+	fi
+
+	ewarn "Please remember to restart gpg-agent if a different version"
+	ewarn "of the agent is currently used. If you are unsure of the gpg"
+	ewarn "agent you are using please run 'killall gpg-agent',"
+	ewarn "and to start a fresh daemon just run 'gpg-agent --daemon'."
+}

diff --git a/app-crypt/gnupg/metadata.xml b/app-crypt/gnupg/metadata.xml
new file mode 100644
index 0000000..10f7c80
--- /dev/null
+++ b/app-crypt/gnupg/metadata.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
+<pkgmetadata>
+  <herd>crypto</herd>
+  <longdescription>
+    GnuPG is a complete and free replacement for PGP. Because it does
+    not use the patented IDEA algorithm, it can be used without any
+    restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
+  </longdescription>
+  <use>
+    <flag name='smartcard' restrict='&lt;app-crypt/gnupg-2.0.17-r1'>
+      Bring in <pkg>dev-libs/libusb</pkg> as a dependency; enable
+      scdaemon.
+    </flag>
+    <flag name='smartcard' restrict='&gt;=app-crypt/gnupg-2.0.17-r1'>
+      Build scdaemon software. Enables usage of OpenPGP cards. For
+      other type of smartcards, try
+      <pkg>app-crypt/gnupg-pkcs11-scd</pkg>.
+    </flag>
+    <flag name='usb' restrict='&gt;=app-crypt/gnupg-2.0.17-r1'>
+      Build direct CCID access for scdaemon; requires
+      <pkg>dev-libs/libusb</pkg>.
+    </flag>
+    <flag name='mta'>
+      Build mta support using
+      <pkg>virtual/mta</pkg>.
+    </flag>
+  </use>
+</pkgmetadata>

[gentoo-commits] dev/dilfridge:master commit in: app-crypt/gnupg/, app-crypt/gnupg/files/

[Andreas Hüttel]

commit:     ff25c606dd12653a4af140567c704d3f75d15208
Author:     Andreas K. Huettel (dilfridge) <dilfridge <AT> gentoo <DOT> org>
AuthorDate: Sun Apr  7 12:44:39 2013 +0000
Commit:     Andreas Hüttel <dilfridge <AT> gentoo <DOT> org>
CommitDate: Sun Apr  7 12:44:39 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/dilfridge.git;a=commit;h=ff25c606

[app-crypt/gnupg] made unkeyworded version with 4096bit card key patch

Package-Manager: portage-2.2.0_alpha171

---
 app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch  |  184 ++++++++++++++++++++
 ...upg-2.0.19-r1.ebuild => gnupg-2.0.19-r2.ebuild} |    3 +-
 2 files changed, 186 insertions(+), 1 deletions(-)

diff --git a/app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch b/app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch
new file mode 100644
index 0000000..39810e0
--- /dev/null
+++ b/app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch
@@ -0,0 +1,184 @@
+From ab4ea45f54006eba55db11263431c4c0c4f557dc Mon Sep 17 00:00:00 2001
+From: Werner Koch <wk@gnupg.org>
+Date: Tue, 6 Nov 2012 14:39:22 +0100
+Subject: [PATCH] Allow decryption with card keys > 3072 bit
+
+* scd/command.c (MAXLEN_SETDATA): New.
+(cmd_setdata): Add option --append.
+* g10/call-agent.c (agent_scd_pkdecrypt): Use new option for long data
+
+* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
+(app_select_openpgp): Store manufacturer.
+(do_decipher): Print a note for broken cards.
+
+--
+
+Please note that I was not able to run a full test because I only have
+broken cards (S/N < 346) available.
+
+--
+
+Had to re-do the patch because of a whitespace change that made one hunk
+fail. dilfridge@gentoo.org
+
+---
+ g10/call-agent.c  | 22 ++++++++++++++--------
+ scd/app-openpgp.c | 10 ++++++++++
+ scd/command.c     | 38 ++++++++++++++++++++++++++++++++------
+ 3 files changed, 56 insertions(+), 14 deletions(-)
+
+diff -ruN gnupg-2.0.19.orig/g10/call-agent.c gnupg-2.0.19/g10/call-agent.c
+--- gnupg-2.0.19.orig/g10/call-agent.c	2012-03-27 10:00:37.000000000 +0200
++++ gnupg-2.0.19/g10/call-agent.c	2013-04-06 23:16:53.000000000 +0200
+@@ -1034,7 +1034,7 @@
+ 
+ 
+ /* Decrypt INDATA of length INDATALEN using the card identified by
+-   SERIALNO.  Return the plaintext in a nwly allocated buffer stored
++   SERIALNO.  Return the plaintext in a newly allocated buffer stored
+    at the address of R_BUF.
+ 
+    Note, we currently support only RSA or more exactly algorithms
+@@ -1058,20 +1058,26 @@
+     return rc;
+ 
+   /* FIXME: use secure memory where appropriate */
+-  if (indatalen*2 + 50 > DIM(line))
+-    return gpg_error (GPG_ERR_GENERAL);
+ 
+   rc = select_openpgp (serialno);
+   if (rc)
+     return rc;
+ 
+-  sprintf (line, "SCD SETDATA ");
+-  p = line + strlen (line);
+-  for (i=0; i < indatalen ; i++, p += 2 )
+-    sprintf (p, "%02X", indata[i]);
+-  rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
++  for (len = 0; len < indatalen;)
++    {
++      p = stpcpy (line, "SCD SETDATA ");
++      if (len)
++        p = stpcpy (p, "--append ");
++      for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++)
++        {
++          sprintf (p, "%02X", indata[len]);
++          p += 2;
++        }
++      rc = assuan_transact (agent_ctx, line,
++                            NULL, NULL, NULL, NULL, NULL, NULL);
+   if (rc)
+     return rc;
++    }
+ 
+   init_membuf (&data, 1024);
+   snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
+diff -ruN gnupg-2.0.19.orig/scd/app-openpgp.c gnupg-2.0.19/scd/app-openpgp.c
+--- gnupg-2.0.19.orig/scd/app-openpgp.c	2012-03-27 10:00:38.000000000 +0200
++++ gnupg-2.0.19/scd/app-openpgp.c	2013-04-06 23:16:53.000000000 +0200
+@@ -158,6 +158,8 @@
+ 
+   unsigned char status_indicator; /* The card status indicator.  */
+ 
++  unsigned int manufacturer:16;   /* Manufacturer ID from the s/n.  */
++
+   /* Keep track of the ISO card capabilities.  */
+   struct
+   {
+@@ -3426,6 +3428,12 @@
+                              indata, indatalen, le_value, padind,
+                              outdata, outdatalen);
+       xfree (fixbuf);
++
++      if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */
++          && app->app_local->manufacturer == 5
++          && app->card_version == 0x0200)
++        log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
++                  " do not work with encryption keys > 2048 bits\n");
+     }
+ 
+   return rc;
+@@ -3713,6 +3721,8 @@
+           goto leave;
+         }
+ 
++      app->app_local->manufacturer = manufacturer;
++
+       if (app->card_version >= 0x0200)
+         app->app_local->extcap.is_v2 = 1;
+ 
+diff -ruN gnupg-2.0.19.orig/scd/command.c gnupg-2.0.19/scd/command.c
+--- gnupg-2.0.19.orig/scd/command.c	2012-03-27 10:00:38.000000000 +0200
++++ gnupg-2.0.19/scd/command.c	2013-04-06 23:22:55.000000000 +0200
+@@ -46,6 +46,9 @@
+ /* Maximum allowed size of key data as used in inquiries. */
+ #define MAXLEN_KEYDATA 4096
+ 
++/* Maximum allowed total data size for SETDATA.  */
++#define MAXLEN_SETDATA 4096
++
+ /* Maximum allowed size of certificate data as used in inquiries. */
+ #define MAXLEN_CERTDATA 16384
+ 
+@@ -799,17 +802,24 @@
+ 
+ \f
+ static const char hlp_setdata[] = 
+-  "SETDATA <hexstring> \n"
++  "SETDATA [--append] <hexstring>\n"
+   "\n"
+-  "The client should use this command to tell us the data he want to sign.";
++  "The client should use this command to tell us the data he want to sign.\n"
++  "With the option --append, the data is appended to the data set by a\n"
++  "previous SETDATA command.";
+ static gpg_error_t
+ cmd_setdata (assuan_context_t ctx, char *line)
+ {
+   ctrl_t ctrl = assuan_get_pointer (ctx);
+-  int n;
++  int append;
++  int n, i, off;
+   char *p;
+   unsigned char *buf;
+ 
++  append = (ctrl->in_data.value && has_option (line, "--append"));
++
++  line = skip_options (line);
++
+   if (locked_session && locked_session != ctrl->server_local)
+     return gpg_error (GPG_ERR_LOCKED);
+ 
+@@ -823,14 +833,30 @@
+   if ((n&1))
+     return set_error (GPG_ERR_ASS_PARAMETER, "odd number of digits");
+   n /= 2;
++  if (append)
++    {
++      if (ctrl->in_data.valuelen + n > MAXLEN_SETDATA)
++        return set_error (GPG_ERR_TOO_LARGE,
++                          "limit on total size of data reached");
++      buf = xtrymalloc (ctrl->in_data.valuelen + n);
++    }
++  else
+   buf = xtrymalloc (n);
+   if (!buf)
+     return out_of_core ();
+ 
++  if (append)
++    {
++      memcpy (buf, ctrl->in_data.value, ctrl->in_data.valuelen);
++      off = ctrl->in_data.valuelen;
++    }
++  else
++    off = 0;
++  for (p=line, i=0; i < n; p += 2, i++)
++    buf[off+i] = xtoi_2 (p);
++
+   ctrl->in_data.value = buf;
+-  ctrl->in_data.valuelen = n;
+-  for (p=line, n=0; n < ctrl->in_data.valuelen; p += 2, n++)
+-    buf[n] = xtoi_2 (p);
++  ctrl->in_data.valuelen = off + n;
+   return 0;
+ }
+ 

diff --git a/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild b/app-crypt/gnupg/gnupg-2.0.19-r2.ebuild
similarity index 94%
rename from app-crypt/gnupg/gnupg-2.0.19-r1.ebuild
rename to app-crypt/gnupg/gnupg-2.0.19-r2.ebuild
index b39f854..2e9624c 100644
--- a/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild
+++ b/app-crypt/gnupg/gnupg-2.0.19-r2.ebuild
@@ -13,7 +13,7 @@ SRC_URI="mirror://gnupg/gnupg/${P}.tar.bz2"
 
 LICENSE="GPL-3"
 SLOT="0"
-KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~x86-fbsd ~x64-freebsd ~x86-freebsd ~amd64-linux ~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+KEYWORDS=""
 IUSE="adns bzip2 doc ldap nls mta readline static selinux smartcard usb"
 
 COMMON_DEPEND_LIBS="
@@ -58,6 +58,7 @@ REQUIRED_USE="smartcard? ( !static )"
 
 src_prepare() {
 	epatch "${FILESDIR}"/${PN}-2.0.17-gpgsm-gencert.patch
+	epatch "${FILESDIR}"/${PN}-2.0.19-card4096.patch
 }
 
 src_configure() {

[gentoo-commits] dev/dilfridge:master commit in: app-crypt/gnupg/, app-crypt/gnupg/files/

[Andreas Hüttel]

commit:     1aa08c8fbaa3357c08def2547a9e7f3246d4f001
Author:     Andreas K. Huettel (dilfridge) <dilfridge <AT> gentoo <DOT> org>
AuthorDate: Sun Apr  7 21:38:44 2013 +0000
Commit:     Andreas Hüttel <dilfridge <AT> gentoo <DOT> org>
CommitDate: Sun Apr  7 21:38:44 2013 +0000
URL:        http://git.overlays.gentoo.org/gitweb/?p=dev/dilfridge.git;a=commit;h=1aa08c8f

[app-crypt/gnupg] not needed anymore, already in main tree

---
 app-crypt/gnupg/Manifest                           |    1 -
 .../gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch   |   34 ----
 app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch  |  184 --------------------
 app-crypt/gnupg/gnupg-2.0.19-r2.ebuild             |  152 ----------------
 app-crypt/gnupg/metadata.xml                       |   29 ---
 5 files changed, 0 insertions(+), 400 deletions(-)

diff --git a/app-crypt/gnupg/Manifest b/app-crypt/gnupg/Manifest
deleted file mode 100644
index 27f9a10..0000000
--- a/app-crypt/gnupg/Manifest
+++ /dev/null
@@ -1 +0,0 @@
-DIST gnupg-2.0.19.tar.bz2 4187460 SHA256 efa23a8a925adb51c7d3b708c25b6d000300f5ce37de9bdec6453be7b419c622 SHA512 9bfc83ebca29ca8e3dde803ba494adb3c4e2fdcacbf33b5592764fe187dbe2433e04ff53734a9c3197358d559c1046098707089ddbea9fa63c849d48ce73ca51 WHIRLPOOL 026f9a8740322b951b256ec87fabb8a1b3ad2114208f52c2082b73b2193d1be8e276f0f526762bbebb04e612351162eb78c9c50eeb058e35fad9c4df1d7db540

diff --git a/app-crypt/gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch b/app-crypt/gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch
deleted file mode 100644
index 9506f81..0000000
--- a/app-crypt/gnupg/files/gnupg-2.0.17-gpgsm-gencert.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From c34486a64c223bcbfbb57d9abcf107d684b815b6 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Diego=20Elio=20Petten=C3=B2?= <flameeyes@gmail.com>
-Date: Sun, 17 Apr 2011 01:34:39 +0200
-Subject: [PATCH] gpgsm-gencert.sh: make sure not to abort after creating temp
- file.
-
-https://bugs.g10code.com/gnupg/issue1466
-
----
- tools/gpgsm-gencert.sh |    8 ++++----
- 1 files changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/tools/gpgsm-gencert.sh b/tools/gpgsm-gencert.sh
-index b209c8e..e7c812f 100755
---- a/tools/gpgsm-gencert.sh
-+++ b/tools/gpgsm-gencert.sh
-@@ -178,10 +178,10 @@ Key-Length: $KEY_LENGTH
- Key-Usage: $KEY_USAGE
- Name-DN: $NAME
- EOF
--[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP"
--[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES"
--[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES"
--[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES"
-+[ -n "$KEY_GRIP" ] && echo "Key-Grip: $KEY_GRIP" || true
-+[ -n "$EMAIL_ADDRESSES" ] && echo "$EMAIL_ADDRESSES" || true
-+[ -n "$DNS_ADDRESSES" ] && echo "$DNS_ADDRESSES" || true
-+[ -n "$URI_ADDRESSES" ] && echo "$URI_ADDRESSES" || true
- ) > "$file_parameter"
- 
- 
--- 
-1.7.5.rc1
-

diff --git a/app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch b/app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch
deleted file mode 100644
index 39810e0..0000000
--- a/app-crypt/gnupg/files/gnupg-2.0.19-card4096.patch
+++ /dev/null
@@ -1,184 +0,0 @@
-From ab4ea45f54006eba55db11263431c4c0c4f557dc Mon Sep 17 00:00:00 2001
-From: Werner Koch <wk@gnupg.org>
-Date: Tue, 6 Nov 2012 14:39:22 +0100
-Subject: [PATCH] Allow decryption with card keys > 3072 bit
-
-* scd/command.c (MAXLEN_SETDATA): New.
-(cmd_setdata): Add option --append.
-* g10/call-agent.c (agent_scd_pkdecrypt): Use new option for long data
-
-* scd/app-openpgp.c (struct app_local_s): Add field manufacturer.
-(app_select_openpgp): Store manufacturer.
-(do_decipher): Print a note for broken cards.
-
---
-
-Please note that I was not able to run a full test because I only have
-broken cards (S/N < 346) available.
-
---
-
-Had to re-do the patch because of a whitespace change that made one hunk
-fail. dilfridge@gentoo.org
-
----
- g10/call-agent.c  | 22 ++++++++++++++--------
- scd/app-openpgp.c | 10 ++++++++++
- scd/command.c     | 38 ++++++++++++++++++++++++++++++++------
- 3 files changed, 56 insertions(+), 14 deletions(-)
-
-diff -ruN gnupg-2.0.19.orig/g10/call-agent.c gnupg-2.0.19/g10/call-agent.c
---- gnupg-2.0.19.orig/g10/call-agent.c	2012-03-27 10:00:37.000000000 +0200
-+++ gnupg-2.0.19/g10/call-agent.c	2013-04-06 23:16:53.000000000 +0200
-@@ -1034,7 +1034,7 @@
- 
- 
- /* Decrypt INDATA of length INDATALEN using the card identified by
--   SERIALNO.  Return the plaintext in a nwly allocated buffer stored
-+   SERIALNO.  Return the plaintext in a newly allocated buffer stored
-    at the address of R_BUF.
- 
-    Note, we currently support only RSA or more exactly algorithms
-@@ -1058,20 +1058,26 @@
-     return rc;
- 
-   /* FIXME: use secure memory where appropriate */
--  if (indatalen*2 + 50 > DIM(line))
--    return gpg_error (GPG_ERR_GENERAL);
- 
-   rc = select_openpgp (serialno);
-   if (rc)
-     return rc;
- 
--  sprintf (line, "SCD SETDATA ");
--  p = line + strlen (line);
--  for (i=0; i < indatalen ; i++, p += 2 )
--    sprintf (p, "%02X", indata[i]);
--  rc = assuan_transact (agent_ctx, line, NULL, NULL, NULL, NULL, NULL, NULL);
-+  for (len = 0; len < indatalen;)
-+    {
-+      p = stpcpy (line, "SCD SETDATA ");
-+      if (len)
-+        p = stpcpy (p, "--append ");
-+      for (i=0; len < indatalen && (i*2 < DIM(line)-50); i++, len++)
-+        {
-+          sprintf (p, "%02X", indata[len]);
-+          p += 2;
-+        }
-+      rc = assuan_transact (agent_ctx, line,
-+                            NULL, NULL, NULL, NULL, NULL, NULL);
-   if (rc)
-     return rc;
-+    }
- 
-   init_membuf (&data, 1024);
-   snprintf (line, DIM(line)-1, "SCD PKDECRYPT %s", serialno);
-diff -ruN gnupg-2.0.19.orig/scd/app-openpgp.c gnupg-2.0.19/scd/app-openpgp.c
---- gnupg-2.0.19.orig/scd/app-openpgp.c	2012-03-27 10:00:38.000000000 +0200
-+++ gnupg-2.0.19/scd/app-openpgp.c	2013-04-06 23:16:53.000000000 +0200
-@@ -158,6 +158,8 @@
- 
-   unsigned char status_indicator; /* The card status indicator.  */
- 
-+  unsigned int manufacturer:16;   /* Manufacturer ID from the s/n.  */
-+
-   /* Keep track of the ISO card capabilities.  */
-   struct
-   {
-@@ -3426,6 +3428,12 @@
-                              indata, indatalen, le_value, padind,
-                              outdata, outdatalen);
-       xfree (fixbuf);
-+
-+      if (gpg_err_code (rc) == GPG_ERR_CARD /* actual SW is 0x640a */
-+          && app->app_local->manufacturer == 5
-+          && app->card_version == 0x0200)
-+        log_info ("NOTE: Cards with manufacturer id 5 and s/n <= 346 (0x15a)"
-+                  " do not work with encryption keys > 2048 bits\n");
-     }
- 
-   return rc;
-@@ -3713,6 +3721,8 @@
-           goto leave;
-         }
- 
-+      app->app_local->manufacturer = manufacturer;
-+
-       if (app->card_version >= 0x0200)
-         app->app_local->extcap.is_v2 = 1;
- 
-diff -ruN gnupg-2.0.19.orig/scd/command.c gnupg-2.0.19/scd/command.c
---- gnupg-2.0.19.orig/scd/command.c	2012-03-27 10:00:38.000000000 +0200
-+++ gnupg-2.0.19/scd/command.c	2013-04-06 23:22:55.000000000 +0200
-@@ -46,6 +46,9 @@
- /* Maximum allowed size of key data as used in inquiries. */
- #define MAXLEN_KEYDATA 4096
- 
-+/* Maximum allowed total data size for SETDATA.  */
-+#define MAXLEN_SETDATA 4096
-+
- /* Maximum allowed size of certificate data as used in inquiries. */
- #define MAXLEN_CERTDATA 16384
- 
-@@ -799,17 +802,24 @@
- 
- \f
- static const char hlp_setdata[] = 
--  "SETDATA <hexstring> \n"
-+  "SETDATA [--append] <hexstring>\n"
-   "\n"
--  "The client should use this command to tell us the data he want to sign.";
-+  "The client should use this command to tell us the data he want to sign.\n"
-+  "With the option --append, the data is appended to the data set by a\n"
-+  "previous SETDATA command.";
- static gpg_error_t
- cmd_setdata (assuan_context_t ctx, char *line)
- {
-   ctrl_t ctrl = assuan_get_pointer (ctx);
--  int n;
-+  int append;
-+  int n, i, off;
-   char *p;
-   unsigned char *buf;
- 
-+  append = (ctrl->in_data.value && has_option (line, "--append"));
-+
-+  line = skip_options (line);
-+
-   if (locked_session && locked_session != ctrl->server_local)
-     return gpg_error (GPG_ERR_LOCKED);
- 
-@@ -823,14 +833,30 @@
-   if ((n&1))
-     return set_error (GPG_ERR_ASS_PARAMETER, "odd number of digits");
-   n /= 2;
-+  if (append)
-+    {
-+      if (ctrl->in_data.valuelen + n > MAXLEN_SETDATA)
-+        return set_error (GPG_ERR_TOO_LARGE,
-+                          "limit on total size of data reached");
-+      buf = xtrymalloc (ctrl->in_data.valuelen + n);
-+    }
-+  else
-   buf = xtrymalloc (n);
-   if (!buf)
-     return out_of_core ();
- 
-+  if (append)
-+    {
-+      memcpy (buf, ctrl->in_data.value, ctrl->in_data.valuelen);
-+      off = ctrl->in_data.valuelen;
-+    }
-+  else
-+    off = 0;
-+  for (p=line, i=0; i < n; p += 2, i++)
-+    buf[off+i] = xtoi_2 (p);
-+
-   ctrl->in_data.value = buf;
--  ctrl->in_data.valuelen = n;
--  for (p=line, n=0; n < ctrl->in_data.valuelen; p += 2, n++)
--    buf[n] = xtoi_2 (p);
-+  ctrl->in_data.valuelen = off + n;
-   return 0;
- }
- 

diff --git a/app-crypt/gnupg/gnupg-2.0.19-r2.ebuild b/app-crypt/gnupg/gnupg-2.0.19-r2.ebuild
deleted file mode 100644
index 2e9624c..0000000
--- a/app-crypt/gnupg/gnupg-2.0.19-r2.ebuild
+++ /dev/null
@@ -1,152 +0,0 @@
-# Copyright 1999-2013 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-crypt/gnupg/gnupg-2.0.19-r1.ebuild,v 1.4 2013/02/21 19:29:59 zmedico Exp $
-
-EAPI="4"
-
-inherit eutils flag-o-matic toolchain-funcs
-
-DESCRIPTION="The GNU Privacy Guard, a GPL pgp replacement"
-HOMEPAGE="http://www.gnupg.org/"
-SRC_URI="mirror://gnupg/gnupg/${P}.tar.bz2"
-# SRC_URI="ftp://ftp.gnupg.org/gcrypt/${PN}/${P}.tar.bz2"
-
-LICENSE="GPL-3"
-SLOT="0"
-KEYWORDS=""
-IUSE="adns bzip2 doc ldap nls mta readline static selinux smartcard usb"
-
-COMMON_DEPEND_LIBS="
-	>=dev-libs/libassuan-2
-	>=dev-libs/libgcrypt-1.4
-	>=dev-libs/libgpg-error-1.7
-	>=dev-libs/libksba-1.0.7
-	>=dev-libs/pth-1.3.7
-	>=net-misc/curl-7.10
-	sys-libs/zlib
-	adns? ( >=net-libs/adns-1.4 )
-	bzip2? ( app-arch/bzip2 )
-	readline? ( sys-libs/readline )
-	smartcard? ( usb? ( virtual/libusb:0 ) )
-	ldap? ( net-nds/openldap )"
-COMMON_DEPEND_BINS="|| ( app-crypt/pinentry app-crypt/pinentry-qt )"
-
-# Existence of executables is checked during configuration.
-DEPEND="${COMMON_DEPEND_LIBS}
-	${COMMON_DEPEND_BINS}
-	static? (
-		>=dev-libs/libassuan-2[static-libs]
-		>=dev-libs/libgcrypt-1.4[static-libs]
-		>=dev-libs/libgpg-error-1.7[static-libs]
-		>=dev-libs/libksba-1.0.7[static-libs]
-		>=dev-libs/pth-1.3.7[static-libs]
-		>=net-misc/curl-7.10[static-libs]
-		sys-libs/zlib[static-libs]
-		bzip2? ( app-arch/bzip2[static-libs] )
-	)
-	nls? ( sys-devel/gettext )
-	doc? ( sys-apps/texinfo )"
-
-RDEPEND="!static? ( ${COMMON_DEPEND_LIBS} )
-	${COMMON_DEPEND_BINS}
-	mta? ( virtual/mta )
-	!<=app-crypt/gnupg-2.0.1
-	selinux? ( sec-policy/selinux-gpg )
-	nls? ( virtual/libintl )"
-
-REQUIRED_USE="smartcard? ( !static )"
-
-src_prepare() {
-	epatch "${FILESDIR}"/${PN}-2.0.17-gpgsm-gencert.patch
-	epatch "${FILESDIR}"/${PN}-2.0.19-card4096.patch
-}
-
-src_configure() {
-	local myconf
-
-	# 'USE=static' support was requested:
-	# gnupg1: bug #29299
-	# gnupg2: bug #159623
-	use static && append-ldflags -static
-
-	if use smartcard; then
-		myconf+=" --enable-scdaemon $(use_enable usb ccid-driver)"
-	else
-		myconf+=" --disable-scdaemon"
-	fi
-
-	econf \
-		--docdir="${EPREFIX}/usr/share/doc/${PF}" \
-		--enable-gpg \
-		--enable-gpgsm \
-		--enable-agent \
-		${myconf} \
-		$(use_with adns) \
-		$(use_enable bzip2) \
-		$(use_enable !elibc_SunOS symcryptrun) \
-		$(use_enable nls) \
-		$(use_enable mta mailto) \
-		$(use_enable ldap) \
-		$(use_with readline) \
-		CC_FOR_BUILD="$(tc-getBUILD_CC)"
-}
-
-src_compile() {
-	emake
-
-	if use doc; then
-		cd doc
-		emake html
-	fi
-}
-
-src_install() {
-	emake DESTDIR="${D}" install
-	emake DESTDIR="${D}" -f doc/Makefile uninstall-nobase_dist_docDATA
-	rm -r "${ED}usr/share/gnupg/help"*
-
-	dodoc ChangeLog NEWS README THANKS TODO VERSION doc/FAQ doc/DETAILS \
-		doc/HACKING doc/TRANSLATE doc/OpenPGP doc/KEYSERVER doc/help*
-
-	dosym gpg2 /usr/bin/gpg
-	dosym gpgv2 /usr/bin/gpgv
-	dosym gpg2keys_hkp /usr/libexec/gpgkeys_hkp
-	dosym gpg2keys_finger /usr/libexec/gpgkeys_finger
-	dosym gpg2keys_curl /usr/libexec/gpgkeys_curl
-	if use ldap; then
-		dosym gpg2keys_ldap /usr/libexec/gpgkeys_ldap
-	fi
-	echo ".so man1/gpg2.1" > "${ED}usr/share/man/man1/gpg.1"
-	echo ".so man1/gpgv2.1" > "${ED}usr/share/man/man1/gpgv.1"
-
-	dodir /etc/env.d
-	echo "CONFIG_PROTECT=/usr/share/gnupg/qualified.txt" >>"${ED}etc/env.d/30gnupg"
-
-	if use doc; then
-		dohtml doc/gnupg.html/* doc/*.png
-	fi
-}
-
-pkg_postinst() {
-	elog "If you wish to view images emerge:"
-	elog "media-gfx/xloadimage, media-gfx/xli or any other viewer"
-	elog "Remember to use photo-viewer option in configuration file to activate"
-	elog "the right viewer."
-	elog
-
-	if use smartcard; then
-		elog "To use your OpenPGP smartcard (or token) with GnuPG you need one of"
-		use usb && elog " - a CCID-compatible reader, used directly through libusb;"
-		elog " - sys-apps/pcsc-lite and a compatible reader device;"
-		elog " - dev-libs/openct and a compatible reader device;"
-		elog " - a reader device and drivers exporting either PC/SC or CT-API interfaces."
-		elog ""
-		elog "General hint: you probably want to try installing sys-apps/pcsc-lite and"
-		elog "app-crypt/ccid first."
-	fi
-
-	ewarn "Please remember to restart gpg-agent if a different version"
-	ewarn "of the agent is currently used. If you are unsure of the gpg"
-	ewarn "agent you are using please run 'killall gpg-agent',"
-	ewarn "and to start a fresh daemon just run 'gpg-agent --daemon'."
-}

diff --git a/app-crypt/gnupg/metadata.xml b/app-crypt/gnupg/metadata.xml
deleted file mode 100644
index 10f7c80..0000000
--- a/app-crypt/gnupg/metadata.xml
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd">
-<pkgmetadata>
-  <herd>crypto</herd>
-  <longdescription>
-    GnuPG is a complete and free replacement for PGP. Because it does
-    not use the patented IDEA algorithm, it can be used without any
-    restrictions. GnuPG is a RFC2440 (OpenPGP) compliant application.
-  </longdescription>
-  <use>
-    <flag name='smartcard' restrict='&lt;app-crypt/gnupg-2.0.17-r1'>
-      Bring in <pkg>dev-libs/libusb</pkg> as a dependency; enable
-      scdaemon.
-    </flag>
-    <flag name='smartcard' restrict='&gt;=app-crypt/gnupg-2.0.17-r1'>
-      Build scdaemon software. Enables usage of OpenPGP cards. For
-      other type of smartcards, try
-      <pkg>app-crypt/gnupg-pkcs11-scd</pkg>.
-    </flag>
-    <flag name='usb' restrict='&gt;=app-crypt/gnupg-2.0.17-r1'>
-      Build direct CCID access for scdaemon; requires
-      <pkg>dev-libs/libusb</pkg>.
-    </flag>
-    <flag name='mta'>
-      Build mta support using
-      <pkg>virtual/mta</pkg>.
-    </flag>
-  </use>
-</pkgmetadata>