GpgFrontend/gpgme
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge branch 'ben/docs/2018-03' of ssh+git://playfair.gnupg.org/git/gpgme into ben/docs/2018-03

Browse Source
This commit is contained in:
Ben McGinnes 2018-03-22 06:33:16 +11:00
commit 76055dd5c7
17 changed files with 2209 additions and 42 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -52,4 +52,3 @@ nosetests.xml
default.profraw
.DS_Store
._.DS_Store
default.profraw

157
TODO
View File

@ -14,23 +14,46 @@ Hey Emacs, this is -*- org -*- mode!
tracked through the [[https://dev.gnupg.org/][dev.gnupg.org]] site.
* TODO Document all the new stuff.
* Documentation
:PROPERTIES:
:CUSTOM_ID: more-docs-is-better
:CUSTOM_ID: documentation
:END:
** STARTED Fix this TODO list.
** Document all the new stuff.
:PROPERTIES:
:CUSTOM_ID: fix-todo
:CUSTOM_ID: more-docs-is-better
:END:
- State "STARTED" from "TODO" [2018-03-09 Fri 08:31]
Clean up the current TODO list. Include properties as relevant (so
if someone does make a PDF or HTML version the TOC will work).
Also check ans see if some of these ancient things can be removed
(e.g. do we really need to fix things that were broken in GPG
1.3.x? I'm thinking not so much).
*** TODO Fix this TODO list.
:PROPERTIES:
:CUSTOM_ID: fix-todo
:END:
Clean up the current TODO list. Include properties as relevant (so
if someone does make a PDF or HTML version the TOC will work).
Also check ans see if some of these ancient things can be removed
(e.g. do we really need to fix things that were broken in GPG
1.3.x? I'm thinking not so much).
**** DONE fix TODO items
CLOSED: [2018-03-04 Sun 08:55]
:PROPERTIES:
:CUSTOM_ID: fix-todo-items
:END:
Adjust todo items so each can now be referenced by custom-id and
checked off as necessary.
** TODO Document validity and trust issues.
:PROPERTIES:
:CUSTOM_ID: valid-trust-issues
:END:
** In gpgme.texi: Register callbacks under the right letter in the index.
:PROPERTIES:
:CUSTOM_ID: gpgme-texi
:END:
* Fix the remaining UI Server problems:
@ -63,10 +86,12 @@ Hey Emacs, this is -*- org -*- mode!
:END:
Right now we block reading the next line with assuan.
* Before release:
:PROPERTIES:
:CUSTOM_ID: pre-release
:END:
** CANCELLED Some gpg tests fail with gpg 1.3.4-cvs (gpg/t-keylist-sig)
CLOSED: [2018-03-09 Fri 08:16]
:PROPERTIES:
@ -75,100 +100,123 @@ Hey Emacs, this is -*- org -*- mode!
- State "CANCELLED" from "TODO" [2018-03-09 Fri 08:16] \\
WON'T FIX — too old or no longer applies.
The test is currently disabled there and in gpg/t-import.
** When gpg supports it, write binary subpackets directly,
:PROPERTIES:
:CUSTOM_ID: binary-subpackets
:END:
and parse SUBPACKET status lines.
* ABI's to break:
:PROPERTIES:
:CUSTOM_ID: abi-breakage-apparently-on-purpose
:END:
** Old opassuan interface.
:PROPERTIES:
:CUSTOM_ID: old-opassuan
:END:
** Implementation: Remove support for old style error codes in
:PROPERTIES:
:CUSTOM_ID: remove-old-error-codes
:END:
conversion.c::_gpgme_map_gnupg_error.
** gpgme_edit_cb_t: Add "processed" return argument
:PROPERTIES:
:CUSTOM_ID: add-processed-return
:END:
(see edit.c::command_handler).
** I/O and User Data could be made extensible. But this can be done
:PROPERTIES:
:CUSTOM_ID: add-io-user-data
:END:
without breaking the ABI hopefully.
** All enums should be replaced by ints and simple macros for
:PROPERTIES:
:CUSTOM_ID: enums-should-be-ints
:END:
maximum compatibility.
** Compatibility interfaces that can be removed in future versions:
:PROPERTIES:
:CUSTOM_ID: compat-interfaces-to-go
:END:
*** gpgme_data_new_from_filepart
:PROPERTIES:
:CUSTOM_ID: gpgme-data-new-from-filepart
:END:
*** gpgme_data_new_from_file
:PROPERTIES:
:CUSTOM_ID: gpgme-data-new-from-file
:END:
*** gpgme_data_new_with_read_cb
:PROPERTIES:
:CUSTOM_ID: gpgme-data-new-with-read-cb
:END:
*** gpgme_data_rewind
:PROPERTIES:
:CUSTOM_ID: gpgme-data-rewind
:END:
*** gpgme_op_import_ext
:PROPERTIES:
:CUSTOM_ID: gpgme-op-import-ext
:END:
*** gpgme_get_sig_key
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-key
:END:
*** gpgme_get_sig_ulong_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-ulong-attr
:END:
*** gpgme_get_sig_string_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-string-attr
:END:
*** GPGME_SIG_STAT_*
:PROPERTIES:
:CUSTOM_ID: gpgme-sig-stat
:END:
*** gpgme_get_sig_status
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-status
:END:
*** gpgme_trust_item_release
:PROPERTIES:
:CUSTOM_ID: gpgme-trust-item-release
:END:
*** gpgme_trust_item_get_string_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-trust-item-get-string-attr
:END:
*** gpgme_trust_item_get_ulong_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-trust-item-get-ulong-attr
:END:
*** gpgme_attr_t
:PROPERTIES:
:CUSTOM_ID: gpgme-attr-t
:END:
*** All Gpgme* typedefs.
:PROPERTIES:
:CUSTOM_ID: all-gpgme-typedefs
@ -179,20 +227,24 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: threads
:END:
** When GNU Pth supports sendmsg/recvmsg, wrap them properly.
:PROPERTIES:
:CUSTOM_ID: wrap-oth
:END:
** Without timegm (3) support our ISO time parser is not thread safe.
:PROPERTIES:
:CUSTOM_ID: time-threads
:END:
There is a configure time warning, though.
* New features:
:PROPERTIES:
:CUSTOM_ID: new-features
:END:
** Flow control for data objects.
:PROPERTIES:
:CUSTOM_ID: flow-control-is-not-a-euphemism-for-an-s-bend
@ -205,11 +257,13 @@ Hey Emacs, this is -*- org -*- mode!
respective event loop. or (B) a way for gpgme data objects to be
associated with a waitable object, that can be registered with the
user event loop. Neither is particularly simple.
** Extended notation support. When gpg supports arbitrary binary
:PROPERTIES:
:CUSTOM_ID: extended-notation
:END:
notation data, provide a user interface for that.
** notification system
:PROPERTIES:
:CUSTOM_ID: notification-system
@ -236,25 +290,30 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: stat-data
:END:
** Implement support for photo ids.
:PROPERTIES:
:CUSTOM_ID: photo-id
:END:
** Allow selection of subkeys
:PROPERTIES:
:CUSTOM_ID: subkey-selection
:END:
** Allow to return time stamps in ISO format
:PROPERTIES:
:CUSTOM_ID: iso-format-datetime
:END:
This allows us to handle years later than 2037 properly. With the
time_t interface they are all mapped to 2037-12-31
This allows us to handle years later than 2037 properly. With the
time_t interface they are all mapped to 2037-12-31
** New features requested by our dear users, but rejected or left for
:PROPERTIES:
:CUSTOM_ID: feature-requests
:END:
later consideration:
*** Allow to export secret keys.
:PROPERTIES:
:CUSTOM_ID: export-secret-keys
@ -262,6 +321,7 @@ Hey Emacs, this is -*- org -*- mode!
Rejected because this is conceptually flawed. Secret keys on a
smart card can not be exported, for example.
May eventually e supproted with a keywrapping system.
*** Selecting the key ring, setting the version or comment in output.
:PROPERTIES:
:CUSTOM_ID: select-keyring-version
@ -269,46 +329,23 @@ Hey Emacs, this is -*- org -*- mode!
Rejected because the naive implementation is engine specific, the
configuration is part of the engine's configuration or readily
worked around in a different way
*** Selecting the symmetric cipher.
:PROPERTIES:
:CUSTOM_ID: symmetric-cipher-selection
:END:
*** Exchanging keys with key servers.
:PROPERTIES:
:CUSTOM_ID: key-server-exchange
:END:
* Documentation
:PROPERTIES:
:CUSTOM_ID: documentation
:END:
** TODO Document validity and trust issues.
:PROPERTIES:
:CUSTOM_ID: valid-trust-issues
:END:
** In gpgme.texi: Register callbacks under the right letter in the index.
:PROPERTIES:
:CUSTOM_ID: gpgme-texi
:END:
** TODO Update TODO file
:PROPERTIES:
:CUSTOM_ID: todo-update
:END:
*** DONE fix TODO items
CLOSED: [2018-03-04 Sun 08:55]
:PROPERTIES:
:CUSTOM_ID: fix-todo-items
:END:
Adjust todo items so each can now be referenced by custom-id and
checked off as necessary.
* Engines
:PROPERTIES:
:CUSTOM_ID: engines
:END:
** Do not create/destroy engines, but create engine and then reset it.
:PROPERTIES:
:CUSTOM_ID: reset-engine-is-not-quite-just-ignition
@ -321,26 +358,31 @@ Hey Emacs, this is -*- org -*- mode!
Note that we need support in gpgsm to set include-certs to default
as RESET does not reset it, also for no_encrypt_to and probably
other options.
** Optimize the case where a data object has an underlying fd we can pass
:PROPERTIES:
:CUSTOM_ID: optimus-data-cousin-of-optimus-prime
:END:
directly to the engine. This will be automatic with socket I/O and
descriptor passing.
** Move code common to all engines up from gpg to engine.
:PROPERTIES:
:CUSTOM_ID: move-code-common-to-engines-out-of-gpg
:END:
** engine operations can return General Error on unknown protocol
:PROPERTIES:
:CUSTOM_ID: general-error-looking-to-be-court-martialled
:END:
(it's an internal error, as select_protocol checks already).
** When server mode is implemented properly, more care has to be taken to
:PROPERTIES:
:CUSTOM_ID: server-mode
:END:
release all resources on error (for example to free assuan_cmd).
** op_import_keys and op_export_keys have a limit in the number of keys.
:PROPERTIES:
:CUSTOM_ID: import-export-problems
@ -354,6 +396,7 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: gpg-breakage
:END:
** CANCELLED gpg 1.4.2 lacks error reporting if sign/encrypt with revoked key.
CLOSED: [2018-03-09 Fri 08:19]
:PROPERTIES:
@ -361,6 +404,7 @@ Hey Emacs, this is -*- org -*- mode!
:END:
- State "CANCELLED" from "TODO" [2018-03-09 Fri 08:19] \\
WON'T FIX.
** CANCELLED gpg 1.4.2 does crappy error reporting (namely none at all) when
CLOSED: [2018-03-09 Fri 08:20]
:PROPERTIES:
@ -374,6 +418,7 @@ Hey Emacs, this is -*- org -*- mode!
gpg: signing failed: general error
[GNUPG:] BEGIN_ENCRYPTION 2 10
gpg: test: sign+encrypt failed: general error
** DONE Without agent and with wrong passphrase, gpg 1.4.2 enters into an
CLOSED: [2018-03-09 Fri 08:20]
:PROPERTIES:
@ -382,6 +427,7 @@ Hey Emacs, this is -*- org -*- mode!
- State "DONE" from "TODO" [2018-03-09 Fri 08:20] \\
Must have been fixed in a subsequent release.
infinite loop.
** CANCELLED Use correct argv[0]
CLOSED: [2018-03-09 Fri 08:24]
:PROPERTIES:
@ -402,71 +448,86 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: operations-are-not-surgical
:END:
** Include cert values -2, -1, 0 and 1 should be defined as macros.
:PROPERTIES:
:CUSTOM_ID: certified-macros
:END:
** If an operation failed, make sure that the result functions don't return
:PROPERTIES:
:CUSTOM_ID: operation-failure
:END:
corrupt partial information. !!!
NOTE: The EOF status handler is not called in this case !!!
** Verify must not fail on NODATA premature if auto-key-retrieval failed.
:PROPERTIES:
:CUSTOM_ID: autobot-key-retrieval
:END:
It should not fail silently if it knows there is an error. !!!
** All operations: Better error reporting. !!
:PROPERTIES:
:CUSTOM_ID: better-reporting-not-like-fox-news
:END:
** Export status handler need much more work. !!!
:PROPERTIES:
:CUSTOM_ID: export-status-handler
:END:
** Import should return a useful error when one happened.
:PROPERTIES:
:CUSTOM_ID: import-useful-stuff-even-wrong-stuff
:END:
*** Import does not take notice of NODATA status report.
:PROPERTIES:
:CUSTOM_ID: import-no-data
:END:
*** When GPGSM does issue IMPORT_OK status reports, make sure to check for
:PROPERTIES:
:CUSTOM_ID: gpgsm-import-ok
:END:
them in tests/gpgs m/t-import.c.
** Verify can include info about version/algo/class, but currently
:PROPERTIES:
:CUSTOM_ID: verify-class
:END:
this is only available for gpg, not gpgsm.
** Return ENC_TO output in verify result. Again, this is not available
:PROPERTIES:
:CUSTOM_ID: return-to-enc
:END:
for gpgsm.
** Genkey should return something more useful than General_Error.
:PROPERTIES:
:CUSTOM_ID: general-key-assumed-command-from-general-error
:END:
** If possible, use --file-setsize to set the file size for proper progress
:PROPERTIES:
:CUSTOM_ID: file-setsize
:END:
callback handling. Write data interface for file size.
** Optimize the file descriptor list, so the number of open fds is
:PROPERTIES:
:CUSTOM_ID: optimus-descriptus-younger-brother-of-optimus-prime
:END:
always known easily.
** Encryption: It should be verified that the behaviour for partially untrusted
:PROPERTIES:
:CUSTOM_ID: only-mostly-dead-means-partially-alive
:END:
recipients is correct.
** When GPG issues INV_something for invalid signers, catch them.
:PROPERTIES:
:CUSTOM_ID: invalid-sig
@ -477,15 +538,18 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: error-value
:END:
** Map ASSUAN/GpgSM ERR error values in a better way than is done now. !!
:PROPERTIES:
:CUSTOM_ID: map-ass-error
:END:
** Some error values should identify the source more correctly (mostly error
:PROPERTIES:
:CUSTOM_ID: source-errors
:END:
values derived from status messages).
** In rungpg.c we need to check the version of the engine
:PROPERTIES:
:CUSTOM_ID: rungpg-c-engine-ver
@ -498,6 +562,7 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: tests
:END:
** TODO Write a fake gpg-agent so that we can supply known passphrases to
:PROPERTIES:
:CUSTOM_ID: test-fake-gpg-agent
@ -505,23 +570,28 @@ Hey Emacs, this is -*- org -*- mode!
gpgsm and setup the configuration files to use the agent. Without
this we are testing a currently running gpg-agent which is not a
clever idea. !
** t-data
:PROPERTIES:
:CUSTOM_ID: test-data
:END:
*** Test gpgme_data_release_and_get_mem.
:PROPERTIES:
:CUSTOM_ID: test-gpgme-data-release-mem
:END:
*** Test gpgme_data_seek for invalid types.
:PROPERTIES:
:CUSTOM_ID: test-gpgme-data-seek
:END:
** t-keylist
:PROPERTIES:
:CUSTOM_ID: test-keylist
:END:
Write a test for ext_keylist.
** Test reading key signatures.
:PROPERTIES:
:CUSTOM_ID: test-key-sig
@ -532,6 +602,7 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: debug
:END:
** Tracepoints should be added at: Every public interface enter/leave,
:PROPERTIES:
:CUSTOM_ID: tracepoint-pub-int
@ -547,6 +618,7 @@ Hey Emacs, this is -*- org -*- mode!
decrypt-verify.c delete.c edit.c encrypt.c encrypt-sign.c export.c
genkey.c import.c key.c keylist.c passphrase.c progress.c signers.c
sig-notation.c trust-item.c trustlist.c verify.c
** TODO Handle malloc and vasprintf errors. But decide first if they should be
:PROPERTIES:
:CUSTOM_ID: malloc-vasprintf
@ -559,10 +631,12 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: build-suite
:END:
** TODO Make sure everything is cleaned correctly (esp. test area).
:PROPERTIES:
:CUSTOM_ID: clean-tests
:END:
** TODO Enable AC_CONFIG_MACRO_DIR and bump up autoconf version requirement.
:PROPERTIES:
:CUSTOM_ID: autoconf-macros
@ -575,6 +649,7 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: error-checking
:END:
** TODO engine-gpgsm, with-validation
:PROPERTIES:
:CUSTOM_ID: gpgsm-validation
@ -615,7 +690,11 @@ Hey Emacs, this is -*- org -*- mode!
Write a guide/best practices for maintainers of GPGME packages with
third party package management systems.
Copyright 2004, 2005, 2018 g10 Code GmbH
* Copyright 2004, 2005, 2018 g10 Code GmbH
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
:END:
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without

1370
lang/python/docs/GPGMEpythonHOWTOen.org Normal file
View File

File diff suppressed because it is too large Load Diff

77
lang/python/docs/TODO.org
View File

@ -28,13 +28,74 @@
to produce reST versions via Pandoc and DITA XML can be reached
through converting to either Markdown or XHTML first.
** TODO Documentation HOWTO
** STARTED Documentation HOWTO
:PROPERTIES:
:CUSTOM_ID: todo-docs-howto
:END:
- State "STARTED" from "TODO" [2018-03-08 Thu 13:59] \\
Started yesterday.
Write a HOWTO style guide for the current Python bindings.
*** DONE Start python bindings HOWTO
CLOSED: [2018-03-07 Wed 18:14]
:PROPERTIES:
:CUSTOM_ID: howto-start
:END:
*** STARTED Include certain specific instructions in the HOWTO
:PROPERTIES:
:CUSTOM_ID: howto-requests
:END:
Note: moved the S/MIME bits out to their own section of the TODO
list and may be served better by separate HOWTO documentation
anyway.
- State "STARTED" from "TODO" [2018-03-09 Fri 15:27]
Some functions can be worked out from the handful of examples
available, but many more can't and I've already begun receiving
requests for certain functions to be explained.
**** DONE Standard scenarios
CLOSED: [2018-03-19 Mon 12:34]
:PROPERTIES:
:CUSTOM_ID: howto-the-basics
:END:
- State "DONE" from "STARTED" [2018-03-19 Mon 12:34] \\
All four of those are done.
- State "STARTED" from "TODO" [2018-03-09 Fri 15:26] \\
Began with the example code, now to add the text.
What everyone expects: encryption, decryption, signing and verifying.
**** STARTED Key control
:PROPERTIES:
:CUSTOM_ID: howto-key-control
:END:
- State "STARTED" from "TODO" [2018-03-19 Mon 12:35] \\
Generating keys and subkeys are done, but revocation is still to be done.
Generating keys, adding subkeys, revoking subkeys (and keeping
the cert key), adding and revoking UIDs, signing/certifying keys.
**** DONE More key control
CLOSED: [2018-03-19 Mon 12:36]
:PROPERTIES:
:CUSTOM_ID: howto-key-selection
:END:
- State "DONE" from "TODO" [2018-03-19 Mon 12:36] \\
Key selection, searching, matching and counting is done.
Selecting keys to encrypt to or manipulate in other ways (e.g. as
with key control or the basics).
** TODO Documentation SWIG
:PROPERTIES:
:CUSTOM_ID: todo-docs-swig
@ -47,6 +108,7 @@
something to be used in conjunction with the existing GPGME
documentation which makes it easier for Python developers to use.
** TODO GUI examples
:PROPERTIES:
:CUSTOM_ID: todo-gui-examples
@ -56,6 +118,7 @@
to either match or be similar to the old GTK2 examples available
with PyME.
** TODO Replace SWIG
:PROPERTIES:
:CUSTOM_ID: todo-replace-swig
@ -71,6 +134,7 @@
bindings using a more suitable means of interfacing with the GPGME
C source code.
*** TODO Replacement for SWIG
:PROPERTIES:
:CUSTOM_ID: todo-replace-swig-replacement
@ -80,6 +144,7 @@
the most viable candidate, but some additional testing and checks
are yet to be completed.
** TODO API for an API
:PROPERTIES:
:CUSTOM_ID: todo-api-squared
@ -94,6 +159,16 @@
available or for which it is too difficult to create proper
bindings.
** TODO S/MIME
:PROPERTIES:
:CUSTOM_ID: s-mime
:END:
Eventually add some of this, but the OpenPGP details are far more
important at the moment.
* Project Task Details
:PROPERTIES:
:CUSTOM_ID: detailed-tasks

58
lang/python/examples/howto/README.org Normal file
View File

@ -0,0 +1,58 @@
#+TITLE: GPGME Python Bindings HOWTO Examples
#+LATEX_COMPILER: xelatex
#+LATEX_CLASS: article
#+LATEX_CLASS_OPTIONS: [12pt]
#+LATEX_HEADER: \usepackage{xltxtra}
#+LATEX_HEADER: \usepackage[margin=1in]{geometry}
#+LATEX_HEADER: \setmainfont[Ligatures={Common}]{Times New Roman}
#+LATEX_HEADER: \author{Ben McGinnes <ben@gnupg.org>}
* Examples
:PROPERTIES:
:CUSTOM_ID: gpgme-python3-examples
:END:
The contents of this directory are the examples included in the /GNU
Privacy Guard (GnuPG) Made Easy Python Bindings HOWTO/ file. Each
script is explicitly for Python 3 and specifically for Python 3.4 or
later.
Some of these scripts may work with Python 2.7, but there are no
guarantees. They will include the relevant imports from the
=__future__= module to facilitate that if possible.
* Copyright and Licensing
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
:END:
Unless otherwise stated, all the examples in this directory are
released under the same terms as GPGME itself; that is they are dual
licensed under the terms of both the GNU General Public License
version 2.0 (or any later version) *and* the GNU Lesser General
Public License version 2.1 (or any later version).
** Copyright (C) The GnuPG Project, 2018
:PROPERTIES:
:CUSTOM_ID: copyright
:END:
Copyright © The GnuPG Project, 2018.
** License GPL compatible
:PROPERTIES:
:CUSTOM_ID: license
:END:
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
modifications, as long as this notice is preserved.
This file is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY, to the extent permitted by law; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.

56
lang/python/examples/howto/clear-sign-file.py Executable file
View File

@ -0,0 +1,56 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
"""
Clear-signs a file with a specified key. If entering both the key and the
filename on the command line, the key must be entered first.
"""
if len(sys.argv) > 3:
logrus = sys.argv[1]
filename = " ".join(sys.argv[2:])
elif len(sys.argv) == 3:
logrus = sys.argv[1]
filename = sys.argv[2]
elif len(sys.argv) == 2:
logrus = sys.argv[1]
filename = input("Enter the path and filename to sign: ")
else:
logrus = input("Enter the fingerprint or key ID to sign with: ")
filename = input("Enter the path and filename to sign: ")
with open(filename, "rb") as f:
text = f.read()
key = list(gpg.Context().keylist(pattern=logrus))
with gpg.Context(armor=True, signers=key) as c:
signed_data, result = c.sign(text, mode=gpg.constants.sig.mode.CLEAR)
with open("{0}.asc".format(filename), "wb") as f:
f.write(signed_data)

44
lang/python/examples/howto/decrypt-file.py Executable file
View File

@ -0,0 +1,44 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
if len(sys.argv) == 3:
ciphertext = sys.argv[1]
newfile = sys.argv[2]
elif len(sys.argv) == 2:
ciphertext = sys.argv[1]
newfile = input("Enter path and filename of file to save decrypted data to: ")
else:
ciphertext = input("Enter path and filename of encrypted file: ")
newfile = input("Enter path and filename of file to save decrypted data to: ")
with open(ciphertext, "rb") as cfile:
plaintext, result, verify_result = gpg.Context().decrypt(cfile)
with open(newfile, "wb") as nfile:
nfile.write(plaintext)

64
lang/python/examples/howto/detach-sign-file.py Executable file
View File

@ -0,0 +1,64 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
"""
Signs a file with a specified key. If entering both the key and the filename
on the command line, the key must be entered first.
Will produce both an ASCII armoured and GPG binary format copy of the detached
signature file.
"""
if len(sys.argv) > 3:
logrus = sys.argv[1]
filename = " ".join(sys.argv[2:])
elif len(sys.argv) == 3:
logrus = sys.argv[1]
filename = sys.argv[2]
elif len(sys.argv) == 2:
logrus = sys.argv[1]
filename = input("Enter the path and filename to sign: ")
else:
logrus = input("Enter the fingerprint or key ID to sign with: ")
filename = input("Enter the path and filename to sign: ")
with open(filename, "rb") as f:
text = f.read()
key = list(gpg.Context().keylist(pattern=logrus))
with gpg.Context(armor=True, signers=key) as ca:
signed_data, result = ca.sign(text, mode=gpg.constants.sig.mode.DETACH)
with open("{0}.asc".format(filename), "wb") as fa:
fa.write(signed_data)
with gpg.Context(signers=key) as cb:
signed_data, result = cb.sign(text, mode=gpg.constants.sig.mode.DETACH)
with open("{0}.sig".format(filename), "wb") as fb:
fb.write(signed_data)

71
lang/python/examples/howto/encrypt-file.py Executable file
View File

@ -0,0 +1,71 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
"""
Encrypts a file to a specified key. If entering both the key and the filename
on the command line, the key must be entered first.
Will produce both an ASCII armoured and GPG binary format copy of the encrypted
file.
"""
if len(sys.argv) > 3:
a_key = sys.argv[1]
filename = " ".join(sys.argv[2:])
elif len(sys.argv) == 3:
a_key = sys.argv[1]
filename = sys.argv[2]
elif len(sys.argv) == 2:
a_key = sys.argv[1]
filename = input("Enter the path and filename to encrypt: ")
else:
a_key = input("Enter the fingerprint or key ID to encrypt to: ")
filename = input("Enter the path and filename to encrypt: ")
rkey = list(gpg.Context().keylist(pattern=a_key, secret=False))
with open(filename, "rb") as f:
text = f.read()
with gpg.Context(armor=True) as ca:
try:
ciphertext, result, sign_result = ca.encrypt(text, recipients=rkey,
sign=False)
with open("{0}.asc".format(filename), "wb") as fa:
fa.write(ciphertext)
except gpg.errors.InvalidRecipients as e:
print(e)
with gpg.Context() as cg:
try:
ciphertext, result, sign_result = cg.encrypt(text, recipients=rkey,
sign=False)
with open("{0}.gpg".format(filename), "wb") as fg:
fg.write(ciphertext)
except gpg.errors.InvalidRecipients as e:
print(e)

70
lang/python/examples/howto/encrypt-sign-file.py Executable file
View File

@ -0,0 +1,70 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
"""
Signs and encrypts a file to a specified key. If entering both the key and the
filename on the command line, the key must be entered first.
Signs with and also encrypts to the default key of the user invoking the
script. Will treat all recipients as trusted to permit encryption.
Will produce both an ASCII armoured and GPG binary format copy of the signed
and encrypted file.
"""
if len(sys.argv) > 3:
a_key = sys.argv[1]
filename = " ".join(sys.argv[2:])
elif len(sys.argv) == 3:
a_key = sys.argv[1]
filename = sys.argv[2]
elif len(sys.argv) == 2:
a_key = sys.argv[1]
filename = input("Enter the path and filename to encrypt: ")
else:
a_key = input("Enter the fingerprint or key ID to encrypt to: ")
filename = input("Enter the path and filename to encrypt: ")
rkey = list(gpg.Context().keylist(pattern=a_key, secret=False))
with open(filename, "rb") as f:
text = f.read()
with gpg.Context(armor=True) as ca:
ciphertext, result, sign_result = ca.encrypt(text, recipients=rkey,
always_trust=True,
add_encrypt_to=True)
with open("{0}.asc".format(filename), "wb") as fa:
fa.write(ciphertext)
with gpg.Context() as cg:
ciphertext, result, sign_result = cg.encrypt(text, recipients=rkey,
always_trust=True,
add_encrypt_to=True)
with open("{0}.gpg".format(filename), "wb") as fg:
fg.write(ciphertext)

50
lang/python/examples/howto/groups.py Normal file
View File

@ -0,0 +1,50 @@
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import subprocess
"""
Intended for use with other scripts.
Usage: from groups import group_lists
"""
lines = subprocess.getoutput("gpgconf --list-options gpg").splitlines()
for i in range(len(lines)):
if lines[i].startswith("group") is True:
line = lines[i]
else:
pass
groups = line.split(":")[-1].replace('"', '').split(',')
group_lines = groups
for i in range(len(group_lines)):
group_lines[i] = group_lines[i].split("=")
group_lists = group_lines
for i in range(len(group_lists)):
group_lists[i][1] = group_lists[i][1].split()

42
lang/python/examples/howto/keycount.py Executable file
View File

@ -0,0 +1,42 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
c = gpg.Context()
seckeys = c.keylist(pattern=None, secret=True)
pubkeys = c.keylist(pattern=None, secret=False)
seclist = list(seckeys)
secnum = len(seclist)
publist = list(pubkeys)
pubnum = len(publist)
print("""
Number of secret keys: {0}
Number of public keys: {1}
""".format(secnum, pubnum))

64
lang/python/examples/howto/sign-file.py Executable file
View File

@ -0,0 +1,64 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
"""
Signs a file with a specified key. If entering both the key and the filename
on the command line, the key must be entered first.
Will produce both an ASCII armoured and GPG binary format copy of the signed
file.
"""
if len(sys.argv) > 3:
logrus = sys.argv[1]
filename = " ".join(sys.argv[2:])
elif len(sys.argv) == 3:
logrus = sys.argv[1]
filename = sys.argv[2]
elif len(sys.argv) == 2:
logrus = sys.argv[1]
filename = input("Enter the path and filename to sign: ")
else:
logrus = input("Enter the fingerprint or key ID to sign with: ")
filename = input("Enter the path and filename to sign: ")
with open(filename, "rb") as f:
text = f.read()
key = list(gpg.Context().keylist(pattern=logrus))
with gpg.Context(armor=True, signers=key) as ca:
signed_data, result = ca.sign(text, mode=gpg.constants.sig.mode.NORMAL)
with open("{0}.asc".format(filename), "wb") as fa:
fa.write(signed_data)
with gpg.Context(signers=key) as cg:
signed_data, result = cg.sign(text, mode=gpg.constants.sig.mode.NORMAL)
with open("{0}.gpg".format(filename), "wb") as fg:
fg.write(signed_data)

64
lang/python/examples/howto/verify-signatures.py Executable file
View File

@ -0,0 +1,64 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
import time
"""
Verifies a signed file which has been signed with a detached signature.
"""
if len(sys.argv) > 2:
filename = sys.argv[1]
sig_file = sys.argv[2]
elif len(sys.argv) == 2:
filename = sys.argv[1]
sig_file = input("Enter the path and filename of the detached signature: ")
else:
filename = input("Enter the path and filename to verify: ")
sig_file = input("Enter the path and filename of the detached signature: ")
c = gpg.Context()
try:
data, result = c.verify(open(filename), open(sig_file))
verified = True
except gpg.errors.BadSignatures as e:
verified = False
print(e)
if verified is True:
for i in range(len(result.signatures)):
sign = result.signatures[i]
print("""Good signature from:
{0}
with key {1}
made at {2}
""".format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
time.ctime(sign.timestamp)))
else:
pass

61
lang/python/examples/howto/verify-signed-file.py Executable file
View File

@ -0,0 +1,61 @@
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
from __future__ import absolute_import, division, unicode_literals
# Copyright (C) 2018 Ben McGinnes <ben@gnupg.org>
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU General Public License as published by the Free Software
# Foundation; either version 2 of the License, or (at your option) any later
# version.
#
# This program is free software; you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License as published by the Free
# Software Foundation; either version 2.1 of the License, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful, but WITHOUT
# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
# FOR A PARTICULAR PURPOSE. See the GNU General Public License and the GNU
# Lesser General Public Licensefor more details.
#
# You should have received a copy of the GNU General Public License and the GNU
# Lesser General Public along with this program; if not, see
# <http://www.gnu.org/licenses/>.
import gpg
import sys
import time
"""
Verifies a signed file which has been signed with either NORMAL or CLEAR modes.
"""
if len(sys.argv) > 2:
filename = " ".join(sys.argv[1:])
elif len(sys.argv) == 2:
filename = sys.argv[1]
else:
filename = input("Enter the path and filename to sign: ")
c = gpg.Context()
try:
data, result = c.verify(open(filename))
verified = True
except gpg.errors.BadSignatures as e:
verified = False
print(e)
if verified is True:
for i in range(len(result.signatures)):
sign = result.signatures[i]
print("""Good signature from:
{0}
with key {1}
made at {2}
""".format(c.get_key(sign.fpr).uids[0].uid, sign.fpr,
time.ctime(sign.timestamp)))
else:
pass

0
lang/python/examples/encrypt-to-all.py → lang/python/examples/low_level-encrypt_to_all.py
View File

2
src/gpgme-tool.c
View File

@ -3101,7 +3101,7 @@ cmd_hash_algo_name (assuan_context_t ctx, char *line)
static const char hlp_identify[] =
"IDENTIY\n"
"IDENTIFY\n"
"\n"
"Identify the type of data set with the INPUT command.";
static gpg_error_t