* The holy grail: a function to export secret keys.
* GPGME will still invoke pinentry and gpg-agent as usual to authorise
the export.
* Mostly similar to the two previous export functions for public keys
except that it will return None if the result had a length of zero
bytes. Meaning that the difference between the specified pattern
(if any) not matching available keys and an incorrect passphrase is
not able to be determined from this function (or the underlying one
for that matter).
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Updated key_export and key_export_minimal to return None where a
pattern matched no keys in a manner simnilar to the possible result
of key_export_secret.
* Added functions for exporting public keys to gpg.core in both
complete form and in minimised form.
* Rather than letting people need to worry about the export modes we
are simply separating the functions as people would be more familiar
with from the command line usage anyway.
* Functions added for Context are: ctx.key_export_minimal and
ctx.key_export as the default or full export.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Fixed most of the PEP8 errors in core.py
* Those remaining may need more than little edits and are a bit
strange (too clearly the result of a programmer who has spent far
too much time dealing with Lisp so that for Python it looks
... strange).
* Wrapped the key import function in the try/exception statements
needed to catch at least the most likely unsuccessful import attempt
errors.
* Mostly draws on the file error and no data import statuses for
errors, with a couple of exceptions.
Signed-off-by: Ben McGinnes <ben@adversary.org>
* The foundation of a pythonic key import function authored by Jacob
Adams.
* A unit testing script for the same function originally authored by
Tobias Mueller
* Added DCO reference for Jacob Adams to the GPGME AUTHORS file.
* Additional details regarding this patch are available here:
https://dev.gnupg.org/T4001
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Uses the groups module to prepare a list of recipients and encrypt
to those.
* The main version (encrypt-to-group.py) tries to check for invalid
recipients, but still falls back to always trust for the second
encryption attempt.
* The gullible version doesn't try pruning the recipient list at all,
it just tries to encrypt and if it fails, switches straight to
always trust.
* The trustno1 version doesn't use the always trust model at all and
only attempts pruning the list of invalid recipients.
* Another attempt at fixing the org-mode version.
* A proof reader ascertained there were tabs in it instead of whitespace.
* Stripped the lot out and replaced with standard 4 spaces, fixed
every incorrect example ... and it still breaks upon save and/or export.
* Added the reference to the mutt-groups.py script to demonstrate the
groups.py module/code.
* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
gpg.conf, including those entries for multiple keys (Mutt handles
that differently).
* Fixed the groups.py script so it really does what is described (the
old code had the same result for groups, group_lines and
group_lists).
* Updated the corresponding example in the doc to match.
* Updated the decryption example code in the HOWTO and the
corresponding decrypt-file.py script to gracefully handle a
decryption failure. This error will always be triggered when GPGME
is used to try to decrypt an old, MDC-less encrypted message or
file.
* Changed the expiration date for the generated test key to NYE this
century, rather than the NYE this millennium as originally suggested
in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
healthy millennials) as well as the 32-bit clock end date in 2038;
without falling foul of OpenPGP's 2106 expiration.
* lang/python/setup.py.in: Copy gpgme.h instead of parsing it.
--
The python bindings tried to parse deprecated functions
out of gpgme.h. This fails for the current gpgme.h in
that it removes an entire field in the key sig struct (_obsolete_class).
Hence, the fields were off by an int and the bindings accessed struct
members via the wrong offset. That caused python program to crash.
At least on 32bit platforms, the crash can be easily triggered by
accessing key.uids[0].signatures. On 64bit platforms the compiler
probably aligns the struct so that the missing 4 bytes are not noticed.
With this change, the python bindings will expose all functions
that gpgme exposes, including the deprecated ones.
Credits go to Justus Winter for debugging and identying the issue.
Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
GnuPG-bug-id: 3892
* Script to generate a new key with encryption subkey taking input
from interactive prompts.
* Will also take a passphrase via pinentry and uses passphrase caching
of five minutes when used in conjunction with the temp homedir
script.
* Testing the addition of a HTML header set in org-mode in order to
had RSS update links for files.
* This should work with any [X]HTML export from current versions of
Org-Mode, but if it also works on website generated pages then it'll
tick off one of the wishlist itmes.
* Script to create a temporary gnupg homedir in the user's directory
for testing or scripting purposes.
* Creates a hidden directory on POSIX systems with the correct
permissions (700).
* Creates a gpg.conf in that directory containing the same
configuration options as used in the "Danger Mouse" example in the
HOWTO with the correct permissions (600).
* Added GPGME Python bindings HOWTO in Australian/British English.
** en-US "translation" still to be done.
* Added several example scripts comprised of the "Basic Functions"
section of the HOWTO (plus the work-around at the end).
** As these scripts are very basic examples they are released under
both the GPLv2+ and the LGPLv2.1+ (just like GPGME itself).
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Temporarily removing multi-key selection based examples.
* There are a few issues with getting the key selections to play
nicely with gpg.Context().keylist object types.
* Will troubleshoot them separately and restore them when that's
worked out, but I don't want these more complicated examples to
delay merging the HOWTO with master.
* Similar to group-key-selection.py, but does not use an existing
group from gpg.conf; instead takes multiple key IDs, fingerprints or
patterns on the command line and adds them to a keylist object.
* Begins to string together some of the simpler examples to do more
useful things.
* Signs and encrypts a file while encrypting to every key in a group
specified in the gpg.conf file.
* Updated usage so it only references importing the final list of
lists produced. Trying to use some of the mid-points can have
unpredictable results (this is part of the problem with work
arounds).
