Commit Graph

10 Commits

Author SHA1 Message Date
Werner Koch
01435da498
core: Extend decryption result with symkey_algo.
* src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'.
* src/decrypt.c (release_op_data): Free SYMKEY_ALGO.
(gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL.
(parse_decryption_info): New.
(_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status.
* src/conversion.c (_gpgme_cipher_algo_name): New.
(_gpgme_cipher_mode_name): New.

* tests/run-decrypt.c (print_result): Print SYMKEY_ALGO

* src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 13:48:56 +02:00
Werner Koch
f7700a0169
core: Add new context flag "no-symkey-cache".
* src/gpgme.c (gpgme_set_ctx_flag): Set flag.
(gpgme_get_ctx_flag): Get flag.
* src/context.h (struct gpgme_context): Add field no_symkey_cache.
* src/engine-gpg.c (struct engine_gpg): Ditto.
(gpg_set_engine_flags): Set flag.
(build_argv): Pass option --no-symkey-cache to gpg.

* tests/run-decrypt.c (print_result): Fix segv for symmetric messages.
(main): New option --no-symkey-cache.
* tests/run-encrypt.c (main): New option --no-symkey-cache.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-12 09:17:27 +02:00
Werner Koch
b9000bc293
core: New gpgme_set_ctx_flag "request-origin".
* src/context.h (gpgme_context): Add 'request_origin'.
* src/gpgme.c (gpgme_release): Free that field.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "request-origin".
* src/engine-backend.h (engine_ops): Add 'set_engine_ops' func ptr and
adjust all users.
* src/engine.c (_gpgme_engine_set_engine_flags): New.
* src/op-support.c (_gpgme_op_reset): Call that func.
* src/engine-gpg.c (struct engine_gpg): Add 'request_origin'.
(gpg_set_engine_flags): New.
(_gpgme_engine_ops_gpg): Hook it.
(build_argv): Use command line option --request-origin.
* src/engine-gpgsm.c (struct engine_gpgsm): Add 'request_origin'.
(gpgsm_set_engine_flags): New.
(_gpgme_engine_ops_gpgsm): Hook it.
(start): Send OPTION "request-origin".
* src/engine-assuan.c (struct engine_llass): Add 'request_origin'.
(gpgsm_set_engine_flags): New.
(_gpgme_engine_ops_assuan): Hook it.
(start): Send OPTION "pretend-request-origin".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-03-23 15:27:32 +01:00
Andre Heinecke
7003583432
Change copyright from Intevation to BSI
* lang/cpp/src/gpggencardkeyinteractor.cpp,
lang/cpp/src/gpggencardkeyinteractor.h,
lang/cpp/src/gpgmepp_export.h,
lang/cpp/src/swdbresult.cpp,
lang/cpp/src/swdbresult.h,
lang/cpp/src/tofuinfo.cpp,
lang/cpp/src/tofuinfo.h,
lang/qt/src/abstractimportjob.h,
lang/qt/src/adduseridjob.h,
lang/qt/src/changeexpiryjob.h,
lang/qt/src/changeownertrustjob.h,
lang/qt/src/changepasswdjob.h,
lang/qt/src/cryptoconfig.cpp,
lang/qt/src/cryptoconfig.h,
lang/qt/src/dataprovider.cpp,
lang/qt/src/dataprovider.h,
lang/qt/src/decryptjob.h,
lang/qt/src/decryptverifyjob.h,
lang/qt/src/deletejob.h,
lang/qt/src/dn.cpp,
lang/qt/src/dn.h,
lang/qt/src/downloadjob.h,
lang/qt/src/encryptjob.h,
lang/qt/src/exportjob.h,
lang/qt/src/hierarchicalkeylistjob.h,
lang/qt/src/importfromkeyserverjob.h,
lang/qt/src/importjob.h,
lang/qt/src/job.cpp,
lang/qt/src/job.h,
lang/qt/src/keyformailboxjob.h,
lang/qt/src/keygenerationjob.h,
lang/qt/src/keylistjob.h,
lang/qt/src/listallkeysjob.h,
lang/qt/src/multideletejob.h,
lang/qt/src/protocol.h,
lang/qt/src/protocol_p.h,
lang/qt/src/qgpgme_export.h,
lang/qt/src/qgpgmeadduseridjob.cpp,
lang/qt/src/qgpgmeadduseridjob.h,
lang/qt/src/qgpgmebackend.cpp,
lang/qt/src/qgpgmebackend.h,
lang/qt/src/qgpgmechangeexpiryjob.cpp,
lang/qt/src/qgpgmechangeexpiryjob.h,
lang/qt/src/qgpgmechangeownertrustjob.cpp,
lang/qt/src/qgpgmechangeownertrustjob.h,
lang/qt/src/qgpgmechangepasswdjob.cpp,
lang/qt/src/qgpgmechangepasswdjob.h,
lang/qt/src/qgpgmedecryptjob.cpp,
lang/qt/src/qgpgmedecryptjob.h,
lang/qt/src/qgpgmedecryptverifyjob.cpp,
lang/qt/src/qgpgmedecryptverifyjob.h,
lang/qt/src/qgpgmedeletejob.cpp,
lang/qt/src/qgpgmedeletejob.h,
lang/qt/src/qgpgmedownloadjob.cpp,
lang/qt/src/qgpgmedownloadjob.h,
lang/qt/src/qgpgmeencryptjob.cpp,
lang/qt/src/qgpgmeencryptjob.h,
lang/qt/src/qgpgmeexportjob.cpp,
lang/qt/src/qgpgmeexportjob.h,
lang/qt/src/qgpgmeimportfromkeyserverjob.cpp,
lang/qt/src/qgpgmeimportfromkeyserverjob.h,
lang/qt/src/qgpgmeimportjob.cpp,
lang/qt/src/qgpgmeimportjob.h,
lang/qt/src/qgpgmekeyformailboxjob.cpp,
lang/qt/src/qgpgmekeyformailboxjob.h,
lang/qt/src/qgpgmekeygenerationjob.cpp,
lang/qt/src/qgpgmekeygenerationjob.h,
lang/qt/src/qgpgmekeylistjob.cpp,
lang/qt/src/qgpgmekeylistjob.h,
lang/qt/src/qgpgmelistallkeysjob.cpp,
lang/qt/src/qgpgmelistallkeysjob.h,
lang/qt/src/qgpgmenewcryptoconfig.cpp,
lang/qt/src/qgpgmenewcryptoconfig.h,
lang/qt/src/qgpgmerefreshkeysjob.cpp,
lang/qt/src/qgpgmerefreshkeysjob.h,
lang/qt/src/qgpgmesecretkeyexportjob.cpp,
lang/qt/src/qgpgmesecretkeyexportjob.h,
lang/qt/src/qgpgmesignencryptjob.cpp,
lang/qt/src/qgpgmesignencryptjob.h,
lang/qt/src/qgpgmesignjob.cpp,
lang/qt/src/qgpgmesignjob.h,
lang/qt/src/qgpgmesignkeyjob.cpp,
lang/qt/src/qgpgmesignkeyjob.h,
lang/qt/src/qgpgmetofupolicyjob.cpp,
lang/qt/src/qgpgmetofupolicyjob.h,
lang/qt/src/qgpgmeverifydetachedjob.cpp,
lang/qt/src/qgpgmeverifydetachedjob.h,
lang/qt/src/qgpgmeverifyopaquejob.cpp,
lang/qt/src/qgpgmeverifyopaquejob.h,
lang/qt/src/qgpgmewkspublishjob.cpp,
lang/qt/src/qgpgmewkspublishjob.h,
lang/qt/src/refreshkeysjob.h,
lang/qt/src/signencryptjob.h,
lang/qt/src/signjob.h,
lang/qt/src/signkeyjob.h,
lang/qt/src/specialjob.h,
lang/qt/src/threadedjobmixin.cpp,
lang/qt/src/threadedjobmixin.h,
lang/qt/src/tofupolicyjob.h,
lang/qt/src/verifydetachedjob.h,
lang/qt/src/verifyopaquejob.h,
lang/qt/src/wkspublishjob.h,
lang/qt/tests/run-keyformailboxjob.cpp,
lang/qt/tests/t-config.cpp,
lang/qt/tests/t-encrypt.cpp,
lang/qt/tests/t-keylist.cpp,
lang/qt/tests/t-keylocate.cpp,
lang/qt/tests/t-ownertrust.cpp,
lang/qt/tests/t-support.cpp,
lang/qt/tests/t-support.h,
lang/qt/tests/t-tofuinfo.cpp,
lang/qt/tests/t-various.cpp,
lang/qt/tests/t-verify.cpp,
lang/qt/tests/t-wkspublish.cpp,
tests/gpg/t-encrypt-mixed.c,
tests/gpg/t-thread-keylist-verify.c,
tests/gpg/t-thread-keylist.c,
tests/run-decrypt.c: Change Intevation GmbH copyright to BSI.

--
This should make it more transparent where the BSI is the actual
copyright holder as the code was mostly developed as part of a
development contract.
2017-04-25 10:24:11 +02:00
Werner Koch
6ac1f2cded
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP.
* src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const.
(gpgme_decrypt_flags_t): New enum.
(GPGME_DECRYPT_VERIFY): New const
(GPGME_DECRYPT_UNWRAP): New const
(gpgme_op_decrypt_ext_start): New func.
(gpgme_op_decrypt_ext): New func.
* src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New.
(gpgme_op_decrypt_ext): New.
(decrypt_verify_start): Add arg FLAGS.  Replace call to
engine_op_decrypt_verify by the plain decrypt with the flag set.
(gpgme_op_decrypt_verify_start): Pass the flag.
(gpgme_op_decrypt_verify): Pass the flag.
* src/decrypt.c (decrypt_start): Rename to ...
(_gpgme_decrypt_start): this.  Add arg FLAGS.  Pass FLAGS to
engine_op_decrypt.
(gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG.
(gpgme_op_decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt_verify): Remove.
(_gpgme_engine_op_decrypt): Add arg FLAGS.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-backend.h (struct engine_ops): Remove member
'decrypt_verify'.  Add FLAGS to 'decrypt'.  Adjust all initialization.
* src/engine-uiserver.c (uiserver_decrypt): Remove.
(uiserver_decrypt_verify): Remove.
(_uiserver_decrypt): Rename to ...
(uiserver_decrypt): this.  Replace arg VERIFY by new arg FLAGS.
* src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP.
(gpg_encrypt): Support GPGME_ENCRYPT_WRAP.

* tests/run-decrypt.c (main): New option --unwrap.
* tests/run-encrypt.c (main): New option --wrap.
--

Manual testing of that wrap/unwrap feature can be done this way:

 ./run-encrypt --verbose --key Alice /etc/motd > x
 ./run-decrypt --verbose --unwrap x > y
 ./run-encrypt --verbose --key Bob --wrap y > z

1. The message was first encrypted to Alice.
2. Alice decrypts the message receiving a valid OpenPGP message.
3. Alice encrypt that message to Bob

This will also work with encrypted and signed messages; the signature
will be kept intact during re-encryption.  Requires GnuPG 2.1.12.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 15:17:23 +01:00
Werner Koch
7f5f26fd66
doc: Replace http: by https: in core source files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 13:27:00 +01:00
Werner Koch
9fc92a15bd
core: Do not leak the override session key to ps(1).
* src/engine-gpg.c (struct engine_gpg): New field
override_session_key.
(gpg_release): Free that field.
(gpg_decrypt): With gnupg 2.1.16 use --override-session-key-fd.

* tests/run-decrypt.c (main): Fix setting over the override key.
--

Note that this works only with gnupg 2.1.16 and later.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 10:15:31 +01:00
Daniel Kahn Gillmor
5730647421
doc,tests: Require use of ctx_flag before use of session_key.
* doc/gpgme.texi: Document requirements of verifying that it is OK to
use session_key.
* tests/run-decrypt.c: Ensure that we fail if we're unable to access
the session key, so that we do not violate the guidance above.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Changed the description

 -@code{gpgme_set_ctx_flag (ctx, "export-session-key")} returns
 -@code{GPG_ERR_NO_ERROR} or @code{gpgme_get_ctx_flag (ctx,
 -"export-session-key")} returns @code{"1"}.
 +@code{gpgme_set_ctx_flag (ctx, "export-session-key")} returns success
 +or @code{gpgme_get_ctx_flag (ctx, "export-session-key")} returns true
 +(non-empty string).

to get gpgme_get_ctx_flag for boolean values in sync with its own
description.

Note that I don't agree with the above suggestion but it does not
really harm to have it in the man page.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 10:15:31 +01:00
Werner Koch
7659d42468
core: Implement context flag "override-session-key".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.

* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.

--

To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.

The patch also implements the --override-session-key feature.

GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 10:34:13 +01:00
Andre Heinecke
3364549c19 tests: Add new test tool run-decrypt
* tests/run-decrypt.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add run-decrypt.
2016-06-24 11:33:05 +02:00