Commit Graph

2634 Commits

Author SHA1 Message Date
Maximilian Krambach
4b343c4e33 js: include armored Key in import callback
--

* The import answer now also directly contains the armored Key as Key
  property, without need to refresh the Key object created in the
  answer. This allows for direct comparision of input and output.
* BrowserTestExtension: added test for that import callback
2018-07-24 14:56:33 +02:00
Maximilian Krambach
040b1ed40a js: Fix wrong encoding in received error messages
--

* The libgpg error strings arrive in the browser in a different
  encoding than used by browsers. Escaping and then decoding it
  should cover most languages in the supported browsers.
2018-07-24 14:50:54 +02:00
Maximilian Krambach
a965e3e0b8 js: repair BrowserTextExtension test
--

* the signed message to verify was signed by a wrong test key
2018-07-20 10:59:57 +02:00
Maximilian Krambach
50da3ff2fd js: typo in comment
--

* Documentation typo that caused jsdoc to exit with an error
2018-07-18 13:43:47 +02:00
Maximilian Krambach
ce0379d999 js: fix getkeys with locate option
--

* src/Keyring.js:
  As locate will not work with the "secret" option, the first message
  cannot be reused, thus a new one must be created here
2018-07-17 11:07:49 +02:00
Maximilian Krambach
5213a599fe js: allow optional Key retrieve pattern to be null
--

* src/Keyring.js: If the optional "pattern" parameter is not to be
  used, but another, following parameter is, null is more of a
  convention in javascript, thus both null and undefined are
  interpreted as "this parameter is not meant to be set".
2018-07-12 11:48:17 +02:00
Maximilian Krambach
30bb549046 js: add with-sec-fprs to getKeysArmored
--

* Reflects the changes made to gpgme-json in commit
  6cc842c9aa.

  - getKeysArmored now returns an object with property 'armored' being
    the exported armored block, and an (optional) array of fingerprint
    strings for those keys that can be used in sign/encrypt operations
    as property 'secret_fprs'. With this, extensions such as mailvelope
    will be able to bulk fetch all necessary key information in one
    request.
2018-07-12 11:36:55 +02:00
Maximilian Krambach
4015f5b498 js: documentation
--

* Fixed errors:
- src/Message.js post(): Set chunksize to defined default value instead
  of hardcoded
- src/Keys.js: added getHasSecret() to refreshKey operation.

* Reviewed and updated the documentation

* non-documentation changes which do not affect functionality:
- src/Errors: disabled a console.warn that is only useful for debugging
- helpers.js: renamed "string" to "value" in isFingerprint and isLongId
  to avoid confusion
- src/Keyring: prepare_sync, search are both explicitly set to false by
  default
2018-07-10 14:32:26 +02:00
Maximilian Krambach
8964627f6a js: fix verify result reporting
--

* src/Signature.js: searching for overall validity in the "summary"
  property
* BrowsertestExtension: Added two verify tests
2018-07-09 11:57:01 +02:00
Maximilian Krambach
67b6fa5a29 js: reduce request spam at getKeys()
--

* Don't make a secret-Key request for each Key retrieved, use one
  request for all of them instead, and assemble the info later. This
  should reduce the traffic with large Keyrings. The bulk retrieval
  for the public armored Keys for each of these Keys is still up to
  discussion

* unittests: disabled assertion for the armored key (as it currently
  doesn't work)

* encryptTest: clarified the mechanism/reason of rejection for
  Messages >64 MB. This is still a TODO, as this error comes from a
  different place (the browser itself) and behaves different from the
  other errors.
2018-07-09 11:24:46 +02:00
Maximilian Krambach
10f2106404 js: properly reject pgp message without signature
--

* A verify at gpgme-json does not fail if there is a valid pgp message
  that does not include a signature. Instead, the answer will be devoid
  of signatures. In javascript, the SIG_NO_SIG error should be reported
  here, but wasn't.
2018-07-04 15:46:45 +02:00
Maximilian Krambach
1919fa41b6 js: Add jsdoc, update webpack-cli dependency
--
* package.json:
  - the old webpack-cli version depended on two packages
    with vulnerabilities, set to minimum version 3.0.8 to fix this
    (nodesecurity.io/advisories/157, nodesecurity.io/advisories/612)
  - added License identifier

* README: Updated documentation

* jsdoc.conf: Added a configuration file for jsdoc

* some minor documentation changes, indentations
2018-07-04 13:38:54 +02:00
Maximilian Krambach
1105fc87a3 js: add Key lookup
--

* src/Keyring.js: getKeys() now has the option "search", which will
  trigger a remote lookup (as configured in gpg) for the string given
  as pattern.
* src/permittedOperations: make use of the new 'locate' option in
  keylist
* DemoExtension: Add a button for lookup, to demonstrate the
  functionality
2018-07-04 12:11:35 +02:00
Maximilian Krambach
a52ec87d40 js: fixing Key import/export test
--

* BrowserTestExtension:
 - The KeyImport/Export test had some errors, which have now been fixed
 - The secret key used for the test examples is now placed more
   prominently, and a clarification added that decrypt tests will not
   work if this key is not imported.

* permittedOperations.js: typo

  Thanks to rrenkert@intevation.de for the fixes
2018-07-03 12:41:49 +02:00
Maximilian Krambach
88e7f8ec2e js: Demoextension update
--

* src/Signature: typo
* src/gpgmejs.js: fixed wrong scope in verification
* right now verify does not succeed in the DemoExtension.
  This is probably a problem in conversion or line ending.
2018-06-20 13:46:41 +02:00
Andre Heinecke
d27703ea4f
Prepare build system for gpgme-js and dist it
* configure.ac: Add js as language.
* lang/Makefile.am: Add js as dist language.
* lang/js/BrowserTestExtension/Makefile.am,
lang/js/DemoExtension/Makefile.am,
lang/js/Makefile.am,
lang/js/src/Makefile.am: Populate EXTRA_DIST variables.

--
There is no actual build done yet as there seems to be
no way to build it with debian stable tools. This needs
clarification.
2018-06-19 16:40:40 +02:00
Maximilian Krambach
780f7880c6 js: getDefaultKey and GenerateKey improvements
--

* src/Keyring.js: added more options for key generation.

* src/Key.js: GetDefaultKey now relies on the info associated with the
  key, as the approach of relying on a secret subkey did not work as
  intended
* DemoExtension: Added a button for retrieval of the subkey, to test
  this functionality.
2018-06-19 09:26:01 +02:00
Maximilian Krambach
3cd428ba44 js: import result feedback
--

* src/Keyring.js: Changed and documented the import result feedback
  towards the javascript side
2018-06-14 14:50:25 +02:00
Maximilian Krambach
3c783bd09c js: add verify and signature parsing
--

* src/gpgmejs.js:
  - Added verify method
  - Added verification results in decrypt (if signatures are present
    in the message)
  - Added a base64 option to decrypt

* src/Signature.js: Convenience class for verification results. Used
   for e.g. converting timestamps to javascript time, quick overall
   validity checks

* src/Keyring.js: removed debug code

* src/Errors.js add two new Signature errors
2018-06-14 12:15:51 +02:00
Maximilian Krambach
aed402c5d5 js: getDefaultKey and verify fix
--

* DemoExtension/maindemo.js - added a Demo for retrieving the default
  signing key

* src/Errors.js - add a new Error if no default key can be determined

* src/Key.js added documentation and a TODO marker for hasSecret.

* src/Keyring.js implemented getDefaultKey

* src/permittedOperations.js: Added missing entry for verify,
    added config_opt
2018-06-13 15:22:03 +02:00
Maximilian Krambach
d0fc4ded58 js: less confusing icons for test/Demo extension
--
* The current test icon was just a generic pin. Changed that by the
  gnupg lock symbol with 'Demo'/'Tests' written on it. Original taken
  from gnupg artwork/icons/lock-wing.svg.
2018-06-13 11:49:37 +02:00
Maximilian Krambach
e154554e9a js: removed config
--

* There is no use for a configuration at the moment, and it seems
  improbable that this use will arise.
2018-06-11 15:10:43 +02:00
Maximilian Krambach
e97e6c06e9 js: Add key creation to Keyring
--

* src/Keyring.js: Added method generateKey for new Keys
  Still TODO: Key length and some further testing. Automated testing
  does not work in this case, and gpgmejs will not be able to delete
  test keys again.
* src/permittedOperations.js Added new method's definitions according
  to gpgme-json
2018-06-11 12:08:50 +02:00
Maximilian Krambach
c072675f3f js: change chunksize handling and decoding
--

* the nativeApp now sends all data in one base64-encoded string, which
  needs reassembly, but in a much easier way now.

* there are some new performance problems now, especially with
  decrypting data
2018-06-08 17:54:58 +02:00
Maximilian Krambach
7a072270ac js: change Keyinfo timestamps into javascript date
--
* src/Key.js
2018-06-06 15:29:21 +02:00
Maximilian Krambach
bfd3799d39 js: code cleanup (eslint)
--
* trying to stick to eslint from now on for readability

* As some attribution was lost in previous git confusions, I added my
  name into some of the licence headers
2018-06-06 13:05:53 +02:00
Maximilian Krambach
0356a667c5 js: implement import/delete Key, some fixes
--

* Keyring.js
   - implemented importKey: importing one or more armored public key
     blocks.
   - implemented deleteKey: deleting a public Key from gpg.

* Key.js renamed property Key.armor to Key.armored

* Helpers.js: toKeyIDArray does not complain anymore if there are no
  keys. Not having Keys in e.g. signing keys in encrypt is legitimate
  and common, the complaints were getting spammy

* Errors.js: gpgme_errors now always pass an optional additional
  message, for easier debugging in minified code

* Connection.js: Fix in gpgme-json responses containing objects

* eslintrc.json: Start using eslint. A cleanup to conform to it is not
  done yet

* Added further tests for the new functionality
2018-06-06 11:57:41 +02:00
Maximilian Krambach
332b4adbcc js: more Keyring/Key handling
--

* src/Keys.js
  - made setKeyData more consistent with other methods
  - added convenience methods (Key.armored, Key.hasSecret)
  - Added a Key delete function

* src/Keyring.js:
  - added a getkeysArmored which allows for bulk export of public Keys

gpgmejs:
  - removed deleteKey. It is now a method of the Key itself
  - Encrypt: Added some common options as parameter, and the
    possibility to set all allowed flags via an additional Object
2018-05-30 17:05:54 +02:00
Maximilian Krambach
53ce2b94bc js: Keyring listing keys
--

* implementing Keyring methods:

  - Keyring.getKeys: has an additional option that retrieves the armor
    and secret state once at the beginning. This is power hungry, but
    allows for Keys to be used directly (without querying gpgme-json
    each call)
  * permittedOperations.js: reflect recent changes in the native
    counterpart, adding more options
  * Key: adding two methods for retrieving the armored Key block and
    for finding out if the Key includes a secret subkey.
2018-05-28 17:26:56 +02:00
Maximilian Krambach
d4adbf453d js: Treat a connection as a gpgme Context
--

* After an operation a connection should be disconnected again.
  The "end of operation" is now assumed to be either an error as
  answer, or a message not including a "more"

* GPGME, GPGME_Key, GPGME_Keyring don't require a connection
  anymore
* Message.js: The Message.post() method will open a connection as
  required
2018-05-28 16:52:50 +02:00
Maximilian Krambach
7a73d88aba js: implement Key handling (1)
--

* Keys can now be queried for information. Onne version queries gnug
  directly (asynchronous Promise in javascript terms), the cached
  version refreshes on demand.

* Small fixes:
  src/Connection.js joins answers that stay json properly now
2018-05-25 19:02:18 +02:00
Maximilian Krambach
eff27d6387 js: use version operation for connection checks
--

* src/Connection.js: isConnected was renamed to checkConnection, that
  returns a promise with either version information or Boolean
* Connection checks have been adapted to reflect that checkConnection
  returns a Promise
* BrowsertestExtension: tests/signTest.js was missing from my last
  commit
2018-05-25 11:53:24 +02:00
Maximilian Krambach
a4ba80c553 js: adding sign method
--

  * src/gpgmejs.js: method, update in src/permittedOperations
  * basic testing in BrowsertestExtension
2018-05-24 15:16:18 +02:00
Maximilian Krambach
e38b8beb20 Merge branch 'master' into javascript-binding 2018-05-24 14:03:09 +02:00
Andre Heinecke
c679ed2477
json: Put signature info before data output
* src/gpgme-json.c (op_decrypt): Move info before data.

--
This should enable it to first parse signatures before
handling very large chunks of data.
2018-05-24 13:36:31 +02:00
Andre Heinecke
a6cd3a1197
json: Add sign to help
* src/gpgme-json.c (hlp_help): Add sign.
2018-05-24 13:31:15 +02:00
Andre Heinecke
1c0a55a608
json: Add op_sign
* src/gpgme-json.c (op_sign): New.
2018-05-24 13:29:23 +02:00
Andre Heinecke
b344933e4c
json: Fix invalid function call
* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.

--
That is what happens if you edit code while reviewing changes,
without testing it again,..
2018-05-24 13:16:55 +02:00
Andre Heinecke
45036c3c4c
json: Print signatures for decrypt/verify
* gpgme-json.c (xJSON_CreateArray),
(add_summary_to_object, validity_to_string): New helpers.
(add_signature_to_object, add_signatures_to_object)
(add_signatures_object): New.
(op_decrypt): Handle verify_result.
(hlp_help): Mention decrypt.
2018-05-24 12:37:29 +02:00
Andre Heinecke
fd5e14660a
json: Minor typo fixes
* src/gpgme-json.c: Minor typo fixes.
2018-05-24 10:26:41 +02:00
Maximilian Krambach
f7ed80ff6a js: remove openpgp mode
--

* After discussion, that mode is not required, and can result in
  being quite misleading and a maintenance hassle later on.
2018-05-23 12:56:23 +02:00
Ben McGinnes
3a9e6a8e08 docs and examples: python howto
* Updated the decryption example code in the HOWTO and the
  corresponding decrypt-file.py script to gracefully handle a
  decryption failure.  This error will always be triggered when GPGME
  is used to try to decrypt an old, MDC-less encrypted message or
  file.
2018-05-23 14:43:06 +10:00
Maximilian Krambach
ecad772635 js: transfer encoding changes
--

* Uint8Arrays are not supported for now there are unsolved issues in
  conversion, and they are lower priority

* encrypt gains a new option to indicate that input values are base64
  encoded
* as decrypted values are always base64 encoded, the option base64 will
  not try to decode the result into utf, but leave it as it is
2018-05-22 14:24:16 +02:00
Andre Heinecke
28e3778ce2
cpp: Expose sessionKey and symkeyAlgo
* lang/cpp/decryptionresult.cpp, lang/cpp/decryptionresult.h
(DecryptionResult::symkeyAlgo, DecryptionResult::sessionKey): New.
2018-05-22 12:08:01 +02:00
Andre Heinecke
e04b8142df
core, w32: Add w64 handling for regkeys
* src/w32-util.c (_gpgme_get_gpg_path): Use new defines.
(GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x
(GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x
(_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback.

--
This should fix more "unsupported protocol" issues if Gpg4win /
GnuPG is installed in a non standard path on 64bit systems.

The regkey handling is similar to that of gpgex and gpgol.

GnuPG-Bug-Id: T3988
2018-05-17 17:46:12 +02:00
Werner Koch
8a0c8c5251
core: Always fail if an OpenPG message is not integrity protected.
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this.  Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--

This extra check makes sure that a missing or stripped MDC in
 - gpg < 2.1
 - or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure.  gpg 2.3 will always fail in this
case.  Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.

Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered.  If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.

GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-17 09:16:05 +02:00
Maximilian Krambach
6b4caee039 js: Testing lare messages
--

* Some assumption on messages were wrong. Now the tests use more
  reasonable sizes.
* bigString now uses the full utf8-extent, with the exception of
  U+0000. This code gets dropped during the encryption-decryption
  process.
2018-05-14 19:02:49 +02:00
Maximilian Krambach
d1ca90ef75 js: remove non-browser tests
--

* The majority of tests needs to be run in a nativeMessaging context.
  Offering the few tests that don't need this context at two places
  introduces issues with maintainability. All tests now removed can be
  found in ./unittests.js
2018-05-14 16:36:05 +02:00
Maximilian Krambach
987b317468 js: Tests and improvements for openpgp mode
--

* Added openpgp - Mode tests to the browsertest Extension. These tests
  require openpgp, which should not be a hard dependency for the main
  project. Packing openpgpjs into the extension is still TODO

* Fixes:
  - openpgp mode API now correctly handles parameters as an object,
    similar to openpgpjs
  - proper check and parsing of openpgpjs Message Objects
2018-05-14 16:23:24 +02:00
Maximilian Krambach
c92326cc25 js: more testing of nativeMessaging connection
--

* There were some inconsistencies between utf-8, transfer and browsers'
  utf16, which broke characters that were split between individual
  messages. src/Connection now contains a workaround that reassembles
  javascripts' format from passed base64 strings. This needs someone
  more experienced looking.
* Added several new tests which were failing during initial debugging
  of this issue
* reorganized BrowsertestExtension to avoid cluttering.
2018-05-09 19:40:57 +02:00