Commit Graph

98 Commits

Author SHA1 Message Date
Maximilian Krambach
60dc499abd js: update getDefaultKey to more precise logic
--

* src/Keyring.js: Adapted Keyring.getDefaultKey() to my current
  understanding  of a default signing key: either the default key set
  in the gpg config, or 'the first usable private key' - usability
  meaning  'not invalid, expired, revoked, and can be used for
  signing'. It should be the same key used as in command line when
  doing a --sign operation.
  In case the user has a smartcard plugged in, we currently
  won't know of this here, so our choice may differ. But as we do all
  javascript-binding sign operations with the key  fingerprint
  explicitly set, this should not be a real problem. This method is
  seen more as a convenience to tell using librarys which key
  represents the main user.
2018-08-23 11:28:18 +02:00
Maximilian Krambach
24a0005865 js: add decrypt result options
--

* As a decrypt result cannot be known beforehand, the decrypt operation
  may add an 'expect' property, taking either 'uint8' or 'base64',
  which will return the decrypted data in the appropiate formats.
  the return property 'format' will give a feedback on which option
  was taken.
  A test was added to reflect these changes.
2018-08-22 19:07:05 +02:00
Maximilian Krambach
f0409bbdaf js: make method parameters objects
--

* As requested by using parties, the options to be passed into the
  methods are now objects, with the objects' properties better
  describing what they do, and to avoid the need to type several nulls
  in a method call if one wants the last parameter.
  - src/Keyring.js, src/gpgme.js: Changed parameters and their
    validations
  - BrowserTest/*.js Had to adapt quite some calls to the new format
2018-08-22 18:37:46 +02:00
Maximilian Krambach
129fa919b9 js: improve decryption performance
--
* src/Connection.js, src/Helpers.js: performance of decoding incoming
  base64 data was improved to about 4 times the speed by introducing
  two more efficient functions (thanks to rrenkert@intevation.de for
  finding and testing them)

* src/gpgmejs.js: Decrypted data will now return as Uint8Array, if the
  caller does not wish for a decoding. Decoding binary data will return
  invalid data, and a Uint8Array may be desired. This can be indicated
  by using the (new) 'binary' option in decrypt.

* src/Errors.js A new error in case this decoding fails

* src/Message.js, src/Connection.js: expected is change from base64
  to binary, to avoid confusion later on.
2018-08-22 16:32:31 +02:00
Maximilian Krambach
94a0ed361e js: Return error if signature has no fingerprint
--

* src/Signature.js/get fingerprint: A signature with no fingerprint
  should not happen, but if it does, we should throw an error here,
  as the method is a getter.
2018-08-22 14:49:11 +02:00
Maximilian Krambach
d8fd4aad8a js: changed verify signature result infos
--

* the resulting information of verify now are as documented,
  and the same as in a decrypt callback
2018-08-22 12:44:05 +02:00
Maximilian Krambach
93f674d33d js: throw errors in sync functions
--

* synchronous functions should throw errors if something goes wrong,
  Promises should reject. This commit changes some error cases that
  returned Error objects instead of throwing them

  - src/Key.js: createKey() and sync Key.get() throw errors
  - src/Error.js: Exporting the list of errors to be able to test and
    compare against these strings
  - src/Keyring.js: Setting a null value in pattern is not useful, and
    now caused an error with the new changes.
  - src/Message.js: createMessage and Message.setParameter now throw
    errors
2018-08-22 12:18:55 +02:00
Maximilian Krambach
6d720137dd js: update decrypt/verify results
--

* src/gpgmejs.js: Decrypt now parses additional optional dec_info
  information, as well as any verify information, if present

* src/permittedOperations: Now decrypt also expect the new return
  object dec_inf (containing info such as is_mime and file_name)
2018-08-21 15:26:17 +02:00
Maximilian Krambach
9dd6c67cd5 js: remove outdated checklists
--

* They are heavily outdated and offer no more useful information
2018-08-21 14:37:50 +02:00
Andre Heinecke
0036b9bc49
js: Fix library name mentioned in js Makefiles
--
2018-08-21 13:58:51 +02:00
Andre Heinecke
738a8e6f95
js: Update extra_dist files
* lang/js/BrowserTestExtension/Makefile.am,
lang/js/Makefile.am (EXTRA_DIST): Update.
2018-08-21 13:58:51 +02:00
Andre Heinecke
605eb8a8bf
js: Improve README
* lang/js/README: Clarify structure at the beginning.
2018-08-21 13:58:51 +02:00
Maximilian Krambach
8b8c009dee js: set expiry of generatedKey to seconds from now
--

* src/Keyring.js: Changed key ecpiration from Date to seconds from
  creation, as in gpgme. The Date parameter used before was due to a
  misunderstanding in documentation and requests from potential users.
2018-08-21 11:42:11 +02:00
Maximilian Krambach
d77a1c887d js: add option "subkey-algo" to generateKey
--

* The option was recently added to gpgme-json; this reflects this on
  javascript side
2018-08-20 18:05:34 +02:00
Maximilian Krambach
91c2362550 js: set expiry date on generateKey
--

* on the javascript side a Date is expected, gpggme-json expects
  seconds from 'now'
2018-08-20 17:46:29 +02:00
Maximilian Krambach
dd32daad0b js: add and apply eslint rules
--

* mainly spacing, see .eslintrc.json for details
2018-08-20 15:12:01 +02:00
Maximilian Krambach
1954d27be8 js: revert changes to class read/write restriction
--

* undoes 94ee0988d4 and
  e16a87e839.
  I do not fully understand why my approach was bad, but I am not in
  a position to argue. This revert was requested to me after a review,
  and I'm doing it in the assumption that more experienced people know
  better than me.
* unittests: Also changed some outdated tests that stopped working
  since 754e799d35 (as GPGME_Key is not
  exported, one cannot check for instanceof in the tests anymore)
2018-08-20 12:12:43 +02:00
Maximilian Krambach
74684f24c6 js: decode arriving gpg message strings
--

* Arriving strings (i.e. user id names, error messages) are not
  always in javascript encoding. This is an attempt to go through
  the whole gpgme answer (with the exception of payload data) and
  to fix the encoding of these
2018-08-17 19:20:35 +02:00
Maximilian Krambach
3cbafb97ec js: correct decrypt result info (2)
--

* the permittedOperation from last commit ended up in the wrong place.
  sign does not return an additional 'info' object.
2018-08-17 18:25:57 +02:00
Maximilian Krambach
fff365ffc5 js: expect additional 'info' to arrive on decrypt, too
--

* src/permittedOperations.js: if decrypt includes a verification,
  this info needs to pass, too.
2018-08-17 17:55:11 +02:00
Maximilian Krambach
5b0f8230b2 js: decrypt callback is_mime fix
--

* src/gpgmejs: is_mime should report its' counterpart. Also,
  file_name is not optional in specification. We'll send null if
  there is no file_name
2018-08-17 17:44:06 +02:00
Maximilian Krambach
8e87790db3 js: don't expire new keys if no date is set
--

* src/Keyring.js A new Key without expiration is documented as
  'never expire' here, and should behave accordingly. This requires
  sending '0' here.
2018-08-17 17:20:35 +02:00
Maximilian Krambach
3fb094a9b8 js: small documentation fix
--
2018-08-17 17:14:51 +02:00
Maximilian Krambach
ad39d54d19 js: removed Key.armor property in synchronous use
--

* src/Key.js The synchronous mode for a Key does not offer an armor/
  armored property anymore. This frees up a lot of performance issues,
  also the armored expoort is expected to change quite often, so a
  cached version is not advisable.

* hasSecret/getHasSecret is now refactored, to reflect their uses.
  With get('hasSecret') there is a method that fetches the result.

* src/Key.js also some refactoring
2018-08-17 16:57:41 +02:00
Maximilian Krambach
754e799d35 js: disallow bulk set data on key from outside
--

* src/Key.js Key class is not exported anymore, as it should not be
  used directly anywhere. setKeyData is no more a method of the Key,
  (optional) data are now validated and set on Key creation and on
  updates, both from within this module, thus no longer exposing
  setKeyData to the outside.
* createKey now gained an optional parameter which allows to set Key
  data at this point.
2018-08-17 14:40:27 +02:00
Maximilian Krambach
90cb4a6842 js: importKey feedback refactor
--
* src/Keyring.js: An empty result should no longer cause an error,
  the import feedback summary has been refactored slightly
* Browsertests to reflect import feedback change
2018-08-16 17:58:11 +02:00
Maximilian Krambach
d65a392670 js: fix import feedback
--
* src/Keyring.js For Key imports without prepare_sync the import
  feedback was lacking the summary
2018-08-16 17:07:29 +02:00
Maximilian Krambach
ea43158d40 js: avoid async getters
--

* src/Key.js get armored was returning a promise on async keys.
  As getters should not do that, it returns an error in this case.
2018-08-16 14:40:53 +02:00
Maximilian Krambach
43cff51364 js: wrong object assumed in recent commit
--

* src/Keyring.js I wrongly assumed an object to be a GPGME_Key,
  it was the raw answer from nativeMessaging instead. Now it returns
  a GPGME_Key again.
2018-08-16 12:13:10 +02:00
Maximilian Krambach
715cdc0d7d js: get default key fixes
--

* src/Keyring.js: The answer was not parsed correctly, so a config was
  being ignored.

* If no config is set, we return the first non-invalid key with a
  secret, instead of the first key (which may be e.g. an expired one)
2018-08-16 12:03:30 +02:00
Maximilian Krambach
aeb065acc9 js: simplify getDefaultKey
--

* src/Keyring.js: In case no default Key is set in configuration,
  only Keys reported as having a secret part should be considered
  for default Keys, avoiding some extra requests.
2018-08-16 11:29:10 +02:00
Maximilian Krambach
622db0d1de js: consistently return uppercase fingerprint
--

* src/Key.js: the fingerprint returned by a Key is now always upper
  case hex, even if the constructor had lower case input. This is to be
  more consistent with gpgme and to be more readable and reliable in
  comparisions.
2018-08-16 11:25:50 +02:00
Maximilian Krambach
68a012deb3 js: make init export immutable
--

* src/index.js: The export now uses a freezed Object, which does not
  allow for simply overwriting the init method by e.g. a third-party
  library.
* BrowsertestExtension: Added some tests trying if decryption of bad
  data properly fails
2018-08-01 12:51:12 +02:00
Maximilian Krambach
6313a2de9e js: fix confusion about loop in last commit
--

* The aim is to iterate through the results of the first request
 (all keys), and then add the propert 'hasSecret' to those that
  are in the second request (secret Keysring)  as well. I messed
  this up in a recent change, and it escaped testing.
2018-07-31 17:35:52 +02:00
Maximilian Krambach
9d247b7fd5 js: Fix Key.hasSecret answer
--

* The comparision result between Keyring and Keyring with secrets was
  set to the wrong Object which was not returned at all.
2018-07-31 16:54:43 +02:00
Maximilian Krambach
e16a87e839 js: Making objects inmutable
--

* An Object.freeze should stop any malicious third party from changing
  objects' methods once the objects are instantiated (see unittest for
  an approach that would have worked before)
  - An initialized gpgmejs- object doesn't have a '_Keyring' property
    anymore (it still has its 'Keyring')
  - The internal expect='base64' needed to be turned into a method.
2018-07-30 12:31:27 +02:00
Maximilian Krambach
522121ea7e js: fix indentaion
--

* doing the indentation changes that became neccesary in the last
  commit.
2018-07-27 20:56:11 +02:00
Maximilian Krambach
94ee0988d4 js: change the write access for js class methods
--
* src/ [Connection, Error, Key, Keyring, MEssage, Signature, gpgmejs]:
    Functions and values that are not meant to be overwritten are now
    moved into their constructors, thus eliminating the possibility of
    overwrites after initialization.

* Key: The mode of use (synchronous cached, or async promises) ivs now
  determined at initialization of that Key. The property Key.isAsync
  reflects this state.

* unittests: fixed old Key syntax for testing.

* Message.js isComplete is now a method and not a getter anymore.

* Added some startup tests.
2018-07-27 20:36:21 +02:00
Maximilian Krambach
b18b96fb36 js: clean up test extension
--

Tests will now run with one instance of gpgmejs each block,
which reduces overhead. Readability is (hopefully) improved),
some negative tests are added.

There is still a performance problem in base64 encoding/decoding,
which causes some tests to fail due to time out.
2018-07-27 11:20:33 +02:00
Maximilian Krambach
4b343c4e33 js: include armored Key in import callback
--

* The import answer now also directly contains the armored Key as Key
  property, without need to refresh the Key object created in the
  answer. This allows for direct comparision of input and output.
* BrowserTestExtension: added test for that import callback
2018-07-24 14:56:33 +02:00
Maximilian Krambach
040b1ed40a js: Fix wrong encoding in received error messages
--

* The libgpg error strings arrive in the browser in a different
  encoding than used by browsers. Escaping and then decoding it
  should cover most languages in the supported browsers.
2018-07-24 14:50:54 +02:00
Maximilian Krambach
a965e3e0b8 js: repair BrowserTextExtension test
--

* the signed message to verify was signed by a wrong test key
2018-07-20 10:59:57 +02:00
Maximilian Krambach
50da3ff2fd js: typo in comment
--

* Documentation typo that caused jsdoc to exit with an error
2018-07-18 13:43:47 +02:00
Maximilian Krambach
ce0379d999 js: fix getkeys with locate option
--

* src/Keyring.js:
  As locate will not work with the "secret" option, the first message
  cannot be reused, thus a new one must be created here
2018-07-17 11:07:49 +02:00
Maximilian Krambach
5213a599fe js: allow optional Key retrieve pattern to be null
--

* src/Keyring.js: If the optional "pattern" parameter is not to be
  used, but another, following parameter is, null is more of a
  convention in javascript, thus both null and undefined are
  interpreted as "this parameter is not meant to be set".
2018-07-12 11:48:17 +02:00
Maximilian Krambach
30bb549046 js: add with-sec-fprs to getKeysArmored
--

* Reflects the changes made to gpgme-json in commit
  6cc842c9aa.

  - getKeysArmored now returns an object with property 'armored' being
    the exported armored block, and an (optional) array of fingerprint
    strings for those keys that can be used in sign/encrypt operations
    as property 'secret_fprs'. With this, extensions such as mailvelope
    will be able to bulk fetch all necessary key information in one
    request.
2018-07-12 11:36:55 +02:00
Maximilian Krambach
4015f5b498 js: documentation
--

* Fixed errors:
- src/Message.js post(): Set chunksize to defined default value instead
  of hardcoded
- src/Keys.js: added getHasSecret() to refreshKey operation.

* Reviewed and updated the documentation

* non-documentation changes which do not affect functionality:
- src/Errors: disabled a console.warn that is only useful for debugging
- helpers.js: renamed "string" to "value" in isFingerprint and isLongId
  to avoid confusion
- src/Keyring: prepare_sync, search are both explicitly set to false by
  default
2018-07-10 14:32:26 +02:00
Maximilian Krambach
8964627f6a js: fix verify result reporting
--

* src/Signature.js: searching for overall validity in the "summary"
  property
* BrowsertestExtension: Added two verify tests
2018-07-09 11:57:01 +02:00
Maximilian Krambach
67b6fa5a29 js: reduce request spam at getKeys()
--

* Don't make a secret-Key request for each Key retrieved, use one
  request for all of them instead, and assemble the info later. This
  should reduce the traffic with large Keyrings. The bulk retrieval
  for the public armored Keys for each of these Keys is still up to
  discussion

* unittests: disabled assertion for the armored key (as it currently
  doesn't work)

* encryptTest: clarified the mechanism/reason of rejection for
  Messages >64 MB. This is still a TODO, as this error comes from a
  different place (the browser itself) and behaves different from the
  other errors.
2018-07-09 11:24:46 +02:00
Maximilian Krambach
10f2106404 js: properly reject pgp message without signature
--

* A verify at gpgme-json does not fail if there is a valid pgp message
  that does not include a signature. Instead, the answer will be devoid
  of signatures. In javascript, the SIG_NO_SIG error should be reported
  here, but wasn't.
2018-07-04 15:46:45 +02:00