Commit Graph

452 Commits

Author SHA1 Message Date
Ingo Klöcker
f0d1f2c4c7
Merge branch 'ikloecker/t7118-revkeys' 2024-05-24 10:47:15 +02:00
Tobias Fella
e42b72bc2b
core: Implement adding ADSKs through gpgme_createsubkey
* src/engine-gpg.c: Add and use function for adding ADSKs.
* src/genkey.c: Prevent error due to no status line.
* src/gpgme.h.in: Add flag GPGME_CREATE_ADSK
* doc/gpgme.texi: Add documentation for ADSKs
* tests/run-genkey.c: Add test for adding ADSKs
--

This adds the ability to add ADSKs through
the gpgme_createsubkey interface.
The function must be called with NULL userid,
the ADSK fingerprint in algo
and the GPGME_CREATE_ADSK flag.
2024-05-22 10:16:19 +02:00
Ingo Klöcker
f2575b6313
json: Add information about revocation keys to key list result
* src/gpgme-json.c (revocation_key_to_json): New.
(key_to_json): Add list of revocation keys.

* tests/json/Makefile.am (pubring-stamp): Import new pub key.
* tests/json/key-with-revokers.asc: New.
* tests/json/t-json.c (tests): Add "t-keylist-revokers".
* tests/json/t-keylist-revokers.in.json,
tests/json/t-keylist-revokers.in.json: New.
--

GnuPG-bug-id: 7118
2024-05-21 16:38:59 +02:00
Ingo Klöcker
adadfac997
core: Add information about revocation keys to keys
* src/gpgme.h.in (struct _gpgme_revocation_key,
gpgme_revocation_key_t): New.
(struct _gpgme_key): Add fields 'revkeys', '_last_revkey'.
* src/key.c (_gpgme_key_add_rev_key): New.
(gpgme_key_unref): Free revkeys.
* src/keylist.c (keylist_colon_handler): Parse rvk lines.
* src/ops.h (_gpgme_key_add_rev_key): New.

* tests/run-keylist.c (main): Print revocation key info.
--

GnuPG-bug-id: 7118
2024-05-21 16:38:59 +02:00
Werner Koch
ac4bf86bb6
tests: Fix segv in t-json.c
* tests/json/t-json.c (test_contains): Avoid calling recusivly with no
child.
2024-05-21 14:36:07 +02:00
Werner Koch
55a1ae4163
tests: Avoid some compiler warnings.
* tests/gpg/t-support.h (fail_with_syserr): New.
(check_data): Use it to avoid compiler warnings.
* tests/run-support.h (fail_with_syserr): New.
--

I don't think that there is a way to tell gcc that
gpgme_err_code_from_errno will never return 0.  Thus we better use a
different macro.
2024-05-21 13:45:02 +02:00
Ingo Klöcker
a73a41109f
tests: Fix test after changed behavior of gpgme_op_verify
* tests/gpg/t-verify.c (main): Change assertion of test.
--

The change introduced with 1dc44b7c makes gpg abort the verification
of a clear-signed message if it encounters garbage following the
signed data. We have to adapt the test to this change.

GnuPG-bug-id: 6907
2024-05-15 11:53:06 +02:00
Ingo Klöcker
5efd3486a9
core: Support writing the decrypt/verify output directly to a file
* src/engine-gpg.c (gpg_decrypt): Pass output file name to gpg if output
has file name set.
(gpg_verify): Ditto.

* tests/run-decrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-verify.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
--

This change makes it possible to tell gpg to write the output (i.e. the
decrypted/verified data) directly to a file with given file name instead
of piping the output back to gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:12:59 +01:00
Ingo Klöcker
963ace1f9f
core: Support direct signing of file with gpg
* src/gpgme.h.in (GPGME_SIG_MODE_FILE): New signature mode flag.
* src/engine-gpg.c (gpg_sign): Separate signature mode from additional
flags. Check for incompatible flags. Explicitly set output to stdout if
no output file is used. Pass filename instead of fd to gpg when new flag
is set.
* src/engine-gpgsm.c (gpgsm_sign): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_sign): Ditto.
* src/sign.c (sign_start): Consider new flag on check for invalid flags.

* tests/run-sign.c (show_usage): New options --detach and
--direct-file-io.
(main): Parse new options. Create a detached signature if --detach is
given. Make gpg read the input file itself if --direct-file-io is given.
--

With this change the gpgme_op_sign* functions gain the possibility to
make gpg read the data to sign directly from a file instead of from an
input FD to which it is written by gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:09:33 +01:00
Ingo Klöcker
0221d7f28a
core: Support direct encryption of file with gpg
* src/gpgme.h.in (GPGME_ENCRYPT_FILE): New encryption flag.
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign): Check for
incompatible flags. Pass filename instead of fd to gpg when new flag is
set.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.

* tests/run-encrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. Make gpg read the input file itself if the
option is given.
--

With this change the gpgme_op_encrypt* and gpgme_op_encrypt_sign*
functions gain the possibility to make gpg read the data to (sign and)
encrypt directly from a file instead of from an input FD to which it is
written by gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:07:45 +01:00
Werner Koch
1bfd5e92d0
tests: Add option --chain to run-keylist
* tests/run-keylist.c (xstrdup): New.
(main): Add option.
--

This allows to list the entire chain.
2023-11-10 09:45:35 +01:00
Ingo Klöcker
57205c1dfa
doc: Fix typos in documentation and source code comments
--

Anonymous contribution

Signed-off-by: Ingo Klöcker <dev@ingo-kloecker.de>
2023-10-13 09:18:12 +02:00
Werner Koch
b63d203d3b
core: Add key capability flags has_encrypt etc.
* src/gpgme.h.in (struct _gpgme_key): Add flags has_encrypt,
has_certify, has_sign, and has_authenticate.
* src/keylist.c (finish_key): Set these flags.
* tests/run-keylist.c (main): Print them.
--

GnuPG-bug-id: 6748
2023-10-05 14:18:03 +02:00
Ingo Klöcker
8fde9cbe22
tests: Re-add --with-secret option
* tests/run-keylist.c (main): Handle option --with-secret again.
--

Re-add handling of --with-secret option that was accidentally removed
with the previous commit.

GnuPG-bug-id: 6705
2023-09-04 17:31:18 +02:00
Werner Koch
e36b2d1bce
New mode to list a v5 fingerprint for v4 packets.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_V5FPR): New.
(struct _gpgme_subkey): Add field v5fpr.
* src/engine-gpg.c (gpg_keylist_build_options): Pass new option to
gpg.
* src/key.c (gpgme_key_unref): Free new field.
* src/keylist.c (op_data_t): Parse and add "fp2" line.

* tests/run-keylist.c (show_usage): Add option --v5fpr.

* src/keylist.c (op_data_t): Add field failure_code.
(keylist_status_handler): Handle special value.
(gpgme_op_keylist_end): Return an error if a FAILURE line has been
seen.
--

Note that the failure code part has been added to better diagnose
problems if a wrong gpg version is used.  If verything works right we
should not get this because we check that the gnupg version sis either
>= 2.4.4 or less than 2.3 and >= 2.2.42.

Note further that the v5fpr field may also be used to get the SHA-256
fingerprint of X.509 certificates (even without passing the new mode
flag).

GnuPG-bug-id: 6705
2023-09-04 17:03:52 +02:00
Werner Koch
d75b2a9151
Support GPGME_ENCRYPT_ALWAYS_TRUST also for S/MIME.
* src/engine-gpgsm.c (gpgsm_encrypt): Send the always-trust options.

* tests/run-encrypt.c: Add option --always-trust.
--

Note that the run-encrypt test tool used to assume always-trust for
OpenPGP since 1.7.0 This bug has also been fixed by introducing the
explicit option.

GnuPG-bug-id: 6559
2023-08-31 12:02:02 +02:00
Ingo Klöcker
150a2f9e4e
tests: Support offline mode in run-import
* tests/run-import.c (show_usage): New option --offline.
(main): Parse new option. Set offline mode accordingly.
--

This allows testing gpgme_op_import with (and without) offline mode.

GnuPG-bug-id: 6648
2023-08-14 14:04:44 +02:00
Ingo Klöcker
a9b28c79e9
core: Prevent wrong plaintext when verifying clearsigned signature
* src/engine-gpg.c (gpg_verify): Use a separate pipe instead of stdout
for reading the plaintext.

* tests/gpg/t-support.h (PGM): Define if undefined.
(print_data): Undefine BUF_SIZE.
(check_data): New.
* tests/gpg/t-verify.c (clearsigned_plus_key_block): New.
(main): Add test.
--

Reading the plaintext from stdout is a bad idea because gpg can also
print other stuff on stdout, e.g. the keys contained in a public key
block. This is fixed by reading the plaintext via a special pipe.

GnuPG-bug-id: 6622
2023-07-28 16:15:12 +02:00
Ingo Klöcker
1a9f192ab4
core: Support reading the archive to decrypt/verify directly from a file
* src/engine-gpg.c (add_file_name_arg_or_data): New.
(gpg_decrypt): Use add_file_name_arg_or_data instead of add_data for the
ciphertext.
(gpg_verify): Use add_file_name_arg_or_data instead of add_data for the
signature and the signed text.

* tests/run-decrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
file, create simple data object instead of data object from stream and
set input file name on input data.
* tests/run-verify.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
files, create simple data objects instead of data objects from stream
and set input file names on input data objects.
--

This change makes it possible to tell gpg (and gpgtar) to read the
input (i.e. the signed/encrypted data or the signature or the created
archive) directly from the files with given file names instead of from
streams piped through GpgME's Data IO.

GnuPG-bug-id: 6530
2023-06-21 14:38:50 +02:00
Ingo Klöcker
c38b620039
core: Support writing the sign/encrypt output directly to a file
* src/engine-gpg.c (gpg_encrypt): Pass output file name to gpg if output
has file name set.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.

* tests/run-encrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-sign.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
--

This change makes it possible to tell gpg (and gpgtar) to write the
output (i.e. the signed/encrypted data or the signature or the created
archive) directly to a file with given file name instead of piping
the output back to gpgme.

GnuPG-bug-id: 6530
2023-06-19 18:08:47 +02:00
Werner Koch
8796456d23
tests: Add option --cancel to run-encrypt.
* tests/run-encrypt.c (cancel_after_progress): New.
(progress_cb): Take care of it.
(main): Add option --cancel.
--

This tool may now be used to test gpgme_cancel_async.
Releated to
GnuPG-bug-id: 6534
2023-06-15 11:01:46 +02:00
Werner Koch
6d21256c92
core,cpp: Add new key flags to gpgme_subkey_t
* src/gpgme.h.in (struct _gpgme_subkey): Add bit flags can_renc,
can_timestamp, adn is_group_owned. Reduce size of _unused.
* src/keylist.c (set_subkey_capability): Set them.
* tests/run-keylist.c (main): Print them.

* lang/cpp/src/key.h (Subkey::canRenc): New.
(Subkey::canTimestamp): New.
(Subkey::isGroupOwned): New.
* lang/cpp/src/key.cpp: Implement new methods.
(Subkey::isQualified): Print them.
(std::ostream &operator<<): Print them.
--

GnuPG-bug-id: 6395
2023-03-21 08:37:47 +01:00
Ingo Klöcker
e50724e1bb
tests: Package the ownertrust file
tests/gpg/Makefile.am (EXTRA_DIST): Add ownertrust.txt.
--

This fixes `make distcheck`.

GnuPG-bug-id: 6342
2023-03-17 09:20:08 +01:00
Werner Koch
76351c4877
tests: Add option --binary to run-verify
* tests/run-verify.c (main): Set encoding.
--

gpgsm usually used autodetection of the input format.  But sometimes
it is required to tell gpgsm that the input is binary encoded.  In
particular, this allows to strip trailing zeroes from a detached
signature.
2023-03-08 10:50:15 +01:00
Ingo Klöcker
21283dfd1b
tests: Fix cleaning up at the end of the test
* tests/gpg/t-import.c (main): Unref key and release context.
--

This fixes leaks found with -fsanitize=address.
2023-02-10 10:00:56 +01:00
Ingo Klöcker
41dc3bd22a
core: Allow finalization of signature verification of unencrypted data
* src/decrypt-verify.c (decrypt_verify_status_handler): Call
_gpgme_verify_status_handler on EOF even if
_gpgme_decrypt_status_handler returned NO DATA error.

* tests/gpg/t-decrypt-verify.c (normal_signed_message): New.
(main): Add test with signed, but not encrypted data.
--

This allows the verify status handler to finalize the verification of
the last signature even if the decrypt status handler returned a NO DATA
error because the input data wasn't encrypted.

GnuPG-bug-id: 6368
2023-02-10 09:54:03 +01:00
Ingo Klöcker
7098c14b23
tests: Stop daemons after setting up test environment
* lang/python/tests/Makefile.am, lang/qt/tests/Makefile.am,
tests/gpg/Makefile.am, tests/json/Makefile.am (pubring-stamp): Call
`gpgconf --kill all` after importing test keys.
--

This ensures that no gpg-agents or other daemons are running after
"make".
2023-02-09 09:33:07 +01:00
Ingo Klöcker
fcefc78f74
tests: Extend tests with an ultimately trusted key
* tests/gpg/Makefile.am (gpg-sample.stamp, pubring-stamp): Unify usage
of tabs.
(pubring-stamp): Import owner trust values.
* tests/gpg/ownertrust.txt: New.
* tests/gpg/t-decrypt-verify.c, tests/gpg/t-verify.c: Update expected
values for signature summary and validity.
* tests/gpg/t-keylist-secret-sig.c, tests/gpg/t-keylist-sig.c,
tests/gpg/t-keylist.c: Update expected values of owner trust and uid
validity.
--

This change marks the "Alpha Test" test key as ultimately trusted which
makes it possible to check for correct values derived from this, i.e.
key owner trust, user id validity, signature summary and signature
validity.

GnuPG-bug-id: 6342
2023-02-08 13:46:17 +01:00
Ingo Klöcker
844e6cd3b9
tests: Make t-edit-sign idempotent
* tests/gpg/t-edit-sign.c (test_key, test_key_fpr, import_key,
delete_key): New.
(main): Remove key_fpr. Import test key to sign. Delete test key after
test.
--

Using a dedicated test key for testing key signing, which is imported
before the test and deleted after the test, makes sure that the
keys in the test key ring don't change. This is important for stable
results of the key listing tests.

GnuPG-bug-id: 6342
2023-02-08 13:25:27 +01:00
Ingo Klöcker
5b79b32397
core: Support usage of gpgtar for verifying a signed archive
* src/gpgme.h.in (gpgme_verify_flags_t): New enum.
(GPGME_VERIFY_ARCHIVE): New const.
(gpgme_op_verify_ext_start): New func.
(gpgme_op_verify_ext): New func.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/verify.c (gpgme_op_verify_ext_start): New.
(gpgme_op_verify_ext): New.
(verify_start): Add arg FLAGS.  Pass the flags to
_gpgme_engine_op_verify.
(gpgme_op_verify_start): Call gpgme_op_verify_ext_start with 0 for
FLAGS.
(gpgme_op_verify): Call gpgme_op_verify_ext with 0 for FLAGS.
* src/engine.c, src/engine.h (_gpgme_engine_op_verify): Add arg FLAGS.
* src/engine-backend.h (struct engine_ops): Add FLAGS to 'verify'.
* src/engine-gpg.c (gpg_verify): Add arg FLAGS. Set use_gpgtar engine
flag if GPGME_VERIFY_ARCHIVE flag is set. Check for new enough gpg. Use
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_verify): Add arg FLAGS. Return error if
GPGME_VERIFY_ARCHIVE flag is set.
* src/engine-uiserver.c (uiserver_verify): Ditto.

* tests/run-verify.c (show_usage): New options --archive, --directory,
and --diagnostics.
(main): Parse new options. Verify and extract with gpgtar if --archive
is given. Set file name of output data to value of --directory option.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

GnuPG-bug-id: 6342
2023-01-25 11:26:34 +01:00
Ingo Klöcker
95ea3bf831
core: Support usage of gpgtar for decrypting an encrypted archive
* src/gpgme.h.in (GPGME_DECRYPT_ARCHIVE): New decryption flag.
* src/engine-gpg.c (gpg_decrypt): Set use_gpgtar engine flag if
GPGME_DECRYPT_ARCHIVE flag is set. Check for new enough gpg and
incompatible flags. Use add_gpg_arg_with_value for gpg-only options
with a value and add_gpg_arg for gpg-only options without a value.
Set extra options for gpgtar and pass input data to stdin when using
gpgtar.

* tests/run-decrypt.c (show_usage): New options --archive and
--directory.
(main): Parse new options. Decrypt with gpgtar if --archive is given.
Set file name of output data to value of --directory option.
--

GnuPG-bug-id: 6342
2023-01-24 12:32:23 +01:00
Ingo Klöcker
419adf41af
core: Allow setting the base directory when creating an archive
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign, gpg_sign): Pass
file name set in data with --directory option to gpgtar.

* tests/run-encrypt.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
* tests/run-sign.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
--

GnuPG-bug-id: 6342
2023-01-23 12:17:22 +01:00
Ingo Klöcker
29cfcd316d
core: Support usage of gpgtar for creating an encrypted signed archive
* src/engine-gpg.c (gpg_encrypt_sign): Set use_gpgtar engine flag if
GPGME_ENCRYPT_ARCHIVE mode is set. Check for new enough gpg. Use
add_gpg_arg_with_value for gpg-only options with a value and
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.

* tests/run-encrypt.c (print_result): Rename to print_encrypt_result.
Print header.
(print_sign_result): New.
(show_usage): New option --sign.
(main): Parse new option. Sign and encrypt --sign is given.
Print results of signing additionally to results of encryption.
--

With this change the gpgme_op_encrypt_sign* functions get support for
creating an encrypted and signed archive from files and/or directories
passed as NUL-separated list in the "plain" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-19 11:08:42 +01:00
Ingo Klöcker
0ca45e48b4
core: Support usage of gpgtar for creating a signed archive
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): New signature mode.
* src/engine-gpg.c (append_args_from_sender,
append_args_from_sig_notations): Use add_gpg_arg_with_value
for gpg-only options with a value.
(gpg_sign): Set use_gpgtar engine flag if GPGME_SIG_MODE_ARCHIVE mode
is set. Check for new enough gpg. Use add_gpg_arg_with_value for
gpg-only options with a value and add_gpg_arg for gpg-only options
without a value. Set extra options for gpgtar and pass input data to
stdin when using gpgtar.
* src/sign.c (sign_start): Add GPGME_SIG_MODE_ARCHIVE as valid mode.

* tests/run-sign.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Sign with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

With this change the gpgme_op_sign* functions get support for
creating a signed archive from files and/or directories passed as
NUL-separated list in the "in" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-19 10:45:04 +01:00
Ingo Klöcker
5d8316da1d
core: Support usage of gpgtar for encryption
* src/gpgme.h.in (GPGME_ENCRYPT_ARCHIVE): New encryption flag.
* src/engine-gpg.c (arg_and_data_s): New field gpg_arg.
(engine_gpg): New flag use_gpgtar.
(_add_arg): Add argument gpg_arg and set it.
(add_arg_ext, add_arg_with_locp, add_arg, add_arg_pfx, add_arg_len):
Adjust call of _add_arg.
(add_arg_with_locp): Add argument front.
(add_gpg_arg, add_gpg_arg_with_value): New.
(gpg_new): Use add_gpg_arg_with_value for gpg-only options with a value
and add_gpg_arg for gpg-only options without.
(build_argv): Consider usage of gpgtar when counting arguments to pass
to gpg/gpgtar. Prepend "--gpg-args" to all gpg-only arguments if gpgtar
is used.
(start): Set program to use. Read diagnostics output from stderr when
using gpgtar. Do not pass --status-fd to gpgtar for gpg < 2.4.1. Use
add_gpg_arg_with_value for --lc-ctype and --lc-messages.
(gpg_encrypt): Set use_gpgtar engine flag if GPGME_ENCRYPT_ARCHIVE flag
is set. Check for new enough gpg and incompatible flags. Use
add_gpg_arg_with_value for gpg-only options with a value and
add_gpg_arg for gpg-only options without a value. Set extra options
for gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.

* tests/run-encrypt.c (show_usage): New options --archive and
--diagnostics.
(main): Parse new options. Encrypt with gpgtar if --archive is given.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

With this change the gpgme_op_encrypt* functions get support for
encrypting a list of files and/or directories passed as NUL-separated
list in "plain" data with gpgtar.

GnuPG-bug-id: 6342
2023-01-18 11:48:02 +01:00
Ingo Klöcker
12e490d97f
core: Extend gpgme_get_dirinfo to return the gpgtar name
* src/dirinfo.c (WANT_GPGTAR_NAME): New.
(dirinfo): Add field gpgtar_name.
(get_gpgconf_item): Build gpgtar_name on demand and return it.
(_gpgme_get_default_gpgtar_name) : New.
(gpgme_get_dirinfo): New value "gpgtar-name" for WHAT.
* src/util.h (_gpgme_get_default_gpgtar_name): New.

* tests/t-engine-info.c (main): Add gpgtar-name to the output.

GnuPG-bug-id: 6342
2023-01-18 10:30:17 +01:00
Ingo Klöcker
4f874ea431
core: New context flag "no-auto-check-trustdb"
* src/context.h (gpgme_context): Add field no_auto_check_trustdb.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add flag
"no-auto-check-trustdb".
* src/engine-gpg.c (engine_gpg): Add flags.no_auto_check_trustdb.
(gpg_set_engine_flags): Set the flag.
(build_argv): Pass option to gpg.

* tests/run-keylist.c (show_usage, main): Add option --no-trust-check.
--

This makes the --no-auto-check-trustdb option available in the GPGME API
to disable the potentially expensive automatic trust database check.

GnuPG-bug-id: 6261
2022-11-04 10:38:41 +01:00
Werner Koch
9ee74b68e6
tests: Make t-edit-sign more robust.
* tests/gpg/t-edit-sign.c (interact_fnc): Provide the default answer.
--

A default answer to prompts should always be given.
2022-08-10 12:34:12 +02:00
Ingo Klöcker
d59cf17257 tests: Add support for clear text signatures to test runner
* tests/run-sign.c (show_usage): Add new argument "--clear".
(main): Handle new argument "--clear".
--

GnuPG-bug-id: 6028
2022-06-14 10:10:57 +02:00
Ingo Klöcker
918afc809d Revert "tests: Avoid problems with local time across a day boundary."
This reverts commit 5ba0e454a3.
2022-06-09 15:43:24 +02:00
Werner Koch
5ba0e454a3
tests: Avoid problems with local time across a day boundary.
--

GnuPG-bug-id: 5991
2022-05-23 08:20:04 +02:00
Ingo Klöcker
3c2cff74b5 core: New function gpgme_op_receive_keys
* src/gpgme.h.in (gpgme_op_receive_keys_start, gpgme_op_receive_keys):
New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-backend.h (struct engine_ops): Add arg keyids to field
'import'.
* src/engine.h, src/engine.c (_gpgme_engine_op_import): Add arg keyids.
* src/engine.c (_gpgme_engine_op_import): Forward new arg keyids.
* src/import.c: (_gpgme_op_import_start, _gpgme_op_import_keys_start):
Pass NULL to new arg of _gpgme_op_import_start.
(_gpgme_op_receive_keys_start, gpgme_op_receive_keys_start,
gpgme_op_receive_keys): New.
* src/engine-gpg.c (gpg_import): Add arg keyids. Extend check for
valid arguments. Build command line if keyids are given.
* src/engine-gpgsm.c (gpgsm_import): Add arg keyids. Return error if
keyids is not NULL.

tests/run-receive-keys.c: New.
tests/Makefile.am (noinst_PROGRAMS): Add new test runner.
--

The new function allows importing keys given by their key ids or
fingerprints from a keyserver (like gpg's --recv-keys command).

GnuPG-bug-id: 5808
2022-02-03 15:56:30 +01:00
Ingo Klöcker
e16729edcb tests: Fix generation of keys without expiration
* tests/run-genkey.c (parse_expire_string): Support default expiration
and no expiration. Set flag for no expiration.
(main): Allow update of flags when generating new key.
--

This makes the parsing of different values for expiration match the
parsing done by gpg's --quick-gen-key. In particular, this makes it
possible again to generate keys without expiration.
2022-01-13 16:30:56 +01:00
Ingo Klöcker
e4625885a8 tests: Remove unsupported option --status from usage help
* tests/run-swdb.c (show_usage): Remove option --status.
--

run-swdb does not support the option --status.
2022-01-13 15:23:43 +01:00
Ingo Klöcker
2752e81f89 core: Add new option --secret-subkey to help texts.
* src/gpgme-tool.c (hlp_export): Add new option.
* tests/run-export.c (show_usage): Print new option.
--

GnuPG-bug-id: 5757
2022-01-04 12:30:22 +01:00
Ingo Klöcker
0e19c48791 core: New export mode to export secret subkeys.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET_SUBKEY): New.
* src/export.c (check_mode): Allow new mode and check for invalid
combinations.
(export_keys_start): Return error if new mode flag is set.
* src/engine-gpg.c (export_common): Implement.
* src/gpgme-tool.c (cmd_export): New option --secret-subkey.
* tests/run-export.c (main): New option --secret-subkey.
--

This adds support for exporting secret subkeys (via gpg's
--export-secret-subkeys) to gpgme_op_export[_ext][_start].
The flag is not supported by gpgme_op_export_keys[_start] because
there is no way to specify which subkey(s) to export with these
functions.

GnuPG-bug-id: 5757
2022-01-04 09:23:40 +01:00
Ingo Klöcker
305d8668ca core: Detect bad passphrase error on certificate import
* src/import.c (gpgme_op_import_result): Check fpr for NULL.
(parse_error): New.
(import_status_handler): Handle error status line.

* doc/gpgme.texi (gpgme_import_status_t): Mention that fpr can be NULL.

* tests/gpg/t-import.c (check_result): Check fpr for NULL.
* tests/run-threaded.c (delete_impres): Check fpr for NULL.
--

When importing an encrypted certificate a wrong passphrase may be
entered. In this case gpgsm emits a status line with a bad passphrase
error and an "invalid object" error. To make it possible for callers
to handle a wrong passphrase error more gracefully, an import status
with bad passphrase error is added to the import result for each
status line with bad passphrase error.

GnuPG-bug-id: 5713
2021-12-22 15:25:42 +01:00
Ingo Klöcker
d35d44efaf core: Allow setting import filters when importing keys
* src/context.h (struct gpgme_context): New field import_filter.
* src/engine-backend.h (struct engine_ops): Add arg import_filter to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg import_filter and pass option
--import-filter with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg import_filter.
* src/gpgme.c (gpgme_release): Free 'import_filter'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "import-filter".

* tests/run-import.c (main): Add option --import-filter.
--

This makes the --import-filter option available in the GPGME API for
key imports.

GnuPG-bug-id: 5739
2021-12-14 15:44:37 +01:00
Ingo Klöcker
60880adafa core: Allow specifiying a key origin when importing keys
* src/context.h (struct gpgme_context): New field key_origin.
* src/engine-backend.h (struct engine_ops): Add arg key_origin to
field 'import'.
* src/engine-gpg.c (gpg_import): Add arg key_origin and pass option
--key-origin with argument value to gpg. Adjust all callers.
* src/engine-gpgsm.c (gpgsm_import): Add dummy arg key_origin.
* src/gpgme.c (gpgme_release): Free 'key_origin'.
(gpgme_set_ctx_flag, gpgme_get_ctx_flag): New flag "key-origin".

* tests/run-import.c (main): Add option --key-origin.
* tests/gpg/t-import.c (main): Set and verify key origin.
--

This makes the --key-origin option available in the GPGME API for
key imports.

GnuPG-bug-id: 5733
2021-12-13 16:52:23 +01:00
Ingo Klöcker
0ac3679a74 core: Support all components with dirinfo()
* src/dirinfo.c (WANT_KEYBOXD_NAME, WANT_AGENT_NAME, WANT_SCDAEMON_NAME,
WANT_DIRMNGR_NAME, WANT_PINENTRY_NAME): New.
(dirinfo): Add fields keyboxd_name, agent_name, scdaemon_name,
dirmngr_name, pinentry_name.
(parse_output): Support "keyboxd", "gpg-agent", "scdaemon", "dirmngr",
"pinentry".
(get_gpgconf_item): Return new components.

tests/t-engine-info.c (main): Add new components to the output.
--

GnuPG-bug-id: 5727
2021-12-10 12:04:05 +01:00