--
* implementing Keyring methods:
- Keyring.getKeys: has an additional option that retrieves the armor
and secret state once at the beginning. This is power hungry, but
allows for Keys to be used directly (without querying gpgme-json
each call)
* permittedOperations.js: reflect recent changes in the native
counterpart, adding more options
* Key: adding two methods for retrieving the armored Key block and
for finding out if the Key includes a secret subkey.
--
* After an operation a connection should be disconnected again.
The "end of operation" is now assumed to be either an error as
answer, or a message not including a "more"
* GPGME, GPGME_Key, GPGME_Keyring don't require a connection
anymore
* Message.js: The Message.post() method will open a connection as
required
--
* Keys can now be queried for information. Onne version queries gnug
directly (asynchronous Promise in javascript terms), the cached
version refreshes on demand.
* Small fixes:
src/Connection.js joins answers that stay json properly now
--
* src/Connection.js: isConnected was renamed to checkConnection, that
returns a promise with either version information or Boolean
* Connection checks have been adapted to reflect that checkConnection
returns a Promise
* BrowsertestExtension: tests/signTest.js was missing from my last
commit
* Updated the decryption example code in the HOWTO and the
corresponding decrypt-file.py script to gracefully handle a
decryption failure. This error will always be triggered when GPGME
is used to try to decrypt an old, MDC-less encrypted message or
file.
--
* Uint8Arrays are not supported for now there are unsolved issues in
conversion, and they are lower priority
* encrypt gains a new option to indicate that input values are base64
encoded
* as decrypted values are always base64 encoded, the option base64 will
not try to decode the result into utf, but leave it as it is
--
* Some assumption on messages were wrong. Now the tests use more
reasonable sizes.
* bigString now uses the full utf8-extent, with the exception of
U+0000. This code gets dropped during the encryption-decryption
process.
--
* The majority of tests needs to be run in a nativeMessaging context.
Offering the few tests that don't need this context at two places
introduces issues with maintainability. All tests now removed can be
found in ./unittests.js
--
* Added openpgp - Mode tests to the browsertest Extension. These tests
require openpgp, which should not be a hard dependency for the main
project. Packing openpgpjs into the extension is still TODO
* Fixes:
- openpgp mode API now correctly handles parameters as an object,
similar to openpgpjs
- proper check and parsing of openpgpjs Message Objects
--
* There were some inconsistencies between utf-8, transfer and browsers'
utf16, which broke characters that were split between individual
messages. src/Connection now contains a workaround that reassembles
javascripts' format from passed base64 strings. This needs someone
more experienced looking.
* Added several new tests which were failing during initial debugging
of this issue
* reorganized BrowsertestExtension to avoid cluttering.
--
* Tests: Under certain circumstances, some data change during
encrypt-decrypt. Committing the current state so the problem can be
discussed.
* Fixes:
- disconnecting the test ports after tests are complete
- fixed passing of the error message from gpgme-json
--
* Key.js: Error code for wrong parameter in createKey should be
"PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
for the native API
* new Problems:
- There seems to be a message size limit of about 21 MB for
nativeMessaging, much lower than the documented 4GB.
- Some bytes are lost with random data in an encrypt-decrypt
roundtrip. The culprit is unclear.
* Changed the expiration date for the generated test key to NYE this
century, rather than the NYE this millennium as originally suggested
in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
healthy millennials) as well as the 32-bit clock end date in 2038;
without falling foul of OpenPGP's 2106 expiration.
--
* Key.js: Error code for wrong parameter in createKey should be
"PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
for the native API
--
* Added unittests to be run inside a Browser. To be able to access
the non-exposed functions and classes, a testing bundle will be
created, containing the tests (unittests.js) and the items to be
tested.
* src/Helpelpers, src/Key, src/Keyring: fixed some errors found
during testing.
--
* Tests: initialization of the two modes, encryption
* gpgme.js: reintroduced message check before calling
Connection.post()
* gpgmejs_openpgp.js: Fixed openpgp mode not passing keys
* index.js: fixed some confusion in parseconfig()
* Inserted some TODO stubs for missing error handling
--
* Extensions:
- Moved testapplication to Demoextension
- Created BrowserTestExtension.
Includes mocha and chai. For running tests that cannot be run
outside a WebExtension
Both Extensions can be found zipped in build/extensions after
running build_extensions.sh
* Code changes:
- src/Config: Place for the configuration
- small fixes raised during testing in Keyring.js, Message.js,
- src/gpgmejs_openpgpjs.js don't offer direct GpgME object to the
outside, as it only causes confusion
- index.js init() now checks the config for validity
* Tests:
- Reordered tests in test/.
- Input values are now in a separate file which may be of use for
bulk testing
* moved the build directory from dist to build
* src/qgpgmenewcryptoconfig.cpp (QGpgMENewCryptoConfigEntry::urlValue):
Build url from local file.
(QGpgMENewCryptoConfigEntry::setURLValue): Set native seperated
path.
--
This fixes setting files through cryptoconfig on Windows.
GnuPG-Bug-Id: T3939
--
* Introduced Mocha/chai as testsuite. After development build
'npm test' should run the unit tests. Functionality exclusive to
Browsers/WebExtensions cannot be run this way, so some other testing
is still needed.
- package.json: Added required development packages
- .babelrc indirect configuration for mocha. ES6 transpiling
needs some babel configuration, but mocha has no setting for it.
- test/mocha.opts Vonfiguration for mocha runs
* Fixed errors:
- Helpers.js toKeyIdArray; isLongId is now exported
- Key.js Key constructor failed
- Message.js will not throw an Error during construction, a new
message is now created with createMessage, which can return an
Error or a GPGME_Message object
* Tests:
- test/Helpers: exports from Helpers.js, GPGME_Error handling
- test/Message: first init test with bad parameters
--
* gpgmejs_openpgpjs
- unsuported values with no negative consequences can now reject,
warn or be ignored, according to config.unconsidered_params
- cleanup of unsupported/supported parameters and TODOS
* A src/index.js init() now accepts a configuration object
* Errors will now be derived from Error, offering more info and a
stacktrace.
* Fixed Connection.post() timeout triggering on wrong cases
* Added comments in permittedOperations.js, which gpgme interactions
are still unimplemented and should be added next
--
* A timeout of 5 seconds is activated for functions that do not require
a pinentry. This definition is written to src/permittedOperations.js
* testapplication.js now alerts the proper error codes and messages.
* src/Errors.js fixed two typos in error handling
--
* Error objects will now return the error code if defined as error type
in src/Errors.js, or do a console.log if it is a warning. Errors from
the native gpgme-json will be marked as GNUPG_ERROR.
--
* src/aKey.js changed fingerprint to setter (to avoid overwrites)
* src/gpgmejs_openpgpjs.js
- Added a class GPGME_Key_openpgpmode, which allows for renaming and
deviation from GPGME.
- renamed classes *_openPGPCompatibility to *_openpgpmode. They are
not fully compatible, but only offer a subset of properties. Also,
the name seems less clunky
--
* The Connection will now be started before an object is created, to
better account for failures.
* index.js: now exposes an init(), which returns a Promise of
configurable <GpgME | gpgmeGpgME_openPGPCompatibility> with an
established connection.
* TODO: There is currently no way to recover from a "connection lost"
* Connection.js offers Connection.isConnected, which toggles on port
closing.
--
* Error handling: introduced GPGMEJS_Error class that handles errors
at a more centralized and consistent position
* src/Connection.js:
The nativeMessaging port now opens per session instead of per
message. Some methods were added that reflect this change
- added methods disconnect() and reconnect()
- added connection status query
* src/gpgmejs.js
- stub for key deletion
- error handling
- high level API for changing connection status
* src/gpgmejs_openpgpjs.js
- added stubs for Key/Keyring handling according to current
state of discussion. It is still subject to change
* src/Helpers.js
- toKeyIdArray creates an array of KeyIds, now accepting
fingerprints, GPGMEJS_Key objects and openpgp Key objects.
* Key objects (src/Key.js) Querying information about a key
directly from gnupg. Currently a stub, only the Key.fingerprint is
functional.
* Keyring queries (src/Keyring.js): Listing and searching keys.
Currently a stub.
* Compatibility class gpgme_openpgpjs offers an API that should accept
openpgpjs syntax, throwing errors if a parameter is unexpected/not
implemented
* tried to be more generic in methods
* waiting for multiple answers if 'more' is in the answer
* more consistency checking on sending and receiving
* updated the example extension
--
* lang/python/setup.py.in: Copy gpgme.h instead of parsing it.
--
The python bindings tried to parse deprecated functions
out of gpgme.h. This fails for the current gpgme.h in
that it removes an entire field in the key sig struct (_obsolete_class).
Hence, the fields were off by an int and the bindings accessed struct
members via the wrong offset. That caused python program to crash.
At least on 32bit platforms, the crash can be easily triggered by
accessing key.uids[0].signatures. On 64bit platforms the compiler
probably aligns the struct so that the missing 4 bytes are not noticed.
With this change, the python bindings will expose all functions
that gpgme exposes, including the deprecated ones.
Credits go to Justus Winter for debugging and identying the issue.
Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
GnuPG-bug-id: 3892
--
Note this code misses all the legal boilerplate; please add this as
soon as possible and provide a DCO so we can merge it into master.
I also removed the dist/ directory because that was not source code.
* Script to generate a new key with encryption subkey taking input
from interactive prompts.
* Will also take a passphrase via pinentry and uses passphrase caching
of five minutes when used in conjunction with the temp homedir
script.
* Testing the addition of a HTML header set in org-mode in order to
had RSS update links for files.
* This should work with any [X]HTML export from current versions of
Org-Mode, but if it also works on website generated pages then it'll
tick off one of the wishlist itmes.
* Script to create a temporary gnupg homedir in the user's directory
for testing or scripting purposes.
* Creates a hidden directory on POSIX systems with the correct
permissions (700).
* Creates a gpg.conf in that directory containing the same
configuration options as used in the "Danger Mouse" example in the
HOWTO with the correct permissions (600).
* Added GPGME Python bindings HOWTO in Australian/British English.
** en-US "translation" still to be done.
* Added several example scripts comprised of the "Basic Functions"
section of the HOWTO (plus the work-around at the end).
** As these scripts are very basic examples they are released under
both the GPLv2+ and the LGPLv2.1+ (just like GPGME itself).
Signed-off-by: Ben McGinnes <ben@adversary.org>
* Temporarily removing multi-key selection based examples.
* There are a few issues with getting the key selections to play
nicely with gpg.Context().keylist object types.
* Will troubleshoot them separately and restore them when that's
worked out, but I don't want these more complicated examples to
delay merging the HOWTO with master.
* Similar to group-key-selection.py, but does not use an existing
group from gpg.conf; instead takes multiple key IDs, fingerprints or
patterns on the command line and adds them to a keylist object.
* Begins to string together some of the simpler examples to do more
useful things.
* Signs and encrypts a file while encrypting to every key in a group
specified in the gpg.conf file.
* Updated usage so it only references importing the final list of
lists produced. Trying to use some of the mid-points can have
unpredictable results (this is part of the problem with work
arounds).
* Similar to encrypt file except for signing a file in normal mode.
* Noticed additional changes to be made to the howto to match this,
but they will have to wait due to a power outage (currently running
on battery and a mobile connection, but that won't last).
* Added groups selection work around code.
* Intended for use as a module to be imported by other scripts,
usually with "from groups import group_lists" or "from groups import
group_lines" or similar.
* Example to sign and encrypt a file.
* Similar to encrypt-file.py except all keys are considered trusted
and signs with the default key.
* Also encrypts to the default key.
* Example to encrypt a file to a single key.
* Takes key ID and/or fpr as a CLI parameter.
* Takes path and filename as a CLI parameter.
* Encrypts to specified key only, no signing and writes the output in
both ASCII armoured and GPG binary formats with output filenames
based on input filename.
* Added the same license as used with the HOWTO.
* Since these examples are so basic, they'll be dual licensed the same
as GPGME itself (otherwise it would slip too dangerously against the
need for permissive licensing of crypto libraries).
* Added reference to location where all the examples included in the
HOWTO will be available as executable scripts.
* Included a short README file in that location.
* Since we don't want to encourage accessing the low level functions
(e.g. op_encrypt), but since this example can still be useful to
understand, renaming it and will add new encryption examples to
match the instructions in the HOWTO.
* Adjusted the python-gnupg so the comments regarding insecure
invocation of commands via subprocess (shell=True) were a major
historical issue and not a a current issue.
* Not including Vinay Sajip's requested change to say it is now secure
since no audit of the current code base has been performed and my
last major inspection of that code was around the time I first
ported PyME to Python 3 in 2015.
* Checked off several points of howto coverage as completed.
* Reorganised to move S/MIME coverage to its own separate group of tasks.
* Noted only revocation remains for howto completion.