* src/gpgme-json.c (op_encrypt): Add optional signing_keys param.
(get_keys, create_keylist_patterns): Add param for json object name.
--
If the optional parameter signing_keys is provided to encrypt
it becomes an encrypt-sign operation.
* src/gpgme-json.c (add_summary_to_object): Changed to:
sigsum_to_json.
(add_signature_to_object): Changed to signature_to_json.
(add_signatures_to_object): Changed to verify_result_to_json.
(add_ei_to_object): Changed to engine_info_to_json.
(op_decrypt, op_verify, op_version): Use new functions.
--
This pattern of gpgme_type to json object conversion
is much cleaner then the error returning "add to object"
functions.
* src/gpgme-json.c (xjson_AddStringToObject0)
(xjson_AddItemToObject): New helpers.
(sig_notation_to_json, key_sig_to_json, tofu_to_json)
(uid_to_json, subkey_to_json, key_to_json): New
GPGME to JSON functions.
(op_keylist): New.
(process_request): Add op_keylist.
--
The conversion from GPGME data structures to
JSON follow the same pattern for the keylist
functions using the xjson wrappers instead
of error checking every cJSON call.
For large keylists the keylist command also
needs a data / getmore handling somehow.
* gpgme-json.c (get_string_data): New.
(op_verify, op_sign, op_decrypt, op_encrypt): Use it.
--
This handles the common base64 decoding and creation of the
gpgme_data object.
--
* src/Connection.js: isConnected was renamed to checkConnection, that
returns a promise with either version information or Boolean
* Connection checks have been adapted to reflect that checkConnection
returns a Promise
* BrowsertestExtension: tests/signTest.js was missing from my last
commit
* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
gpg.conf, including those entries for multiple keys (Mutt handles
that differently).
* Fixed the groups.py script so it really does what is described (the
old code had the same result for groups, group_lines and
group_lists).
* Updated the corresponding example in the doc to match.
* src/gpgme-json.c (gpg_error_object): New.
(error_object_v): Extend to take error.
--
Having the error code is helpful, especially as
the strerrors are localized. E.g. to detect
an ERROR_CANCELED.
* src/gpgme-json.c (op_verify): New.
(hlp_help): Add verify.
(process_request): Add verify.
--
Mostly works, except for detached, base64 encoded signatures,
they are somehow not yet written to gpgme.
* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.
--
That is what happens if you edit code while reviewing changes,
without testing it again,..
* Updated the decryption example code in the HOWTO and the
corresponding decrypt-file.py script to gracefully handle a
decryption failure. This error will always be triggered when GPGME
is used to try to decrypt an old, MDC-less encrypted message or
file.
--
* Uint8Arrays are not supported for now there are unsolved issues in
conversion, and they are lower priority
* encrypt gains a new option to indicate that input values are base64
encoded
* as decrypted values are always base64 encoded, the option base64 will
not try to decode the result into utf, but leave it as it is
* src/w32-util.c (_gpgme_get_gpg_path): Use new defines.
(GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x
(GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x
(_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback.
--
This should fix more "unsupported protocol" issues if Gpg4win /
GnuPG is installed in a non standard path on 64bit systems.
The regkey handling is similar to that of gpgex and gpgol.
GnuPG-Bug-Id: T3988
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this. Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--
This extra check makes sure that a missing or stripped MDC in
- gpg < 2.1
- or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure. gpg 2.3 will always fail in this
case. Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.
Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered. If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.
GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
--
* Some assumption on messages were wrong. Now the tests use more
reasonable sizes.
* bigString now uses the full utf8-extent, with the exception of
U+0000. This code gets dropped during the encryption-decryption
process.
--
* The majority of tests needs to be run in a nativeMessaging context.
Offering the few tests that don't need this context at two places
introduces issues with maintainability. All tests now removed can be
found in ./unittests.js
--
* Added openpgp - Mode tests to the browsertest Extension. These tests
require openpgp, which should not be a hard dependency for the main
project. Packing openpgpjs into the extension is still TODO
* Fixes:
- openpgp mode API now correctly handles parameters as an object,
similar to openpgpjs
- proper check and parsing of openpgpjs Message Objects
--
* There were some inconsistencies between utf-8, transfer and browsers'
utf16, which broke characters that were split between individual
messages. src/Connection now contains a workaround that reassembles
javascripts' format from passed base64 strings. This needs someone
more experienced looking.
* Added several new tests which were failing during initial debugging
of this issue
* reorganized BrowsertestExtension to avoid cluttering.
--
* Tests: Under certain circumstances, some data change during
encrypt-decrypt. Committing the current state so the problem can be
discussed.
* Fixes:
- disconnecting the test ports after tests are complete
- fixed passing of the error message from gpgme-json
--
* Key.js: Error code for wrong parameter in createKey should be
"PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
for the native API
* new Problems:
- There seems to be a message size limit of about 21 MB for
nativeMessaging, much lower than the documented 4GB.
- Some bytes are lost with random data in an encrypt-decrypt
roundtrip. The culprit is unclear.
* Changed the expiration date for the generated test key to NYE this
century, rather than the NYE this millennium as originally suggested
in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
healthy millennials) as well as the 32-bit clock end date in 2038;
without falling foul of OpenPGP's 2106 expiration.
--
* Key.js: Error code for wrong parameter in createKey should be
"PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
for the native API
--
* Added unittests to be run inside a Browser. To be able to access
the non-exposed functions and classes, a testing bundle will be
created, containing the tests (unittests.js) and the items to be
tested.
* src/Helpelpers, src/Key, src/Keyring: fixed some errors found
during testing.
--
* Tests: initialization of the two modes, encryption
* gpgme.js: reintroduced message check before calling
Connection.post()
* gpgmejs_openpgp.js: Fixed openpgp mode not passing keys
* index.js: fixed some confusion in parseconfig()
* Inserted some TODO stubs for missing error handling
