Commit Graph

292 Commits

Author SHA1 Message Date
Justus Winter
15fbac9e72
python: Support manipulating the TOFU policy.
* NEWS: Update.
* doc/gpgme.texi: Fix typos.
* lang/python/gpg/constants/__init__.py: Import new files.
* lang/python/gpg/constants/tofu/__init__.py: New file.
* lang/python/gpg/constants/tofu/policy.py: New file.
* lang/python/gpg/core.py (Context.key_tofu_policy): New function.
* lang/python/gpgme.i: Nice reprs for gpgme_tofu_info_t.
* lang/python/setup.py.in: Install new package.
* lang/python/tests/t-quick-key-manipulation.py: Extend test.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 17:08:03 +01:00
Justus Winter
48634e651f
python: Support quick key signing.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_keysign): Fix the description of the
'expire' argument.
* lang/python/gpg/constants/__init__.py: Import new file.
* lang/python/gpg/constants/keysign.py: New file.
* lang/python/gpg/core.py (Context.key_sign): New function.
* lang/python/tests/Makefile.am (py_tests): Add new test.
* lang/python/tests/t-quick-key-signing.py: New test.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-17 16:28:00 +01:00
Justus Winter
de708e5934
core: Fix expiration time handling when creating keys.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the
'expire' parameter.
(GPGME_CREATE_NOEXPIRE): Document new flag.
(gpgme_op_createsubkey): Clarify the meaning of the 'expire'
parameter.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the
expiration time.
* src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro.
--

Previously, the documentation stated that the expiration time was an
absolute timestamp.  However, this value was passed using the
'seconds=N' syntax to GnuPG which specifies the expiration time in
seconds relative to the creation time.  Fix the documentation.

Furthermore, the documentation stated that using 0 results in keys
that do not expire.  This was communicated to GnuPG by using the
implicit default.  However, as of GnuPG 2.1.17, the default was
changed to create keys that expire within a reasonable timespan.

Fix this discrepancy by aligning the behavior with recent GnuPG
versions: 0 means use a reasonable default, and introduce a flag that
can be used to create keys that do not expire.  Communicate this
explicitly to GnuPG.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:45:45 +01:00
Daniel Kahn Gillmor
ad22bee538 doc: Document that gpgme_op_genkey() parms parameter is not XML.
* doc/gpgme.texi (GnupgKeyParms): document that input format is not
true XML.

--

Please see discussion at
https://lists.gnupg.org/pipermail/gnupg-devel/2017-January/032507.html

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2017-02-05 23:38:53 -05:00
Werner Koch
752d3597ef
core: Add new context flag "redraw".
* src/context.h (struct gpgme_context): New field 'redraw_suggested'.
* src/op-support.c (_gpgme_op_reset): Clear REDRAW_SUGGESTED.
* src/progress.c (_gpgme_progress_status_handler): Set REDRAW_SUGGESTED.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Add "redraw".
* tests/run-sign.c (main): Use it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-01-31 09:44:29 +01:00
Werner Koch
ecb0e3280a
doc: Let's suggest GNU guidelines for bit checking.
--

While educating students we can also get them to use useful habits, in
particular to parenthese bit tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-12-07 23:25:50 +01:00
Andre Heinecke
7880335273 Clarify what "checking on bit" means
* doc/gpgme.texi (gpgme_sigsum_t summary): Clarify what "you
can check one bit means"

--
It was unclear which bit to test for is. And tests
with students have shown that they would "test" for
this one bit by using if(sig.summary == GPGME_SIGSUM_VALID)
which would fail because valid sigs are also SIGSUM_GREEN.

So lets give an example for people not used to checking bits and
clarify through this example which bit is meant to be checked.
2016-12-07 21:46:24 +01:00
Werner Koch
7f5f26fd66
doc: Replace http: by https: in core source files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 13:27:00 +01:00
Werner Koch
9fc92a15bd
core: Do not leak the override session key to ps(1).
* src/engine-gpg.c (struct engine_gpg): New field
override_session_key.
(gpg_release): Free that field.
(gpg_decrypt): With gnupg 2.1.16 use --override-session-key-fd.

* tests/run-decrypt.c (main): Fix setting over the override key.
--

Note that this works only with gnupg 2.1.16 and later.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 10:15:31 +01:00
Daniel Kahn Gillmor
5730647421
doc,tests: Require use of ctx_flag before use of session_key.
* doc/gpgme.texi: Document requirements of verifying that it is OK to
use session_key.
* tests/run-decrypt.c: Ensure that we fail if we're unable to access
the session key, so that we do not violate the guidance above.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

Changed the description

 -@code{gpgme_set_ctx_flag (ctx, "export-session-key")} returns
 -@code{GPG_ERR_NO_ERROR} or @code{gpgme_get_ctx_flag (ctx,
 -"export-session-key")} returns @code{"1"}.
 +@code{gpgme_set_ctx_flag (ctx, "export-session-key")} returns success
 +or @code{gpgme_get_ctx_flag (ctx, "export-session-key")} returns true
 +(non-empty string).

to get gpgme_get_ctx_flag for boolean values in sync with its own
description.

Note that I don't agree with the above suggestion but it does not
really harm to have it in the man page.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 10:15:31 +01:00
Daniel Kahn Gillmor
ff3b72e2a3 doc: Fix typos.
--
2016-11-15 12:02:56 +01:00
Werner Koch
7659d42468
core: Implement context flag "override-session-key".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.

* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.

--

To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.

The patch also implements the --override-session-key feature.

GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 10:34:13 +01:00
Werner Koch
3234b1bf1d
core: Add public function gpgme_get_ctx_flag.
* src/gpgme.h.in (gpgme_get_ctx_flag): New.
* src/gpgme.c (gpgme_set_ctx_flag): Move down the file and add a trace
statement.
(gpgme_get_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new interface.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 09:24:17 +01:00
Daniel Kahn Gillmor
cad1210fb8
core: Enable extraction of session keys.
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.

--

gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case.  However, session key export is also
useful in other use cases.  Two examples from MUA development (where
this functionality would be specifically useful to me right now):

 * If the MUA stores a local copy of the session key upon decrypting
   the message, it can re-decrypt the message without expensive
   asymmetric operations.  When rendering a thread with dozens of
   encrypted messages, this can represent a significant speedup.

 * A user may have expired encryption-capable secret key material,
   along with many messages encrypted to that material.  If she stores
   the session keys for those messages she wants to keep, she can
   destroy her secret key material and make any messages she has
   deleted completely unrecoverable, even to an attacker who gets her
   remaining secret keys in the future.

This patchset makes a two specific implementation decisions that could
have gone in different ways.  I welcome feedback on preferred outcomes.

 0) session key representation: we currently represent the session key
    as an opaque textual string, rather than trying to provide any
    sort of in-memory structure.  While it wouldn't be hard to parse
    the data produced by gpg's --export-session-key, I chose to use
    the opaque string rather than lock in a particular data format.

 1) API/ABI: i've added a member to gpgme_op_decrypt_result_t.  This
    has the potential to cause an out-of-bound memory access if
    someone uses code compiled against the newer verision, but linked
    at runtime against an older version.  I've attempted to limit that
    risk by documenting that users must verify
    gpgme_get_export_session_keys() before accessing this new struct
    member -- this means that code expecting this capability will
    require the symbol at link-time, and will refuse to link against
    older versions.

    Another approach to solving this problem would be to avoid
    modifying gpgme_op_decrypt_result_t, and to introduce instead a
    new function gpgme_op_session_key(), which could be called in the
    same places as gpgme_op_decrypt_result().  Depending on the
    representation of the session key, this might introduce new
    memory-management burdens on the user of the library, and the
    session key is certainly part of a decryption result, so it seemed
    simpler to go with what i have here.

If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.

Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/

If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.

Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user.  Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API.  Unless someone tinkers with
the build system, this should never happen.  We have added new fields
to result structure may times and I can't remember any problems.

 - wk
2016-11-15 08:52:06 +01:00
Daniel Kahn Gillmor
16a3020506
doc: Correct deftypefun for gpgme_op_decrypt_verify_start.
* doc/gpgme.texi: Documentationabout gpgme_op_decrypt_verify_start was
stored under the name gpgme_op_decrypt_verify instead.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-11-11 15:17:45 +01:00
Daniel Kahn Gillmor
d50bdb269e
doc: Correct text about gpgme_cancel_async.
* doc/gpgme.texi: Documentation about gpgme_cancel_async should refer
to the correct name.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-11-11 15:16:53 +01:00
Werner Koch
05775b5248
doc: Fix regression in macro handling
--

The way macros are handled seem to have changed since 2008.  Fix that:

Reported-by: dkg@fifthhorseman.net
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-11 15:10:57 +01:00
Werner Koch
e166724dcc
doc: s/Multi Threading/Multi-Threading/
--
2016-11-10 17:28:29 +01:00
Andre Heinecke
09b6455432 core: Use gpgrt locking for thread safeness
* configure.ac: Require libgpg-error 1.17. No longer
check for pthread.
* doc/gpgme.texi: Document removed neccessity for thread
safe gpgme flavours.
* src/sema.h (DEFINE_GLOBAL_LOCK),
(DEFINE_STATIC_LOCK, INIT_LOCK, DECLARE_LOCK)
(DESTROY_LOCK, LOCK, UNLOCK): Change to gpgrt equivalents.
* src/posix-sema.c, src/w32-sema.c: Removed.
* src/Makefile.am: Remove libpthread and
Update accordingly.
* src/ath.c, src/ath.h (ath_mutex_init)
(ath_mutex_destroy, ath_mutex_lock, ath_mutex_unlock): Removed.
* src/ath.h (ATH_MUTEX_INITIALIZER): Removed.
* src/version.c (do_subsystem_inits): sema_subsystem_init is
no longer required.
* tests/gpg/Makefile.am: Add new threading tests.
(t_thread1_LDADD, t_cancel_LDADD):
Use just gpgme.
* tests/gpg/t-thread-keylist-verify.c,
tests/gpg/t-thread-keylist.c: New.
* src/gpgme-config.in: Use -lgpgme for thread-model pthread.

--
Using gpgrt locks instead of pthread locks removes
the neccessity to link pthread directly to gpgme and
have a different, thread safe flavor of gpgme. Now
gpgme is thread-safe if the conditions mentioned
in the doc are met.

As the cpp bindings linked against libgpgme
and not libgpgme-pthread this fixes threading problems
with them.

libgpgme-pthread is removed but gpgme-config still supports
--thread=pthread for compatibility with find scripts.
2016-11-10 13:33:13 +01:00
Werner Koch
aad94cb7c3
core: Add gpgme_op_query_swdb and helper.
* src/gpgme.h.in (gpgme_query_swdb_result_t): New.
(gpgme_op_query_swdb): New.
(gpgme_op_query_swdb_result): New.
* src/libgpgme.vers, src/gpgme.def: Add the two new functions.
* src/queryswdb.c: New.
* src/Makefile.am (main_sources): Add new file.
* src/context.h (OPDATA_QUERY_SWDB): New.
* src/engine-backend.h (struct engine_ops): Add field 'query_swdb'.
Adjust all initializer.
* src/engine.c (_gpgme_engine_op_query_swdb): New.
* src/engine-gpgconf.c (parse_swdb_line): New.
(gpgconf_query_swdb): New.
(_gpgme_engine_ops_gpgconf): Register that function.

* src/util.h (GPG_ERR_TOO_OLD): Define for older libgpg-error.
(GPG_ERR_ENGINE_TOO_OLD): Ditto.

* tests/run-swdb.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add new debug tool.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-03 17:32:30 +01:00
Werner Koch
b8159eadb5
core: New API functions gpgme_set_sender, gpgme_get_sender.
* src/context.h (struct gpgme_context): Add field 'sender'.
* src/gpgme.c: Include mbox-util.h.
(gpgme_release): Free SENDER.
(gpgme_set_sender): New.
(gpgme_get_sender): New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.

* src/engine-gpg.c (append_args_from_sender): New.
(gpg_encrypt_sign, gpg_sign): Call append_args_from_sender.
(gpg_verify): Add arg CTX.  Call append_args_from_sender/
* src/engine-gpgsm.c (gpgsm_verify): Add dummy arg CTX.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* src/engine.c (_gpgme_engine_op_verify): Add arg CTX.
* src/verify.c (verify_start): Pass CTX to engine function.

* tests/gpg/t-verify.c (main): Add some checks for new functions.
* tests/run-sign.c (main): Add option --sender.
* tests/run-verify.c (main): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-25 17:28:01 +02:00
Werner Koch
0ea2ff6790
core: New helper function gpgme_addrspec_from_uid.
* src/gpgme.h.in: Add gpgme_addrspec_from_uid.
* src/gpgme.def, src/libgpgme.vers: Ditto.
* src/mbox-util.c (gpgme_addrspec_from_uid): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-08 21:17:48 +02:00
Daniel Kahn Gillmor
a11450eb04 move some file encodings to UTF-8
* THANKS, doc/ChangeLog-2011, tests/ChangeLog-2011,
  tests/gpg/geheim.txt: convert from iso 8859-1 to utf-8.
* lang/qt/src/dataprovider.cpp, lang/qt/src/qgpgmerefreshkeysjob.cpp,
  lang/qt/src/qgpgmesecretkeyexportjob.cpp: replace U+FFFD REPLACEMENT
  CHARACTER with proper U+00E4 LATIN SMALL LETTER A WITH DIAERESIS.

--
Note that src/versioninfo.rc.in is still ISO-8859-1.  I don't know
whether Windows will properly handle UTF-8 in this file or not, so i
have not touched it.

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-23 16:08:33 +02:00
Daiki Ueno
0aaf1dedd6
doc: Fix minor errors in I/O callback example
* gpgme.texi (I/O Callback Example): Fix typos, add timeout to select,
and initialize mutex as recursive.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
2016-09-22 09:12:43 +02:00
Werner Koch
db23985127
doc: Mention language bindings in the manual.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-19 09:06:32 +02:00
Werner Koch
3d6340e8c5
core: Map GPGME_STATUS_EOF to the empty string.
* src/status-table.c (_gpgme_status_to_string): Return "" for EOF.
* src/engine-gpg.c (read_status): Ditto.  The old code accidently used
GPGME_STATUS_EOF which is the integer 0 and neiteyr NULL nor a string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 16:00:27 +02:00
Werner Koch
00f95e0fad
doc: Move description of most deprecated functions to a new appendix.
--
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 12:20:55 +02:00
Werner Koch
e6405df624
doc: Document the recently added --quick-foo related functions.
--
2016-09-16 11:48:29 +02:00
Werner Koch
ed1f2700a7
core: New function gpgme_op_interact, deprecate gpgme_op_edit.
* src/gpgme.h.in (gpgme_interact_cb_t): New.
(GPGME_INTERACT_CARD): New.
(gpgme_op_interact_start, gpgme_op_interact): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/edit.c (op_data_t): Rename fnc to fnc_old and change users.  Add
fnc.
(edit_status_handler): Call old or new callback.
(command_handler): Ditto.
(interact_start): New.
(gpgme_op_interact_start, gpgme_op_interact_start): New.
* src/status-table.c (_gpgme_status_to_string): New.

* tests/gpg/t-edit.c (edit_fnc): Rename to interact_fnc and change
type of STATUS.  Use gpgme_io_writen.
(main): s/gpgme_op_edit/gpgme_op_interact/.
--

This change will eventually allow us to remove all those status codes
from gpgme.h.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-15 11:39:43 +02:00
Werner Koch
d2b72d3cc1
core: Minor change of the gpgme_op_edit semantics.
* src/edit.c (command_handler): Handle special error code.
* src/engine-gpg.c (read_status): Ditto.
* src/engine-gpgsm.c (status_handler): Ditto.
* src/engine-uiserver.c (status_handler): Ditto.
* src/util.h (GPG_ERR_FALSE): Define for older libgpg-error versions.
--

An edit callback may now simply return GPG_ERR_FALSE to indicate that
it did not handled the status code.  GPGME will the do the appropriate
action, which is to send an empty line.

Note that it is highly unlikely that GPG_ERR_FALSE has ever been used
by an application as return value from an edit interactor.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-15 09:24:29 +02:00
Werner Koch
cc353701b0
core: New function gpgme_op_createsubkey.
* src/genkey.c (createsubkey_start): New.
(gpgme_op_createsubkey_start, gpgme_op_createsubkey): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-gpg.c (gpg_createkey): Factor some code out to ...
(gpg_add_algo_usage_expire): new.
(gpg_addkey): Implement.
* tests/run-genkey.c: Add option --addkey.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 09:51:16 +02:00
Werner Koch
9ee103957e
core: Add GPGME_KEYLIST_MODE_WITH_TOFU.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_TOFU): New.
* src/engine-gpg.c (gpg_keylist_build_options): Use that.
* src/keylist.c: Include limits.h.
(parse_tfs_record): New.
(keylist_colon_handler): Support TFS record.
* tests/run-keylist.c: Include time.h.
(isotimestr): New.
(main): Add option --tofu.  Print TOFU info.
* tests/run-verify.c: Include time.h.
(isotimestr): New.
(print_result): Use isotimestr for TOFU dates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 11:38:03 +02:00
Werner Koch
be4ff75d7d
core: Change the way TOFU information are represented.
* src/gpgme.h.in (struct _gpgme_signature): Remove field 'tofu'.  Add
field 'key'.
(struct _gpgme_key): Add field 'fpr'.
(struct _gpgme_user_id): Add field 'tofu'.
(struct _gpgme_tofu_info): Remove fields 'address' and 'fpr'.
* src/key.c (gpgme_key_unref): Release TOFU and FPR.
* src/keylist.c (keylist_colon_handler): Store the fingerprint of the
first subkey also in KEY.
* src/verify.c (release_tofu_info): Remove.
(release_op_data): Release KEY.
(parse_tofu_user): Rewrite for new data structure.
(parse_tofu_stats): Ditto.
(parse_tofu_stats_long): Ditto.
* tests/run-verify.c (print_result): Ditto.
* tests/run-keylist.c (main): Print more fields.
--

TOFU information are now associated with the user ID and not with a
separate object.

Note that this breaks code relying on the former non-released TOFU
feature.  The C++ bindings won't work right now.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-23 15:24:10 +02:00
Werner Koch
24e61984c9
core: Add new items for gpgme_get_dirinfo.
* src/dirinfo.c (WANT_SYSCONFDIR, WANT_LIBEXECDIR, WANT_LIBDIR): New.
(WANT_DATADIR, WANT_LCOALEDIR, WANT_AGENT_SSH_SOCKET): New
(WANT_DIRMNGR_SOCKET): New.
(dirinfo): Add fields 'sysconfdir', 'bindir', 'libexecdir', 'libdir',
'datadir', 'localedir', 'agent_ssh_socket', and 'dirmngr_socket'.
(parse_output): Set these fields.
(get_gpgconf_item): Return them.
(gpgme_get_dirinfo): Likewise.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-22 16:57:51 +02:00
Werner Koch
3e60788810
core: New commands --lang and --have-lang for gpgme-config
* configure.ac (GPGME_CONFIG_AVAIL_LANG): New ac_subst.
* src/gpgme-config.in (avail_lang): Add commands --lang and
--have-lang.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-21 15:49:03 +02:00
Werner Koch
8c09dd9989
core: New global flag "require-gnupg".
* src/gpgme.c (gpgme_set_global_flag): Add flag.
* src/engine.c (engine_minimal_version): New variable.
(_gpgme_set_engine_minimal_version): New function.
(gpgme_get_engine_info): Check that flag.

* tests/run-keylist.c (main): New option --require-gnupg.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-16 18:53:42 +02:00
Werner Koch
fe1e8e71aa
core: Make use of the "size-hint" in engine-gpg.
* src/engine-gpg.c: Include data.h.
(add_input_size_hint): New.
(gpg_decrypt, gpg_encrypt, gpg_encrypt_sign, gpg_sign)
(gpg_verify): Call new function,

* tests/run-encrypt.c (status_cb): Print to stderr.
(progress_cb): New.o
(main): Add option --progress.  Print full-status lines.  Provide a
size for the input data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-12 15:32:31 +02:00
Werner Koch
b7d99e0218
doc: Get rid of version.texi
* configure.ac (CC_FOR_BUILD): New.
* doc/mkdefsinc.c: New.  Taken from GnuPG and modified for gpgme.
* doc/Makefile.am (EXTRA_DIST): Add defsincdate and mkdefsinc.c
(BUILT_SOURCES): new.
(gpgme.texi): New dependency.
(mkdefsinc, defsincdate, defs.inc): New rules.
(dist-hook): New.
* doc/gpgme.texi: Include defs.inc.  Remove version.texi.
--

GnuPG-bug-id: 2352

That new system should also yield more approriate date infos for the
manual.
2016-08-10 16:33:20 +02:00
Andre Heinecke
3d2f027d0f core: Add support for mixed symmetric and asym enc
* src/gpgme.h.in (gpgme_encrypt_flags_t): New flag
GPGME_ENCRYPT_SYMMETRIC.
* src/engine-gpg.c (gpg_encrypt): Also add --symmetric if the flag
is given.
* NEWS: Mention new flag.
* tests/run-encrypt.c (show_usage): Extend for --symmetric.
(main): Handle --symmetric.
(main): Set passphrase_cb in loopback mode.
(main): Fix encrypt call if no recipients are given.
* tests/gpg/t-encrypt-mixed.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
* doc/gpgme.texi: Document new flag.
2016-08-09 14:23:51 +02:00
Justus Winter
135185b7ef doc: Document the Assuan protocol.
* doc/gpgme.texi: Document the Assuan protocol.

GnuPG-bug-id: 2407
Signed-off-by: Justus Winter <justus@g10code.com>
2016-08-02 16:51:08 +02:00
Justus Winter
e11c65cfb5 doc: Fix formatting.
--
Signed-off-by: Justus Winter <justus@g10code.com>
2016-08-02 16:50:54 +02:00
Werner Koch
d8d5f5a167
core: New GPGME_DATA_ENCODING_MIME.
* src/gpgme.h.in (GPGME_DATA_ENCODING_MIME): New.
* src/data.c (gpgme_data_set_encoding): Adjust check.
* src/engine-gpg.c (have_gpg_version): New.
(gpg_encrypt, gpg_encrypt_sign): Pass flag '--mimemode'.
(gpg_sign): Ditto.

* lang/cpp/src/data.h (GpgME): Add MimeEncoding.
* lang/cpp/src/data.cpp (encoding, setEncoding): Support MimeEncoding.

* src/gpgme-tool.c (server_data_encoding): Add flag --mime.
--

This feature allows an application to declare that the encrypted or
signed data is a valid MIME part.

What is missing is a way to return that information to the application
after decryption/verification.  This can be done by setting the
encoding of the output data object; however this requires some
internal additions to our processing model.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 14:45:02 +02:00
Andre Heinecke
329ab93f7e Doc: Document pinentry mode
* doc/gpgme.texi (Passphrase Callback): Document as context
attribute.
(gpgme_set_passphrase_cb): Note that this requires LOOPBACK mode
with GnuPG 2.1.
2016-07-04 11:46:32 +02:00
Werner Koch
dac2c5441d
api: Add new context flag "raw-description".
* src/context.h (struct gpgme_context): Add field raw_description.
* src/gpgme.c (gpgme_set_ctx_flag): New flag.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-21 10:31:20 +02:00
Werner Koch
88f2c1c0d1
api: Add new function gpgme_set_ctx_flag.
* src/gpgme.h.in (gpgme_set_ctx_flag): New prototype.
* src/gpgme.c (gpgme_set_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/context.h (struct gpgme_context): Add FULL_STATUS.
* src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the
  status callback if FULL_STATUS is set.
* src/genkey.c (genkey_status_handler): Ditto.
* src/passphrase.c (_gpgme_passphrase_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

* src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add
adjust all definitions of that variable.
* src/engine.c (_gpgme_engine_set_status_cb): New.
* src/op-support.c (_gpgme_op_reset): Call this function.

* src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and
MON_CB_VALUE.
(gpg_set_status_cb): New.
(_gpgme_engine_ops_gpg): Register that function.
(read_status): Call the monitor callback.

* src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and
MON_CB_VALUE.
(_gpgme_engine_ops_gpgsm): Register that function.
(gpgsm_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB
and MON_CB_VALUE.
(_gpgme_engine_ops_uiserver): Register that function.
(uiserver_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* tests/run-verify.c (status_cb): New.
(print_result): Print algo names.
(main): Add option --status.
--

This new feature is mainly intended for bug tracking.  Having access
to the raw status lines might also be useful for applications, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-19 17:04:54 +02:00
Daiki Ueno
3b6e9a3d0a
doc: Fix minor errors
* doc/gpgme.texi: Fix errors and typos in the cancellation and
gpgme_import_result_t documentation.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
2015-12-04 16:25:01 +01:00
Werner Koch
bb600aa8fd
w32: Add new global flag "w32-inst-dir".
* src/gpgme.c (gpgme_set_global_flag): Add flag "w32-inst-dir";
* src/posix-util.c (_gpgme_set_override_inst_dir): New stub.
* src/w32-util.c (override_inst_dir): New var.
(_gpgme_get_inst_dir): Return this var is set.
(_gpgme_set_override_inst_dir): New.
--

See
https://lists.gnupg.org/pipermail/gnupg-devel/2015-September/030267.html
for background.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-10-28 16:28:48 +01:00
Werner Koch
c4b6b35bfa
Add gpgme_pubkey_algo_string
* src/gpgme.h.in (GPGME_PK_EDDSA): New.
(gpgme_pubkey_algo_string): New.
* src/conversion.c (_gpgme_map_pk_algo): Add new algo.
* src/gpgme.c (gpgme_pubkey_algo_string): New.
(gpgme_pubkey_algo_name): Reformat.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-30 19:04:44 +02:00
Werner Koch
107bff70ed
Release 1.6.0
* configure.ac: Set LT version to C25/A14/R0.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-26 10:06:00 +02:00
Werner Koch
2b632bbb78
Add an export secret key feature.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET): New.
(GPGME_EXPORT_MODE_RAW): New.
(GPGME_EXPORT_MODE_PKCS12): New.
* src/export.c (export_start, export_ext_start): Allow new flags.
* src/engine-gpg.c (export_common): Support secret key export.
* src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Ditto.

* src/gpgme-tool.c (cmd_export): Add options --secret, --raw,
and --pkcs12.
* tests/run-export.c (main): Likewise.
--

Note that exporting secret X.509 keys requires GnuPG 2.1.8.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 12:41:24 +02:00