Commit Graph

861 Commits

Author SHA1 Message Date
Maximilian Krambach
766d42c248 js: typecheck destructured parameters
--

* destructuring just takes the input argument and treats it as object.
  In cases like in src/Keyring/generateKey, where I forgot to change
  the old syntax, the fingerprint as string was destructured into an
  object without "pattern", which caused all Keys to be retrieved.
  So, methods with a destructuring now check if the first argument is
  an object and get a default empty object if no parameter is
  submitted. This allows the further use of destructured parameters,
  while still ensuring nothing vastly incorrect is used.
* src/Kering.js, unittsets.js: fixed old syntax in method usage
2018-08-27 12:38:32 +02:00
Maximilian Krambach
4f28fbddd3 js: extend information on decoding in decrypt
--

* src/Connection.js: resulting data, if not pure ascii, is base64
  encoded in the result message. A further decoding attempt into
  javascript 'string' will be attempted by default, unless specified
  at the decrypt() method. The return value 'format' now shows which
  of the possibilities has been applied. The old boolean 'base64'
  now turns into format:'base64' if the returned payload is a base64
  string after decryption.
2018-08-27 11:50:09 +02:00
Maximilian Krambach
557fec6002 js: fix file_name return on decrypt
--
* src/gpgmejs: Line 228 checked the wrong variable. To avoid further
  confusion, _result was renamed to returnValue in the whole file
2018-08-27 11:21:02 +02:00
Maximilian Krambach
138e1dde02 js: add new options to permittedOperations
--

* reflecting the new optional strings accepted by the backend.
  'file_name' and 'sender' can be  used via the 'additional'
  parameter in encrypt operations
2018-08-24 10:33:42 +02:00
Maximilian Krambach
f62dd4bb27 js: fix syntax inside Keyring methods
--

* recent changes in parameter calling led to a forgotten internal call
  in getDefaultKey using old syntax (and failing in case a default key
  is configured)
2018-08-23 17:58:22 +02:00
Maximilian Krambach
352c53040d js: offer an always-trust parameter on encrypt
--

* src/gpgmejs.js: Setting the default to 'always trust' assumes that
  most api users will already have made their internal checks, but may
  not have the gnupg web-of-trust model implemented, thus trusting the
  key themselves, without gnupg having full or even any information.
  Still it should stay an option to have gnupg decide.
2018-08-23 12:30:49 +02:00
Maximilian Krambach
3fd6837fce js: use destructured option parameters
--
* Adds to f0409bbdaf and makes use of
  destructuring, allowing for defaults, and cleaning up the
  validation.
2018-08-23 12:15:59 +02:00
Maximilian Krambach
60dc499abd js: update getDefaultKey to more precise logic
--

* src/Keyring.js: Adapted Keyring.getDefaultKey() to my current
  understanding  of a default signing key: either the default key set
  in the gpg config, or 'the first usable private key' - usability
  meaning  'not invalid, expired, revoked, and can be used for
  signing'. It should be the same key used as in command line when
  doing a --sign operation.
  In case the user has a smartcard plugged in, we currently
  won't know of this here, so our choice may differ. But as we do all
  javascript-binding sign operations with the key  fingerprint
  explicitly set, this should not be a real problem. This method is
  seen more as a convenience to tell using librarys which key
  represents the main user.
2018-08-23 11:28:18 +02:00
Maximilian Krambach
24a0005865 js: add decrypt result options
--

* As a decrypt result cannot be known beforehand, the decrypt operation
  may add an 'expect' property, taking either 'uint8' or 'base64',
  which will return the decrypted data in the appropiate formats.
  the return property 'format' will give a feedback on which option
  was taken.
  A test was added to reflect these changes.
2018-08-22 19:07:05 +02:00
Maximilian Krambach
f0409bbdaf js: make method parameters objects
--

* As requested by using parties, the options to be passed into the
  methods are now objects, with the objects' properties better
  describing what they do, and to avoid the need to type several nulls
  in a method call if one wants the last parameter.
  - src/Keyring.js, src/gpgme.js: Changed parameters and their
    validations
  - BrowserTest/*.js Had to adapt quite some calls to the new format
2018-08-22 18:37:46 +02:00
Maximilian Krambach
129fa919b9 js: improve decryption performance
--
* src/Connection.js, src/Helpers.js: performance of decoding incoming
  base64 data was improved to about 4 times the speed by introducing
  two more efficient functions (thanks to rrenkert@intevation.de for
  finding and testing them)

* src/gpgmejs.js: Decrypted data will now return as Uint8Array, if the
  caller does not wish for a decoding. Decoding binary data will return
  invalid data, and a Uint8Array may be desired. This can be indicated
  by using the (new) 'binary' option in decrypt.

* src/Errors.js A new error in case this decoding fails

* src/Message.js, src/Connection.js: expected is change from base64
  to binary, to avoid confusion later on.
2018-08-22 16:32:31 +02:00
Maximilian Krambach
94a0ed361e js: Return error if signature has no fingerprint
--

* src/Signature.js/get fingerprint: A signature with no fingerprint
  should not happen, but if it does, we should throw an error here,
  as the method is a getter.
2018-08-22 14:49:11 +02:00
Andre Heinecke
59ed27bae1
Merge branch 'javascript-binding'
This adds a new language binding "gpgme.js" to GPGME. It
serves as a bridge between the native-messaging service "gpgme-json"
and JavaScript Applications.

The first user of this binding will be Mailvelope which will
see GnuPG integration in the near future.

GnuPG-Bug-Id: T4107
2018-08-22 13:15:35 +02:00
Maximilian Krambach
d8fd4aad8a js: changed verify signature result infos
--

* the resulting information of verify now are as documented,
  and the same as in a decrypt callback
2018-08-22 12:44:05 +02:00
Maximilian Krambach
93f674d33d js: throw errors in sync functions
--

* synchronous functions should throw errors if something goes wrong,
  Promises should reject. This commit changes some error cases that
  returned Error objects instead of throwing them

  - src/Key.js: createKey() and sync Key.get() throw errors
  - src/Error.js: Exporting the list of errors to be able to test and
    compare against these strings
  - src/Keyring.js: Setting a null value in pattern is not useful, and
    now caused an error with the new changes.
  - src/Message.js: createMessage and Message.setParameter now throw
    errors
2018-08-22 12:18:55 +02:00
Maximilian Krambach
6d720137dd js: update decrypt/verify results
--

* src/gpgmejs.js: Decrypt now parses additional optional dec_info
  information, as well as any verify information, if present

* src/permittedOperations: Now decrypt also expect the new return
  object dec_inf (containing info such as is_mime and file_name)
2018-08-21 15:26:17 +02:00
Maximilian Krambach
9dd6c67cd5 js: remove outdated checklists
--

* They are heavily outdated and offer no more useful information
2018-08-21 14:37:50 +02:00
Andre Heinecke
0036b9bc49
js: Fix library name mentioned in js Makefiles
--
2018-08-21 13:58:51 +02:00
Andre Heinecke
738a8e6f95
js: Update extra_dist files
* lang/js/BrowserTestExtension/Makefile.am,
lang/js/Makefile.am (EXTRA_DIST): Update.
2018-08-21 13:58:51 +02:00
Andre Heinecke
605eb8a8bf
js: Improve README
* lang/js/README: Clarify structure at the beginning.
2018-08-21 13:58:51 +02:00
Maximilian Krambach
8b8c009dee js: set expiry of generatedKey to seconds from now
--

* src/Keyring.js: Changed key ecpiration from Date to seconds from
  creation, as in gpgme. The Date parameter used before was due to a
  misunderstanding in documentation and requests from potential users.
2018-08-21 11:42:11 +02:00
Maximilian Krambach
d77a1c887d js: add option "subkey-algo" to generateKey
--

* The option was recently added to gpgme-json; this reflects this on
  javascript side
2018-08-20 18:05:34 +02:00
Maximilian Krambach
91c2362550 js: set expiry date on generateKey
--

* on the javascript side a Date is expected, gpggme-json expects
  seconds from 'now'
2018-08-20 17:46:29 +02:00
Maximilian Krambach
dd32daad0b js: add and apply eslint rules
--

* mainly spacing, see .eslintrc.json for details
2018-08-20 15:12:01 +02:00
Maximilian Krambach
1954d27be8 js: revert changes to class read/write restriction
--

* undoes 94ee0988d4 and
  e16a87e839.
  I do not fully understand why my approach was bad, but I am not in
  a position to argue. This revert was requested to me after a review,
  and I'm doing it in the assumption that more experienced people know
  better than me.
* unittests: Also changed some outdated tests that stopped working
  since 754e799d35 (as GPGME_Key is not
  exported, one cannot check for instanceof in the tests anymore)
2018-08-20 12:12:43 +02:00
Ben McGinnes
75bc5e6356 Python bindings examples
* import-key.py: fixed a minor typo.
* pmkey-import.py: locates and imports keys from the ProtonMail keyserver.
* pmkey-import-alt.py: the same as the previous except with setting an
  alternative $GNUPGHOME directory.
2018-08-19 14:32:30 +10:00
Ben McGinnes
03b899dbe1 Python bindings setup file
* Moved the build import back up where it belongs.
* Included comments indicating how to build and install for multiple
  Python versions beyond the first 2 on the same system.
2018-08-19 00:21:47 +10:00
Ben McGinnes
5facba45c8 Python bindings tests: Near PEP8 compliance
* PEP8 compliance for the vast majoeity of the tests.
2018-08-18 20:29:14 +10:00
Ben McGinnes
b5fbe90676 Python bindings examples: PEP8 conpliance
* Appears to be complete compliance.
2018-08-18 18:46:47 +10:00
Ben McGinnes
fc55caccfc Python bindings setup: Near PEP8 compliance
* lang/python/version.py.in: Fixed most things, but there's still an
  issue near the build portion with the existing Python bugs referenced.
* lang/python/setup.py.in: Now PEP8 compliant.
2018-08-18 18:19:16 +10:00
Ben McGinnes
8a6a73b9c4 Python bindings constants: PEP8 compliance (almost)
* PEP8 compliance for all constants except the globals in
  src/constants/__init__.py depending on whether the import sequence
  affects the globals themselves.
2018-08-18 15:36:23 +10:00
Ben McGinnes
7962cde13c Python bindings src: PEP8 compliance
* import namespace clearance for src/*.py.
* Fixed a handful of is/is not None checks as well.
2018-08-18 15:05:34 +10:00
Maximilian Krambach
74684f24c6 js: decode arriving gpg message strings
--

* Arriving strings (i.e. user id names, error messages) are not
  always in javascript encoding. This is an attempt to go through
  the whole gpgme answer (with the exception of payload data) and
  to fix the encoding of these
2018-08-17 19:20:35 +02:00
Maximilian Krambach
3cbafb97ec js: correct decrypt result info (2)
--

* the permittedOperation from last commit ended up in the wrong place.
  sign does not return an additional 'info' object.
2018-08-17 18:25:57 +02:00
Maximilian Krambach
fff365ffc5 js: expect additional 'info' to arrive on decrypt, too
--

* src/permittedOperations.js: if decrypt includes a verification,
  this info needs to pass, too.
2018-08-17 17:55:11 +02:00
Maximilian Krambach
5b0f8230b2 js: decrypt callback is_mime fix
--

* src/gpgmejs: is_mime should report its' counterpart. Also,
  file_name is not optional in specification. We'll send null if
  there is no file_name
2018-08-17 17:44:06 +02:00
Maximilian Krambach
8e87790db3 js: don't expire new keys if no date is set
--

* src/Keyring.js A new Key without expiration is documented as
  'never expire' here, and should behave accordingly. This requires
  sending '0' here.
2018-08-17 17:20:35 +02:00
Maximilian Krambach
3fb094a9b8 js: small documentation fix
--
2018-08-17 17:14:51 +02:00
Maximilian Krambach
ad39d54d19 js: removed Key.armor property in synchronous use
--

* src/Key.js The synchronous mode for a Key does not offer an armor/
  armored property anymore. This frees up a lot of performance issues,
  also the armored expoort is expected to change quite often, so a
  cached version is not advisable.

* hasSecret/getHasSecret is now refactored, to reflect their uses.
  With get('hasSecret') there is a method that fetches the result.

* src/Key.js also some refactoring
2018-08-17 16:57:41 +02:00
Maximilian Krambach
754e799d35 js: disallow bulk set data on key from outside
--

* src/Key.js Key class is not exported anymore, as it should not be
  used directly anywhere. setKeyData is no more a method of the Key,
  (optional) data are now validated and set on Key creation and on
  updates, both from within this module, thus no longer exposing
  setKeyData to the outside.
* createKey now gained an optional parameter which allows to set Key
  data at this point.
2018-08-17 14:40:27 +02:00
Maximilian Krambach
90cb4a6842 js: importKey feedback refactor
--
* src/Keyring.js: An empty result should no longer cause an error,
  the import feedback summary has been refactored slightly
* Browsertests to reflect import feedback change
2018-08-16 17:58:11 +02:00
Maximilian Krambach
d65a392670 js: fix import feedback
--
* src/Keyring.js For Key imports without prepare_sync the import
  feedback was lacking the summary
2018-08-16 17:07:29 +02:00
Maximilian Krambach
ea43158d40 js: avoid async getters
--

* src/Key.js get armored was returning a promise on async keys.
  As getters should not do that, it returns an error in this case.
2018-08-16 14:40:53 +02:00
Maximilian Krambach
43cff51364 js: wrong object assumed in recent commit
--

* src/Keyring.js I wrongly assumed an object to be a GPGME_Key,
  it was the raw answer from nativeMessaging instead. Now it returns
  a GPGME_Key again.
2018-08-16 12:13:10 +02:00
Maximilian Krambach
715cdc0d7d js: get default key fixes
--

* src/Keyring.js: The answer was not parsed correctly, so a config was
  being ignored.

* If no config is set, we return the first non-invalid key with a
  secret, instead of the first key (which may be e.g. an expired one)
2018-08-16 12:03:30 +02:00
Maximilian Krambach
aeb065acc9 js: simplify getDefaultKey
--

* src/Keyring.js: In case no default Key is set in configuration,
  only Keys reported as having a secret part should be considered
  for default Keys, avoiding some extra requests.
2018-08-16 11:29:10 +02:00
Maximilian Krambach
622db0d1de js: consistently return uppercase fingerprint
--

* src/Key.js: the fingerprint returned by a Key is now always upper
  case hex, even if the constructor had lower case input. This is to be
  more consistent with gpgme and to be more readable and reliable in
  comparisions.
2018-08-16 11:25:50 +02:00
Ben McGinnes
279cac0ffb Symmetric example
* lang/python/examples/howto/symcrypt-file.py: *sigh*; passphrase was
  right the first time, just the error check that wasn't.
* I really should stop second guessing myself one of these days ...

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-08-14 02:55:56 +10:00
Ben McGinnes
a256d84882 Symmetric encryption example
* lang/python/examples/howto/symcrypt-file.py: Fixed the error code
  and the passphrase key word arg.
2018-08-14 02:48:38 +10:00
Ben McGinnes
ed5ef8293c Symmetric encryption example.
* lang/python/examples/howto/symcrypt-file.py: A variation on standard
  key based encryption.
2018-08-14 02:22:36 +10:00
Ben McGinnes
94bf13e78e PEP8 compliance and other code fixes
* Ran all the .py files in src/ and below through Yapf.
* Included some manual edits of core.py, this time successfully making
  two notorious sections a bit more pythonic than scheming.
* Left the module imports as is.
* This will be committed if it passes the most essential test:
  compiling, installing and running it.

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-08-10 11:25:01 +10:00
Ben McGinnes
b6d2a66b41 Link fixes
* lang/python/README: Fixed links in both versions of the README.
2018-08-10 03:42:15 +10:00
Andre Heinecke
3b78244360
cpp: Fix use after free in gencardkeyinteractor
* lang/cpp/src/gpggencardkeyinteractor.cpp
(GpgGenCardKeyInteractor::Private::keysize): Change to string.

--
The value is only required as string so we can save it this
way to avoid the need to convert it for the action command.

GnuPG-Bug-Id: T4094
2018-08-08 09:22:46 +02:00
Andre Heinecke
d09d19fa9f
Make GNUPGHOME for tests overridable
* lang/python/tests/Makefile.am,
lang/qt/tests/Makefile.am,
tests/Makefile.am,
tests/gpg/Makefile.am,
tests/gpgsm/Makefile.am,
tests/opassuan/Makefile.am (GNUPGHOME): Make variable explict.

--
If the build directory has too long path, gpgme could fail.
This is similar to

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=847206

In order to fix that, this patch extracts the GNUPGHOME variable
to be presented directly in the Makefile and thus overridable by
command line option.

A build system can then create a symlink to the GNUPGHOME directory
in /tmp and use that symlink as the GNUPGHOME directory
thus making the path very short.

GnuPG-Bug-Id: T4091

Patch provided by vlmarek
2018-08-06 09:30:47 +02:00
Maximilian Krambach
68a012deb3 js: make init export immutable
--

* src/index.js: The export now uses a freezed Object, which does not
  allow for simply overwriting the init method by e.g. a third-party
  library.
* BrowsertestExtension: Added some tests trying if decryption of bad
  data properly fails
2018-08-01 12:51:12 +02:00
Maximilian Krambach
6313a2de9e js: fix confusion about loop in last commit
--

* The aim is to iterate through the results of the first request
 (all keys), and then add the propert 'hasSecret' to those that
  are in the second request (secret Keysring)  as well. I messed
  this up in a recent change, and it escaped testing.
2018-07-31 17:35:52 +02:00
Maximilian Krambach
9d247b7fd5 js: Fix Key.hasSecret answer
--

* The comparision result between Keyring and Keyring with secrets was
  set to the wrong Object which was not returned at all.
2018-07-31 16:54:43 +02:00
Maximilian Krambach
e16a87e839 js: Making objects inmutable
--

* An Object.freeze should stop any malicious third party from changing
  objects' methods once the objects are instantiated (see unittest for
  an approach that would have worked before)
  - An initialized gpgmejs- object doesn't have a '_Keyring' property
    anymore (it still has its 'Keyring')
  - The internal expect='base64' needed to be turned into a method.
2018-07-30 12:31:27 +02:00
Maximilian Krambach
522121ea7e js: fix indentaion
--

* doing the indentation changes that became neccesary in the last
  commit.
2018-07-27 20:56:11 +02:00
Maximilian Krambach
94ee0988d4 js: change the write access for js class methods
--
* src/ [Connection, Error, Key, Keyring, MEssage, Signature, gpgmejs]:
    Functions and values that are not meant to be overwritten are now
    moved into their constructors, thus eliminating the possibility of
    overwrites after initialization.

* Key: The mode of use (synchronous cached, or async promises) ivs now
  determined at initialization of that Key. The property Key.isAsync
  reflects this state.

* unittests: fixed old Key syntax for testing.

* Message.js isComplete is now a method and not a getter anymore.

* Added some startup tests.
2018-07-27 20:36:21 +02:00
Maximilian Krambach
b18b96fb36 js: clean up test extension
--

Tests will now run with one instance of gpgmejs each block,
which reduces overhead. Readability is (hopefully) improved),
some negative tests are added.

There is still a performance problem in base64 encoding/decoding,
which causes some tests to fail due to time out.
2018-07-27 11:20:33 +02:00
Maximilian Krambach
4b343c4e33 js: include armored Key in import callback
--

* The import answer now also directly contains the armored Key as Key
  property, without need to refresh the Key object created in the
  answer. This allows for direct comparision of input and output.
* BrowserTestExtension: added test for that import callback
2018-07-24 14:56:33 +02:00
Maximilian Krambach
040b1ed40a js: Fix wrong encoding in received error messages
--

* The libgpg error strings arrive in the browser in a different
  encoding than used by browsers. Escaping and then decoding it
  should cover most languages in the supported browsers.
2018-07-24 14:50:54 +02:00
Andre Heinecke
a6e5c8bf18
cpp: Add safety checks for key update
* lang/cpp/src/key.cpp (Key::update): Check that the key is
not NULL.
* lang/cpp/src/verificationresult.cpp (GpgME::Signature::key):
Check for fingerprint.
2018-07-24 08:40:28 +02:00
Ben McGinnes
4d1642b11e docs: python bindings howto
* Fixed and tested the changes necessary for org-mode to correctly
  parse pythonic (Python 3) indentation.
* Updated the source blocks to recommended upper case for BEGIN_SRC
  and END_SRC.
* Tested and confirmed XHTML output matches correct examples.
* Tested against pseudo-control output via exporting from org-mode to
  org-mode and then exporting that to XHTML.  Remaining differences
  appear to be discarding the custom tags used to provide X[HT]ML id
  elements to each section which does not appear to offer any benefit.
* Exporting directly to XHTML or other HTML output should no longer
  cause problems, but if there are any then the first step should be
  exporting from org-to-org and then exporting that to XHTML.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-07-23 01:35:12 +10:00
Ben McGinnes
d7c5366d58 doc: python bindings howto
* Another retrofitting of the HOWTO Python example code, this time
  following adjustments to python-mode configuration and having
  trawled through the org-mode mailing lists for clues.
2018-07-23 01:35:12 +10:00
Ben McGinnes
b47e1bb98a doc: python bindings howto
* Added org-mode byline.
2018-07-23 01:35:12 +10:00
Maximilian Krambach
a965e3e0b8 js: repair BrowserTextExtension test
--

* the signed message to verify was signed by a wrong test key
2018-07-20 10:59:57 +02:00
Andre Heinecke
8168dfbeb1
cpp: Print origin and last update for key/uid
* lang/cpp/src/key.cpp: Print origin and last update in
iostream operators.
2018-07-19 12:58:49 +02:00
Maximilian Krambach
50da3ff2fd js: typo in comment
--

* Documentation typo that caused jsdoc to exit with an error
2018-07-18 13:43:47 +02:00
Andre Heinecke
16462c54b3
qt: Handle encoding for diagnostics
* lang/qt/src/threadedjobmixin.cpp (fromEncoding)
(stringFromGpgOutput): New helpers.
(markupDiagnostics): Use it.

--
The Problem is that on my western windows system GnuPG
gets CP 437 as GetConsoleOutputCP and prints in that codepage.
In a W32 GUI Application we get 0 as GetConsoleOutputCP and 1252
with GetACP.

The only thing that seemed to somehow match was GetOEMCP but
that might just be luck and it might still be broken in
other windows languages.

This code is also used in Kleopatra so it might make sense
to make it public once it is demonstrated that it works on
most systems.
2018-07-18 11:27:46 +02:00
Maximilian Krambach
ce0379d999 js: fix getkeys with locate option
--

* src/Keyring.js:
  As locate will not work with the "secret" option, the first message
  cannot be reused, thus a new one must be created here
2018-07-17 11:07:49 +02:00
Ben McGinnes
1bb3f8409d python bindings: example scripts
* Fixed incorrect mention of output prompt referencing secret keys
  when the scripts are only for exporting public keys in whole or
  minimised forms.
2018-07-13 20:36:27 +10:00
Maximilian Krambach
5213a599fe js: allow optional Key retrieve pattern to be null
--

* src/Keyring.js: If the optional "pattern" parameter is not to be
  used, but another, following parameter is, null is more of a
  convention in javascript, thus both null and undefined are
  interpreted as "this parameter is not meant to be set".
2018-07-12 11:48:17 +02:00
Maximilian Krambach
30bb549046 js: add with-sec-fprs to getKeysArmored
--

* Reflects the changes made to gpgme-json in commit
  6cc842c9aa.

  - getKeysArmored now returns an object with property 'armored' being
    the exported armored block, and an (optional) array of fingerprint
    strings for those keys that can be used in sign/encrypt operations
    as property 'secret_fprs'. With this, extensions such as mailvelope
    will be able to bulk fetch all necessary key information in one
    request.
2018-07-12 11:36:55 +02:00
Maximilian Krambach
4015f5b498 js: documentation
--

* Fixed errors:
- src/Message.js post(): Set chunksize to defined default value instead
  of hardcoded
- src/Keys.js: added getHasSecret() to refreshKey operation.

* Reviewed and updated the documentation

* non-documentation changes which do not affect functionality:
- src/Errors: disabled a console.warn that is only useful for debugging
- helpers.js: renamed "string" to "value" in isFingerprint and isLongId
  to avoid confusion
- src/Keyring: prepare_sync, search are both explicitly set to false by
  default
2018-07-10 14:32:26 +02:00
Ben McGinnes
0e760e396f example scripts: python work-arounds
* fixed three typos which were guaranteed to break said script.
2018-07-10 13:40:18 +10:00
Ben McGinnes
1eceacaff4 docs: python bindings howto
* Complete typographic overhaul.
* Removed all section level indentation since it does not affect
  output formatting, but might affect source code examples.
* In text-mode stripped out all tabs which had crept in and replaced
  them with four spaces.
* Updated all code examples (again) to conform with Python-mode.
* Bumped version number in preparation for next release of GPG 2.2.9
  and corresponding GPGME release.
2018-07-09 21:30:20 +10:00
Maximilian Krambach
8964627f6a js: fix verify result reporting
--

* src/Signature.js: searching for overall validity in the "summary"
  property
* BrowsertestExtension: Added two verify tests
2018-07-09 11:57:01 +02:00
Maximilian Krambach
67b6fa5a29 js: reduce request spam at getKeys()
--

* Don't make a secret-Key request for each Key retrieved, use one
  request for all of them instead, and assemble the info later. This
  should reduce the traffic with large Keyrings. The bulk retrieval
  for the public armored Keys for each of these Keys is still up to
  discussion

* unittests: disabled assertion for the armored key (as it currently
  doesn't work)

* encryptTest: clarified the mechanism/reason of rejection for
  Messages >64 MB. This is still a TODO, as this error comes from a
  different place (the browser itself) and behaves different from the
  other errors.
2018-07-09 11:24:46 +02:00
Ben McGinnes
cacca62d06 python bindings: howto examples
* Made sure all example scripts meet PEP8 compliance.
* Required fixing approx. a dozen of them in minor ways.
2018-07-08 03:40:35 +10:00
Andre Heinecke
66c2a99422
qt: Handle OpenPGP Diagnostic log
* lang/qt/src/threadedjobmixin.cpp (_detail::audit_log_as_html):
Handle OpenPGP audit log differently.
2018-07-05 11:29:36 +02:00
Andre Heinecke
629afebe50
cpp: Add enum mapping for GPGME_AUDIT_LOG_DIAG
* src/context.cpp (to_auditlog_flags): Map DIAG value.
* src/context.h (AuditLogFlags): Add it.
2018-07-05 11:29:36 +02:00
Maximilian Krambach
10f2106404 js: properly reject pgp message without signature
--

* A verify at gpgme-json does not fail if there is a valid pgp message
  that does not include a signature. Instead, the answer will be devoid
  of signatures. In javascript, the SIG_NO_SIG error should be reported
  here, but wasn't.
2018-07-04 15:46:45 +02:00
Maximilian Krambach
1919fa41b6 js: Add jsdoc, update webpack-cli dependency
--
* package.json:
  - the old webpack-cli version depended on two packages
    with vulnerabilities, set to minimum version 3.0.8 to fix this
    (nodesecurity.io/advisories/157, nodesecurity.io/advisories/612)
  - added License identifier

* README: Updated documentation

* jsdoc.conf: Added a configuration file for jsdoc

* some minor documentation changes, indentations
2018-07-04 13:38:54 +02:00
Andre Heinecke
7d65dc2a5c
cpp: Fix memory of DecryptionResult::symkeyAlgo
* lang/cpp/src/decryptionresult.cpp (Private, ~Private): strdup
the symkey algo.
2018-07-04 12:17:43 +02:00
Maximilian Krambach
1105fc87a3 js: add Key lookup
--

* src/Keyring.js: getKeys() now has the option "search", which will
  trigger a remote lookup (as configured in gpg) for the string given
  as pattern.
* src/permittedOperations: make use of the new 'locate' option in
  keylist
* DemoExtension: Add a button for lookup, to demonstrate the
  functionality
2018-07-04 12:11:35 +02:00
Maximilian Krambach
a52ec87d40 js: fixing Key import/export test
--

* BrowserTestExtension:
 - The KeyImport/Export test had some errors, which have now been fixed
 - The secret key used for the test examples is now placed more
   prominently, and a clarification added that decrypt tests will not
   work if this key is not imported.

* permittedOperations.js: typo

  Thanks to rrenkert@intevation.de for the fixes
2018-07-03 12:41:49 +02:00
Ben McGinnes
5bca499750 python bindings: scheming serpents
* Apparently I am wrong and Scheme is the new Python after all.
* Non-import related PEP8 compliance must wait for another day, though
  the other PEP8 fixes remain.
2018-07-02 05:05:09 +10:00
Ben McGinnes
789ea1b019 python bindings: gpg.core
* Changed id/else statements to a more pythonic form from scheme
  masquerading as python - sorry Justus, it had to go ;).
* With the added bonus of enabling PEP8 compliance in those sections.
* Fixed remaining PEP8 compliance issues with the exception of the
  imports at the beginning of the file (changing those will break the
  entire module, so we'll cope with it as it is).
2018-07-02 03:55:19 +10:00
Ben McGinnes
43a2b57545 python bindings: python 3.7
* Bindings confirmed to work with the newly released 3.7.0.
* Updated M4 file to reflect this change and correct the Python binary
  search order (3.7 is not yet given priority, but will still be found
  first via the more generic python3 executable).
* Updated setup.py.in, bindings documentation and README to reflect this.
2018-06-29 14:26:30 +10:00
Ben McGinnes
48174b2bcc whitespace police:
* There's always one or, in this case, two.
2018-06-28 18:51:47 +10:00
Ben McGinnes
6aec7d6e4a docs: python bindings howto
* Updated official doc (the org-mode file) with the instructions on
  importing and exporting both public and secret keys.
2018-06-28 18:51:47 +10:00
Ben McGinnes
a7ccdc51ef python bindings examples
* Added a secret key export variant which saves output as both GPG
  binary and ASCII armoured, plus saves in $GNUPGHOME and uses
  multiple methods of determining what that location is.
2018-06-28 18:51:47 +10:00
Ben McGinnes
7fc7e80e54 python bindings examples
* Added a key import variant which accesses the SKS keyservers in a
  RESTful fashion and then imports or attempts to import the response.
2018-06-28 18:51:47 +10:00
Ben McGinnes
0d163a7d12 python bindings examples: three export scripts
* Example of default exporting keys.
* Example of exporting minimised keys.
* Example of exporting secret keys to a file with correct permissions.

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-06-28 18:51:47 +10:00
Ben McGinnes
4251cae34d python bindings: import example
* Added an example script for importing a key from a file (either
  ASCII armoured or not).
2018-06-28 18:51:47 +10:00
Ben McGinnes
a5b91b21f5 python bindings: export secret keys
* The holy grail: a function to export secret keys.
* GPGME will still invoke pinentry and gpg-agent as usual to authorise
  the export.
* Mostly similar to the two previous export functions for public keys
  except that it will return None if the result had a length of zero
  bytes.  Meaning that the difference between the specified pattern
  (if any) not matching available keys and an incorrect passphrase is
  not able to be determined from this function (or the underlying one
  for that matter).

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-06-28 18:51:47 +10:00
Ben McGinnes
7faef33d13 python bindings: export public keys
* Updated key_export and key_export_minimal to return None where a
  pattern matched no keys in a manner simnilar to the possible result
  of key_export_secret.
2018-06-28 18:51:47 +10:00
Ben McGinnes
89c548efdf python bindings: export public keys
* Added functions for exporting public keys to gpg.core in both
  complete form and in minimised form.
* Rather than letting people need to worry about the export modes we
  are simply separating the functions as people would be more familiar
  with from the command line usage anyway.
* Functions added for Context are: ctx.key_export_minimal and
  ctx.key_export as the default or full export.

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-06-28 18:48:05 +10:00
Maximilian Krambach
88e7f8ec2e js: Demoextension update
--

* src/Signature: typo
* src/gpgmejs.js: fixed wrong scope in verification
* right now verify does not succeed in the DemoExtension.
  This is probably a problem in conversion or line ending.
2018-06-20 13:46:41 +02:00
Andre Heinecke
d27703ea4f
Prepare build system for gpgme-js and dist it
* configure.ac: Add js as language.
* lang/Makefile.am: Add js as dist language.
* lang/js/BrowserTestExtension/Makefile.am,
lang/js/DemoExtension/Makefile.am,
lang/js/Makefile.am,
lang/js/src/Makefile.am: Populate EXTRA_DIST variables.

--
There is no actual build done yet as there seems to be
no way to build it with debian stable tools. This needs
clarification.
2018-06-19 16:40:40 +02:00
Maximilian Krambach
780f7880c6 js: getDefaultKey and GenerateKey improvements
--

* src/Keyring.js: added more options for key generation.

* src/Key.js: GetDefaultKey now relies on the info associated with the
  key, as the approach of relying on a secret subkey did not work as
  intended
* DemoExtension: Added a button for retrieval of the subkey, to test
  this functionality.
2018-06-19 09:26:01 +02:00
Ben McGinnes
19c5267f86 python bindings: core import statements
* Fixed the bit I broke while fixing the PEP8 compliance issues.
2018-06-17 22:42:43 +10:00
Ben McGinnes
a5b24ae46c python bindings: core — PEP8 compliance
* Fixed most of the PEP8 errors in core.py
* Those remaining may need more than little edits and are a bit
  strange (too clearly the result of a programmer who has spent far
  too much time dealing with Lisp so that for Python it looks
  ... strange).
2018-06-17 15:58:44 +10:00
Ben McGinnes
5a80e75500 python bindings: core - key import
* Wrapped the key import function in the try/exception statements
  needed to catch at least the most likely unsuccessful import attempt
  errors.
* Mostly draws on the file error and no data import statuses for
  errors, with a couple of exceptions.

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-06-17 14:35:20 +10:00
Ben McGinnes
0e762608ef python bindings: core key import
* The foundation of a pythonic key import function authored by Jacob
  Adams.
* A unit testing script for the same function originally authored by
  Tobias Mueller
* Added DCO reference for Jacob Adams to the GPGME AUTHORS file.
* Additional details regarding this patch are available here:
  https://dev.gnupg.org/T4001

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-06-17 09:28:30 +10:00
Maximilian Krambach
3cd428ba44 js: import result feedback
--

* src/Keyring.js: Changed and documented the import result feedback
  towards the javascript side
2018-06-14 14:50:25 +02:00
Maximilian Krambach
3c783bd09c js: add verify and signature parsing
--

* src/gpgmejs.js:
  - Added verify method
  - Added verification results in decrypt (if signatures are present
    in the message)
  - Added a base64 option to decrypt

* src/Signature.js: Convenience class for verification results. Used
   for e.g. converting timestamps to javascript time, quick overall
   validity checks

* src/Keyring.js: removed debug code

* src/Errors.js add two new Signature errors
2018-06-14 12:15:51 +02:00
Maximilian Krambach
aed402c5d5 js: getDefaultKey and verify fix
--

* DemoExtension/maindemo.js - added a Demo for retrieving the default
  signing key

* src/Errors.js - add a new Error if no default key can be determined

* src/Key.js added documentation and a TODO marker for hasSecret.

* src/Keyring.js implemented getDefaultKey

* src/permittedOperations.js: Added missing entry for verify,
    added config_opt
2018-06-13 15:22:03 +02:00
Maximilian Krambach
d0fc4ded58 js: less confusing icons for test/Demo extension
--
* The current test icon was just a generic pin. Changed that by the
  gnupg lock symbol with 'Demo'/'Tests' written on it. Original taken
  from gnupg artwork/icons/lock-wing.svg.
2018-06-13 11:49:37 +02:00
Maximilian Krambach
e154554e9a js: removed config
--

* There is no use for a configuration at the moment, and it seems
  improbable that this use will arise.
2018-06-11 15:10:43 +02:00
Maximilian Krambach
e97e6c06e9 js: Add key creation to Keyring
--

* src/Keyring.js: Added method generateKey for new Keys
  Still TODO: Key length and some further testing. Automated testing
  does not work in this case, and gpgmejs will not be able to delete
  test keys again.
* src/permittedOperations.js Added new method's definitions according
  to gpgme-json
2018-06-11 12:08:50 +02:00
Ben McGinnes
92cd060f5e script: groups.py
* Added check for if it is run on a Windows system so that the correct
  binary filename is invoked.
2018-06-11 01:03:58 +10:00
Maximilian Krambach
c072675f3f js: change chunksize handling and decoding
--

* the nativeApp now sends all data in one base64-encoded string, which
  needs reassembly, but in a much easier way now.

* there are some new performance problems now, especially with
  decrypting data
2018-06-08 17:54:58 +02:00
Andre Heinecke
8dff414e17
cpp: Add proper gpgme_op_createkey
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::createKeyEx): New.

--
The createKeyEx function follows the usual pattern that the
synchronous call returns a result directly while for the
async an extra call is neccessary.
2018-06-08 16:19:47 +02:00
Ben McGinnes
a3a08584d6 examples: python howto
* Uses the groups module to prepare a list of recipients and encrypt
  to those.
* The main version (encrypt-to-group.py) tries to check for invalid
  recipients, but still falls back to always trust for the second
  encryption attempt.
* The gullible version doesn't try pruning the recipient list at all,
  it just tries to encrypt and if it fails, switches straight to
  always trust.
* The trustno1 version doesn't use the always trust model at all and
  only attempts pruning the list of invalid recipients.
2018-06-07 15:06:20 +10:00
Maximilian Krambach
7a072270ac js: change Keyinfo timestamps into javascript date
--
* src/Key.js
2018-06-06 15:29:21 +02:00
Maximilian Krambach
bfd3799d39 js: code cleanup (eslint)
--
* trying to stick to eslint from now on for readability

* As some attribution was lost in previous git confusions, I added my
  name into some of the licence headers
2018-06-06 13:05:53 +02:00
Maximilian Krambach
0356a667c5 js: implement import/delete Key, some fixes
--

* Keyring.js
   - implemented importKey: importing one or more armored public key
     blocks.
   - implemented deleteKey: deleting a public Key from gpg.

* Key.js renamed property Key.armor to Key.armored

* Helpers.js: toKeyIDArray does not complain anymore if there are no
  keys. Not having Keys in e.g. signing keys in encrypt is legitimate
  and common, the complaints were getting spammy

* Errors.js: gpgme_errors now always pass an optional additional
  message, for easier debugging in minified code

* Connection.js: Fix in gpgme-json responses containing objects

* eslintrc.json: Start using eslint. A cleanup to conform to it is not
  done yet

* Added further tests for the new functionality
2018-06-06 11:57:41 +02:00
Ben McGinnes
897423422b docs: python bindings howto
* Another attempt at fixing the org-mode version.
* A proof reader ascertained there were tabs in it instead of whitespace.
* Stripped the lot out and replaced with standard 4 spaces, fixed
  every incorrect example ... and it still breaks upon save and/or export.
* Added the reference to the mutt-groups.py script to demonstrate the
  groups.py module/code.
2018-06-03 00:46:46 +10:00
Andre Heinecke
00b027af86
cpp: Add gpgme_(get)set_ctx_flag
* NEWS: Mention API extensions.
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::setFlag, Context::getFlag): New.
2018-06-01 11:10:45 +02:00
Andre Heinecke
d46768c960
cpp: Add legacy_cipher_nomdc
* lang/cpp/src/decryptionresult.cpp, lang/cpp/src/decryptionresult.h
(DecryptionResult::isLegacyCipherNoMDC): New.

--
2018-06-01 10:58:24 +02:00
Maximilian Krambach
332b4adbcc js: more Keyring/Key handling
--

* src/Keys.js
  - made setKeyData more consistent with other methods
  - added convenience methods (Key.armored, Key.hasSecret)
  - Added a Key delete function

* src/Keyring.js:
  - added a getkeysArmored which allows for bulk export of public Keys

gpgmejs:
  - removed deleteKey. It is now a method of the Key itself
  - Encrypt: Added some common options as parameter, and the
    possibility to set all allowed flags via an additional Object
2018-05-30 17:05:54 +02:00
Andre Heinecke
618aa7f08d
cpp: Add gpgme_data_rewind to cpp API
* lang/cpp/src/data.h, lang/cpp/src/data.cpp (Data::rewind): New.
* lang/qt/tests/t-various.cpp (testDataRewind): Test it.

--
The advantage of this convieniance function in GPGME is that
it avoids the messiness that are declarations with off_t.

GnuPG-Bug-Id: T3996
2018-05-29 09:19:50 +02:00
Maximilian Krambach
53ce2b94bc js: Keyring listing keys
--

* implementing Keyring methods:

  - Keyring.getKeys: has an additional option that retrieves the armor
    and secret state once at the beginning. This is power hungry, but
    allows for Keys to be used directly (without querying gpgme-json
    each call)
  * permittedOperations.js: reflect recent changes in the native
    counterpart, adding more options
  * Key: adding two methods for retrieving the armored Key block and
    for finding out if the Key includes a secret subkey.
2018-05-28 17:26:56 +02:00
Maximilian Krambach
d4adbf453d js: Treat a connection as a gpgme Context
--

* After an operation a connection should be disconnected again.
  The "end of operation" is now assumed to be either an error as
  answer, or a message not including a "more"

* GPGME, GPGME_Key, GPGME_Keyring don't require a connection
  anymore
* Message.js: The Message.post() method will open a connection as
  required
2018-05-28 16:52:50 +02:00
Maximilian Krambach
7a73d88aba js: implement Key handling (1)
--

* Keys can now be queried for information. Onne version queries gnug
  directly (asynchronous Promise in javascript terms), the cached
  version refreshes on demand.

* Small fixes:
  src/Connection.js joins answers that stay json properly now
2018-05-25 19:02:18 +02:00
Maximilian Krambach
eff27d6387 js: use version operation for connection checks
--

* src/Connection.js: isConnected was renamed to checkConnection, that
  returns a promise with either version information or Boolean
* Connection checks have been adapted to reflect that checkConnection
  returns a Promise
* BrowsertestExtension: tests/signTest.js was missing from my last
  commit
2018-05-25 11:53:24 +02:00
Ben McGinnes
321005c12f examples: mutt crypt-hooks generator
* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
  gpg.conf, including those entries for multiple keys (Mutt handles
  that differently).
2018-05-25 07:12:52 +10:00
Ben McGinnes
48e946a96d docs: python bindings howto
* Fixed the groups.py script so it really does what is described (the
  old code had the same result for groups, group_lines and
  group_lists).
* Updated the corresponding example in the doc to match.
2018-05-25 05:50:11 +10:00
Ben McGinnes
9038d30017 doc: python bindings howto
* Fixed org-mode python source indenting.
** Note: nested indented blocks do not indent correctly when exported
   to [X]HTML.
2018-05-25 05:50:11 +10:00
Maximilian Krambach
a4ba80c553 js: adding sign method
--

  * src/gpgmejs.js: method, update in src/permittedOperations
  * basic testing in BrowsertestExtension
2018-05-24 15:16:18 +02:00
Maximilian Krambach
e38b8beb20 Merge branch 'master' into javascript-binding 2018-05-24 14:03:09 +02:00
Maximilian Krambach
f7ed80ff6a js: remove openpgp mode
--

* After discussion, that mode is not required, and can result in
  being quite misleading and a maintenance hassle later on.
2018-05-23 12:56:23 +02:00
Ben McGinnes
3a9e6a8e08 docs and examples: python howto
* Updated the decryption example code in the HOWTO and the
  corresponding decrypt-file.py script to gracefully handle a
  decryption failure.  This error will always be triggered when GPGME
  is used to try to decrypt an old, MDC-less encrypted message or
  file.
2018-05-23 14:43:06 +10:00
Maximilian Krambach
ecad772635 js: transfer encoding changes
--

* Uint8Arrays are not supported for now there are unsolved issues in
  conversion, and they are lower priority

* encrypt gains a new option to indicate that input values are base64
  encoded
* as decrypted values are always base64 encoded, the option base64 will
  not try to decode the result into utf, but leave it as it is
2018-05-22 14:24:16 +02:00
Andre Heinecke
28e3778ce2
cpp: Expose sessionKey and symkeyAlgo
* lang/cpp/decryptionresult.cpp, lang/cpp/decryptionresult.h
(DecryptionResult::symkeyAlgo, DecryptionResult::sessionKey): New.
2018-05-22 12:08:01 +02:00
Maximilian Krambach
6b4caee039 js: Testing lare messages
--

* Some assumption on messages were wrong. Now the tests use more
  reasonable sizes.
* bigString now uses the full utf8-extent, with the exception of
  U+0000. This code gets dropped during the encryption-decryption
  process.
2018-05-14 19:02:49 +02:00
Maximilian Krambach
d1ca90ef75 js: remove non-browser tests
--

* The majority of tests needs to be run in a nativeMessaging context.
  Offering the few tests that don't need this context at two places
  introduces issues with maintainability. All tests now removed can be
  found in ./unittests.js
2018-05-14 16:36:05 +02:00
Maximilian Krambach
987b317468 js: Tests and improvements for openpgp mode
--

* Added openpgp - Mode tests to the browsertest Extension. These tests
  require openpgp, which should not be a hard dependency for the main
  project. Packing openpgpjs into the extension is still TODO

* Fixes:
  - openpgp mode API now correctly handles parameters as an object,
    similar to openpgpjs
  - proper check and parsing of openpgpjs Message Objects
2018-05-14 16:23:24 +02:00
Maximilian Krambach
c92326cc25 js: more testing of nativeMessaging connection
--

* There were some inconsistencies between utf-8, transfer and browsers'
  utf16, which broke characters that were split between individual
  messages. src/Connection now contains a workaround that reassembles
  javascripts' format from passed base64 strings. This needs someone
  more experienced looking.
* Added several new tests which were failing during initial debugging
  of this issue
* reorganized BrowsertestExtension to avoid cluttering.
2018-05-09 19:40:57 +02:00
Maximilian Krambach
5f5bf024a8 Merge branch 'master' into javascript-binding 2018-05-09 16:55:50 +02:00
Maximilian Krambach
cca40627b0 js: more testing
--

* Tests: Under certain circumstances, some data change during
  encrypt-decrypt. Committing the current state so the problem can be
  discussed.

* Fixes:
  - disconnecting the test ports after tests are complete
  - fixed passing of the error message from gpgme-json
2018-05-08 18:33:41 +02:00
Maximilian Krambach
8f3d83e5f0 js: fixing errors found by testing: encrypt/decrypt
--

* Key.js: Error code for wrong parameter in createKey should be
  "PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
  toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
  for the native API

* new Problems:
  - There seems to be a message size limit of about 21 MB for
    nativeMessaging, much lower than the documented 4GB.
  - Some bytes are lost with random data in an encrypt-decrypt
    roundtrip. The culprit is unclear.
2018-05-07 18:27:25 +02:00
Ben McGinnes
46da79e3de python: key expiration datetime stamp tests
* Changed the expiration date for the generated test key to NYE this
  century, rather than the NYE this millennium as originally suggested
  in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
  healthy millennials) as well as the 32-bit clock end date in 2038;
  without falling foul of OpenPGP's 2106 expiration.
2018-05-05 12:27:17 +10:00
Maximilian Krambach
cf075846fb js: fixing errors found by testing
--

* Key.js: Error code for wrong parameter in createKey should be
  "PARAM_WRONG"

* Helpers.js: The property openpgpjs-like Objects were checked for in
  toKeyIdArray was not defined.

* src/permittedOperations.js: updated more expectations and assumptions
  for the native API
2018-05-04 12:56:59 +02:00
Andre Heinecke
26820ba629
qt: Respect --disable-gpg-test for tests
* lang/qt/Makefile.am: Respect --disable-gpg-test

--
This is similar to the core switch to disable the tests.
2018-05-04 10:03:42 +02:00
Maximilian Krambach
c755287ba8 js: Added browser testing for unit tests
--

* Added unittests to be run inside a Browser. To be able to access
  the non-exposed functions and classes, a testing bundle will be
  created, containing the tests (unittests.js) and the items to be
  tested.
* src/Helpelpers, src/Key, src/Keyring: fixed some errors found
  during testing.
2018-05-03 18:03:22 +02:00
Maximilian Krambach
6f67814eb4 js: changed Key class stub
--

* src/Key.js:
  A Key object cannot offer more than basic functionality outside a
  connection, so it now requires a connection to be present.
2018-05-03 14:12:10 +02:00