Commit Graph

379 Commits

Author SHA1 Message Date
Ingo Klöcker
276187f6b6 core: Extend gpgme_key_sig_t with trust signature members.
* src/gpgme.h.in (struct _gpgme_key_sig): Add fields 'trust_depth',
'trust_value', and 'trust_scope'.
* src/key.c (gpgme_key_unref): Free trust_scope.
* src/keylist.c (keylist_colon_handler): Set the fields.
* tests/run-keylist.c (main): Print the fields.
--

The trust signature values are part of gpg's output since the year 2003.
This now adds support to gpgme.

GnuPG-bug-id: 5245, 5419
2021-05-05 19:23:48 +02:00
Werner Koch
0821e2b149
core: New flag GPGME_KEYSIGN_FORCE.
* src/gpgme.h.in (GPGME_KEYSIGN_FORCE): New.
* src/engine-gpg.c (gpg_keysign): Implement.

* tests/run-keysign.c (show_usage): Add option --force
--

GnuPG-bug-id: 4584
2021-03-11 11:49:07 +01:00
Ingo Klöcker
f3407d0ee4 core: New function gpgme_op_revsig.
* src/gpgme.h.in (gpgme_op_revsig_start, gpgme_op_revsig): New.
(GPGME_REVSIG_LFSEP): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_REVSIG.
* src/revsig.c: New.
* src/Makefile.am (main_sources): Add revsig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_revsig and
gpgme_op_revsig_start.
* src/engine.h, src/engine.c: (_gpgme_engine_op_revsig): New.
* src/engine-backend.h (engine_ops): Add 'revsig' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_revsig): New.
(_gpgme_engine_ops_gpg): Set revsig to gpg_revsig.
* doc/gpgme.texi: Document new functions.
* tests/run-keysign.c: Add option --revoke.
--

This extends GPGME to support the --quick-revoke-sig command
added by GnuPG 2.2.24. This allows revoking key signatures.

GnuPG-bug-id: 5094
2020-10-29 12:57:10 +01:00
Ingo Klöcker
db82e99a8a core: New function gpgme_op_setexpire.
* src/gpgme.h.in (gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/genkey.c (setexpire): New.
(gpgme_op_setexpire_start, gpgme_op_setexpire): New.
* src/engine.h, src/engine.c: (_gpgme_engine_op_setexpire): New.
* src/engine-backend.h (engine_ops): Add 'setexpire' and adjust all
engine initializers.
* src/engine-gpg.c (gpg_setexpire): New.
(_gpgme_engine_ops_gpg): Set setexpire to gpg_setexpire.
* doc/gpgme.texi: Document new functions.
* tests/run-genkey.c: Add option --setexpire.
--

This extends GPGME to support the --quick-set-expire command
added by GnuPG 2.1.22. This allows changing subkeys expiry
date without going through the editinteractor interface.

Co-authored-by: Andre Heinecke <aheinecke@gnupg.org>
GnuPG-bug-id: 4999
2020-08-04 16:51:56 +02:00
Werner Koch
7f9e0ca57b
core: New export mode to export as OpenSSH public key.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SSH): New.
* src/export.c (export_ext_start): Allow for new mode.
* src/engine-gpg.c (export_common): Implement.
* tests/run-export.c (status_cb): New.
(main): New options --status and --ssh.
--

GnuPG-bug-id: 4310
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-16 12:00:46 +02:00
Werner Koch
8589091682
core: Deprecate the non-working trustlist functions.
* src/gpgme.h.in: Clarify that the trustlist function should not be
used.
* src/engine.c (_gpgme_engine_op_trustlist): Always return an error.
* src/engine-backend.h (struct engine_ops): Remove trustlist member.
* src/engine-gpg.c (gpg_trustlist): Remove.
(struct engine_ops): Remove that member.  Also in all other engines.
* tests/gpg/t-trustlist.c: Remove.
* lang/python/tests/t-trustlist.py: Remove.
--

This never worked in reality because the required feature has been
removed from GnuPG version 1.3.2 soon after introduction of this
feature in gpgme - 17 years ago.  It was anyway marked as
experimental.  We keep the API and ABI, though.

GnuPG-bug-id: 4834
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 16:34:24 +02:00
Werner Koch
c8048bf8eb
core: New keylist mode GPGME_KEYLIST_MODE_WITH_KEYGRIP.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_KEYGRIP): New.
* src/gpgme-json.c (op_keylist): New flag "keygrip".
* src/engine-gpg.c (gpg_keylist_build_options): Pass the options.

* lang/cpp/src/global.h (WithKeygrip): New.
* lang/cpp/src/context.cpp: Add check.
* lang/cpp/src/key.cpp (Key::update): Handle WithKeygrip.
* lang/cpp/src/verificationresult.cpp: Ditto.
* lang/cpp/src/util.h (add_to_gpgme_keylist_mode_t): Ditto.
--

GnuPG-bug-id: 4939
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-07-15 14:11:17 +02:00
Andre Heinecke
88f3202521
doc: Explain verify_result_t.status == 0 more
* doc/gpgme.texi (gpgme_verify_result_t): Explain
GPGME_STATUS_NO_ERROR more clearly.

--
This might help to avoid misunderstandings how the
status can be interpreted and explains why a verify
of unsigned PGP Data returns no error.

As a reaction to CVE-2020-10759 discovered by Justin Steven.
2020-06-09 10:22:27 +02:00
dupgit
49c13854f3
GPGME_CREATE_NOEXPIRE is only available since 1.9.0
* doc/gpgme.texi: Fixes version number from 1.8.0 to
   1.9.0 for GPGME_CREATE_NOEXPIRE.

GnuPG-Bug-Id: T4922
Signed-off-by: dupgit <olivier.delhomme@free.fr>
2020-05-08 12:34:20 +02:00
Werner Koch
004fdf61c8
core: Make sure the keygrip is available in WITH_SECRET mode.
* src/engine-gpg.c (gpg_keylist_build_options): Send --with-keygrip
if --with-secret is used.
--

Since GnuPG 2.2.19 the keygrip was not anymore send if only
--with-secret was used in a public key listing.  Given that
--with-secret requires computation of the keygrip anyway, there is no
point in not requesting the keyrip in this case.

GnuPG-bug-id: 4820
2020-05-08 11:18:42 +02:00
Werner Koch
3afa534645
core: New context flags "include-key-block" and "auto-key-import".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "include-key-block" and
"auto-key-import".
(gpgme_get_ctx_flag): Ditto.
* src/context.h (struct gpgme_context): Add flags include_key_block
and auto_key_import.
* src/engine-gpg.c (struct engine_gpg): Likewise.
(gpg_set_engine_flags): Set the flags for gpg versions >= 2.2.20.
(gpg_decrypt): Set option according to the new flags.
(gpg_encrypt): Ditto.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.
(gpg_verify): Ditto.

tests/run-verify: Add option --auto-key-import.
tests/run-sign: add option --include-key-block.
--

GnuPG-bug-id: 4856
Signed-off-by: Werner Koch <wk@gnupg.org>
2020-03-17 17:24:21 +01:00
Werner Koch
5eeae535ee
core: Extend gpgme_user_id_t with uidhash member.
* src/gpgme.h.in (struct _gpgme_user_id): Add field 'uidhash'.
* src/key.c (gpgme_key_unref): Free it.
* src/keylist.c (keylist_colon_handler): Set it.
* tests/run-keylist.c (main): Print it.
--

The uidhash value is part of gpg's output since the year 2005.  This
now adds support to gpgme.  The application for uidhash is to select
a user id in an edit interactor: Instead of giving the number of the
user id, the uidhash value can be be used to avoid tracking the user
id numbers.

Signed-off-by: Werner Koch <wk@gnupg.org>
2019-12-13 15:11:00 +01:00
Andre Heinecke
7e7eaf4342
Revert "doc: Remove UI Server documentation"
This reverts commit 1b2ad3b73c.

--
Just removing the documentation was not the right way as
this is still in use.
2019-12-11 10:30:41 +01:00
Andre Heinecke
1b2ad3b73c
doc: Remove UI Server documentation
* doc/Makefile.am: Remove uiserver.texi
* doc/gpgme.texi: Remove UI-Server mentions.
* doc/uiserver.texi: Removed.

--
This prepares the removal of UI Server from implementing
applications like Kleopatra.
The only user of the UI Server is GpgEX and even that
does not need it at all and is better served with process
calls.

GnuPG-Bug-Id: T4030
2019-11-12 11:04:11 +01:00
Andre Heinecke
0224408c63
core: Add cert-notation support and extended-edit
* src/context.h (gpgme_context): Add new flag for extended-edit.
* src/engine-gpg.c (append_args_from_sig_notations): Add flags to
control the kind of notations.
(gpg_edit): Respect extended-edit and notations.
(gpg_encrypt_sign, gpg_sign): Update call to
append_args_from_sig_notations.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Support
extended-edit.
* NEWS, doc/gpgme.texi: Mention extended-edit.

--
This provides a way to get the extended key-edit interface without
breaking bad state machines that rely on the current command flow.

A use case for this is to enable multiple local signatures, which
can be used together with annotations for:

GnuPG-Bug-Id: T4734
2019-10-29 16:11:54 +01:00
Werner Koch
2b2977c215
doc: Remove cruft from a doc entry.
--

Reported-by: dkg@fifthhorseman.net
2019-10-01 08:08:17 +02:00
Werner Koch
649b196881
doc: Minor comment cleanups.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-12-03 10:41:00 +01:00
Werner Koch
8d91c0f4cd
Add SPDX identifiers to most source files
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-11-16 13:27:33 +01:00
Daniel Kahn Gillmor
2557d0ae6f spelling: fix misspellings
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-11-08 12:34:27 +07:00
Daniel Kahn Gillmor
2f12427e41 doc: use https:// for www.gnu.org
--

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2018-10-18 00:28:51 -04:00
Andre Heinecke
85627e5818
core: Add trust-model flag
* src/context.h (gpgme_context): Extend with trust_model.
* src/engine-gpg.c (engine_gpg): Extend with trust_model.
(gpg_set_engine_flags): Take trust_model from context.
(build_argv): Handle trust_model.
(gpg_release): Free trust_model.
* src/gpgme.c (gpgme_set_ctx_flag): Handle trust-model flag.
(gpgme_release): Release trust-model.
* doc/gpgme.texi: Document new flag for gpgme_set_ctx_flag.
(Context Flags): New subsection for the context flags.
* tests/run-keylist.c (show_usage, main): Add new --trust-model
parameter.

--
This gives a GPGME user fine grained control over the
trust-model.

Changing the trust model for only a single application depends
on:
GnuPG-Bug-Id: T4134
Maniphest Tasks: T4134
Differential Revision: https://dev.gnupg.org/D466
2018-10-09 10:48:58 +02:00
Werner Koch
ecfa48fffa
build: Move config.h to conf/config.h
* conf/: New dir.
* configure.ac (AC_CONFIG_HEADER): Move header to conf dir.
* doc/Makefile.am (mkdefsinc): Adjust rule.
* lang/python/Makefile.am (copystamp): Ditto.
--

C++ uses those stupid files without a suffix and thus the new standard
header <version> as included by newer other libc++ versions may
conflict with the VERSION file in out top directory.   This change
should solve the problem.

GnuPG-bug-id: 4168
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-05 15:14:58 +02:00
Ben McGinnes
f3fc737382 python: makefiles
* doc/Makefile.am: Removed a bit I forgot about.
* Renamed lang/python/docs to lang/python/doc bvecause apparently
  automake cares about that too.
* Decided to be extra explicit in the manifest because if I don't then
  all sorts of things get deleted ... like lang/python
* Tested on an external linux system just in case my osx workstation
  introduces too much weirdness.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-10-04 21:10:46 +10:00
Ben McGinnes
b280205319 docs: pre-python preparation
* doc/Makefile.am: removed the python howto from this file, restoring
  it to just the main project and the newer .js files.
* deleted: doc/gpgme-python-howto.texi
* renamed the Short_History.org file to short-history.org to keep the
  naming conventions similar.
* All the Python files can (and should) live together.
2018-10-04 01:42:12 +10:00
Ben McGinnes
23894ac9a9 python bindings: CPython order
* Changed the order of python versions the configure/make process
  checks for, placing Python 3.7 ahead of 3.6.
* Updated the HOWTO documentation to reflect this change.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-10-03 06:58:51 +10:00
Werner Koch
7b861945fd
core: add experimental GPGME_EXPORT_MODE_NOUID.
* src/gpgme.h.in (GPGME_EXPORT_MODE_NOUID): New.
* src/export.c (export_start): Adjust option check.
* src/engine-gpg.c (export_common): Implement option.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-10-02 11:18:00 +02:00
Ben McGinnes
76bdfabb05 docs: python bindings
* Tightened up the docs a little bit, updated the "what's new"
  section, dropped the "-draft" version in preparation for GPGME
  1.12.0's release.
* Exported another .texi version (and updated the draft copies to this
  commit (which ought to be 1.11.1-beta313).

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-10-01 02:10:03 +10:00
Ben McGinnes
b625258d54 docs: a typographical two-step
* Sometimes you really do need or want punctuation in a heading, but
  ideally without something else generating whitespace and other
  annoyances to go with it.
* Trying a real decimal point instead.

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-09-25 10:17:39 +10:00
Ben McGinnes
62e4e2cb5e docs and examples: python bindings
* Woumd up the "what's new" section.
* Added an example for sending a key to the keyservers via hkp4py.
* Updated the export key code to use a more complete check for the
  $GNUPGHOME location.
* Expanded on the installation and reinstallation troubleshooting
  section.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-09-25 09:59:31 +10:00
Ben McGinnes
e9da4d9710 docs: python bindings howto
* Added a What's New section to summarise changes since the last
  release.  There have been quite a few and some attention does need
  to be drawn to some of them.
* Confirming certain issues with some platform builds, especially
  BSD/OSX vs. Linux issues which will need to update the installation
  troubleshooting guides.
2018-09-25 04:32:13 +10:00
Ben McGinnes
b12b2cc996 docs and examples: python bindings howto
* Added more comprehensive examples using hkp4py and added a couple
  more example scripts for protonmail.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-09-23 19:36:54 +10:00
Ben McGinnes
ced4bdbbb2 examples: python bindings and hkp4py updates
* Mostly tightening up the details on the hkp4py example script.
* Also fixed a typo in the LGPL boiler plate text included in all the
  other example scripts for the HOWTO.
2018-09-23 11:43:34 +10:00
Ben McGinnes
6ed9a77c92 python bindings: importing from keyservers with hkp4py
* added a new example script to search the keyservers and import the
  results, this time using Marcel Fest's hkp4py module.
* Updated the key importing section to match this addition.
* Tested with the current version of hkp4py from github.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-09-23 08:18:44 +10:00
Ben McGinnes
3622576105 docs: python bindings howto
* Confirmed that updates to the tests have significant'y improved that
  output.
* Updated some of the additional notes for the section on hkp4py.
** This is in anticipation adding at least import examples using that
   module as well.  It may also include adding examples of exporting a
   key and uploading it to the keyservers.

Tested-by: Ben McGinnes <ben@adversary.org>
Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-09-23 05:37:40 +10:00
Ben McGinnes
5cb67257f2 docs: python bindings and its special request
* Added some material on using the new-ish hkp4py module with GPGME.
* Example code will be added later once a couple of little issues are
  addressed.

Signed-off-by: Ben McGinnes <ben@adversary.org>
2018-09-20 11:38:20 +10:00
Ben McGinnes
362caaf02f docs: python bindings
* Updated the Cython example code slightly, along with the
  corresponding explanation.
2018-09-18 08:32:30 +10:00
Ben McGinnes
f4d83800d8 docs: python bindings howto
* Tightened up the Cython demonstration.
2018-09-17 14:33:02 +10:00
Ben McGinnes
44c846345e docs: cython sanitized
* Sanitized the shell command examples of extraneous whitespace.
* Removed keycount.c as sanitising it is pointless and it will be
  generated by Cython when the example is followed.
* Regenerated the .texi version.
2018-09-16 13:58:34 +10:00
Ben McGinnes
61c08f7435 docs: python bindings howto
* Added new advanced section with an example of using the Python
  bindings with CPython code compiled back to C code using Cython.
* Though it may seem a bit counter-intuitive to use the bindings just
  to go back to C via a different route, this is not actually stupid.
* Added examples/howto/advanced/cython/ directory.
* Added keycount.pyx, setup.py and the keycount.c file which the first
  two generated with Cython.  Not including the .so and .o files from
  the build.
* Exported the .texi version of the howto for the main docs.
2018-09-16 13:48:12 +10:00
Ben McGinnes
fbec29fdac docs: even more edits
* doc/gpgme-python-howto.texi: hunting down and killing commas,
  Oxford or not it can't stay in a heading.
2018-09-16 11:06:32 +10:00
Ben McGinnes
2a1b0b88d9 docs: more edits
* lang/python/docs/gpgme-python-howto.org: more tweaks and edits,
  along with another build of output formats.
* doc/gpgme-python-howto.texi: updated texinfo version for parent docs.
2018-09-16 10:52:30 +10:00
Ben McGinnes
76f7702284 docs: python howto texinfo update
* doc/gpgme-python-howto.texi:
2018-09-16 06:42:35 +10:00
Ben McGinnes
7e9df9b9e3 docs: Python howto update
* lang/python/docs/GPGMEpythonHOWTOen.org: Added corresponding GPGME
  version number to table at the start and cut the shortcut from the
  groups.py example.
* doc/gpgme-python-howto.texi: New export of Texinfo file for docs
  build.
2018-09-16 06:35:02 +10:00
Ben McGinnes
93a2ea0207 docs: generated whitespace
* doc/gpgme-python-howto.texi: culled whitespace included with the
  org-mode export.
2018-09-16 05:02:44 +10:00
Ben McGinnes
2e5b060370 Docs: including howto with standard docs
* gpgme.spec.in: Added gpgme-python-howto.info build on the grounds
  that it now deals with certain possible installation issues and end
  users encountering them would want the docs to hand.
* doc/gpgme.texi: updated the copyright year to this year.
2018-09-16 04:55:33 +10:00
Ben McGinnes
b19faa26e0 Docs: Python bindings HOWTO
* Added doc/gpgme-python-howto.texi: generated from
  GPGMEpythonHOWTOen.org and then slightly modified so the generated
  Info file doesn't use camelCase.
* doc/Makefile.am: Updated makefile to include the Python HOWTO with
  gpgme_TEXINFOS and to export the generated files to the webserver
  along with the main GPGME one.
2018-09-16 04:04:13 +10:00
Werner Koch
702566b36c
doc: Add warning that FILE_NAME is not part of the signed data.
--
2018-08-27 11:43:02 +02:00
Andre Heinecke
59ed27bae1
Merge branch 'javascript-binding'
This adds a new language binding "gpgme.js" to GPGME. It
serves as a bridge between the native-messaging service "gpgme-json"
and JavaScript Applications.

The first user of this binding will be Mailvelope which will
see GnuPG integration in the near future.

GnuPG-Bug-Id: T4107
2018-08-22 13:15:35 +02:00
Andre Heinecke
9608996d88
Add example manifests for gpgme-json
* doc/examples/gpgme-chrome.json, doc/examples/gpgme-mozilla.json: New.
* doc/Makefile.am (EXTRA_DIST): Include them.

--
The id contained in the examples is the ID of Mailvelope.
2018-08-21 13:58:51 +02:00
Werner Koch
f42cd70f18
core: New interface gpgme_data_new_from_estream.
* src/gpgme.h.in (gpgme_data_new_from_estream): New.
* src/data-estream.c: New.
* src/data.h (gpgme_data): New union member e_stream.
--

The estream functions (gpgrt_fopen et al.) are any waypart of the
required libgpg-error library and thus it makes sense to provide this
convenience interface.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-07-19 09:51:45 +02:00