Commit Graph

81 Commits

Author SHA1 Message Date
Werner Koch
6ac1f2cded
core: New flags GPGME_DECRYPT_UNWRAP and GPGME_ENCRYPT_WRAP.
* src/gpgme.h.in (GPGME_ENCRYPT_WRAP): New const.
(gpgme_decrypt_flags_t): New enum.
(GPGME_DECRYPT_VERIFY): New const
(GPGME_DECRYPT_UNWRAP): New const
(gpgme_op_decrypt_ext_start): New func.
(gpgme_op_decrypt_ext): New func.
* src/decrypt-verify.c (gpgme_op_decrypt_ext_start): New.
(gpgme_op_decrypt_ext): New.
(decrypt_verify_start): Add arg FLAGS.  Replace call to
engine_op_decrypt_verify by the plain decrypt with the flag set.
(gpgme_op_decrypt_verify_start): Pass the flag.
(gpgme_op_decrypt_verify): Pass the flag.
* src/decrypt.c (decrypt_start): Rename to ...
(_gpgme_decrypt_start): this.  Add arg FLAGS.  Pass FLAGS to
engine_op_decrypt.
(gpgme_op_decrypt_start): Adjust for chnage pass 0 for FLAG.
(gpgme_op_decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt_verify): Remove.
(_gpgme_engine_op_decrypt): Add arg FLAGS.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-backend.h (struct engine_ops): Remove member
'decrypt_verify'.  Add FLAGS to 'decrypt'.  Adjust all initialization.
* src/engine-uiserver.c (uiserver_decrypt): Remove.
(uiserver_decrypt_verify): Remove.
(_uiserver_decrypt): Rename to ...
(uiserver_decrypt): this.  Replace arg VERIFY by new arg FLAGS.
* src/engine-gpg.c (gpg_decrypt): Support GPGME_DECRYPT_UNWRAP.
(gpg_encrypt): Support GPGME_ENCRYPT_WRAP.

* tests/run-decrypt.c (main): New option --unwrap.
* tests/run-encrypt.c (main): New option --wrap.
--

Manual testing of that wrap/unwrap feature can be done this way:

 ./run-encrypt --verbose --key Alice /etc/motd > x
 ./run-decrypt --verbose --unwrap x > y
 ./run-encrypt --verbose --key Bob --wrap y > z

1. The message was first encrypted to Alice.
2. Alice decrypts the message receiving a valid OpenPGP message.
3. Alice encrypt that message to Bob

This will also work with encrypted and signed messages; the signature
will be kept intact during re-encryption.  Requires GnuPG 2.1.12.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-24 15:17:23 +01:00
Werner Koch
421ddd1e67
core: New API gpgme_op_set_uid_flag.
* src/gpgme.h.in (gpgme_op_set_uid_flag_start): New.
(gpgme_op_set_uid_flag_start): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/genkey.c (addrevuid_start): Change arg revoke to a flag.
(gpgme_op_revuid_start): Pass GENKEY_EXTRAFLAG_REVOKE for the fomer
revoke parameter.
(gpgme_op_revuid): Ditto.
(set_uid_flag): New.
(gpgme_op_set_uid_flag_start): New.
(gpgme_op_set_uid_flag): New.
* src/engine.h (GENKEY_EXTRAFLAG_SETPRIMARY): new.
* src/engine-gpg.c (gpg_adduid): Implement that flag.

* tests/run-genkey.c (main): New command --set-primary.
--

GnuPG-bug-id: 2931
Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 19:03:58 +01:00
Werner Koch
fab8b1a166
core: New encryption flag GPGME_ENCRYPT_THROW_KEYIDS.
* src/gpgme.h.in (GPGME_ENCRYPT_THROW_KEYIDS): New flag.
* src/engine-gpg.c (gpg_encrypt): Implement flag
(gpg_encrypt_sign): Implement flag.

* tests/run-encrypt.c (main): New option --throw-keyids.
--

It would be nice to also selectively hide recipients (that is gpg
--hidden-recipient) but our API does not ye allow this because it is
based on key objects.  A possible way to implement that would be a API
to set processing flags into a key but this is complicated due to the
reference counting and thus the possibility that a key object is used
by different context.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-21 10:39:33 +01:00
Andre Heinecke
35023f3136
core: New public API gpgme_op_keylist_from_data_start.
* src/gpgme.h.in: New API gpgme_op_keylist_from_data_start.
* src/libgpgme.vers, src/gpgme.def: Add it.
* src/keylist.c (gpgme_op_keylist_from_data_start): New.
* src/engine-backend.h (engine_ops): Add field 'keylist_data'.  Change
all engines to pass NULL for it.
* src/engine.c (_gpgme_engine_op_keylist_data): New.
* src/engine-gpg.c (gpg_keylist_data): New.
(_gpgme_engine_ops_gpg): Register gpg_keylist_data.

* tests/run-keylist.c (main): New option --from-file.
--

Co-authored-by: Werner Koch <wk@gnupg.org>
GnuPG-bug-id: 2819
2017-03-21 09:50:23 +01:00
Werner Koch
ef035f079f
core: Fix minor code style thing.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Use double parenthesis
for bit tests.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-03-02 14:52:52 +01:00
Justus Winter
de708e5934
core: Fix expiration time handling when creating keys.
* NEWS: Update.
* doc/gpgme.texi (gpgme_op_createkey): Clarify the meaning of the
'expire' parameter.
(GPGME_CREATE_NOEXPIRE): Document new flag.
(gpgme_op_createsubkey): Clarify the meaning of the 'expire'
parameter.
* src/engine-gpg.c (gpg_add_algo_usage_expire): Fix handling of the
expiration time.
* src/gpgme.h.in (GPGME_CREATE_NOEXPIRE): New macro.
--

Previously, the documentation stated that the expiration time was an
absolute timestamp.  However, this value was passed using the
'seconds=N' syntax to GnuPG which specifies the expiration time in
seconds relative to the creation time.  Fix the documentation.

Furthermore, the documentation stated that using 0 results in keys
that do not expire.  This was communicated to GnuPG by using the
implicit default.  However, as of GnuPG 2.1.17, the default was
changed to create keys that expire within a reasonable timespan.

Fix this discrepancy by aligning the behavior with recent GnuPG
versions: 0 means use a reasonable default, and introduce a flag that
can be used to create keys that do not expire.  Communicate this
explicitly to GnuPG.

Signed-off-by: Justus Winter <justus@g10code.com>
2017-02-15 16:45:45 +01:00
Werner Koch
15050ce5fc
core: Replace all calls to *sprintf by gpgrt_*sprintf.
* configure.ac (vasprintf): Remove check.
* src/vasprintf.c: Remove file.
* src/util.h (vasprintf, asprintf): Remove prototypes.  Replace all
calls to vasprintf and asprintf by gpgrt_vasprintf or gpgrt_asprintf.
Also take care to use gpgrt_free on the returned value.
* src/w32-util.c (_gpgme_get_gpgconf_path): Replace a gpgrt_asprintf
by _gpgme_strconcat.
(snprintf): New macro to use gpgrt_snprintf instead of the system's
standard snprintf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2017-02-02 12:35:59 +01:00
Ben Kibbey
a4b9f1a2b4 Fix gpg_addkey() to work with GPGME_CREATE_NOPASSWD as well.
* src/engine-gpg.c (gpg_addkey): Pass --batch to gpg when
GPGME_CREATE_NOPASSWD is set to fix pinentry without loopback mode.

--
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-12-31 18:09:49 -05:00
Ben Kibbey
d83b8f0dc8 Fix GPGME_CREATE_NOPASSWD without pinentry loopback.
* src/engine-gpg.c(gpg_createkey): Pass --batch to gpg when
GPGME_CREATE_NOPASSWD is set.

--
Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-12-26 19:57:22 -05:00
Werner Koch
7f5f26fd66
doc: Replace http: by https: in core source files.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 13:27:00 +01:00
Werner Koch
9fc92a15bd
core: Do not leak the override session key to ps(1).
* src/engine-gpg.c (struct engine_gpg): New field
override_session_key.
(gpg_release): Free that field.
(gpg_decrypt): With gnupg 2.1.16 use --override-session-key-fd.

* tests/run-decrypt.c (main): Fix setting over the override key.
--

Note that this works only with gnupg 2.1.16 and later.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-16 10:15:31 +01:00
Werner Koch
7659d42468
core: Implement context flag "override-session-key".
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.

* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.

--

To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.

The patch also implements the --override-session-key feature.

GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-15 10:34:13 +01:00
Daniel Kahn Gillmor
cad1210fb8
core: Enable extraction of session keys.
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.

--

gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case.  However, session key export is also
useful in other use cases.  Two examples from MUA development (where
this functionality would be specifically useful to me right now):

 * If the MUA stores a local copy of the session key upon decrypting
   the message, it can re-decrypt the message without expensive
   asymmetric operations.  When rendering a thread with dozens of
   encrypted messages, this can represent a significant speedup.

 * A user may have expired encryption-capable secret key material,
   along with many messages encrypted to that material.  If she stores
   the session keys for those messages she wants to keep, she can
   destroy her secret key material and make any messages she has
   deleted completely unrecoverable, even to an attacker who gets her
   remaining secret keys in the future.

This patchset makes a two specific implementation decisions that could
have gone in different ways.  I welcome feedback on preferred outcomes.

 0) session key representation: we currently represent the session key
    as an opaque textual string, rather than trying to provide any
    sort of in-memory structure.  While it wouldn't be hard to parse
    the data produced by gpg's --export-session-key, I chose to use
    the opaque string rather than lock in a particular data format.

 1) API/ABI: i've added a member to gpgme_op_decrypt_result_t.  This
    has the potential to cause an out-of-bound memory access if
    someone uses code compiled against the newer verision, but linked
    at runtime against an older version.  I've attempted to limit that
    risk by documenting that users must verify
    gpgme_get_export_session_keys() before accessing this new struct
    member -- this means that code expecting this capability will
    require the symbol at link-time, and will refuse to link against
    older versions.

    Another approach to solving this problem would be to avoid
    modifying gpgme_op_decrypt_result_t, and to introduce instead a
    new function gpgme_op_session_key(), which could be called in the
    same places as gpgme_op_decrypt_result().  Depending on the
    representation of the session key, this might introduce new
    memory-management burdens on the user of the library, and the
    session key is certainly part of a decryption result, so it seemed
    simpler to go with what i have here.

If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.

Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/

If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.

Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user.  Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API.  Unless someone tinkers with
the build system, this should never happen.  We have added new fields
to result structure may times and I can't remember any problems.

 - wk
2016-11-15 08:52:06 +01:00
Werner Koch
aad94cb7c3
core: Add gpgme_op_query_swdb and helper.
* src/gpgme.h.in (gpgme_query_swdb_result_t): New.
(gpgme_op_query_swdb): New.
(gpgme_op_query_swdb_result): New.
* src/libgpgme.vers, src/gpgme.def: Add the two new functions.
* src/queryswdb.c: New.
* src/Makefile.am (main_sources): Add new file.
* src/context.h (OPDATA_QUERY_SWDB): New.
* src/engine-backend.h (struct engine_ops): Add field 'query_swdb'.
Adjust all initializer.
* src/engine.c (_gpgme_engine_op_query_swdb): New.
* src/engine-gpgconf.c (parse_swdb_line): New.
(gpgconf_query_swdb): New.
(_gpgme_engine_ops_gpgconf): Register that function.

* src/util.h (GPG_ERR_TOO_OLD): Define for older libgpg-error.
(GPG_ERR_ENGINE_TOO_OLD): Ditto.

* tests/run-swdb.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add new debug tool.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-11-03 17:32:30 +01:00
Werner Koch
b8159eadb5
core: New API functions gpgme_set_sender, gpgme_get_sender.
* src/context.h (struct gpgme_context): Add field 'sender'.
* src/gpgme.c: Include mbox-util.h.
(gpgme_release): Free SENDER.
(gpgme_set_sender): New.
(gpgme_get_sender): New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.

* src/engine-gpg.c (append_args_from_sender): New.
(gpg_encrypt_sign, gpg_sign): Call append_args_from_sender.
(gpg_verify): Add arg CTX.  Call append_args_from_sender/
* src/engine-gpgsm.c (gpgsm_verify): Add dummy arg CTX.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* src/engine.c (_gpgme_engine_op_verify): Add arg CTX.
* src/verify.c (verify_start): Pass CTX to engine function.

* tests/gpg/t-verify.c (main): Add some checks for new functions.
* tests/run-sign.c (main): Add option --sender.
* tests/run-verify.c (main): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-10-25 17:28:01 +02:00
Daniel Kahn Gillmor
95f38652f6 Fix spelling
* lang/cpp/src/context.h, lang/qt/src/protocol.h,
   lang/qt/src/wkspublishjob.h, src/data-identify.c, src/engine-gpg.c:
   minor spelling cleanup.
--

Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
2016-09-23 16:09:27 +02:00
Daiki Ueno
dee56820ca
gpg: Add option --exit-on-status-write-error
* src/engine-gpg.c (gpg_new): Add --exit-on-status-write-error if the
engine version is latest enough to expect progress output from gpg.

--
GnuPG-bug-id: 1415
Signed-off-by: Daiki Ueno <ueno@gnu.org>

Changed the version test from the patch to use the newer
have_gpg_version.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-22 09:12:43 +02:00
Ben Kibbey
9d62bacac7
core: Check for GPG_TTY as well as DISPLAY.
* src/engine-assuan.c (llass_new): Update --ttyname from GPG_TTY.
* src/engine-g13.c (g13_new): Ditto.
* src/engine-gpg.c (gpg_new): Ditto.
* src/engine-uiserver.c (uiserver_new): Ditto.
* src/engine-gpgsm.c (gpgsm_new): Ditto.

--
Useful when no DISPLAY is set and there is no attached terminal to the
current process.

Signed-off-by: Ben Kibbey <bjk@luxsci.net>
2016-09-19 08:35:20 +02:00
Werner Koch
3d6340e8c5
core: Map GPGME_STATUS_EOF to the empty string.
* src/status-table.c (_gpgme_status_to_string): Return "" for EOF.
* src/engine-gpg.c (read_status): Ditto.  The old code accidently used
GPGME_STATUS_EOF which is the integer 0 and neiteyr NULL nor a string.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 16:00:27 +02:00
Werner Koch
268e251b80
core: Remove stub to try implementing gpg < 2.1 support for createkey.
* src/engine-gpg.c (gpg_createkey_legacy): Remove.
(gpg_genkey): Remove call.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-16 11:45:36 +02:00
Werner Koch
d2b72d3cc1
core: Minor change of the gpgme_op_edit semantics.
* src/edit.c (command_handler): Handle special error code.
* src/engine-gpg.c (read_status): Ditto.
* src/engine-gpgsm.c (status_handler): Ditto.
* src/engine-uiserver.c (status_handler): Ditto.
* src/util.h (GPG_ERR_FALSE): Define for older libgpg-error versions.
--

An edit callback may now simply return GPG_ERR_FALSE to indicate that
it did not handled the status code.  GPGME will the do the appropriate
action, which is to send an empty line.

Note that it is highly unlikely that GPG_ERR_FALSE has ever been used
by an application as return value from an edit interactor.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-15 09:24:29 +02:00
Werner Koch
7c37719d79
core: New function gpgme_op_tofu_policy
* src/gpgme.h.in (gpgme_op_tofu_policy_start): New function.
(gpgme_op_tofu_policy): New function.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/tofupolicy.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_TOFU_POLICY.
* src/engine.c (_gpgme_engine_op_tofu_policy): New.
* src/engine-backend.h (engine_ops): Add funcptr 'tofu_policy'.
Adjust all engine initializations.
* src/engine-gpg.c (gpg_tofu_policy): New.
(_gpgme_engine_ops_gpg): Register this function.

* tests/run-tofu.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 20:21:19 +02:00
Werner Koch
d79dcb78d8
core: Defer implementation of gpgme_op_createkey with gpg < 2.1
* src/engine-gpg.c (gpg_createkey_legacy): Mark unused variables.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 19:02:40 +02:00
Werner Koch
bfd2bd0ccc
core: New function gpgme_op_keysign.
* src/gpgme.h.in (gpgme_op_keysign_start, gpgme_op_keysign): New.
(GPGME_KEYSIGN_LOCAL): New.
(GPGME_KEYSIGN_LFSEP): New.
(GPGME_KEYSIGN_NOEXPIRE): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_KEYSIGN.
* src/keysign.c: New.
* src/Makefile.am (main_sources): Add keysig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_keysign_start.
* src/engine.c (_gpgme_engine_op_keysign): New.
* src/engine-backend.h (engine_ops): Add 'keysign' and adjust all
engine initializers.
* src/engine-gpg.c (_add_arg): Add args PREFIX and ARGLEN and change
callers to set them.
(add_arg_pfx): New.
(add_arg_len): New.
(gpg_keysign): New.
(_gpgme_engine_ops_gpg): Set keysign to gpg_keysign.
* tests/run-keysign.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add run-keysign.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 18:59:55 +02:00
Werner Koch
c943380b7a
core: New function gpgme_op_revuid.
* src/engine.h (GENKEY_EXTRAFLAG_REVOKE): New.
* src/genkey.c (adduid_start): Rename to addrevuid_start.  Add arg
REVOKE and pass it as extraflags.  Remove useless ARMOR extraflag.
Adjust callers.
(gpgme_op_revuid_start, gpgme_op_revuid): New.
* src/gpgme.def, src/libgpgme.vers: Add them.

* tests/run-genkey.c: Add option --revuid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 12:42:12 +02:00
Werner Koch
c22f5884c5
core: Change a parameter for the engine's genkey function.
* src/engine.h (GENKEY_EXTRAFLAG_ARMOR): New.
* src/engine-backend.h (engine_ops): Rename USE_ARMOR in genkey to
EXTRAFLAGS.
* src/engine.c (_gpgme_engine_op_genkey): Ditto.
* src/engine-gpg.c (gpg_createkey_from_param): Ditto and test the
flags.
(gpg_createkey_legacy): Ditto.
(gpg_createkey): Ditto.
(gpg_addkey): Ditto.
(gpg_genkey): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 12:42:12 +02:00
Werner Koch
3210f3e472
core: New function gpgme_op_adduid.
* src/genkey.c: Replace most error codes GPG_ERR_INV_VALUE by
GPG_ERR_INV_ARG.
(struct op_data_t): Add field UIDMODE.
(genkey_status_handler): Use UIDMODE.
(adduid_start): New.
(gpgme_op_adduid_start, gpgme_op_adduid): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* tests/run-genkey.c: Add option --adduid.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 11:40:34 +02:00
Werner Koch
cc353701b0
core: New function gpgme_op_createsubkey.
* src/genkey.c (createsubkey_start): New.
(gpgme_op_createsubkey_start, gpgme_op_createsubkey): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* src/engine-gpg.c (gpg_createkey): Factor some code out to ...
(gpg_add_algo_usage_expire): new.
(gpg_addkey): Implement.
* tests/run-genkey.c: Add option --addkey.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-14 09:51:16 +02:00
Werner Koch
51f9acbca9
core: Use const char * where appropriate.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:59:07 +02:00
Werner Koch
4a200146b6
core: Mark unused function args.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:53:49 +02:00
Werner Koch
3972f476e0
core: Do not pass const char* to functions taking a char*.
Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 20:44:59 +02:00
Werner Koch
00c501d296
core: New function gpgme_op_create_key.
* src/engine-backend.h (engine_ops): Change prototype of genkey.
* src/engine-gpgsm.c (gpgsm_genkey): Change accordingly.
* src/engine-gpg.c (gpg_genkey): Change it to a dispatcher.
(gpg_createkey_from_param): New for the old functionality.
(gpg_createkey_legacy): New.  Stub for now.
(gpg_createkey): New.
(gpg_addkey): New.  Stub for now.
(gpg_adduid): New.  Stub for now.
* src/engine.c (_gpgme_engine_op_genkey): Add new args.
* src/genkey.c (op_data_t): Add field ERROR_CODE.
(parse_error): New.
(genkey_status_handler): Parse ERROR status line.
(genkey_start): Use NULL/0 for the new args.
(createkey_start): New.
(gpgme_op_createkey_start, gpgme_op_createkey): New.
* src/gpgme.def, src/libgpgme.vers: Add gpgme_op_createkey_start and
gpgme_op_createkey.
* src/gpgme.h.in (_gpgme_op_genkey_result): Add fields PUBKEY and
SECKEY.
(GPGME_CREATE_SIGN): New.
(GPGME_CREATE_ENCR): New.
(GPGME_CREATE_CERT): New.
(GPGME_CREATE_AUTH): New.
(GPGME_CREATE_NOPASSWD): New.
(GPGME_CREATE_SELFSIGNED): New.
(GPGME_CREATE_NOSTORE): New.
(GPGME_CREATE_WANTPUB): New.
(GPGME_CREATE_WANTSEC): New.
(GPGME_CREATE_FORCE): New.

* tests/run-genkey.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.
--

This function uses the new --quick-gen-key API of gpg.  A limited
compatibility mode to use older gpg versions and gpgsm will eventually
be provided.  Not all flags are currently implemented.

 ./run-genkey --unprotected --force test@example.com

Create a new standard key with the given user id.  --force is used to
allow creating more than one key with that user id in the keyring.

 ./run-genkey --unprotected --force \
      test@example.com default default 2145826800

Creates a new standard key with an expiration date of 2037-12-31.

 ./run-genkey --unprotected --force \
      test@example.com future-default default 2145826800

Create a standard key using the fugure default algorithms.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-09-13 18:59:10 +02:00
Andre Heinecke
e8cb143c83 core: Check for gpg version for loopback mode
* src/engine-gpg.c (build_argv): Check for version 2.1.0
before adding pinentry-mode.

--
This is a compatibility fix for older versions that don't support
this flag which would otherwise result in an invalid argument
error.
2016-09-06 16:30:24 +02:00
Werner Koch
9ee103957e
core: Add GPGME_KEYLIST_MODE_WITH_TOFU.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_TOFU): New.
* src/engine-gpg.c (gpg_keylist_build_options): Use that.
* src/keylist.c: Include limits.h.
(parse_tfs_record): New.
(keylist_colon_handler): Support TFS record.
* tests/run-keylist.c: Include time.h.
(isotimestr): New.
(main): Add option --tofu.  Print TOFU info.
* tests/run-verify.c: Include time.h.
(isotimestr): New.
(print_result): Use isotimestr for TOFU dates.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-25 11:38:03 +02:00
Werner Koch
fe1e8e71aa
core: Make use of the "size-hint" in engine-gpg.
* src/engine-gpg.c: Include data.h.
(add_input_size_hint): New.
(gpg_decrypt, gpg_encrypt, gpg_encrypt_sign, gpg_sign)
(gpg_verify): Call new function,

* tests/run-encrypt.c (status_cb): Print to stderr.
(progress_cb): New.o
(main): Add option --progress.  Print full-status lines.  Provide a
size for the input data.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-12 15:32:31 +02:00
Andre Heinecke
b602d8bc7b core: Handle ENCRYPT_SYMMETRIC also for sig & enc
* src/engine-gpg.c (gpg_encrypt_sign): Handle ENCRYPT_SYMMETRIC
flag.
2016-08-10 14:01:38 +02:00
Andre Heinecke
270887309f core: Ensure err is initalized in gpg_encrypt
* src/engine-gpg.c (gpg_encrypt): Initialize err.
2016-08-10 10:27:05 +02:00
Andre Heinecke
3d2f027d0f core: Add support for mixed symmetric and asym enc
* src/gpgme.h.in (gpgme_encrypt_flags_t): New flag
GPGME_ENCRYPT_SYMMETRIC.
* src/engine-gpg.c (gpg_encrypt): Also add --symmetric if the flag
is given.
* NEWS: Mention new flag.
* tests/run-encrypt.c (show_usage): Extend for --symmetric.
(main): Handle --symmetric.
(main): Set passphrase_cb in loopback mode.
(main): Fix encrypt call if no recipients are given.
* tests/gpg/t-encrypt-mixed.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
* doc/gpgme.texi: Document new flag.
2016-08-09 14:23:51 +02:00
Werner Koch
6f3dc66634
core: Extend gpgme_subkey_t to carry the keygrip.
* src/gpgme.h.in (struct _gpgme_subkey): Add file 'keygrip'.
* src/key.c (gpgme_key_unref): Free KEYGRIP.
* src/keylist.c (keylist_colon_handler): Parse GRP records.
* src/engine-gpg.c (gpg_keylist_build_options): Do not use
--with-fingerprint options for gpg versions >= 2.1.15.

* tests/run-keylist.c (main): Print subkeys and keygrips.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-08-04 16:17:01 +02:00
Werner Koch
d8d5f5a167
core: New GPGME_DATA_ENCODING_MIME.
* src/gpgme.h.in (GPGME_DATA_ENCODING_MIME): New.
* src/data.c (gpgme_data_set_encoding): Adjust check.
* src/engine-gpg.c (have_gpg_version): New.
(gpg_encrypt, gpg_encrypt_sign): Pass flag '--mimemode'.
(gpg_sign): Ditto.

* lang/cpp/src/data.h (GpgME): Add MimeEncoding.
* lang/cpp/src/data.cpp (encoding, setEncoding): Support MimeEncoding.

* src/gpgme-tool.c (server_data_encoding): Add flag --mime.
--

This feature allows an application to declare that the encrypted or
signed data is a valid MIME part.

What is missing is a way to return that information to the application
after decryption/verification.  This can be done by setting the
encoding of the output data object; however this requires some
internal additions to our processing model.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 14:45:02 +02:00
Werner Koch
2095b1573a
core: Pass the engine's version string to the engine's new function.
* src/engine-backend.h (engine_ops): Add arg 'version' to NEW.
* src/engine-assuan.c (llass_new): Add dummy arg 'version'.
* src/engine-g13.c (g13_new): Ditto.
* src/engine-gpgconf.c (gpgconf_new): Ditto.
* src/engine-gpgsm.c (gpgsm_new): Ditto.
* src/engine-spawn.c (engspawn_new): Ditto.
* src/engine-uiserver.c (uiserver_new): Ditto.
* src/engine.c (_gpgme_engine_new): Pass version string to the new
function.
* src/engine-gpg.c (struct engine_gpg): Add field 'version'.
(gpg_new): Add arg 'version'.
(gpg_release): Free VERSION.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-07-13 13:57:14 +02:00
Werner Koch
88f2c1c0d1
api: Add new function gpgme_set_ctx_flag.
* src/gpgme.h.in (gpgme_set_ctx_flag): New prototype.
* src/gpgme.c (gpgme_set_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/context.h (struct gpgme_context): Add FULL_STATUS.
* src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the
  status callback if FULL_STATUS is set.
* src/genkey.c (genkey_status_handler): Ditto.
* src/passphrase.c (_gpgme_passphrase_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.

* src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add
adjust all definitions of that variable.
* src/engine.c (_gpgme_engine_set_status_cb): New.
* src/op-support.c (_gpgme_op_reset): Call this function.

* src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and
MON_CB_VALUE.
(gpg_set_status_cb): New.
(_gpgme_engine_ops_gpg): Register that function.
(read_status): Call the monitor callback.

* src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and
MON_CB_VALUE.
(_gpgme_engine_ops_gpgsm): Register that function.
(gpgsm_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB
and MON_CB_VALUE.
(_gpgme_engine_ops_uiserver): Register that function.
(uiserver_assuan_simple_command): Change first arg to be an engine
context and adjust call callers.  Call the monitor callback.

* tests/run-verify.c (status_cb): New.
(print_result): Print algo names.
(main): Add option --status.
--

This new feature is mainly intended for bug tracking.  Having access
to the raw status lines might also be useful for applications, though.

Signed-off-by: Werner Koch <wk@gnupg.org>
2016-05-19 17:04:54 +02:00
Daiki Ueno
028a0ef333
Relax ttyname_r error checks
* src/engine-assuan.c (llass_new): Don't treat ttyname_r error as
fatal.
* src/engine-g13.c (g13_new): Likewise.
* src/engine-gpg.c (gpg_new): Likewise.
* src/engine-gpgsm.c (gpgsm_new): Likewise.
* src/engine-uiserver.c (uiserver_new): Likewise.

--
Even though isatty() returns 1, ttyname_r() may fail in many ways, e.g.,
when /dev/pts is not accessible under chroot.  Since all our uses of
ttyname_r() require that the function works, we can treat the failure as
if isatty() fails.

Signed-off-by: Daiki Ueno <ueno@gnu.org>
2015-08-25 19:11:30 +02:00
Werner Koch
2b632bbb78
Add an export secret key feature.
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET): New.
(GPGME_EXPORT_MODE_RAW): New.
(GPGME_EXPORT_MODE_PKCS12): New.
* src/export.c (export_start, export_ext_start): Allow new flags.
* src/engine-gpg.c (export_common): Support secret key export.
* src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Ditto.

* src/gpgme-tool.c (cmd_export): Add options --secret, --raw,
and --pkcs12.
* tests/run-export.c (main): Likewise.
--

Note that exporting secret X.509 keys requires GnuPG 2.1.8.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-08-24 12:41:24 +02:00
Ben Kibbey
e07d38f5f9 Also check the return code in gpg_sign().
* src/engine-gpg.c (gpg_sign): Check return value from start().
2015-08-12 06:46:43 -04:00
Ben Kibbey
8f28e3caf9 Check the return value when starting gpg.
* src/engine-gpg.c (gpg_decrypt, gpg_delete, gpg_passwd): Check return
value of start().
2015-08-10 21:23:02 -04:00
Andre Heinecke
08086dd690
Add offline mode support for CMS keylisting
* doc/gpgme.texi: Document offline mode.
* src/context.h (gpgme_context): Add offline.
* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
  (_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
  (gpgsm_keylist_ext): Ditto.
* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.h.in (gpgme_set_offline, gpgme_get_offline): New.
* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
  (gpgme_op_keylist_ext_start): Ditto.
* tests/run-keylist.c (show_usage, main): Add offline argument.

--
The offline engine option was introduced with gpgsm 2.1.6
it is mainly useful for a full keylisting that includes
the certificate validation but does not depend on external
information that could take an indefinite amount of time to
collect.

Signed-off-by: Andre Heinecke <aheinecke@intevation.de>
2015-07-31 15:18:27 +02:00
Werner Koch
0d28a69616
Fix segv for userids with a backslash.
* src/engine-gpg.c (gpg_keylist_preprocess): Increment SRC for a
backslash.
--

This bug is not exploitable because this bug fills up .data with
backslashes and thus causes the segv.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-06-05 14:25:59 +02:00
Werner Koch
8cfcdfe556
Fix potential crash in trace macro.
* src/signers.c (gpgme_signers_add): Avoid deref of a NULL KEY in the
trace macro.
* src/engine-spawn.c (engspawn_release): Remove always true condition.
* src/engine-gpg.c (gpg_release): Ditto.

Signed-off-by: Werner Koch <wk@gnupg.org>
2015-03-16 13:40:34 +01:00
Daniel Kahn Gillmor
b3309f997c Use --no-sk-comments, not --no-sk-comment.
--
The --no-sk-comments flag is (or should be) a no-op in modern versions
of gnupg, but gpgme should still use its full form rather than the
(slightly) abbreviated --no-sk-comment
2014-10-02 15:20:35 +02:00