* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this. Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--
This extra check makes sure that a missing or stripped MDC in
- gpg < 2.1
- or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure. gpg 2.3 will always fail in this
case. Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.
Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered. If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.
GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
--
* Some assumption on messages were wrong. Now the tests use more
reasonable sizes.
* bigString now uses the full utf8-extent, with the exception of
U+0000. This code gets dropped during the encryption-decryption
process.
--
* The majority of tests needs to be run in a nativeMessaging context.
Offering the few tests that don't need this context at two places
introduces issues with maintainability. All tests now removed can be
found in ./unittests.js
--
* Added openpgp - Mode tests to the browsertest Extension. These tests
require openpgp, which should not be a hard dependency for the main
project. Packing openpgpjs into the extension is still TODO
* Fixes:
- openpgp mode API now correctly handles parameters as an object,
similar to openpgpjs
- proper check and parsing of openpgpjs Message Objects
--
* There were some inconsistencies between utf-8, transfer and browsers'
utf16, which broke characters that were split between individual
messages. src/Connection now contains a workaround that reassembles
javascripts' format from passed base64 strings. This needs someone
more experienced looking.
* Added several new tests which were failing during initial debugging
of this issue
* reorganized BrowsertestExtension to avoid cluttering.
--
* Tests: Under certain circumstances, some data change during
encrypt-decrypt. Committing the current state so the problem can be
discussed.
* Fixes:
- disconnecting the test ports after tests are complete
- fixed passing of the error message from gpgme-json
--
* Key.js: Error code for wrong parameter in createKey should be
"PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
for the native API
* new Problems:
- There seems to be a message size limit of about 21 MB for
nativeMessaging, much lower than the documented 4GB.
- Some bytes are lost with random data in an encrypt-decrypt
roundtrip. The culprit is unclear.
* Changed the expiration date for the generated test key to NYE this
century, rather than the NYE this millennium as originally suggested
in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
healthy millennials) as well as the 32-bit clock end date in 2038;
without falling foul of OpenPGP's 2106 expiration.
--
* Key.js: Error code for wrong parameter in createKey should be
"PARAM_WRONG"
* Helpers.js: The property openpgpjs-like Objects were checked for in
toKeyIdArray was not defined.
* src/permittedOperations.js: updated more expectations and assumptions
for the native API
--
* Added unittests to be run inside a Browser. To be able to access
the non-exposed functions and classes, a testing bundle will be
created, containing the tests (unittests.js) and the items to be
tested.
* src/Helpelpers, src/Key, src/Keyring: fixed some errors found
during testing.
--
* Tests: initialization of the two modes, encryption
* gpgme.js: reintroduced message check before calling
Connection.post()
* gpgmejs_openpgp.js: Fixed openpgp mode not passing keys
* index.js: fixed some confusion in parseconfig()
* Inserted some TODO stubs for missing error handling
--
* Extensions:
- Moved testapplication to Demoextension
- Created BrowserTestExtension.
Includes mocha and chai. For running tests that cannot be run
outside a WebExtension
Both Extensions can be found zipped in build/extensions after
running build_extensions.sh
* Code changes:
- src/Config: Place for the configuration
- small fixes raised during testing in Keyring.js, Message.js,
- src/gpgmejs_openpgpjs.js don't offer direct GpgME object to the
outside, as it only causes confusion
- index.js init() now checks the config for validity
* Tests:
- Reordered tests in test/.
- Input values are now in a separate file which may be of use for
bulk testing
* moved the build directory from dist to build
* src/qgpgmenewcryptoconfig.cpp (QGpgMENewCryptoConfigEntry::urlValue):
Build url from local file.
(QGpgMENewCryptoConfigEntry::setURLValue): Set native seperated
path.
--
This fixes setting files through cryptoconfig on Windows.
GnuPG-Bug-Id: T3939
--
* Introduced Mocha/chai as testsuite. After development build
'npm test' should run the unit tests. Functionality exclusive to
Browsers/WebExtensions cannot be run this way, so some other testing
is still needed.
- package.json: Added required development packages
- .babelrc indirect configuration for mocha. ES6 transpiling
needs some babel configuration, but mocha has no setting for it.
- test/mocha.opts Vonfiguration for mocha runs
* Fixed errors:
- Helpers.js toKeyIdArray; isLongId is now exported
- Key.js Key constructor failed
- Message.js will not throw an Error during construction, a new
message is now created with createMessage, which can return an
Error or a GPGME_Message object
* Tests:
- test/Helpers: exports from Helpers.js, GPGME_Error handling
- test/Message: first init test with bad parameters
--
* gpgmejs_openpgpjs
- unsuported values with no negative consequences can now reject,
warn or be ignored, according to config.unconsidered_params
- cleanup of unsupported/supported parameters and TODOS
* A src/index.js init() now accepts a configuration object
* Errors will now be derived from Error, offering more info and a
stacktrace.
* Fixed Connection.post() timeout triggering on wrong cases
* Added comments in permittedOperations.js, which gpgme interactions
are still unimplemented and should be added next
--
* A timeout of 5 seconds is activated for functions that do not require
a pinentry. This definition is written to src/permittedOperations.js
* testapplication.js now alerts the proper error codes and messages.
* src/Errors.js fixed two typos in error handling
--
* Error objects will now return the error code if defined as error type
in src/Errors.js, or do a console.log if it is a warning. Errors from
the native gpgme-json will be marked as GNUPG_ERROR.
--
* src/aKey.js changed fingerprint to setter (to avoid overwrites)
* src/gpgmejs_openpgpjs.js
- Added a class GPGME_Key_openpgpmode, which allows for renaming and
deviation from GPGME.
- renamed classes *_openPGPCompatibility to *_openpgpmode. They are
not fully compatible, but only offer a subset of properties. Also,
the name seems less clunky
--
* The Connection will now be started before an object is created, to
better account for failures.
* index.js: now exposes an init(), which returns a Promise of
configurable <GpgME | gpgmeGpgME_openPGPCompatibility> with an
established connection.
* TODO: There is currently no way to recover from a "connection lost"
* Connection.js offers Connection.isConnected, which toggles on port
closing.
--
* Error handling: introduced GPGMEJS_Error class that handles errors
at a more centralized and consistent position
* src/Connection.js:
The nativeMessaging port now opens per session instead of per
message. Some methods were added that reflect this change
- added methods disconnect() and reconnect()
- added connection status query
* src/gpgmejs.js
- stub for key deletion
- error handling
- high level API for changing connection status
* src/gpgmejs_openpgpjs.js
- added stubs for Key/Keyring handling according to current
state of discussion. It is still subject to change
* src/Helpers.js
- toKeyIdArray creates an array of KeyIds, now accepting
fingerprints, GPGMEJS_Key objects and openpgp Key objects.
* Key objects (src/Key.js) Querying information about a key
directly from gnupg. Currently a stub, only the Key.fingerprint is
functional.
* Keyring queries (src/Keyring.js): Listing and searching keys.
Currently a stub.
* Compatibility class gpgme_openpgpjs offers an API that should accept
openpgpjs syntax, throwing errors if a parameter is unexpected/not
implemented
* tried to be more generic in methods
* waiting for multiple answers if 'more' is in the answer
* more consistency checking on sending and receiving
* updated the example extension
--
* src/op-support.c (_gpgme_parse_failure): Ignore gpg-exit failures
before modifying args.
--
For op_decrypt_verify the status handler for both decrypt and
verify would parse the failure when the first parser ignored
the failure. This resulted in an ERR_INV_ENGINE as the first
call to parse_failure modified the args.
GnuPG-Bug-Id: T3919
* src/verify.c (_gpgme_verify_status_handler): Remove debug output.
--
Actually this is a real bug because it uses a debug function available
only in the new libgpg-error versions. Time to call Jenkins back from
vacation; there are rumors that he has been seen in the city looking
for a new Ryzen tail coat.
Signed-off-by: Werner Koch <wk@gnupg.org>
* tests/gpg/t-verify.c (check_result): Tweak for gnupg < 2.2.7.
--
The not yet releases 2.2.7-beta may print a full fingerprint in the
ERRSIG status. This is compliant with the dscription but the new
t-verify test case did not took in account that older GnuPG versions
print only a keyid.
Fixes-commit: b99502274a
GnUPG-bug-id: 3920
Signed-off-by: Werner Koch <wk@gnupg.org>
* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
* src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime'
and '_unused'.
(gpgme_op_decrypt_result_t): New field 'is_mime'. Shrink '_unused'.
* tests/run-decrypt.c (print_result): Print MIME flag.
* tests/run-verify.c (print_result): Ditto.
--
Note that this flag (Liternal Data packet's 'm' mode) is only
specified in RFC-4880bis. To use it you currently need to add
"rfc4880bis" to the the gpg.conf.
Signed-off-by: Werner Koch <wk@gnupg.org>
