Commit Graph

769 Commits

Author SHA1 Message Date
Ingo Klöcker
f0d1f2c4c7
Merge branch 'ikloecker/t7118-revkeys' 2024-05-24 10:47:15 +02:00
Tobias Fella
e42b72bc2b
core: Implement adding ADSKs through gpgme_createsubkey
* src/engine-gpg.c: Add and use function for adding ADSKs.
* src/genkey.c: Prevent error due to no status line.
* src/gpgme.h.in: Add flag GPGME_CREATE_ADSK
* doc/gpgme.texi: Add documentation for ADSKs
* tests/run-genkey.c: Add test for adding ADSKs
--

This adds the ability to add ADSKs through
the gpgme_createsubkey interface.
The function must be called with NULL userid,
the ADSK fingerprint in algo
and the GPGME_CREATE_ADSK flag.
2024-05-22 10:16:19 +02:00
Ingo Klöcker
f2575b6313
json: Add information about revocation keys to key list result
* src/gpgme-json.c (revocation_key_to_json): New.
(key_to_json): Add list of revocation keys.

* tests/json/Makefile.am (pubring-stamp): Import new pub key.
* tests/json/key-with-revokers.asc: New.
* tests/json/t-json.c (tests): Add "t-keylist-revokers".
* tests/json/t-keylist-revokers.in.json,
tests/json/t-keylist-revokers.in.json: New.
--

GnuPG-bug-id: 7118
2024-05-21 16:38:59 +02:00
Ingo Klöcker
adadfac997
core: Add information about revocation keys to keys
* src/gpgme.h.in (struct _gpgme_revocation_key,
gpgme_revocation_key_t): New.
(struct _gpgme_key): Add fields 'revkeys', '_last_revkey'.
* src/key.c (_gpgme_key_add_rev_key): New.
(gpgme_key_unref): Free revkeys.
* src/keylist.c (keylist_colon_handler): Parse rvk lines.
* src/ops.h (_gpgme_key_add_rev_key): New.

* tests/run-keylist.c (main): Print revocation key info.
--

GnuPG-bug-id: 7118
2024-05-21 16:38:59 +02:00
Werner Koch
73403a8ba0
core: speedup gpgme_get_key
* src/engine.c (_gpgme_set_engine_info): Change engine_get_version.
--

GnuPG-bug-id: 6369
2024-05-21 10:59:43 +02:00
NIIBE Yutaka
87061c0260
gpgme.m4: Set $host correctly always.
* src/gpgme.m4 (AM_PATH_GPGME): Add AC_CANONICAL_HOST.

--

GnuPG-bug-id: 7114
Reported-by: Andreas Metzler
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-05-16 09:27:58 +09:00
NIIBE Yutaka
882ccc8ea7
gpgme.m4: Update _AM_PATH_GPGRT_CONFIG macro from gpg-error.m4.
* src/gpgme.m4 (_AM_PATH_GPGRT_CONFIG): Update.

--

Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2024-05-14 10:30:47 +09:00
Ingo Klöcker
7158397c09
core: Check STATUS_FAILURE in import operations.
* src/import.c (op_data_t): Add failure_code.
(_gpgme_import_status_handler): Set it. Return it on EOF.
--

GnuPG-bug-id: 7036
2024-03-11 13:53:18 +01:00
Ingo Klöcker
1dc44b7c5b
core: Tell gpg that we want to verify signed data
* src/engine-gpg.c (gpg_verify): Add "--verify" to command line.
--

Since GnuPG 2.1.16 --verify writes the signed data to the file specified
by --output. Explicitly telling gpg that we want to verify signed data
frees gpg from guessing what we want and avoids the corresponding
warning "no command supplied.  Trying to guess what you mean ..."

GnuPG-bug-id: 6907
2023-12-22 10:37:34 +01:00
Ingo Klöcker
5efd3486a9
core: Support writing the decrypt/verify output directly to a file
* src/engine-gpg.c (gpg_decrypt): Pass output file name to gpg if output
has file name set.
(gpg_verify): Ditto.

* tests/run-decrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-verify.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
--

This change makes it possible to tell gpg to write the output (i.e. the
decrypted/verified data) directly to a file with given file name instead
of piping the output back to gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:12:59 +01:00
Ingo Klöcker
963ace1f9f
core: Support direct signing of file with gpg
* src/gpgme.h.in (GPGME_SIG_MODE_FILE): New signature mode flag.
* src/engine-gpg.c (gpg_sign): Separate signature mode from additional
flags. Check for incompatible flags. Explicitly set output to stdout if
no output file is used. Pass filename instead of fd to gpg when new flag
is set.
* src/engine-gpgsm.c (gpgsm_sign): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_sign): Ditto.
* src/sign.c (sign_start): Consider new flag on check for invalid flags.

* tests/run-sign.c (show_usage): New options --detach and
--direct-file-io.
(main): Parse new options. Create a detached signature if --detach is
given. Make gpg read the input file itself if --direct-file-io is given.
--

With this change the gpgme_op_sign* functions gain the possibility to
make gpg read the data to sign directly from a file instead of from an
input FD to which it is written by gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:09:33 +01:00
Ingo Klöcker
0221d7f28a
core: Support direct encryption of file with gpg
* src/gpgme.h.in (GPGME_ENCRYPT_FILE): New encryption flag.
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign): Check for
incompatible flags. Pass filename instead of fd to gpg when new flag is
set.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.

* tests/run-encrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. Make gpg read the input file itself if the
option is given.
--

With this change the gpgme_op_encrypt* and gpgme_op_encrypt_sign*
functions gain the possibility to make gpg read the data to (sign and)
encrypt directly from a file instead of from an input FD to which it is
written by gpgme.

GnuPG-bug-id: 6550
2023-12-19 13:07:45 +01:00
Andre Heinecke
6baccdc0c3
core: percent decode filename
* src/op-support.c (_gpgme_parse_plaintext): Decode filename
as percent string.

--
From gnupg/doc/DETAILS:

    If a filename is available it gets printed as the third
    argument, percent-escaped as usual.

so we can use the usual percent decode function here.

GnuPG-Bug-Id: T6852
2023-11-30 00:06:08 +01:00
Ingo Klöcker
77e982579c
core: Preserve more specific existing failure code
* src/decrypt.c (_gpgme_decrypt_status_handler): Ignore received failure
code if we already have a specific failure code.
* src/encrypt.c (_gpgme_encrypt_status_handler): Ditto.
* src/export.c (export_status_handler): Ditto.
* src/genkey.c (genkey_status_handler): Ditto.
* src/keylist.c (keylist_status_handler): Ditto.
* src/keysign.c (keysign_status_handler): Ditto.
* src/passwd.c (passwd_status_handler): Ditto.
* src/revsig.c (revsig_status_handler): Ditto.
* src/setexpire.c (setexpire_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.
* src/tofupolicy.c (tofu_policy_status_handler): Ditto.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
--

Usually, a process emits at most one failure code. But some operations
like the creation of an encrypted archive involve multiple chained
processes, so that multiple failure codes can be received. We want to
keep the first specific failure code we received. Further failure codes
are only parsed if we received just an unspecific "general error" so
far.

GnuPG-bug-id: 6575
2023-11-14 13:51:24 +01:00
Andre Heinecke
a0a4cd411c
Change gpgme-w32-spawn to unicode
* src/Makefile.am (gpgme_w32spawn_CFLAGS): Add -municode.
* src/gpgme-w32-spawn.c (build_commandline, my_spawn)
(translate_handles): Convert to wchar_t API.
(main): Use wmain instead.

--
Some time ago we introduced an inconsistency that w32-util called
gpgme-w32-spawn through CreateProcessW but since gpgme-w32-spawn
internally worked with 8 bit the chars were mangled and the
arguments not passed correctly through the CreateProcessA of the
child process. Since the GnuPG processes use GetCommandLineW
this is the proper way to pass on Unicode command line arguments.

Please note that we did not pass UTF-8 before this patch but
rather some broken native encoding where Windows replaces
unicode characters with question marks etc.

GnuPG-Bug-Id: T6728
2023-10-25 17:42:27 +02:00
Ingo Klöcker
57205c1dfa
doc: Fix typos in documentation and source code comments
--

Anonymous contribution

Signed-off-by: Ingo Klöcker <dev@ingo-kloecker.de>
2023-10-13 09:18:12 +02:00
Werner Koch
b63d203d3b
core: Add key capability flags has_encrypt etc.
* src/gpgme.h.in (struct _gpgme_key): Add flags has_encrypt,
has_certify, has_sign, and has_authenticate.
* src/keylist.c (finish_key): Set these flags.
* tests/run-keylist.c (main): Print them.
--

GnuPG-bug-id: 6748
2023-10-05 14:18:03 +02:00
Werner Koch
349a69b5ea
core: Check STATUS_FAILURE in export operations.
* src/export.c (op_data_t): Add failure_code.
(export_status_handler): Set it.
(gpgme_op_export_ext, gpgme_op_export_keys): Also check the failure
code.
--

That is just in case we missed an error code.  For example with older
gpg versions (e.g. 2.3.8) and exporting to a keyserver.
2023-10-05 14:17:21 +02:00
NIIBE Yutaka
8ad22290df
gpgme-tool: Support use of Windows HANDLE for INPUT/OUTPUT/MESSAGE.
* src/gpgme-tool.c [HAVE_W32_SYSTEM] (server_data_obj): Implement for
Windows HANDLE.

--

GnuPG-bug-id: 6634
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
2023-09-29 11:12:13 +09:00
Werner Koch
e36b2d1bce
New mode to list a v5 fingerprint for v4 packets.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_V5FPR): New.
(struct _gpgme_subkey): Add field v5fpr.
* src/engine-gpg.c (gpg_keylist_build_options): Pass new option to
gpg.
* src/key.c (gpgme_key_unref): Free new field.
* src/keylist.c (op_data_t): Parse and add "fp2" line.

* tests/run-keylist.c (show_usage): Add option --v5fpr.

* src/keylist.c (op_data_t): Add field failure_code.
(keylist_status_handler): Handle special value.
(gpgme_op_keylist_end): Return an error if a FAILURE line has been
seen.
--

Note that the failure code part has been added to better diagnose
problems if a wrong gpg version is used.  If verything works right we
should not get this because we check that the gnupg version sis either
>= 2.4.4 or less than 2.3 and >= 2.2.42.

Note further that the v5fpr field may also be used to get the SHA-256
fingerprint of X.509 certificates (even without passing the new mode
flag).

GnuPG-bug-id: 6705
2023-09-04 17:03:52 +02:00
Werner Koch
d75b2a9151
Support GPGME_ENCRYPT_ALWAYS_TRUST also for S/MIME.
* src/engine-gpgsm.c (gpgsm_encrypt): Send the always-trust options.

* tests/run-encrypt.c: Add option --always-trust.
--

Note that the run-encrypt test tool used to assume always-trust for
OpenPGP since 1.7.0 This bug has also been fixed by introducing the
explicit option.

GnuPG-bug-id: 6559
2023-08-31 12:02:02 +02:00
Ingo Klöcker
bc98f01c85
core: Use offline mode for all operations of gpgsm engine
* src/engine-backend.h (keylist, keylist_ext): Remove engine_flags.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
(_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): Remove.
* src/engine-gpgsm.c (struct engine_gpgsm): New field flags with offline
flag.
(have_gpgsm_version): New.
(gpg_set_engine_flags): Set the offline flag.
(start): Send OPTION "offline".
(gpgsm_keylist, gpgsm_keylist_ext): Remove engine_flags.  Remove
sending of OPTION "offline".
* src/keylist.c (gpgme_op_keylist_start, gpgme_op_keylist_ext_start):
Remove setting of offline flag.
--

GnuPG-bug-id: 6648
2023-08-14 12:24:00 +02:00
Ingo Klöcker
d72811a2c0
core: Store engine's version string in gpgsm engine
* src/engine-gpgsm.c (struct engine_gpgsm): Add field 'version'.
(gpgsm_new): Copy version string.
(gpgsm_release): Free VERSION.
--

GnuPG-bug-id: 6648
2023-08-14 12:23:55 +02:00
Ingo Klöcker
a9b28c79e9
core: Prevent wrong plaintext when verifying clearsigned signature
* src/engine-gpg.c (gpg_verify): Use a separate pipe instead of stdout
for reading the plaintext.

* tests/gpg/t-support.h (PGM): Define if undefined.
(print_data): Undefine BUF_SIZE.
(check_data): New.
* tests/gpg/t-verify.c (clearsigned_plus_key_block): New.
(main): Add test.
--

Reading the plaintext from stdout is a bad idea because gpg can also
print other stuff on stdout, e.g. the keys contained in a public key
block. This is fixed by reading the plaintext via a special pipe.

GnuPG-bug-id: 6622
2023-07-28 16:15:12 +02:00
Ingo Klöcker
777cf7f2d1
core: Return bad data error instead of general error on unexpected data
* src/verify.c (_gpgme_verify_status_handler): Return GPG_ERR_BAD_DATA
instead of GPG_ERR_GENERAL.
--

This gives users trying to decrypt and/or verify for example a public
key block a more useful error.

GnuPG-bug-id: 6617
2023-07-28 14:18:21 +02:00
Ingo Klöcker
1a9f192ab4
core: Support reading the archive to decrypt/verify directly from a file
* src/engine-gpg.c (add_file_name_arg_or_data): New.
(gpg_decrypt): Use add_file_name_arg_or_data instead of add_data for the
ciphertext.
(gpg_verify): Use add_file_name_arg_or_data instead of add_data for the
signature and the signed text.

* tests/run-decrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
file, create simple data object instead of data object from stream and
set input file name on input data.
* tests/run-verify.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
files, create simple data objects instead of data objects from stream
and set input file names on input data objects.
--

This change makes it possible to tell gpg (and gpgtar) to read the
input (i.e. the signed/encrypted data or the signature or the created
archive) directly from the files with given file names instead of from
streams piped through GpgME's Data IO.

GnuPG-bug-id: 6530
2023-06-21 14:38:50 +02:00
Ingo Klöcker
c38b620039
core: Support writing the sign/encrypt output directly to a file
* src/engine-gpg.c (gpg_encrypt): Pass output file name to gpg if output
has file name set.
(gpg_encrypt_sign): Ditto.
(gpg_sign): Ditto.

* tests/run-encrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-sign.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
--

This change makes it possible to tell gpg (and gpgtar) to write the
output (i.e. the signed/encrypted data or the signature or the created
archive) directly to a file with given file name instead of piping
the output back to gpgme.

GnuPG-bug-id: 6530
2023-06-19 18:08:47 +02:00
Werner Koch
91bbb1e482
core: Send a input-size-hint for gpgsm.
* src/engine-gpgsm.c (send_input_size_hint): New.
(gpgsm_decrypt): Send hint.
(gpgsm_encrypt): Send hint.
(gpgsm_sign): Send hint.
(gpgsm_verify): Send hint.
--
GnuPG-bug-id: 6534
2023-06-15 13:00:01 +02:00
Werner Koch
eb68948c43
core: Use 64 bit instead of gpgme_off_t for some internal functions.
* src/conversion.c (_gpgme_string_to_off): Return an u64 value.
* src/data.c (_gpgme_data_get_size_hint): Ditto.
(gpgme_data_set_flag): Use u64 for io-buffer-size due to string_to_off
change.
* src/data.h (struct gpgme_data): Change size_hint to u64.
* src/engine-gpg.c (add_input_size_hint): Replace gpgme_off_t by u64.
--

GnuPG-bug-id: 6534
2023-06-15 11:01:46 +02:00
Werner Koch
fbc3963d62
core: For key signing and uid revoking allow an empty user id.
* src/engine-gpg.c (gpg_keysign): Required USERID to be non-empty.
--

For some language bindings it is easier if the engine considers an
empty user id to be equivalent to NULL.
2023-05-30 11:20:34 +02:00
Werner Koch
7351ef32ce
core: Support the new macOS Homebrew location.
* src/posix-util.c (find_executable): Extend the path.
--

GnuPG-bug-id: 6440
2023-04-20 13:35:50 +02:00
Werner Koch
7d1159c1e9
core: Avoid printf format warnings due to gpgme_ssize_t.
* src/debug.h (_trace_sysres_ssize_t): Cast arg.
2023-04-17 15:05:22 +02:00
Werner Koch
0c29119e06
core,w32: Fix invocation of gpgtar
* src/dirinfo.c (EXEEXT_S): New.
(get_gpgconf_item): Append ".exe" to gpg-wks-client and gpgtar.

* src/gpgme-w32spawn.c (mystderr): Add code to ease debugging.
2023-04-17 14:05:35 +02:00
Ingo Klöcker
d256ba7cc5
w32: Always use UTF-8 for localized texts
* configure.ac: Define GPG_ERR_ENABLE_GETTEXT_MACROS.
* src/version.c (do_subsystem_inits) [W32]: Switch gettext to UTF-8.
--

On Windows, applications using GpgME can now rely on localized texts
returned by GpgME, e.g. the texts for error codes, to be UTF-8 encoded.
In particular, this saves a useless and possibly lossy conversion to
native encoding and back to UTF-8. On other OSes, where we use the
system provided gettext, we assume that UTF-8 is used nowadays.

GnuPG-bug-id: 5960
2023-04-04 12:11:15 +02:00
Werner Koch
34cc7daba1
core: Minor code cleanup.
* src/engine-gpg.c (build_argv): Remove superfluous tes.
--

gpg_error_from_syserror is guaranteed not to return 0 even if errno is
not set.
2023-03-27 16:56:29 +02:00
Ingo Klöcker
b608c084b9
core: Initialize error variable
* src/engine-gpg.c (build_argv): Initialize err.
--

Fixes-commit: fbce7deb3b
2023-03-27 16:49:24 +02:00
Werner Koch
6d21256c92
core,cpp: Add new key flags to gpgme_subkey_t
* src/gpgme.h.in (struct _gpgme_subkey): Add bit flags can_renc,
can_timestamp, adn is_group_owned. Reduce size of _unused.
* src/keylist.c (set_subkey_capability): Set them.
* tests/run-keylist.c (main): Print them.

* lang/cpp/src/key.h (Subkey::canRenc): New.
(Subkey::canTimestamp): New.
(Subkey::isGroupOwned): New.
* lang/cpp/src/key.cpp: Implement new methods.
(Subkey::isQualified): Print them.
(std::ostream &operator<<): Print them.
--

GnuPG-bug-id: 6395
2023-03-21 08:37:47 +01:00
Werner Koch
c1f6535f14
core: Also detect legacy X.509 v0 certificates.
* src/data-identify.c (basic_detection): Loose the detection of X.509
certs.
2023-03-08 15:54:54 +01:00
Werner Koch
9c5506fde7
core: Switch to logging via gpgrt
* src/debug.c (errfp): Remove.
(debug_init): Factor some code out to ...
(safe_to_use_debug_file): new.
(tid_log_callback): New.
(debug_init): Rewrite to make use of gpgrt logging.
(_gpgme_debug): Ditto.
(_gpgme_debug_end): Remove extra LF testing code.
* src/dirinfo.c (get_gpgconf_item): Remove now unneeded LFs.  Realign
output.
2023-02-10 11:12:52 +01:00
Werner Koch
c0da6f77c6
core: Update copyright notices
--
2023-02-10 11:12:52 +01:00
Ingo Klöcker
41dc3bd22a
core: Allow finalization of signature verification of unencrypted data
* src/decrypt-verify.c (decrypt_verify_status_handler): Call
_gpgme_verify_status_handler on EOF even if
_gpgme_decrypt_status_handler returned NO DATA error.

* tests/gpg/t-decrypt-verify.c (normal_signed_message): New.
(main): Add test with signed, but not encrypted data.
--

This allows the verify status handler to finalize the verification of
the last signature even if the decrypt status handler returned a NO DATA
error because the input data wasn't encrypted.

GnuPG-bug-id: 6368
2023-02-10 09:54:03 +01:00
Ingo Klöcker
7ad717f6ba
core: Make usage of input size hint compatible with gpgtar
* src/engine-gpg.c (add_input_size_hint): Use add_gpg_arg_with_value
to add the --input-size-hint option.
--

GnuPG-bug-id: 6342
2023-02-02 09:59:01 +01:00
Ingo Klöcker
7f541547fc
core: Allow usage of gpgtar also for new enough gpg 2.2
* src/engine-gpg.c (have_usable_gpgtar): New.
(start): Always pass --status-fd to the called process.
(gpg_decrypt, gpg_encrypt, gpg_encrypt_sign, gpg_sign, gpg_verify):
Use have_usable_gpgtar() to check for suitable gpg.
--

The version check in start() is not needed because versions of gpg
that are unsuitable for the usage of gpgtar are rejected already by
the callers.

GnuPG-bug-id: 6342
2023-02-02 09:47:10 +01:00
Werner Koch
5ab9c234d6
core,w32: More robust detection of GnuPG Desktop dir layout
* src/w32-util.c (INST_TYPE_GPG4WIN, INST_TYPE_GPGDESK): New to
replace the numeric constants.
(find_version_file): New.
(_gpgme_get_gpgconf_path): Guess a default for inst_type.
--

GnuPG-bug-id: 6362
2023-02-01 17:29:24 +01:00
Werner Koch
359378c5b3
json: New operation "identify" and convenience option --identify.
* src/gpgme-json.c (data_type_to_string): New.
(op_identify): New.
(process_request): Add to command list.
(cmd_identify): New.
(main): Add option --identify.
--
2023-01-31 09:52:04 +01:00
Ingo Klöcker
48b11f5762
core: Use signature modes as flags
* src/engine-backend.h (engine_ops.sign): Rename argument mode to
flags.
* src/engine-gpg.c (gpg_sign): Rename argument mode to flags. Check
for invalid combination of flags.
* src/engine-gpgsm.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine-uiserver.c (gpgsm_sign): Rename argument mode to flags.
Check for unsupported flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_sign): Rename argument
mode to flags.
* src/gpgme.h.in (GPGME_SIG_MODE_ARCHIVE): Change value to 4.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
* src/sign.c (sign_start): Rename argument mode to flags. Adjust
check for invalid flags.
(gpgme_op_sign_start, gpgme_op_sign): Rename argument mode to flags.
--

Using the signature mode constants as flags is more natural, even if
currently all flags are mutually exclusive, because archives are
signed with a normal signature.

GnuPG-bug-id: 6342
2023-01-30 12:49:11 +01:00
Ingo Klöcker
3580bb139b
core: Update required GnuPG version for new archive features
* src/engine-gpg.c (gpg_decrypt, gpg_encrypt, gpg_encrypt_sign,
gpg_sign, gpg_verify): Require gpg 2.4.1.

--

To work properly the archive feature needs a fix added in GnuPG 2.4.1.

GnuPG-bug-id: 6342
2023-01-26 09:52:11 +01:00
Ingo Klöcker
5b79b32397
core: Support usage of gpgtar for verifying a signed archive
* src/gpgme.h.in (gpgme_verify_flags_t): New enum.
(GPGME_VERIFY_ARCHIVE): New const.
(gpgme_op_verify_ext_start): New func.
(gpgme_op_verify_ext): New func.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/verify.c (gpgme_op_verify_ext_start): New.
(gpgme_op_verify_ext): New.
(verify_start): Add arg FLAGS.  Pass the flags to
_gpgme_engine_op_verify.
(gpgme_op_verify_start): Call gpgme_op_verify_ext_start with 0 for
FLAGS.
(gpgme_op_verify): Call gpgme_op_verify_ext with 0 for FLAGS.
* src/engine.c, src/engine.h (_gpgme_engine_op_verify): Add arg FLAGS.
* src/engine-backend.h (struct engine_ops): Add FLAGS to 'verify'.
* src/engine-gpg.c (gpg_verify): Add arg FLAGS. Set use_gpgtar engine
flag if GPGME_VERIFY_ARCHIVE flag is set. Check for new enough gpg. Use
add_gpg_arg for gpg-only options without a value. Set extra options for
gpgtar and pass input data to stdin when using gpgtar.
* src/engine-gpgsm.c (gpgsm_verify): Add arg FLAGS. Return error if
GPGME_VERIFY_ARCHIVE flag is set.
* src/engine-uiserver.c (uiserver_verify): Ditto.

* tests/run-verify.c (show_usage): New options --archive, --directory,
and --diagnostics.
(main): Parse new options. Verify and extract with gpgtar if --archive
is given. Set file name of output data to value of --directory option.
Print stderr of gpg/gpgtar if --diagnostics is given.
--

GnuPG-bug-id: 6342
2023-01-25 11:26:34 +01:00
Ingo Klöcker
95ea3bf831
core: Support usage of gpgtar for decrypting an encrypted archive
* src/gpgme.h.in (GPGME_DECRYPT_ARCHIVE): New decryption flag.
* src/engine-gpg.c (gpg_decrypt): Set use_gpgtar engine flag if
GPGME_DECRYPT_ARCHIVE flag is set. Check for new enough gpg and
incompatible flags. Use add_gpg_arg_with_value for gpg-only options
with a value and add_gpg_arg for gpg-only options without a value.
Set extra options for gpgtar and pass input data to stdin when using
gpgtar.

* tests/run-decrypt.c (show_usage): New options --archive and
--directory.
(main): Parse new options. Decrypt with gpgtar if --archive is given.
Set file name of output data to value of --directory option.
--

GnuPG-bug-id: 6342
2023-01-24 12:32:23 +01:00
Ingo Klöcker
419adf41af
core: Allow setting the base directory when creating an archive
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign, gpg_sign): Pass
file name set in data with --directory option to gpgtar.

* tests/run-encrypt.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
* tests/run-sign.c (show_usage): New option --directory.
(main): Parse new option. Set file name of input data to option value.
--

GnuPG-bug-id: 6342
2023-01-23 12:17:22 +01:00