* lang/cpp/src/gpgmefw.h (gpgme_revocation_key_t): New forward
declaration.
* lang/cpp/src/key.cpp, lang/cpp/src/key.h (class Key): New methods
revocationKey, numRevocationKeys, revocationKeys.
(class RevocationKey): New.
(swap): New overload for RevocationKey.
(operator<<): New overload for RevocationKey.
* lang/cpp/src/key.cpp (operator<<): Add information about revocation
keys to the output stream for Key.
* lang/cpp/tests/run-keylist.cpp (main): Don't output Key if nextKey
failed, e.g. at the end of the key listing.
--
GnuPG-bug-id: 7118
* src/engine-gpg.c (gpg_decrypt): Pass output file name to gpg if output
has file name set.
(gpg_verify): Ditto.
* tests/run-decrypt.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
Do not print output if --output is given.
* tests/run-verify.c (show_usage): New option --output.
(main): Parse new option. Set file name on output if --output is given.
--
This change makes it possible to tell gpg to write the output (i.e. the
decrypted/verified data) directly to a file with given file name instead
of piping the output back to gpgme.
GnuPG-bug-id: 6550
* src/gpgme.h.in (GPGME_SIG_MODE_FILE): New signature mode flag.
* src/engine-gpg.c (gpg_sign): Separate signature mode from additional
flags. Check for incompatible flags. Explicitly set output to stdout if
no output file is used. Pass filename instead of fd to gpg when new flag
is set.
* src/engine-gpgsm.c (gpgsm_sign): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_sign): Ditto.
* src/sign.c (sign_start): Consider new flag on check for invalid flags.
* tests/run-sign.c (show_usage): New options --detach and
--direct-file-io.
(main): Parse new options. Create a detached signature if --detach is
given. Make gpg read the input file itself if --direct-file-io is given.
--
With this change the gpgme_op_sign* functions gain the possibility to
make gpg read the data to sign directly from a file instead of from an
input FD to which it is written by gpgme.
GnuPG-bug-id: 6550
* src/gpgme.h.in (GPGME_ENCRYPT_FILE): New encryption flag.
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign): Check for
incompatible flags. Pass filename instead of fd to gpg when new flag is
set.
* src/engine-gpgsm.c (gpgsm_encrypt): Return error if new flag is set.
* src/engine-uiserver.c (uiserver_encrypt): Ditto.
* tests/run-encrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. Make gpg read the input file itself if the
option is given.
--
With this change the gpgme_op_encrypt* and gpgme_op_encrypt_sign*
functions gain the possibility to make gpg read the data to (sign and)
encrypt directly from a file instead of from an input FD to which it is
written by gpgme.
GnuPG-bug-id: 6550
* lang/qt/src/defaultkeygenerationjob.h (class DefaultKeyGenerationJob):
Deprecate.
--
GnuPG generates Ed25519 keys by default and has switched to 3072 bits as
default for RSA keys. DefaultKeyGenerationJob always generates RSA 2048
keys and uses the old parameter file API of GnuPG. It shouldn't be used
anymore.
GnuPG-bug-id: 6805
* configure.ac: Add option to enable building the Qt 6 binding with
-fPIC. Fix typo and mention default for --enable-no-direct-extern-access
option.
* m4/qt6.m4: Add -fPIC to GPGME_QT6_CFLAGS if requested or if Qt 6 was
built with reduce_relocations.
--
GnuPG-bug-id: 6781
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_V5FPR): New.
(struct _gpgme_subkey): Add field v5fpr.
* src/engine-gpg.c (gpg_keylist_build_options): Pass new option to
gpg.
* src/key.c (gpgme_key_unref): Free new field.
* src/keylist.c (op_data_t): Parse and add "fp2" line.
* tests/run-keylist.c (show_usage): Add option --v5fpr.
* src/keylist.c (op_data_t): Add field failure_code.
(keylist_status_handler): Handle special value.
(gpgme_op_keylist_end): Return an error if a FAILURE line has been
seen.
--
Note that the failure code part has been added to better diagnose
problems if a wrong gpg version is used. If verything works right we
should not get this because we check that the gnupg version sis either
>= 2.4.4 or less than 2.3 and >= 2.2.42.
Note further that the v5fpr field may also be used to get the SHA-256
fingerprint of X.509 certificates (even without passing the new mode
flag).
GnuPG-bug-id: 6705
* src/engine-gpgsm.c (gpgsm_encrypt): Send the always-trust options.
* tests/run-encrypt.c: Add option --always-trust.
--
Note that the run-encrypt test tool used to assume always-trust for
OpenPGP since 1.7.0 This bug has also been fixed by introducing the
explicit option.
GnuPG-bug-id: 6559
* lang/qt/src/wkdrefreshjob.cpp, lang/qt/src/wkdrefreshjob.h,
lang/qt/src/wkdrefreshjob_p.h, lang/qt/src/qgpgmewkdrefreshjob.cpp,
lang/qt/src/qgpgmewkdrefreshjob.h: New.
* lang/qt/src/protocol.h (class Protocol): Add pure virtual member
function wkdRefreshJob
* lang/qt/src/protocol_p.h (Protocol::wkdRefreshJob): ... and
implement it.
* lang/qt/src/Makefile.am: Update accordingly.
* lang/qt/tests/run-wkdrefreshjob.cpp: New.
* lang/qt/tests/Makefile.am: Add new test runner.
--
This job allows updating keys via WKD. Only user IDs that were
originally retrieved via WKD (i.e. which have origin WKD) are
considered.
GnuPG-bug-id: 6672
* lang/qt/src/decryptverifyarchivejob.cpp,
lang/qt/src/decryptverifyarchivejob.h (DecryptVerifyArchiveJob): Add
member functions setInputFile, inputFile.
* lang/qt/src/decryptverifyarchivejob_p.h
(DecryptVerifyArchiveJobPrivate): Add member m_inputFilePath.
* lang/qt/src/qgpgmedecryptverifyarchivejob.cpp (decrypt_verify): Move
creation of indata to decrypt_verify_from_io_device.
(decrypt_verify_from_io_device, decrypt_verify_from_file_name): New.
(QGpgMEDecryptVerifyArchiveJob::start): Use
decrypt_verify_from_io_device instead of decrypt_verify.
(QGpgMEDecryptVerifyArchiveJobPrivate::startIt): Start the job with the
values from member variables.
* lang/qt/tests/run-decryptverifyarchivejob.cpp (createInput): Remove.
(main): Remove creation of input. Make the job read the archive directly
from the given archive name.
--
This makes it possible to tell gpgtar to read the signed/encrypted
archive directly from a specified file bypassing GpgME's Data IO.
GnuPG-bug-id: 6530
* src/engine-gpg.c (add_file_name_arg_or_data): New.
(gpg_decrypt): Use add_file_name_arg_or_data instead of add_data for the
ciphertext.
(gpg_verify): Use add_file_name_arg_or_data instead of add_data for the
signature and the signed text.
* tests/run-decrypt.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
file, create simple data object instead of data object from stream and
set input file name on input data.
* tests/run-verify.c (show_usage): New option --direct-file-io.
(main): Parse new option. If option is given, then don't open input
files, create simple data objects instead of data objects from stream
and set input file names on input data objects.
--
This change makes it possible to tell gpg (and gpgtar) to read the
input (i.e. the signed/encrypted data or the signature or the created
archive) directly from the files with given file names instead of from
streams piped through GpgME's Data IO.
GnuPG-bug-id: 6530
* lang/qt/src/encryptarchivejob.cpp, lang/qt/src/encryptarchivejob.h
(EncryptArchiveJob): Add member functions setRecipients, recipients,
setInputPaths, inputPaths, setOutputFile, outputFile,
setEncryptionFlags, encryptionFlags.
* lang/qt/src/encryptarchivejob_p.h (EncryptArchiveJobPrivate): Add
members m_recipients, m_inputPaths, m_outputFilePath, m_encryptionFlags.
* lang/qt/src/qgpgmeencryptarchivejob.cpp (encrypt): Move creation of
outdata to encrypt_to_io_device.
(encrypt_to_io_device, encrypt_to_filename): New.
(QGpgMEEncryptArchiveJob::start): Use encrypt_to_io_device instead of
encrypt.
(QGpgMEEncryptArchiveJobPrivate::startIt): Start the job with the
values from member variables.
* lang/qt/src/qgpgmesignarchivejob.cpp (sign): Move creation of
outdata to sign_to_io_device.
(sign_to_io_device, sign_to_filename): New.
(QGpgMESignArchiveJob::start): Use sign_to_io_device instead of sign.
(QGpgMESignArchiveJobPrivate::startIt): Start the job with the
values from member variables.
* lang/qt/src/qgpgmesignencryptarchivejob.cpp (sign_encrypt): Move
creation of outdata to sign_encrypt_to_io_device.
(sign_encrypt_to_io_device, sign_encrypt_to_filename): New.
(QGpgMESignEncryptArchiveJob::start): Use sign_encrypt_to_io_device
instead of sign_encrypt.
(QGpgMESignEncryptArchiveJobPrivate::startIt): Start the job with the
values from member variables.
* lang/qt/src/signarchivejob.cpp, lang/qt/src/signarchivejob.h
(SignArchiveJob): Add member functions setSigner, signers,
setInputPaths, inputPaths, setOutputFile, outputFile.
* lang/qt/src/signarchivejob_p.h (SignArchiveJobPrivate): Add
members m_signers, m_inputPaths, m_outputFilePath.
* lang/qt/src/signencryptarchivejob.cpp,
lang/qt/src/signencryptarchivejob.h (SignEncryptArchiveJob): Add
member functions setSigner, signers, setRecipients, recipients,
setInputPaths, inputPaths, setOutputFile, outputFile,
setEncryptionFlags, encryptionFlags.
* lang/qt/src/signencryptarchivejob_p.h (SignEncryptArchiveJobPrivate):
Add members m_signers, m_recipients, m_inputPaths, m_outputFilePath,
m_encryptionFlags.
* lang/qt/tests/run-encryptarchivejob.cpp (createOutput): Remove.
(checkOutputFilePath): New.
(main): Create file output writing to stdout if no archive name (or "-")
is given. Exit if file with given archive name already exists. Make
the jobs write the created archive directly to the given archive name.
* lang/qt/tests/run-signarchivejob.cpp (createOutput): Remove.
(checkOutputFilePath): New.
(main): Create file output writing to stdout if no archive name (or "-")
is given. Exit if file with given archive name already exists. Make
the jobs write the created archive directly to the given archive name.
--
This makes it possible to tell gpgtar to write the created archive
directly to a specified file bypassing GpgME's Data IO.
GnuPG-bug-id: 6530
* lang/qt/src/job.cpp, lang/qt/src/job.h (Job::startIt): New method.
* lang/qt/src/job_p.h (JobPrivate::startIt): New pure virtual method.
* lang/qt/src/qgpgmechangeexpiryjob.cpp
(QGpgMEChangeExpiryJobPrivate::startIt): New.
* lang/qt/src/qgpgmedecryptverifyarchivejob.cpp
(QGpgMEDecryptVerifyArchiveJobPrivate::startIt): New.
* lang/qt/src/qgpgmeencryptarchivejob.cpp
(QGpgMEEncryptArchiveJobPrivate::startIt): New.
* lang/qt/src/qgpgmeencryptjob.cpp (QGpgMEEncryptJobPrivate::startIt):
New.
* lang/qt/src/qgpgmeimportjob.cpp (QGpgMEImportJobPrivate::startIt):
New.
* lang/qt/src/qgpgmelistallkeysjob.cpp
(QGpgMEListAllKeysJobPrivate::startIt): New.
* lang/qt/src/qgpgmesignarchivejob.cpp
(QGpgMESignArchiveJobPrivate::startIt): New.
* lang/qt/src/qgpgmesignencryptarchivejob.cpp
(QGpgMESignEncryptArchiveJobPrivate::startIt): New.
* lang/qt/src/qgpgmesignencryptjob.cpp
(QGpgMESignEncryptJobPrivate::startIt): New.
--
startIt() starts a job if the necessary values have been set before.
This makes it possible to extend jobs with additional ways to start them
without having to worry about overloading existing virtual start()
methods. This will be used first for the different archive jobs.
GnuPG-bug-id: 6530
* NEWS: Mention this.
* lang/cpp/src/data.h, lang/cpp/src/data.cpp (Data::setSizeHint): New.
* lang/qt/src/qgpgmedecryptjob.cpp,
lang/qt/src/qgpgmedecryptverifyarchivejob.cpp,
lang/qt/src/qgpgmedecryptverifyjob.cpp,
lang/qt/src/qgpgmeencryptjob.cpp,
lang/qt/src/qgpgmesignencryptjob.cpp,
lang/qt/src/qgpgmesignjob.cpp,
lang/qt/src/qgpgmeverifydetachedjob.cpp,
lang/qt/src/qgpgmeverifyopaquejob.cpp: Set size for input IODevice.
--
This fixes the case where the old detection of the size of QIOdevice
using seek would overflow and instead explicitly uses QIODevice::size
to check for the size and pass it through as an uint64.
GnuPG-Bug-Id: T6534
* lang/cpp/src/data.cpp (Data::setFlag): New.
* lang/cpp/src/data.h: Update accordingly.
* NEWS: Mention this.
--
This exposes the generic flag mechanism for data to users
of the C++ library. It is similar to Context::setFlag but
has no getter.
* doc/gpgme.texi (GPG_ERR_FULLY_CANCELED): New.
* lang/cpp/src/context.cpp (Error::isCanceled): Also return true for
GPG_ERR_FULLY_CANCELED.
--
For internal purposes, GnuPG sometimes uses the error code
GPG_ERR_FULLY_CANCELED instead of GPG_ERR_CANCELED. From a user
perspective both values mean the same thing and should therefore be
treated identically.
GnuPG-bug-id: 6510
* configure.ac: Define GPG_ERR_ENABLE_GETTEXT_MACROS.
* src/version.c (do_subsystem_inits) [W32]: Switch gettext to UTF-8.
--
On Windows, applications using GpgME can now rely on localized texts
returned by GpgME, e.g. the texts for error codes, to be UTF-8 encoded.
In particular, this saves a useless and possibly lossy conversion to
native encoding and back to UTF-8. On other OSes, where we use the
system provided gettext, we assume that UTF-8 is used nowadays.
GnuPG-bug-id: 5960
* lang/qt/src/job.h (Job): Add signals jobProgress and rawProgress.
Deprecate signal progress.
* lang/qt/src/multideletejob.cpp (MultiDeleteJob::slotResult): Emit
new progress signals.
* lang/qt/src/qgpgmerefreshsmimekeysjob.cpp
(QGpgMERefreshSMIMEKeysJob::slotStatus): Ditto.
* lang/qt/src/threadedjobmixin.h (ThreadedJobMixin::showProgress): Use
modern overload of QMetaObject::invokeMethod to forward the progress
signal and add the value of what. Add forwarding of progress to the new
signals.
* lang/qt/tests/t-encrypt.cpp (EncryptionTest::testProgress): Test
the new signals instead of the deprecated one.
--
The new signal jobProgress omits the what value which is useless for
most consumers. The new signal rawProgress makes all information
provided by the backend available to consumers. The latter is not
really meant to be used by users of gpgme. It will be used by the
archive jobs to provide more user-friendly signals.
GnuPG-bug-id: 6342
* lang/qt/src/Makefile.am: Add new files and corresponding camel-case
header.
* lang/qt/src/dataprovider.h: Include interface from gpgme++ when
not building.
* lang/qt/src/filelistdataprovider.cpp,
lang/qt/src/filelistdataprovider.h: New.
--
The new data provider simplifies providing a nul-separated list of
UTF-8-encoded filenames, e.g. for creating signed or encrypted
archives. It is a simple read-only proxy for QByteArrayDataProvider.
GnuPG-bug-id: 6342