Commit Graph

2581 Commits

Author SHA1 Message Date
Ben McGinnes
fd4226429d examples: exporting keys
* Fixed the descriptions and explanation of what happens if no
  search/user ID/key ID data is included (it exports the lot).
2018-05-30 09:11:28 +10:00
Ben McGinnes
93bdf4b50a examples: python bindings
* 2 more scripts for planned expansion of the HOWTO.
* export-key.py - is very similar to both the import-key.py script and
  an earlier example.
* export-secret-key.py - the holiest of holies, a script to be very
  careful with (though on posix systems it is saved in a chmodded 600
  file).
2018-05-30 08:55:12 +10:00
Ben McGinnes
095093df20 examples: python bindings howto
* Added a script for planned HOWTO expansion demonstrating key import
  from a file with optional alternative homedir setting.
2018-05-25 22:59:17 +10:00
Ben McGinnes
321005c12f examples: mutt crypt-hooks generator
* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
  gpg.conf, including those entries for multiple keys (Mutt handles
  that differently).
2018-05-25 07:12:52 +10:00
Ben McGinnes
48e946a96d docs: python bindings howto
* Fixed the groups.py script so it really does what is described (the
  old code had the same result for groups, group_lines and
  group_lists).
* Updated the corresponding example in the doc to match.
2018-05-25 05:50:11 +10:00
Ben McGinnes
9038d30017 doc: python bindings howto
* Fixed org-mode python source indenting.
** Note: nested indented blocks do not indent correctly when exported
   to [X]HTML.
2018-05-25 05:50:11 +10:00
Andre Heinecke
9fca7c8406
json: Add code to gpg_error based messages
* src/gpgme-json.c (gpg_error_object): New.
(error_object_v): Extend to take error.

--
Having the error code is helpful, especially as
the strerrors are localized. E.g. to detect
an ERROR_CANCELED.
2018-05-24 16:35:42 +02:00
Andre Heinecke
61f4532ba9
json: Implement op_version
* src/gpgme-json.c (op_version): New.
(process_request): Extend for version.
(protocol_to_string, add_ei_to_object): New helpers.
2018-05-24 16:15:14 +02:00
Andre Heinecke
5fbf81c18b
json: Implement op_verify
* src/gpgme-json.c (op_verify): New.
(hlp_help): Add verify.
(process_request): Add verify.

--
Mostly works, except for detached, base64 encoded signatures,
they are somehow not yet written to gpgme.
2018-05-24 16:14:54 +02:00
Andre Heinecke
c679ed2477
json: Put signature info before data output
* src/gpgme-json.c (op_decrypt): Move info before data.

--
This should enable it to first parse signatures before
handling very large chunks of data.
2018-05-24 13:36:31 +02:00
Andre Heinecke
a6cd3a1197
json: Add sign to help
* src/gpgme-json.c (hlp_help): Add sign.
2018-05-24 13:31:15 +02:00
Andre Heinecke
1c0a55a608
json: Add op_sign
* src/gpgme-json.c (op_sign): New.
2018-05-24 13:29:23 +02:00
Andre Heinecke
b344933e4c
json: Fix invalid function call
* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.

--
That is what happens if you edit code while reviewing changes,
without testing it again,..
2018-05-24 13:16:55 +02:00
Andre Heinecke
45036c3c4c
json: Print signatures for decrypt/verify
* gpgme-json.c (xJSON_CreateArray),
(add_summary_to_object, validity_to_string): New helpers.
(add_signature_to_object, add_signatures_to_object)
(add_signatures_object): New.
(op_decrypt): Handle verify_result.
(hlp_help): Mention decrypt.
2018-05-24 12:37:29 +02:00
Andre Heinecke
fd5e14660a
json: Minor typo fixes
* src/gpgme-json.c: Minor typo fixes.
2018-05-24 10:26:41 +02:00
Ben McGinnes
3a9e6a8e08 docs and examples: python howto
* Updated the decryption example code in the HOWTO and the
  corresponding decrypt-file.py script to gracefully handle a
  decryption failure.  This error will always be triggered when GPGME
  is used to try to decrypt an old, MDC-less encrypted message or
  file.
2018-05-23 14:43:06 +10:00
Andre Heinecke
28e3778ce2
cpp: Expose sessionKey and symkeyAlgo
* lang/cpp/decryptionresult.cpp, lang/cpp/decryptionresult.h
(DecryptionResult::symkeyAlgo, DecryptionResult::sessionKey): New.
2018-05-22 12:08:01 +02:00
Andre Heinecke
e04b8142df
core, w32: Add w64 handling for regkeys
* src/w32-util.c (_gpgme_get_gpg_path): Use new defines.
(GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x
(GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x
(_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback.

--
This should fix more "unsupported protocol" issues if Gpg4win /
GnuPG is installed in a non standard path on 64bit systems.

The regkey handling is similar to that of gpgex and gpgol.

GnuPG-Bug-Id: T3988
2018-05-17 17:46:12 +02:00
Werner Koch
8a0c8c5251
core: Always fail if an OpenPG message is not integrity protected.
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this.  Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--

This extra check makes sure that a missing or stripped MDC in
 - gpg < 2.1
 - or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure.  gpg 2.3 will always fail in this
case.  Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.

Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered.  If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.

GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-17 09:16:05 +02:00
Werner Koch
e54b110aec
json: Improve auto-base64 encoding to not split UTF-8 chars.
* src/gpgme-json.c (make_data_object): Switch to Base64 also for UTF-8
characters.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-09 16:41:05 +02:00
Werner Koch
e2a8a87bf9
core: Make the status-fd monitor work for all gpgsm commands.
* src/engine-gpgsm.c (status_handler): Call the status monitor also
here.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-05-09 16:39:30 +02:00
Ben McGinnes
46da79e3de python: key expiration datetime stamp tests
* Changed the expiration date for the generated test key to NYE this
  century, rather than the NYE this millennium as originally suggested
  in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
  healthy millennials) as well as the 32-bit clock end date in 2038;
  without falling foul of OpenPGP's 2106 expiration.
2018-05-05 12:27:17 +10:00
Andre Heinecke
26820ba629
qt: Respect --disable-gpg-test for tests
* lang/qt/Makefile.am: Respect --disable-gpg-test

--
This is similar to the core switch to disable the tests.
2018-05-04 10:03:42 +02:00
Andre Heinecke
6b267c56fd
qt: Fix filename handling in cryptoconfig
* src/qgpgmenewcryptoconfig.cpp (QGpgMENewCryptoConfigEntry::urlValue):
Build url from local file.
(QGpgMENewCryptoConfigEntry::setURLValue): Set native seperated
path.

--
This fixes setting files through cryptoconfig on Windows.
GnuPG-Bug-Id: T3939
2018-04-26 14:11:19 +02:00
Andre Heinecke
7706fa2c92
core: Do not modify args for ignored failures
* src/op-support.c (_gpgme_parse_failure): Ignore gpg-exit failures
before modifying args.

--
For op_decrypt_verify the status handler for both decrypt and
verify would parse the failure when the first parser ignored
the failure. This resulted in an ERR_INV_ENGINE as the first
call to parse_failure modified the args.

GnuPG-Bug-Id: T3919
2018-04-20 14:30:53 +02:00
Werner Koch
302ec1f9aa
Post release updates
--
2018-04-20 10:41:38 +02:00
Werner Koch
2e9a14912f
Release 1.11.1
* configure.ac: Bump LT version to C31/A20/R1.  For cpp to C13/A7/R0.
For qt to: C10/A3/R2.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-20 10:32:54 +02:00
Werner Koch
f779362ffb
core: Remove another debug output leftover.
* src/decrypt.c (_gpgme_decrypt_status_handler): Remove log debug.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-20 10:32:52 +02:00
Werner Koch
d11bec5ef5
build: More release creation automation.
* Makefile.am: Add release and sign-release targets.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-20 10:13:25 +02:00
Werner Koch
969700bc56
doc: Suggest the use of strconcat for recipient strings.
--
GnuPG-bug-id: 3775

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-20 08:56:53 +02:00
Werner Koch
ab43d85b9a
json: Remove the -noinstall flag used during development.
* src/Makefile.am (gpgme-json_LDFLAGS): Remove.
--

Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-19 16:20:27 +02:00
Andre Heinecke
d65d632931
cpp: Add origin and last_update to UserID
* NEWS: Mention it.
* lang/cpp/src/key.cpp, lang/cpp/src/key.h (UserID::lastUpdate),
(UserID::origin): New.
(gpgme_origin_to_pp_origin): New helper.
2018-04-19 11:56:15 +02:00
Andre Heinecke
0adaf7bafd
cpp: Add origin and last_update
* NEWS: mention interface change.
* lang/cpp/src/key.cpp (Key::origin, Key::lastUpdate): New.
* lang/cpp/src/key.h (Key::Origin): New enum.
2018-04-19 10:46:34 +02:00
Werner Koch
b52a91f5a6
core: Remove leftover debug output.
* src/verify.c (_gpgme_verify_status_handler): Remove debug output.
--

Actually this is a real bug because it uses a debug function available
only in the new libgpg-error versions.  Time to call Jenkins back from
vacation; there are rumors that he has been seen in the city looking
for a new Ryzen tail coat.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-19 10:34:32 +02:00
Werner Koch
3d8e5c0751
tests: Fix t-verify test for GnuPG < 2.2.7.
* tests/gpg/t-verify.c (check_result): Tweak for gnupg < 2.2.7.
--

The not yet releases 2.2.7-beta may print a full fingerprint in the
ERRSIG status.  This is compliant with the dscription but the new
t-verify test case did not took in account that older GnuPG versions
print only a keyid.

Fixes-commit: b99502274a
GnUPG-bug-id: 3920
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-19 10:29:30 +02:00
Werner Koch
d98f08fa63
Post release updates
--
2018-04-18 20:27:14 +02:00
Werner Koch
3f55c52b9a
Release 1.11.0
* configure.ac: Bump LT version to C31/A20/R0.  For cpp to C12/A6/R0.
For qt to: C10/A3/R1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 20:11:52 +02:00
Werner Koch
8e34a14fe6
json: Add stpcpy replacement.
* src/gpgme-json.c [!HAVE_STPCPY](_my_stpcpy): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 20:11:50 +02:00
Werner Koch
67b4dafb6d
doc: Update copyright years and change two URLs.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 19:30:50 +02:00
Werner Koch
1ae83de262
doc: Unify comment style in gpgme.h
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 19:28:51 +02:00
Werner Koch
55e9a94680
core: New convenience constant GPGME_KEYLIST_MODE_LOCATE.
* src/gpgme.h.in (GPGME_KEYLIST_MODE_LOCATE): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 17:59:29 +02:00
Werner Koch
e5273fc443
json: Add command "decrypt" to gpgme-json.
* src/gpgme-json.c (make_data_object): Enable auto-detection of
base-64.
(op_encrypt): Support a 'mime' flag.
(op_decrypt): New.
(process_request): Add command "encrypt".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:24:42 +02:00
Werner Koch
65479fe7b8
core: Add 'is_mime' flags to the verify and decrypt results.
* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
* src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime'
and '_unused'.
(gpgme_op_decrypt_result_t): New field 'is_mime'.  Shrink '_unused'.

* tests/run-decrypt.c (print_result): Print MIME flag.
* tests/run-verify.c (print_result): Ditto.
--

Note that this flag (Liternal Data packet's 'm' mode) is only
specified in RFC-4880bis.  To use it you currently need to add
"rfc4880bis" to the the gpg.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 15:20:35 +02:00
Werner Koch
23177e4410
core: Fix possible compliance mode detection error.
* src/verify.c (_gpgme_verify_status_handler): Insert missing break.
--

Before the insertion of the compliance status checking the break in
the default clause was used by the STATUS_PLAINTEXT code.  That got
lost.  I don't see any actual harm due to different values currently
in use for the compliance status.

Fixes-commit: 05fa2a9c77
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 14:41:50 +02:00
Werner Koch
49a617f8bb
json: Improve help meta command in gpgme-json.
* src/gpgme-json.c (process_meta_commands): Add ",help CMD".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 11:34:16 +02:00
Werner Koch
ed1052842d
json: Add command "getmore" to gpgme-json.
* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): New const.
(DEF_REPLY_CHUNK_SIZE): New const.
(MAX_REPLY_CHUNK_SIZE): New const.
(pending_data): New var.
(add_base64_to_object): Chnage to take a plain data pointer.
(get_chunksize): New.
(make_data_object): New.
(op_encrypt): Get chunksize and use make_data_object.
(op_getmore): New.
(process_request): Release pending data for all commands but "getmore"
and "help".
--

Native messaging has a limit on the data it may receive in one
request.  Thus the caller needs to watch for the "more" flag and
request the remaining data using "getmore" in a loop.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 11:12:46 +02:00
Werner Koch
e69b175e8e
json: Add meta command ,read to gpgme-json.
* src/gpgme-json.c: Include stat.h.
(get_file): New.
(process_meta_commands): Implement ",read".

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-18 09:26:33 +02:00
Werner Koch
01435da498
core: Extend decryption result with symkey_algo.
* src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'.
* src/decrypt.c (release_op_data): Free SYMKEY_ALGO.
(gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL.
(parse_decryption_info): New.
(_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status.
* src/conversion.c (_gpgme_cipher_algo_name): New.
(_gpgme_cipher_mode_name): New.

* tests/run-decrypt.c (print_result): Print SYMKEY_ALGO

* src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 13:48:56 +02:00
Werner Koch
3589da0500
core: New keyword --file for OpenPGP recpstring.
* src/engine-gpg.c (append_args_from_recipients_string): Add new
flags.
--

Now you can use gpgme to encrypt without first importing a key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 12:40:30 +02:00
Werner Koch
c143ab692c
core: For OpenPGP let offline mode disable dirmngr.
* src/engine-gpg.c (struct engine_gpg): New flag.offline.
(gpg_set_engine_flags): Set it.  Also fix setting of no_symkey_cache.
(build_argv): Pass --disable-dirmngr in offline mode.
--

GnuPG-bug-id: 3831
Signed-off-by: Werner Koch <wk@gnupg.org>
2018-04-17 11:06:27 +02:00