| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.c (gpgme_set_ctx_flag): Add flags "export-session-key" and
"override-session-key".
(gpgme_get_ctx_flag): Ditto.
(gpgme_set_export_session_keys): Remove.
(gpgme_get_export_session_keys): Remove.
* src/gpgme.def, src/libgpgme.vers: Remove them.
* src/context.h (struct gpgme_context): Add field
override_session_key.
* src/decrypt-verify.c (decrypt_verify_start): Pass
override_session_key value to the engine.
* src/decrypt.c (decrypt_start): Ditto.
* src/engine.c (_gpgme_engine_op_decrypt): Ditto.
(_gpgme_engine_op_decrypt_verify): Ditto.
* src/engine-backend.h (struct engine_ops): Extend DECRYPT and
DECRYPT_VERIFY_START with override_session_key.
* src/engine-uiserver.c (_uiserver_decrypt): Add stub arg
override_session_key.
(uiserver_decrypt): Ditto.
(uiserver_decrypt_verify): Ditto.
* src/engine-gpgsm.c (gpgsm_decrypt): Ditto.
* src/engine-gpg.c (gpg_decrypt): Add arg override_session_key and set
corresponding gpg option.
* tests/run-decrypt.c (print_result): Print the session key if
available.
(main): Add options --export-session-key and --override-session-key.
--
To keep the number of context manipulation functions at bay, this
patches removes the just added gpgme_set_export_session_keys and
gpgme_get_export_session_keys by flags for the generic context
function.
The patch also implements the --override-session-key feature.
GnuPG-bug-id: 2754
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_get_ctx_flag): New.
* src/gpgme.c (gpgme_set_ctx_flag): Move down the file and add a trace
statement.
(gpgme_get_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new interface.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.c (gpgme_set_export_session_keys): New function.
(gpgme_get_export_session_keys): New function.
* src/gpgme.h.in (struct _gpgme_op_decrypt_result): Add session_key
member.
(gpgme_{set,get}_export_session_keys): Declare new functions.
* src/libgpgme.vers, src/gpgme.def: Export new functions in shared
object.
* src/engine.h: (_gpgme_engine_op_decrypt) Add export_session_key
parameter.
(_gpgme_engine_op_decrypt_verify): Add export_session_key parameter.
* src/engine-backend.h: (struct engine_ops): Change function
pointer declarations to match.
* src/context.h (struct gpgme_context): Add export_session_keys member.
* src/decrypt.c (release_op_data): Free result.session_key.
(_gpgme_decrypt_status_handler): Store a copy of the exported session
key.
(decrypt_start): Pass export_session_keys from the context.
* src/decrypt-verify.c (decrypt_verify_start): Pass
export_session_keys from context.
* src/engine.c (_gpgme_engine_op_decrypt): Pass through
export_session_key flag.
(_gpgme_engine_op_decrypt_verify): Pass through export_session_key
flag.
* src/engine-gpg.c (gpg_decrypt): If export_session_key is set, add
--export-session-key to argument list.
* src/engine-gpgsm.c (gpgsm_decrypt): Ignore export_session_key for
now, since gpgsm offers no such mechanism.
* src/engine-uiserver.c (_uiserver_decrypt): If export_session_key is
set, add --export-session-key flag to cmd.
* doc/gpgme.texi: Document new functions and session_key member of
decrypt_result_t.
* doc/uiserver.texi: Add --export-session-key flag to DECRYPT command.
--
gpg(1) documents session key export as useful for key escrow, and is
rightly dubious of that use case. However, session key export is also
useful in other use cases. Two examples from MUA development (where
this functionality would be specifically useful to me right now):
* If the MUA stores a local copy of the session key upon decrypting
the message, it can re-decrypt the message without expensive
asymmetric operations. When rendering a thread with dozens of
encrypted messages, this can represent a significant speedup.
* A user may have expired encryption-capable secret key material,
along with many messages encrypted to that material. If she stores
the session keys for those messages she wants to keep, she can
destroy her secret key material and make any messages she has
deleted completely unrecoverable, even to an attacker who gets her
remaining secret keys in the future.
This patchset makes a two specific implementation decisions that could
have gone in different ways. I welcome feedback on preferred outcomes.
0) session key representation: we currently represent the session key
as an opaque textual string, rather than trying to provide any
sort of in-memory structure. While it wouldn't be hard to parse
the data produced by gpg's --export-session-key, I chose to use
the opaque string rather than lock in a particular data format.
1) API/ABI: i've added a member to gpgme_op_decrypt_result_t. This
has the potential to cause an out-of-bound memory access if
someone uses code compiled against the newer verision, but linked
at runtime against an older version. I've attempted to limit that
risk by documenting that users must verify
gpgme_get_export_session_keys() before accessing this new struct
member -- this means that code expecting this capability will
require the symbol at link-time, and will refuse to link against
older versions.
Another approach to solving this problem would be to avoid
modifying gpgme_op_decrypt_result_t, and to introduce instead a
new function gpgme_op_session_key(), which could be called in the
same places as gpgme_op_decrypt_result(). Depending on the
representation of the session key, this might introduce new
memory-management burdens on the user of the library, and the
session key is certainly part of a decryption result, so it seemed
simpler to go with what i have here.
If anyone has strong preferences that these choices should be solved
in a different way, i'm happy to hear them.
Additionally, I note that i'm also still pretty unclear about how the
"UI Server" fits into this whole ecosystem. In particular, I don't
know whether it's kosher to just add an --export-session-key flag to
the DECRYPT operation without actually having implemented it anywhere,
but i don't see where i would actually implement it either :/
If this patch (or some variant) is adopted, i will supply another
patch that permits offering a session key during decryption (e.g. "gpg
--override-session-key"), but I wanted to get these implementation
choices ironed out first.
Gnupg-Bug-Id: 2754
Signed-off-by: Daniel Kahn Gillmor <[email protected]>
On the concern of adding a new field to a structure: It may not be
clearly documented but we don't expect that a user ever allocates such
a structure - those result structure may only be created bu gpgme and
are read-only for the user. Adding a new member constitutes a
compatible ABI change and thus an older SO may not be used by code
compiled with a header for the newer API. Unless someone tinkers with
the build system, this should never happen. We have added new fields
to result structure may times and I can't remember any problems.
- wk
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_query_swdb_result_t): New.
(gpgme_op_query_swdb): New.
(gpgme_op_query_swdb_result): New.
* src/libgpgme.vers, src/gpgme.def: Add the two new functions.
* src/queryswdb.c: New.
* src/Makefile.am (main_sources): Add new file.
* src/context.h (OPDATA_QUERY_SWDB): New.
* src/engine-backend.h (struct engine_ops): Add field 'query_swdb'.
Adjust all initializer.
* src/engine.c (_gpgme_engine_op_query_swdb): New.
* src/engine-gpgconf.c (parse_swdb_line): New.
(gpgconf_query_swdb): New.
(_gpgme_engine_ops_gpgconf): Register that function.
* src/util.h (GPG_ERR_TOO_OLD): Define for older libgpg-error.
(GPG_ERR_ENGINE_TOO_OLD): Ditto.
* tests/run-swdb.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add new debug tool.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/context.h (struct gpgme_context): Add field 'sender'.
* src/gpgme.c: Include mbox-util.h.
(gpgme_release): Free SENDER.
(gpgme_set_sender): New.
(gpgme_get_sender): New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-gpg.c (append_args_from_sender): New.
(gpg_encrypt_sign, gpg_sign): Call append_args_from_sender.
(gpg_verify): Add arg CTX. Call append_args_from_sender/
* src/engine-gpgsm.c (gpgsm_verify): Add dummy arg CTX.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* src/engine.c (_gpgme_engine_op_verify): Add arg CTX.
* src/verify.c (verify_start): Pass CTX to engine function.
* tests/gpg/t-verify.c (main): Add some checks for new functions.
* tests/run-sign.c (main): Add option --sender.
* tests/run-verify.c (main): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* src/gpgme.h.in: Add gpgme_addrspec_from_uid.
* src/gpgme.def, src/libgpgme.vers: Ditto.
* src/mbox-util.c (gpgme_addrspec_from_uid): New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* configure.ac: Bump LT vesion to C26/A15/R0.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (_GPGME_DEPRECATED): Change to take versio numbers
for documentation. Change all places.
(_GPGME_DEPRECATED_OUTSIDE_GPGME): Ditto.
* lang/python/gpgme-h-clean.py: Adjust RE.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_interact_cb_t): New.
(GPGME_INTERACT_CARD): New.
(gpgme_op_interact_start, gpgme_op_interact): New.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/edit.c (op_data_t): Rename fnc to fnc_old and change users. Add
fnc.
(edit_status_handler): Call old or new callback.
(command_handler): Ditto.
(interact_start): New.
(gpgme_op_interact_start, gpgme_op_interact_start): New.
* src/status-table.c (_gpgme_status_to_string): New.
* tests/gpg/t-edit.c (edit_fnc): Rename to interact_fnc and change
type of STATUS. Use gpgme_io_writen.
(main): s/gpgme_op_edit/gpgme_op_interact/.
--
This change will eventually allow us to remove all those status codes
from gpgme.h.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_op_tofu_policy_start): New function.
(gpgme_op_tofu_policy): New function.
* src/libgpgme.vers, src/gpgme.def: Add new functions.
* src/tofupolicy.c: New.
* src/Makefile.am (main_sources): Add that file.
* src/context.h (ctx_op_data_id_t): Add OPDATA_TOFU_POLICY.
* src/engine.c (_gpgme_engine_op_tofu_policy): New.
* src/engine-backend.h (engine_ops): Add funcptr 'tofu_policy'.
Adjust all engine initializations.
* src/engine-gpg.c (gpg_tofu_policy): New.
(_gpgme_engine_ops_gpg): Register this function.
* tests/run-tofu.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_op_keysign_start, gpgme_op_keysign): New.
(GPGME_KEYSIGN_LOCAL): New.
(GPGME_KEYSIGN_LFSEP): New.
(GPGME_KEYSIGN_NOEXPIRE): New.
* src/context.h (ctx_op_data_id_t): Add OPDATA_KEYSIGN.
* src/keysign.c: New.
* src/Makefile.am (main_sources): Add keysig.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_op_keysign_start.
* src/engine.c (_gpgme_engine_op_keysign): New.
* src/engine-backend.h (engine_ops): Add 'keysign' and adjust all
engine initializers.
* src/engine-gpg.c (_add_arg): Add args PREFIX and ARGLEN and change
callers to set them.
(add_arg_pfx): New.
(add_arg_len): New.
(gpg_keysign): New.
(_gpgme_engine_ops_gpg): Set keysign to gpg_keysign.
* tests/run-keysign.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add run-keysign.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine.h (GENKEY_EXTRAFLAG_REVOKE): New.
* src/genkey.c (adduid_start): Rename to addrevuid_start. Add arg
REVOKE and pass it as extraflags. Remove useless ARMOR extraflag.
Adjust callers.
(gpgme_op_revuid_start, gpgme_op_revuid): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* tests/run-genkey.c: Add option --revuid.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/genkey.c: Replace most error codes GPG_ERR_INV_VALUE by
GPG_ERR_INV_ARG.
(struct op_data_t): Add field UIDMODE.
(genkey_status_handler): Use UIDMODE.
(adduid_start): New.
(gpgme_op_adduid_start, gpgme_op_adduid): New.
* src/gpgme.def, src/libgpgme.vers: Add them.
* tests/run-genkey.c: Add option --adduid.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-backend.h (engine_ops): Change prototype of genkey.
* src/engine-gpgsm.c (gpgsm_genkey): Change accordingly.
* src/engine-gpg.c (gpg_genkey): Change it to a dispatcher.
(gpg_createkey_from_param): New for the old functionality.
(gpg_createkey_legacy): New. Stub for now.
(gpg_createkey): New.
(gpg_addkey): New. Stub for now.
(gpg_adduid): New. Stub for now.
* src/engine.c (_gpgme_engine_op_genkey): Add new args.
* src/genkey.c (op_data_t): Add field ERROR_CODE.
(parse_error): New.
(genkey_status_handler): Parse ERROR status line.
(genkey_start): Use NULL/0 for the new args.
(createkey_start): New.
(gpgme_op_createkey_start, gpgme_op_createkey): New.
* src/gpgme.def, src/libgpgme.vers: Add gpgme_op_createkey_start and
gpgme_op_createkey.
* src/gpgme.h.in (_gpgme_op_genkey_result): Add fields PUBKEY and
SECKEY.
(GPGME_CREATE_SIGN): New.
(GPGME_CREATE_ENCR): New.
(GPGME_CREATE_CERT): New.
(GPGME_CREATE_AUTH): New.
(GPGME_CREATE_NOPASSWD): New.
(GPGME_CREATE_SELFSIGNED): New.
(GPGME_CREATE_NOSTORE): New.
(GPGME_CREATE_WANTPUB): New.
(GPGME_CREATE_WANTSEC): New.
(GPGME_CREATE_FORCE): New.
* tests/run-genkey.c: New.
* tests/Makefile.am (noinst_PROGRAMS): Add it.
--
This function uses the new --quick-gen-key API of gpg. A limited
compatibility mode to use older gpg versions and gpgsm will eventually
be provided. Not all flags are currently implemented.
./run-genkey --unprotected --force [email protected]
Create a new standard key with the given user id. --force is used to
allow creating more than one key with that user id in the keyring.
./run-genkey --unprotected --force \
[email protected] default default 2145826800
Creates a new standard key with an expiration date of 2037-12-31.
./run-genkey --unprotected --force \
[email protected] future-default default 2145826800
Create a standard key using the fugure default algorithms.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpeme_tofu_info): Rename FIRSTSEEN to
SIGNFIRST and LASTSEEN to SIGNLAST. Add ENCRFIST and ENCRLAST.
* src/keylist.c (parse_tfs_record): Parse to ENCRFIRST and ENCRLAST.
* src/verify.c (parse_tofu_stats): Ditto.
* tests/run-keylist.c (main): Adjust and print encrypt stats.
* tests/run-verify.c (print_result): Ditto.
* lang/cpp/src/tofuinfo.h (TofuInfo): Rename firstSeen to signFirst
and lastSeen to signLast. Add encrCount, encrFirst and encrLast.
* lang/cpp/src/tofuinfo.cpp (encrCount, encrFirst, encrLast): New.
--
The latest GnuPG commits have the needed changes but we also allow the
use of currently released GnuPG version.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_TOFU): New.
* src/engine-gpg.c (gpg_keylist_build_options): Use that.
* src/keylist.c: Include limits.h.
(parse_tfs_record): New.
(keylist_colon_handler): Support TFS record.
* tests/run-keylist.c: Include time.h.
(isotimestr): New.
(main): Add option --tofu. Print TOFU info.
* tests/run-verify.c: Include time.h.
(isotimestr): New.
(print_result): Use isotimestr for TOFU dates.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (_gpgme_tofu_info): Change 'firstseen' and 'lastseen'
to a timestamp value.
* src/verify.c (parse_tofu_stats): Do not cap these values at UINT_MAX.
--
Using an unsigned long here is okay: We will never get an error and
even on machines where unsigned long is 32 bit (e.g. Windows64) this
allows us to operate until 2106. By then Windows will be a footnote
in history or Windows128 has changed that type to something larger
than 32 bit ;-)
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_signature): Remove field 'tofu'. Add
field 'key'.
(struct _gpgme_key): Add field 'fpr'.
(struct _gpgme_user_id): Add field 'tofu'.
(struct _gpgme_tofu_info): Remove fields 'address' and 'fpr'.
* src/key.c (gpgme_key_unref): Release TOFU and FPR.
* src/keylist.c (keylist_colon_handler): Store the fingerprint of the
first subkey also in KEY.
* src/verify.c (release_tofu_info): Remove.
(release_op_data): Release KEY.
(parse_tofu_user): Rewrite for new data structure.
(parse_tofu_stats): Ditto.
(parse_tofu_stats_long): Ditto.
* tests/run-verify.c (print_result): Ditto.
* tests/run-keylist.c (main): Print more fields.
--
TOFU information are now associated with the user ID and not with a
separate object.
Note that this breaks code relying on the former non-released TOFU
feature. The C++ bindings won't work right now.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* src/mbox-util.c, src/mbox-util.h: Adjust for use in gpgme.
* src/Makefile.am (main_sources): Add mbox-util.
* src/key.c (_gpgme_key_append_name): Set 'address' field of uid.
(gpgme_key_unref): Free it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_data_set_flag): New public function.
* src/data.c (gpgme_data_set_flag): New.
(_gpgme_data_get_size_hint): New.
* src/data.h (strucy gpgme_data): Add field 'size_hint'.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/conversion.c (_gpgme_string_to_off): New.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_encrypt_flags_t): New flag
GPGME_ENCRYPT_SYMMETRIC.
* src/engine-gpg.c (gpg_encrypt): Also add --symmetric if the flag
is given.
* NEWS: Mention new flag.
* tests/run-encrypt.c (show_usage): Extend for --symmetric.
(main): Handle --symmetric.
(main): Set passphrase_cb in loopback mode.
(main): Fix encrypt call if no recipients are given.
* tests/gpg/t-encrypt-mixed.c: New.
* tests/gpg/Makefile.am (c_tests): Add new test.
* doc/gpgme.texi: Document new flag.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_subkey): Add file 'keygrip'.
* src/key.c (gpgme_key_unref): Free KEYGRIP.
* src/keylist.c (keylist_colon_handler): Parse GRP records.
* src/engine-gpg.c (gpg_keylist_build_options): Do not use
--with-fingerprint options for gpg versions >= 2.1.15.
* tests/run-keylist.c (main): Print subkeys and keygrips.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_DATA_ENCODING_MIME): New.
* src/data.c (gpgme_data_set_encoding): Adjust check.
* src/engine-gpg.c (have_gpg_version): New.
(gpg_encrypt, gpg_encrypt_sign): Pass flag '--mimemode'.
(gpg_sign): Ditto.
* lang/cpp/src/data.h (GpgME): Add MimeEncoding.
* lang/cpp/src/data.cpp (encoding, setEncoding): Support MimeEncoding.
* src/gpgme-tool.c (server_data_encoding): Add flag --mime.
--
This feature allows an application to declare that the encrypted or
signed data is a valid MIME part.
What is missing is a way to return that information to the application
after decryption/verification. This can be done by setting the
encoding of the output data object; however this requires some
internal additions to our processing model.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* src/gpgme.h.in: Mention that Address is not always in addr-spec.
--
The old comment made it look like you could always expect the
address to be parsable as a mailbox address.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_DATA_TYPE_PGP_ENCRYPTED): New.
(GPGME_DATA_TYPE_PGP_SIGNATURE): New.
* src/data-identify.c: Add enum for OpenPGP packet types.
(buf32_to_ulong): New.
(next_openpgp_packet): New. Based on the gnupg/kbx/keybox-openpgp.c
implementation and relicensed to LGPL by g10 Code.
(pgp_binary_detection): New.
(basic_detection): Call pgp_binary_detection instead of returning
unknown.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_STATUS_NOTATION_FLAGS): New.
* src/status-table.c (status_table): Add new status.
* src/verify.c (parse_notation): Handle flags. Also fix NOTATION_DATA
in case gpg would not percent-escape spaces.
(_gpgme_verify_status_handler): Handle flags.
* tests/run-verify.c (print_result): Print notaion data.
--
Note that this does only work with the soon to be released GnuPG
2.1.13.
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_data_seek_cb_t, gpgme_data_seek): Clarify that
these functions return the new offset.
(gpgme_data_release_cb_t): Fix name of parameter.
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_tofu_policy_t): New.
(gpgme_status_code_t): Add status codes for TOFU.
(struct _gpgme_tofu_info, gpgme_tofu_info_t): New.
(struct _gpgme_signature): Add field 'tofu'.
* src/status-table.c (status_table): Add new codes.
* src/verify.c: Include limits.h.
(release_tofu_info): New.
(release_op_data): Call that.
(parse_tofu_user): New.
(parse_tofu_stats): New.
(parse_tofu_stats_long): New.
(_gpgme_verify_status_handler): Handle TOFU status lines.
* tests/run-verify.c (print_description): New.
(print_result): print tofu info.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_set_ctx_flag): New prototype.
* src/gpgme.c (gpgme_set_ctx_flag): New.
* src/gpgme.def, src/libgpgme.vers: Add new function.
* src/context.h (struct gpgme_context): Add FULL_STATUS.
* src/decrypt.c (_gpgme_decrypt_status_handler): Do not call the
status callback if FULL_STATUS is set.
* src/genkey.c (genkey_status_handler): Ditto.
* src/passphrase.c (_gpgme_passphrase_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.
* src/engine-backend.h (struct engine_ops): Add SET_STATUS_CB and add
adjust all definitions of that variable.
* src/engine.c (_gpgme_engine_set_status_cb): New.
* src/op-support.c (_gpgme_op_reset): Call this function.
* src/engine-gpg.c (struct engine_gpg): Add fields MON_CB and
MON_CB_VALUE.
(gpg_set_status_cb): New.
(_gpgme_engine_ops_gpg): Register that function.
(read_status): Call the monitor callback.
* src/engine-gpgsm.c (struct engine_gpgsm): Add fields MON_CB and
MON_CB_VALUE.
(_gpgme_engine_ops_gpgsm): Register that function.
(gpgsm_assuan_simple_command): Change first arg to be an engine
context and adjust call callers. Call the monitor callback.
* src/engine-uiserver.c (struct engine_uiserver): Add fields MON_CB
and MON_CB_VALUE.
(_gpgme_engine_ops_uiserver): Register that function.
(uiserver_assuan_simple_command): Change first arg to be an engine
context and adjust call callers. Call the monitor callback.
* tests/run-verify.c (status_cb): New.
(print_result): Print algo names.
(main): Add option --status.
--
This new feature is mainly intended for bug tracking. Having access
to the raw status lines might also be useful for applications, though.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_STATUS_KEY_CONSIDERED): New.
(GPGME_SIGSUM_TOFU_CONFLICT): New.
* src/status-table.c (KEY_CONSIDERED): New.
* src/op-support.c (_gpgme_parse_inv_recp): Add argc KC_FPR and
KC_FLAGS. Use calloc. Detect all expired or revoked subkeys.
(_gpgme_parse_key_considered): New.
* src/sign.c (op_data_t): Add fields KC_FPR and KC_FLAGS.
(release_op_data): Free KC_FPR.
(_gpgme_sign_status_handler): Handle STATUS_KEY_CONSIDERED.
* src/encrypt.c (op_data_t): Add fields KC_FPR and KC_FLAGS.
(release_op_data): Free KC_FPR.
(_gpgme_encrypt_status_handler): Handle STATUS_KEY_CONSIDERED.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
| |
--
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_PK_EDDSA): New.
(gpgme_pubkey_algo_string): New.
* src/conversion.c (_gpgme_map_pk_algo): Add new algo.
* src/gpgme.c (gpgme_pubkey_algo_string): New.
(gpgme_pubkey_algo_name): Reformat.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* src/gpgme.h.in (_GPGME_INLINE): Define using GPGRT_INLINE if
possible. Fix problem with -Wundef by adding an extra "defined()".
(_GPGME_GCC_VERSION): Define using GPGRT_ macro if possible.
|
| |
|
|
|
|
|
| |
* src/gpgme.h.in (_GPGME_INLINE): Move definition into the
extern-C-scope.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* src/gpgme.h.in: Reorder prototypes. Chnage some comments.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_STATUS_FAILURE): New.
* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.
* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.
--
This requires GnuPG 2.1.8 to actually make a difference.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_EXPORT_MODE_SECRET): New.
(GPGME_EXPORT_MODE_RAW): New.
(GPGME_EXPORT_MODE_PKCS12): New.
* src/export.c (export_start, export_ext_start): Allow new flags.
* src/engine-gpg.c (export_common): Support secret key export.
* src/engine-gpgsm.c (gpgsm_export, gpgsm_export_ext): Ditto.
* src/gpgme-tool.c (cmd_export): Add options --secret, --raw,
and --pkcs12.
* tests/run-export.c (main): Likewise.
--
Note that exporting secret X.509 keys requires GnuPG 2.1.8.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in: (gpgme_status_code_t): Add INQUIRE_MAXLEN.
* src/status-table.c (status_table_s): Ditto.
* src/genkey.c (genkey_status_handler): Parse INQUIRE_MAXLEN.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ditto.
* src/sign.c (_gpgme_sign_status_handler): Ditto.
This status message informs the client of the maximum length of an
inquired line. It is sent from gpg and forwarded to the client via
gpgme_status_cb_t.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_set_status_cb): New.
(gpgme_get_status_cb): New.
(gpgme_status_cb_t): New.
* src/gpgme.c (gpgme_set_status_cb): New.
(gpgme_get_status_cb): New.
* src/context.h (status_cb): New.
(status_cb_value): New.
* src/gpgme.def: Export new symbols.
* src/libgpgme.vers: Ditto.
* doc/gpgme.texi: Document these new functions.
--
This callback function is used to forward status messages from gpg back
to the client.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* doc/gpgme.texi: Document offline mode.
* src/context.h (gpgme_context): Add offline.
* src/engine-backend.h (keylist, keylist_ext): Add engine_flags.
* src/engine.c, src/engine.h (_gpgme_engine_op_keylist): Ditto.
(_gpgme_engine_op_keylist_ext): Ditto.
* src/engine.h (GPGME_ENGINE_FLAG_OFFLINE): New.
* src/engine-gpg.c (gpg_keylist, gpg_keylist_ext): Ditto.
* src/engine-gpgsm.c (gpgsm_keylist): Handle engine_flags.
(gpgsm_keylist_ext): Ditto.
* src/gpgme.c (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.def (gpgme_set_offline, gpgme_get_offline): New.
* src/gpgme.h.in (gpgme_set_offline, gpgme_get_offline): New.
* src/libgpgme.vers (gpgme_set_offline, gpgme_get_offline): New.
* src/keylist.c (gpgme_op_keylist_start): Set offline flag.
(gpgme_op_keylist_ext_start): Ditto.
* tests/run-keylist.c (show_usage, main): Add offline argument.
--
The offline engine option was introduced with gpgsm 2.1.6
it is mainly useful for a full keylisting that includes
the certificate validation but does not depend on external
information that could take an indefinite amount of time to
collect.
Signed-off-by: Andre Heinecke <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_KEYLIST_MODE_WITH_SECRET): New.
* src/engine-gpg.c (gpg_keylist_build_options): Handle new mode.
* src/engine-gpgsm.c (gpgsm_keylist, gpgsm_keylist_ext): Ditto.
* src/keylist.c (parse_sec_field15): Add arg key and take care of
--with-secret output.
* src/gpgme-tool.c (gt_get_keylist_mode, cmd_keylist_mode): Add
"with_secret". Print card info and and secret flag for subkeys.
--
Note: This mode may only be used with GnuPG >= 2.1.
|
| |
|
|
| |
* src/status-table.c: Also add missing DECRYPTION_INFO entry.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_subkey): Add field CURVE.
* src/key.c (gpgme_key_unref): Free CURVE.
* src/keylist.c (keylist_colon_handler): Set CURVE.
* src/gpgme.c (gpgme_release): For failsafe reasons reset engine and
engine info after freeing.
--
The engine hack is useful in case the other release functions
accidently call engine release.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
algo.
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.
* src/gpgme.h.in (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.
--
This affects only the not yet released ECC code of GnuPG 2.1.
|
| |
|
|
|
|
| |
* src/gpgme.h.in (GPGME_ENCRYPT_NO_COMPRESS): New.
* src/engine-gpg.c (gpg_encrypt, gpg_encrypt_sign): Implement it.
* src/gpgme-tool.c (_cmd_sign_encrypt): Add option --no-compress.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_PROTOCOL_SPAWN): New.
(GPGME_SPAWN_DETACHED, GPGME_SPAWN_ALLOW_SET_FG): New.
* src/gpgme.c (gpgme_set_protocol): Add new protocol.
(gpgme_get_protocol_name): Ditto.
* src/spawn.c: New.
* src/libgpgme.vers, src/gpgme.def: Add new public functions.
* src/engine-spawn.c: New.
* src/Makefile.am: Add new files.
* src/engine-backend.h (struct engine_ops): Add OPSPAWN.
* src/engine.c (engine_ops): Add _gpgme_engine_ops_spawn.
(gpgme_get_engine_info): Add Spawn to the list of protocols.
(_gpgme_engine_op_spawn): New.
* src/gpgme-tool.c (gt_protocol_from_name): Add new protocol.
(gt_spawn, cmd_spawn): New.
|
| |
|
|
|
| |
* src/dirinfo.c (gpgme_get_dirinfo): New.
* tests/t-engine-info.c (main): Print results from that function.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_data_type_t): New.
(gpgme_data_identify): New prototype.
* src/data-identify.c: New.
* src/parsetlv.c, src/parsetlv.h: New. Take from gpa.
* src/libgpgme.vers, src/gpgme.def: Add gpgme_data_identify.
* src/gpgme-tool.c (status): Add STATUS_IDENTIFY_RESULT.
(gt_identify): New.
(cmd_identify): New.
(hlp_passwd): Move close to cmd_passwd.
--
It is often useful to have a way to identify the data which needs
processing. This is such a common task that it makes sense to
implement this in gpgme to avoid diverging implementations.
|
