| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* NEWS: Update.
* lang/cpp/src/decryptionresult.cpp (DecryptionResult::isDeVs): New
function.
* lang/cpp/src/decryptionresult.h (DecryptionResult::isDeVs): New
prototype.
* lang/cpp/src/verificationresult.cpp (Signature::isDeVs): New
function.
* lang/cpp/src/verificationresult.h (Signature::isDeVs): New
prototype.
* lang/python/src/results.py (DecryptResult): Turn field 'is_de_vs'
into a boolean.
(Signature): Likewise.
* src/decrypt.c (_gpgme_decrypt_status_handler): Handle the new
compliance status line.
* src/verify.c (_gpgme_verify_status_handler): Likewise.
* src/gpgme.h.in (gpgme_status_code_t): Add new status codes for the
new status lines.
* src/keylist.c (parse_pub_field18): Move function to 'util.h'.
(keylist_colon_handler): Adapt callsites.
* src/status-table.c (status_table): Add new status lines.
* src/util.h (PARSE_COMPLIANCE_FLAGS): New macro. This used to be
'parse_pub_field18', but turned into a macro to make it polymorphic.
--
When decrypting data and verifying signatures, report whether the
operations are in compliance with the criteria for data classified as
VS-NfD. This information can the be presented to the user.
GnuPG-bug-id: 3059
Signed-off-by: Justus Winter <[email protected]>
|
| |
|
|
|
|
|
| |
* src/verify.c (parse_tofu_user): For cleanness use gpg_error ...
(_gpgme_verify_status_handler): ... and gpg_err_code.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/verify.c (op_data_t): Add conflict_user_seen.
(parse_tofu_user): Return ERR_DUP_VALUE for mutltiple TOFU_USERS.
(_gpgme_verify_status_handler): Handle ERR_DUP_VALUE from
parse_tofu_user to ignore the next TOFU_STATS.
--
This fixes TOFU Conflict verification with GnuPG-2.1.17 and 2.1.18
GnuPG-Bug-Id: 2914
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/context.h (struct gpgme_context): Add field 'sender'.
* src/gpgme.c: Include mbox-util.h.
(gpgme_release): Free SENDER.
(gpgme_set_sender): New.
(gpgme_get_sender): New.
* src/gpgme.def, src/libgpgme.vers: Add new functions.
* src/engine-gpg.c (append_args_from_sender): New.
(gpg_encrypt_sign, gpg_sign): Call append_args_from_sender.
(gpg_verify): Add arg CTX. Call append_args_from_sender/
* src/engine-gpgsm.c (gpgsm_verify): Add dummy arg CTX.
* src/engine-uiserver.c (uiserver_verify): Ditto.
* src/engine.c (_gpgme_engine_op_verify): Add arg CTX.
* src/verify.c (verify_start): Pass CTX to engine function.
* tests/gpg/t-verify.c (main): Add some checks for new functions.
* tests/run-sign.c (main): Add option --sender.
* tests/run-verify.c (main): Ditto.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* src/verify.c (parse_new_sig): Proberly handle the RC in an ERRSIG
status.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
| |
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpeme_tofu_info): Rename FIRSTSEEN to
SIGNFIRST and LASTSEEN to SIGNLAST. Add ENCRFIST and ENCRLAST.
* src/keylist.c (parse_tfs_record): Parse to ENCRFIRST and ENCRLAST.
* src/verify.c (parse_tofu_stats): Ditto.
* tests/run-keylist.c (main): Adjust and print encrypt stats.
* tests/run-verify.c (print_result): Ditto.
* lang/cpp/src/tofuinfo.h (TofuInfo): Rename firstSeen to signFirst
and lastSeen to signLast. Add encrCount, encrFirst and encrLast.
* lang/cpp/src/tofuinfo.cpp (encrCount, encrFirst, encrLast): New.
--
The latest GnuPG commits have the needed changes but we also allow the
use of currently released GnuPG version.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (_gpgme_tofu_info): Change 'firstseen' and 'lastseen'
to a timestamp value.
* src/verify.c (parse_tofu_stats): Do not cap these values at UINT_MAX.
--
Using an unsigned long here is okay: We will never get an error and
even on machines where unsigned long is 32 bit (e.g. Windows64) this
allows us to operate until 2106. By then Windows will be a footnote
in history or Windows128 has changed that type to something larger
than 32 bit ;-)
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
| |
* src/verify.c (parse_tofu_stats): Set ENCRCOUNT field.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
| |
* src/verify.c (parse_tofu_user): Add arg 'protocol' and store it in
the KEY.
(_gpgme_verify_status_handler): Pass protocol.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (struct _gpgme_signature): Remove field 'tofu'. Add
field 'key'.
(struct _gpgme_key): Add field 'fpr'.
(struct _gpgme_user_id): Add field 'tofu'.
(struct _gpgme_tofu_info): Remove fields 'address' and 'fpr'.
* src/key.c (gpgme_key_unref): Release TOFU and FPR.
* src/keylist.c (keylist_colon_handler): Store the fingerprint of the
first subkey also in KEY.
* src/verify.c (release_tofu_info): Remove.
(release_op_data): Release KEY.
(parse_tofu_user): Rewrite for new data structure.
(parse_tofu_stats): Ditto.
(parse_tofu_stats_long): Ditto.
* tests/run-verify.c (print_result): Ditto.
* tests/run-keylist.c (main): Print more fields.
--
TOFU information are now associated with the user ID and not with a
separate object.
Note that this breaks code relying on the former non-released TOFU
feature. The C++ bindings won't work right now.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_STATUS_NOTATION_FLAGS): New.
* src/status-table.c (status_table): Add new status.
* src/verify.c (parse_notation): Handle flags. Also fix NOTATION_DATA
in case gpg would not percent-escape spaces.
(_gpgme_verify_status_handler): Handle flags.
* tests/run-verify.c (print_result): Print notaion data.
--
Note that this does only work with the soon to be released GnuPG
2.1.13.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (gpgme_tofu_policy_t): New.
(gpgme_status_code_t): Add status codes for TOFU.
(struct _gpgme_tofu_info, gpgme_tofu_info_t): New.
(struct _gpgme_signature): Add field 'tofu'.
* src/status-table.c (status_table): Add new codes.
* src/verify.c: Include limits.h.
(release_tofu_info): New.
(release_op_data): Call that.
(parse_tofu_user): New.
(parse_tofu_stats): New.
(parse_tofu_stats_long): New.
(_gpgme_verify_status_handler): Handle TOFU status lines.
* tests/run-verify.c (print_description): New.
(print_result): print tofu info.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/verify.c (verify_start): Do not return GPG_ERR_INV_VALUES when
when SIGNED_TEXT is not given.
--
The original idea behind this restriction probably was that it is
useless to verify a non-detached signatures without also returning the
signed text. However, it is sometimes useful to just check the
signature, for example to see who signed it.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (GPGME_STATUS_FAILURE): New.
* src/status-table.c (FAILURE): New.
* src/op-support.c (_gpgme_parse_failure): New.
* src/passphrase.c (_gpgme_passphrase_status_handler): Forward FAILURE
status line to the status callback.
* src/decrypt.c (op_data_t): Add field failure_code.
(_gpgme_decrypt_status_handler): Parse that code and act upon it on EOF.
* src/encrypt.c (op_data_t): Add field failure_code.
(_gpgme_encrypt_status_handler): Parse that code and act upon it on EOF.
* src/genkey.c (op_data_t): Add field failure_code.
(genkey_status_handler): Parse that code and act upon it on EOF.
* src/passwd.c (op_data_t): Add field failure_code.
(passwd_status_handler): Parse that code and act upon it on EOF.
* src/sign.c (op_data_t): Add field failure_code.
(_gpgme_sign_status_handler): Parse that code and act upon it on EOF.
* src/verify.c (op_data_t): Add field failure_code.
(_gpgme_verify_status_handler): Parse that code and act upon it on EOF.
--
This requires GnuPG 2.1.8 to actually make a difference.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
* src/verify.c (calc_sig_summary): Handle GPG_ERR_CERT_REVOKED.
--
parse_new_sig() handles a revoked key by setting sig->status to
GPG_ERR_CERT_REVOKED, but then later calc_sig_summary() expects that
code in sig->validity_reason.
Additional comments added by wk.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/conversion.c (_gpgme_map_pk_algo): New.
* src/decrypt.c (parse_enc_to): Add arg PROTOCOL and map pubkey algo.
(_gpgme_decrypt_status_handler): Map pubkey algo.
* src/keylist.c (keylist_colon_handler): Map pubkey algo.
* src/sign.c (parse_sig_created): Add arg PROTOCOL and map pubkey
algo.
* src/verify.c (parse_new_sig): Ditto.
(parse_valid_sig): Ditto.
* src/gpgme.h.in (GPGME_PK_ECC): New.
(GPGME_MD_SHA224): New.
* src/gpgme.c (gpgme_pubkey_algo_name): Add GPGME_PK_ECC case.
(gpgme_hash_algo_name): Add GPGME_MD_SHA224.
--
This affects only the not yet released ECC code of GnuPG 2.1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/debug.h: Include "gpgme.h"
(_gpgme_trace_gpgme_error): New.
(trace_gpg_error): New macro. Use it in all files where we return
GPG_ERR_INV_ENGINE; also "include debug.h" as needed.
--
This is a pretty common error code but often it is hard to figure out
the actual cause. With debug level 4 we now print the file name and
line number where this error code is generated by gpgme. Along with
the git revision printed in the first log lines, this should give us
an easier way to track down the problems related to this error code.
|
| |
|
|
|
|
|
|
| |
* src/verify.c (gpgme_op_verify_result): Update summary field.
--
This is actually a hack to solve the problem that GPGME currently does
not emit ERRSIG for a missing public key.
|
| |
|
|
| |
--
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* configure.ac: Require libgpg-error 1.8.
src/
2010-05-06 Marcus Brinkmann <[email protected]>
* sign.c, data-user.c, conversion.c, debug.c, verify.c, data.c,
decrypt.c, delete.c, assuan-support.c, import.c, engine-gpgsm.c,
data-mem.c, op-support.c, w32-io.c, w32-util.c, data-compat.c: Use
gpg_error_from_syserror instead gpg_error_from_errno, and use
gpg_err_set_errno to set error number.
* setenv.c: Include <gpg-error.h> and define __set_errno to use
gpg_err_set_errno.
* gpgme-tool.c (ARGP_ERR_UNKNOWN): Define to EDEADLOCK (which is
mapped in Windows CE) instead of E2BIG (which is not).
(gt_import_keys): Initialize err.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* decrypt.c (gpgme_op_decrypt_start): Fix use of debug macro.
* decrypt-verify.c (gpgme_op_decrypt_verify_start): Likewise.
* delete.c (gpgme_op_delete_start): Likewise.
* edit.c (gpgme_op_edit_start, gpgme_op_card_edit_start):
Likewise.
* encrypt.c (gpgme_op_encrypt_start): Likewise.
* encrypt-sign.c (gpgme_op_encrypt_sign_start): Likewise.
* export.c (gpgme_op_export_start, gpgme_op_export_ext_start)
(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
* genkey.c (gpgme_op_genkey_start): Likewise.
* getauditlog.c (gpgme_op_getauditlog_start): Likewise.
* import.c (gpgme_op_import_start, gpgme_op_import_keys_start):
Likewise.
* opassuan.c (gpgme_op_assuan_transact_start): Likewise.
* sign.c (gpgme_op_sign_start): Likewise.
* verify.c (gpgme_op_verify_start): Likewise.
* vfs-create.c (gpgme_op_vfs_create): Likewise.
* vfs-mount.c (gpgme_op_vfs_mount): Likewise.
|
| |
|
|
|
| |
Comment clarification.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* edit.c (gpgme_op_edit_start, gpgme_op_edit)
(gpgme_op_card_edit_start, gpgme_op_card_edit): Add debug output.
* encrypt-sign.c (gpgme_op_encrypt_sign_start)
(gpgme_op_encrypt_sign): Likewise.
* encrypt.c (gpgme_op_encrypt_start, gpgme_op_encrypt)
(gpgme_op_encrypt_result): Likewise.
* export.c (gpgme_op_export_start, gpgme_op_export)
(gpgme_op_export_ext_start, gpgme_op_export_ext)
(gpgme_op_export_keys_start, gpgme_op_export_keys): Likewise.
* genkey.c (gpgme_op_genkey_start, gpgme_op_genkey)
(gpgme_op_genkey_result): Likewise.
* getauditlog.c (gpgme_op_getauditlog_start)
(gpgme_op_getauditlog): Likewise.
* import.c (gpgme_op_import_result, gpgme_op_import_start)
(gpgme_op_import): Likewise.
* keylist.c (gpgme_op_keylist_result, keylist_colon_handler)
(gpgme_op_keylist_start, gpgme_op_keylist_ext_start)
(gpgme_op_keylist_next, gpgme_op_keylist_end, gpgme_get_key): Likewise.
* opassuan.c (gpgme_op_assuan_transact_start)
(gpgme_op_assuan_transact_ext, gpgme_op_assuan_result)
(gpgme_op_assuan_transact): Likewise.
* signers.c (gpgme_signers_add, gpgme_signers_clear): Likewise.
* trustlist.c (gpgme_op_trustlist_start)
(gpgme_op_trustlist_next, gpgme_op_trustlist_end): Likewise.
* verify.c (gpgme_op_verify_start, gpgme_op_verify)
(gpgme_op_verify_result): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* debug.h (DEBUG_GLOBAL): New debug level.
* conversion.c (gnupg_errors, _gpgme_map_gnupg_error): Removed.
* data-user.c (gpgme_data_new_from_cbs): Add debug output.
* data-fd.c (gpgme_data_new_from_fd): Likewise.
* data-stream.c (gpgme_data_new_from_stream): Likewise.
* decrypt.c (gpgme_op_decrypt_result, gpgme_op_decrypt_start)
(gpgme_op_decrypt): Likewise.
* delete.c (gpgme_op_delete_start, gpgme_op_delete): Likewise.
* decrypt-verify.c (gpgme_op_decrypt_verify_start)
(gpgme_op_decrypt_verify): Likewise.
* sign.c (gpgme_op_sign_result): Fix debug message.
* data-mem.c (gpgme_data_new): Improve debug output.
* verify.c (parse_trust): Use atoi instead of
_gpgme_map_gnupg_error.
* decrypt.c (_gpgme_decrypt_status_handler): Likewise.
|
|
|
* configure.ac: Replace gpgme paths with src.
* gpgme: Move to ...
* src: ... this new directory.
assuan/
2008-11-03 Marcus Brinkmann <[email protected]>
* Makefile.am (INCLUDES): Replace gpgme path with src.
tests/
2008-11-03 Marcus Brinkmann <[email protected]>
* gpgsm/Makefile.am (INCLUDES, LDADD): Replace gpgme path with src.
* gpg/Makefile.am (INCLUDES, LDADD, t_thread1_LDADD): Likewise.
* Makefile.am (LDADD): Likewise.
|
