| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Adapted from prior submissions by Tobias Mueller and Jacob Adams.
* key_import function added to gpg.core.Context().
* Two example scripts added to to examples/howto: import-key-file.py
imports keys from a local file and import-keys.py accesses the SKS
keyserver pool using the requests module to search for keys
(includes check for key IDs which may not include the leading 0x).
* Added documentation demonstrating the use of the key_import()
function with a large number of keys matching one domain (eff.org;
the example shows how EFF staff are following their own advice
issued last month).
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/decrypt.c (op_data_t): Add field first_status_error.
(parse_status_error): Set it.
(_gpgme_decrypt_status_handler): Prefer an ERROR code over a
NO_SECKEY.
--
GnuPG-bug-id: 3983
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/cJSON.c: Use gpgrt fucntion only if available.
--
We have a hack in gpgme-json to allow building with older libgpg-error
versions. That whole thing will not work but the instead the binary
will print an error at runtime that it needs to be build with a newer
libgcrypt. There was a little bug here for the Debian packages
libgpg-error versions which failed to build cJSON. cJSON is only
needed be the full gpgme-json but nevertheless the Makefile wants to
build it. The fix is straightforward.
GnuPG-bug-id: 3971
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* Another attempt at fixing the org-mode version.
* A proof reader ascertained there were tabs in it instead of whitespace.
* Stripped the lot out and replaced with standard 4 spaces, fixed
every incorrect example ... and it still breaks upon save and/or export.
* Added the reference to the mutt-groups.py script to demonstrate the
groups.py module/code.
|
| |
|
|
|
| |
* Added mine to the GPGME AUTHORS file. Mainly so I'm doing what I
say myself when about to request another from someone ... ;)
|
| |
|
|
|
|
| |
* NEWS: Mention API extensions.
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::setFlag, Context::getFlag): New.
|
| |
|
|
|
|
|
| |
* lang/cpp/src/decryptionresult.cpp, lang/cpp/src/decryptionresult.h
(DecryptionResult::isLegacyCipherNoMDC): New.
--
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/context.h (gpgme_context): Add field ignore_mdc_error.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Set/get it.
* src/engine-gpg.c (engine_gpg): Add flags.ignore_mdc_error.
(gpg_set_engine_flags): Set it.
(build_argv): Pass option to gpg.
* src/decrypt.c (_gpgme_decrypt_status_handler): Take care of flag.
(gpgme_op_decrypt_result): Clear flag.
(gpgme_op_decrypt): Clear flag.
* src/decrypt-verify.c (gpgme_op_decrypt_verify): Clear flag
(gpgme_op_decrypt_ext): Clear flag.
* tests/run-decrypt.c (show_usage): Add option --ignore-mdc-error.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* src/gpgme.h.in (_gpgme_op_decrypt_result): Add flag
legacy_cipher_nomdc.
* src/decrypt.c (parse_status_error): Set this flag.
* tests/run-decrypt.c (print_result): print it.
(main): Print the result even on error.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/engine-gpg.c (read_status): Remove the handling of
GPGME_STATUS_END_STREAM; this was used only by the former experimental
--pipemode of gpg but that is not even anymore invoked here.
(struct engine_gpg): Remove cmd.linked_data and .linked_idx.
(build_argv): Remove code for linked_data.
(gpg_new): Ditto.
(gpg_set_command_handler): Remove arr linked_data.
* src/engine-backend.h (engine_ops): Remove arg data from
set_command_handler.
* src/engine.c (_gpgme_engine_set_command_handler): Remove arg
linked_data and adjust all callers.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
| |
* src/engine-gpg.c: Remove errno.h.
(build_argv): Use gpg_error_from_syserror instead of ERRNO.
* src/engine-gpgsm.c: Remove errno.h.
(status_handler): Remove check for EINTR; gpgme_data_write already
handles EINTR.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
| |
* lang/cpp/src/data.h, lang/cpp/src/data.cpp (Data::rewind): New.
* lang/qt/tests/t-various.cpp (testDataRewind): Test it.
--
The advantage of this convieniance function in GPGME is that
it avoids the messiness that are declarations with off_t.
GnuPG-Bug-Id: T3996
|
| |
|
|
|
|
| |
* src/gpgme-json.c (op_version): Mark request as unused.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (op_export, op_delete): Return GPG_ERR_FORBIDDEN if
"secret" is used.
--
This should not be possible from a browser and we need to make this
fully clear. Actually gpg-agent won't allow that anyway but having
this explicitly is better.
If that is ever needed a dedicated command line option may enable
this, for example when used by regular programs and not by the browser.
But that requires other changes as well.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (create_onetime_context): New.
(release_onetime_context): New.
(op_sign): Use the new fucntions to create a separate context.
(op_encrypt): Use a separate context for key listings.
(create_keylist_patterns): Remove unneeded cast.
--
get_context retruns a static per-process context and can thus not be
used as a separate context. Use dedicated fucntions for this.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (op_encrypt): Add optional signing_keys param.
(get_keys, create_keylist_patterns): Add param for json object name.
--
If the optional parameter signing_keys is provided to encrypt
it becomes an encrypt-sign operation.
|
| |
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (op_delete): New.
(hlp_help, process_request): Add it.
--
As with import / export delete also does not work for
the browser origin.
|
| |
|
|
|
|
|
|
| |
* src/gpgme-json.c (op_export): New.
(hlp_getmore, process_request): Add it.
--
Secret key export does not work with request-origin browser.
|
| |
|
|
| |
* src/gpgme-json.c (op_keylist): Only get one ctx.
|
| |
|
|
|
| |
* src/gpgme-json.c (create_keylist_patterns): Guard against
a string ending with a linbreak.
|
| |
|
|
|
|
| |
* src/gpgme-json.c (op_import): New.
(import_status_to_json, import_result_to_json): New.
(hlp_help, process_request): Add import.
|
| |
|
|
| |
* src/gpgme-json.c (hlp_keylist): Clarify doc about keys parameter.
|
| |
|
|
|
|
| |
* src/gpgme-json.c (xfree_array): New helper.
(create_keylist_patterns): Convert keystring to gpgme patterns.
(op_sign, op_keylist): Use it.
|
| |
|
|
| |
* src/gpgme-json.c (hlp_help): Add additional commands.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (add_summary_to_object): Changed to:
sigsum_to_json.
(add_signature_to_object): Changed to signature_to_json.
(add_signatures_to_object): Changed to verify_result_to_json.
(add_ei_to_object): Changed to engine_info_to_json.
(op_decrypt, op_verify, op_version): Use new functions.
--
This pattern of gpgme_type to json object conversion
is much cleaner then the error returning "add to object"
functions.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (xjson_AddStringToObject0)
(xjson_AddItemToObject): New helpers.
(sig_notation_to_json, key_sig_to_json, tofu_to_json)
(uid_to_json, subkey_to_json, key_to_json): New
GPGME to JSON functions.
(op_keylist): New.
(process_request): Add op_keylist.
--
The conversion from GPGME data structures to
JSON follow the same pattern for the keylist
functions using the xjson wrappers instead
of error checking every cJSON call.
For large keylists the keylist command also
needs a data / getmore handling somehow.
|
| |
|
|
|
|
|
|
|
| |
* gpgme-json.c (get_string_data): New.
(op_verify, op_sign, op_decrypt, op_encrypt): Use it.
--
This handles the common base64 decoding and creation of the
gpgme_data object.
|
| |
|
|
|
|
|
| |
* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
gpg.conf, including those entries for multiple keys (Mutt handles
that differently).
|
| |
|
|
|
|
|
| |
* Fixed the groups.py script so it really does what is described (the
old code had the same result for groups, group_lines and
group_lists).
* Updated the corresponding example in the doc to match.
|
| |
|
|
|
|
| |
* Fixed org-mode python source indenting.
** Note: nested indented blocks do not indent correctly when exported
to [X]HTML.
|
| |
|
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (gpg_error_object): New.
(error_object_v): Extend to take error.
--
Having the error code is helpful, especially as
the strerrors are localized. E.g. to detect
an ERROR_CANCELED.
|
| |
|
|
|
|
| |
* src/gpgme-json.c (op_version): New.
(process_request): Extend for version.
(protocol_to_string, add_ei_to_object): New helpers.
|
| |
|
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (op_verify): New.
(hlp_help): Add verify.
(process_request): Add verify.
--
Mostly works, except for detached, base64 encoded signatures,
they are somehow not yet written to gpgme.
|
| |
|
|
|
|
|
|
| |
* src/gpgme-json.c (op_decrypt): Move info before data.
--
This should enable it to first parse signatures before
handling very large chunks of data.
|
| |
|
|
| |
* src/gpgme-json.c (hlp_help): Add sign.
|
| |
|
|
| |
* src/gpgme-json.c (op_sign): New.
|
| |
|
|
|
|
|
|
|
| |
* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.
--
That is what happens if you edit code while reviewing changes,
without testing it again,..
|
| |
|
|
|
|
|
|
|
| |
* gpgme-json.c (xJSON_CreateArray),
(add_summary_to_object, validity_to_string): New helpers.
(add_signature_to_object, add_signatures_to_object)
(add_signatures_object): New.
(op_decrypt): Handle verify_result.
(hlp_help): Mention decrypt.
|
| |
|
|
| |
* src/gpgme-json.c: Minor typo fixes.
|
| |
|
|
|
|
|
|
| |
* Updated the decryption example code in the HOWTO and the
corresponding decrypt-file.py script to gracefully handle a
decryption failure. This error will always be triggered when GPGME
is used to try to decrypt an old, MDC-less encrypted message or
file.
|
| |
|
|
|
| |
* lang/cpp/decryptionresult.cpp, lang/cpp/decryptionresult.h
(DecryptionResult::symkeyAlgo, DecryptionResult::sessionKey): New.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/w32-util.c (_gpgme_get_gpg_path): Use new defines.
(GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x
(GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x
(_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback.
--
This should fix more "unsupported protocol" issues if Gpg4win /
GnuPG is installed in a non standard path on 64bit systems.
The regkey handling is similar to that of gpgex and gpgol.
GnuPG-Bug-Id: T3988
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this. Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--
This extra check makes sure that a missing or stripped MDC in
- gpg < 2.1
- or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure. gpg 2.3 will always fail in this
case. Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.
Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered. If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.
GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* src/gpgme-json.c (make_data_object): Switch to Base64 also for UTF-8
characters.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
| |
* src/engine-gpgsm.c (status_handler): Call the status monitor also
here.
Signed-off-by: Werner Koch <[email protected]>
|
| |
|
|
|
|
|
|
|
| |
* Changed the expiration date for the generated test key to NYE this
century, rather than the NYE this millennium as originally suggested
in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
healthy millennials) as well as the 32-bit clock end date in 2038;
without falling foul of OpenPGP's 2106 expiration.
|
| |
|
|
|
|
|
| |
* lang/qt/Makefile.am: Respect --disable-gpg-test
--
This is similar to the core switch to disable the tests.
|
| |
|
|
|
|
|
|
|
|
|
| |
* src/qgpgmenewcryptoconfig.cpp (QGpgMENewCryptoConfigEntry::urlValue):
Build url from local file.
(QGpgMENewCryptoConfigEntry::setURLValue): Set native seperated
path.
--
This fixes setting files through cryptoconfig on Windows.
GnuPG-Bug-Id: T3939
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* src/op-support.c (_gpgme_parse_failure): Ignore gpg-exit failures
before modifying args.
--
For op_decrypt_verify the status handler for both decrypt and
verify would parse the failure when the first parser ignored
the failure. This resulted in an ERR_INV_ENGINE as the first
call to parse_failure modified the args.
GnuPG-Bug-Id: T3919
|
| |
|
|
| |
--
|
