aboutsummaryrefslogtreecommitdiffstats
path: root/src (unfollow)
Commit message (Collapse)AuthorFilesLines
2018-06-08json: Return fingerprint as createkey resultAndre Heinecke1-2/+10
* src/gpgme-json.c (op_createkey): Return fingerprint of new key.
2018-06-08json: Add op_createkeyAndre Heinecke1-0/+86
* src/gpgme-json.c (hlp_createkey, op_createkey): New. (process_request, hlp_help): Add it. -- This uses an unrestricted context for now until GnuPG-Bug-Id: T4010 is implemented in GnuPG.
2018-06-08json: Generalize chunking and getmoreAndre Heinecke1-125/+141
* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): Lower value to new real minimum. (DEF_REPLY_CHUNK_SIZE): Don't chunk by default. (pending_data): Remove type and base64. (make_data_object): Remove chunksize handling as this is now generic. (encode_and_chunk): Setup the pending_data buffer for chunking if required. (op_getmore): Changed to generically work on a response. (hlp_getmore): Update accordingly. (hlp_help): Document chunksize as generic parameter for all commands. (process_request): Use encode_and_chunk on the response. (hlp_encrypt, op_encrypt, hlp_decrypt, op_decrypt), (hlp_verify, op_verify, hlp_sign, op_sign), (op_keylist, hlp_keylist, hlp_export, op_export): Update accordingly. -- To include handling for json properties e.g. in a keylist in the chunk mechanism the mechanism is now more general. If the chunksize property is provided the response will always look exactly like a "getmore" response. E.g. e.g.: { "op": "keylist", "chunksize": 64 } Results in: { "more": true, "base64": true, "response": "ewoJImtleXMiOglbewoJCQkicmV2b2tlZCI6" } For simplicity this is even true if the chunksize is larger then the response. The client has to combine all "response" chunks and base64 decode them to get valid json. The complete response (including json) is never larger then the chunksize but might be smaller. Except for interactive use due to additional format characters.
2018-06-07json: Rework verify_result_to_jsonAndre Heinecke1-39/+159
* src/gpgme-json.c (sigsum_to_json): Add bool repr. (signature_to_json, verify_result_to_json): Extend and follow better pattern. (hlp_decrypt, hlp_verify): Expand doc. -- This should make it more clear which values are mapped as the naming is more direct and clear and help to use the gpgme documentation to understand the verify_result values.
2018-06-07json: Add direct way to query a config optionAndre Heinecke1-12/+109
* src/gpgme-json.c (op_config_opt, hlp_config_opt): New operation. (process_request, hlp_help): Add it. -- This is more conveniant API for most query operations where a single option is required. An example would be: { "op": "config_opt", "component": "gpg", "option": "default-key" } Which results in: { "option": { "name": "default-key", "description": "use NAME as default secret key", "argname": "NAME", "flags": 0, "level": 0, "type": 1, "alt_type": 1, "value": [{ "string": "F462B6B1", "is_none": false }] } }
2018-06-07json: Add op_config to query gpgconfAndre Heinecke1-1/+207
* src/gpgme-json.c (op_config, hlp_config): New. (hlp_help, process_request): Add config. (conf_arg_to_json, conf_opt_to_json, conf_comp_to_json): New helpers.
2018-06-06core: Return a better error code on certain decryption failures.Werner Koch1-12/+47
* src/decrypt.c (op_data_t): Add field first_status_error. (parse_status_error): Set it. (_gpgme_decrypt_status_handler): Prefer an ERROR code over a NO_SECKEY. -- GnuPG-bug-id: 3983 Signed-off-by: Werner Koch <[email protected]>
2018-06-05json: Allow to compile with libgpg-error < 1.28Werner Koch1-2/+2
* src/cJSON.c: Use gpgrt fucntion only if available. -- We have a hack in gpgme-json to allow building with older libgpg-error versions. That whole thing will not work but the instead the binary will print an error at runtime that it needs to be build with a newer libgcrypt. There was a little bug here for the Debian packages libgpg-error versions which failed to build cJSON. cJSON is only needed be the full gpgme-json but nevertheless the Makefile wants to build it. The fix is straightforward. GnuPG-bug-id: 3971 Signed-off-by: Werner Koch <[email protected]>
2018-05-31core: New context flag "ignore-mdc-error".Werner Koch5-2/+35
* src/context.h (gpgme_context): Add field ignore_mdc_error. * src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Set/get it. * src/engine-gpg.c (engine_gpg): Add flags.ignore_mdc_error. (gpg_set_engine_flags): Set it. (build_argv): Pass option to gpg. * src/decrypt.c (_gpgme_decrypt_status_handler): Take care of flag. (gpgme_op_decrypt_result): Clear flag. (gpgme_op_decrypt): Clear flag. * src/decrypt-verify.c (gpgme_op_decrypt_verify): Clear flag (gpgme_op_decrypt_ext): Clear flag. * tests/run-decrypt.c (show_usage): Add option --ignore-mdc-error. Signed-off-by: Werner Koch <[email protected]>
2018-05-31core: New decryption result flag 'legacy_cipher_nomdc'.Werner Koch2-2/+11
* src/gpgme.h.in (_gpgme_op_decrypt_result): Add flag legacy_cipher_nomdc. * src/decrypt.c (parse_status_error): Set this flag. * tests/run-decrypt.c (print_result): print it. (main): Print the result even on error. Signed-off-by: Werner Koch <[email protected]>
2018-05-31core: Remove cruft from the engine-gpg code.Werner Koch13-78/+23
* src/engine-gpg.c (read_status): Remove the handling of GPGME_STATUS_END_STREAM; this was used only by the former experimental --pipemode of gpg but that is not even anymore invoked here. (struct engine_gpg): Remove cmd.linked_data and .linked_idx. (build_argv): Remove code for linked_data. (gpg_new): Ditto. (gpg_set_command_handler): Remove arr linked_data. * src/engine-backend.h (engine_ops): Remove arg data from set_command_handler. * src/engine.c (_gpgme_engine_set_command_handler): Remove arg linked_data and adjust all callers. Signed-off-by: Werner Koch <[email protected]>
2018-05-31core: Minor cleanup in engine-gpg and -gpgsm.Werner Koch2-6/+3
* src/engine-gpg.c: Remove errno.h. (build_argv): Use gpg_error_from_syserror instead of ERRNO. * src/engine-gpgsm.c: Remove errno.h. (status_handler): Remove check for EINTR; gpgme_data_write already handles EINTR. Signed-off-by: Werner Koch <[email protected]>
2018-05-28json: Fix compiler warning.Werner Koch1-0/+4
* src/gpgme-json.c (op_version): Mark request as unused. Signed-off-by: Werner Koch <[email protected]>
2018-05-28json: Do not allow to export or delete secret keys.Werner Koch1-7/+11
* src/gpgme-json.c (op_export, op_delete): Return GPG_ERR_FORBIDDEN if "secret" is used. -- This should not be possible from a browser and we need to make this fully clear. Actually gpg-agent won't allow that anyway but having this explicitly is better. If that is ever needed a dedicated command line option may enable this, for example when used by regular programs and not by the browser. But that requires other changes as well. Signed-off-by: Werner Koch <[email protected]>
2018-05-28json: Fix use of get_context.Werner Koch1-11/+48
* src/gpgme-json.c (create_onetime_context): New. (release_onetime_context): New. (op_sign): Use the new fucntions to create a separate context. (op_encrypt): Use a separate context for key listings. (create_keylist_patterns): Remove unneeded cast. -- get_context retruns a static per-process context and can thus not be used as a separate context. Use dedicated fucntions for this. Signed-off-by: Werner Koch <[email protected]>
2018-05-25json: Implement encrypt-signAndre Heinecke1-14/+60
* src/gpgme-json.c (op_encrypt): Add optional signing_keys param. (get_keys, create_keylist_patterns): Add param for json object name. -- If the optional parameter signing_keys is provided to encrypt it becomes an encrypt-sign operation.
2018-05-25json: Implement delete commandAndre Heinecke1-0/+72
* src/gpgme-json.c (op_delete): New. (hlp_help, process_request): Add it. -- As with import / export delete also does not work for the browser origin.
2018-05-25json: Implement op_exportAndre Heinecke1-1/+111
* src/gpgme-json.c (op_export): New. (hlp_getmore, process_request): Add it. -- Secret key export does not work with request-origin browser.
2018-05-25json: Fix double ctx allocAndre Heinecke1-3/+0
* src/gpgme-json.c (op_keylist): Only get one ctx.
2018-05-25json: Add guard in create_keylist_patternsAndre Heinecke1-1/+1
* src/gpgme-json.c (create_keylist_patterns): Guard against a string ending with a linbreak.
2018-05-25json: Implement import operationAndre Heinecke1-1/+126
* src/gpgme-json.c (op_import): New. (import_status_to_json, import_result_to_json): New. (hlp_help, process_request): Add import.
2018-05-25json: Improve keylist helpAndre Heinecke1-2/+3
* src/gpgme-json.c (hlp_keylist): Clarify doc about keys parameter.
2018-05-25json: Fix keylist pattern handlingAndre Heinecke1-20/+64
* src/gpgme-json.c (xfree_array): New helper. (create_keylist_patterns): Convert keystring to gpgme patterns. (op_sign, op_keylist): Use it.
2018-05-25json: Add additional commands to helpAndre Heinecke1-0/+3
* src/gpgme-json.c (hlp_help): Add additional commands.
2018-05-25json: Refactor signature and ei codeAndre Heinecke1-162/+81
* src/gpgme-json.c (add_summary_to_object): Changed to: sigsum_to_json. (add_signature_to_object): Changed to signature_to_json. (add_signatures_to_object): Changed to verify_result_to_json. (add_ei_to_object): Changed to engine_info_to_json. (op_decrypt, op_verify, op_version): Use new functions. -- This pattern of gpgme_type to json object conversion is much cleaner then the error returning "add to object" functions.
2018-05-25json: Implement keylistAndre Heinecke1-18/+486
* src/gpgme-json.c (xjson_AddStringToObject0) (xjson_AddItemToObject): New helpers. (sig_notation_to_json, key_sig_to_json, tofu_to_json) (uid_to_json, subkey_to_json, key_to_json): New GPGME to JSON functions. (op_keylist): New. (process_request): Add op_keylist. -- The conversion from GPGME data structures to JSON follow the same pattern for the keylist functions using the xjson wrappers instead of error checking every cJSON call. For large keylists the keylist command also needs a data / getmore handling somehow.
2018-05-25json: Deduplicate input handling codeAndre Heinecke1-184/+62
* gpgme-json.c (get_string_data): New. (op_verify, op_sign, op_decrypt, op_encrypt): Use it. -- This handles the common base64 decoding and creation of the gpgme_data object.
2018-05-24json: Add code to gpg_error based messagesAndre Heinecke1-50/+104
* src/gpgme-json.c (gpg_error_object): New. (error_object_v): Extend to take error. -- Having the error code is helpful, especially as the strerrors are localized. E.g. to detect an ERROR_CANCELED.
2018-05-24json: Implement op_versionAndre Heinecke1-0/+86
* src/gpgme-json.c (op_version): New. (process_request): Extend for version. (protocol_to_string, add_ei_to_object): New helpers.
2018-05-24json: Implement op_verifyAndre Heinecke1-1/+158
* src/gpgme-json.c (op_verify): New. (hlp_help): Add verify. (process_request): Add verify. -- Mostly works, except for detached, base64 encoded signatures, they are somehow not yet written to gpgme.
2018-05-24json: Put signature info before data outputAndre Heinecke1-9/+9
* src/gpgme-json.c (op_decrypt): Move info before data. -- This should enable it to first parse signatures before handling very large chunks of data.
2018-05-24json: Add sign to helpAndre Heinecke1-0/+1
* src/gpgme-json.c (hlp_help): Add sign.
2018-05-24json: Add op_signAndre Heinecke1-0/+177
* src/gpgme-json.c (op_sign): New.
2018-05-24json: Fix invalid function callAndre Heinecke1-1/+1
* src/gpgme-json.c (add_signatures_to_object): Fix call to xjson_CreateArray. -- That is what happens if you edit code while reviewing changes, without testing it again,..
2018-05-24json: Print signatures for decrypt/verifyAndre Heinecke1-0/+211
* gpgme-json.c (xJSON_CreateArray), (add_summary_to_object, validity_to_string): New helpers. (add_signature_to_object, add_signatures_to_object) (add_signatures_object): New. (op_decrypt): Handle verify_result. (hlp_help): Mention decrypt.
2018-05-24json: Minor typo fixesAndre Heinecke1-3/+3
* src/gpgme-json.c: Minor typo fixes.
2018-05-17core, w32: Add w64 handling for regkeysAndre Heinecke1-3/+22
* src/w32-util.c (_gpgme_get_gpg_path): Use new defines. (GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x (GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x (_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback. -- This should fix more "unsupported protocol" issues if Gpg4win / GnuPG is installed in a non standard path on 64bit systems. The regkey handling is similar to that of gpgex and gpgol. GnuPG-Bug-Id: T3988
2018-05-17core: Always fail if an OpenPG message is not integrity protected.Werner Koch1-7/+20
* src/decrypt.c (struct op_data_t): Add field not_integrity_protected. (parse_decryption_info): Set this. Also rename mode to aead_algo for clarity. (_gpgme_decrypt_status_handler): Force failure in case of a missing MDC. -- This extra check makes sure that a missing or stripped MDC in - gpg < 2.1 - or gpg 2.2 with an old cipher algorithm will lead to a decryption failure. gpg 2.3 will always fail in this case. Implementing this check here and not backporting the 2.3 change to 2.2 has the benefit that all GPGME using applications are protected but scripts relying on rfc2440 (i.e. without MDC) will only break when migrating to 2.3. Note that S/MIME has no integrity protection mechanism but gpgsm neither emits a DECRYPTION_INFO status line, so an error will not be triggered. If in the future gpgsm supports authenticated encryption it may issue a DECRYPTION_INFO line to force a failure here but it will in that case also emit a DECRYPTION_FAILED anyway. GnuPG-bug-id: 3981 Signed-off-by: Werner Koch <[email protected]>
2018-05-09json: Improve auto-base64 encoding to not split UTF-8 chars.Werner Koch1-8/+14
* src/gpgme-json.c (make_data_object): Switch to Base64 also for UTF-8 characters. Signed-off-by: Werner Koch <[email protected]>
2018-05-09core: Make the status-fd monitor work for all gpgsm commands.Werner Koch1-1/+10
* src/engine-gpgsm.c (status_handler): Call the status monitor also here. Signed-off-by: Werner Koch <[email protected]>
2018-04-20core: Do not modify args for ignored failuresAndre Heinecke1-4/+3
* src/op-support.c (_gpgme_parse_failure): Ignore gpg-exit failures before modifying args. -- For op_decrypt_verify the status handler for both decrypt and verify would parse the failure when the first parser ignored the failure. This resulted in an ERR_INV_ENGINE as the first call to parse_failure modified the args. GnuPG-Bug-Id: T3919
2018-04-20core: Remove another debug output leftover.Werner Koch1-1/+0
* src/decrypt.c (_gpgme_decrypt_status_handler): Remove log debug. Signed-off-by: Werner Koch <[email protected]>
2018-04-19json: Remove the -noinstall flag used during development.Werner Koch1-2/+0
* src/Makefile.am (gpgme-json_LDFLAGS): Remove. -- Reported-by: Alon Bar-Lev <[email protected]> Signed-off-by: Werner Koch <[email protected]>
2018-04-19core: Remove leftover debug output.Werner Koch1-1/+0
* src/verify.c (_gpgme_verify_status_handler): Remove debug output. -- Actually this is a real bug because it uses a debug function available only in the new libgpg-error versions. Time to call Jenkins back from vacation; there are rumors that he has been seen in the city looking for a new Ryzen tail coat. Signed-off-by: Werner Koch <[email protected]>
2018-04-18json: Add stpcpy replacement.Werner Koch1-0/+13
* src/gpgme-json.c [!HAVE_STPCPY](_my_stpcpy): New. Signed-off-by: Werner Koch <[email protected]>
2018-04-18doc: Update copyright years and change two URLs.Werner Koch2-2/+3
-- Signed-off-by: Werner Koch <[email protected]>
2018-04-18doc: Unify comment style in gpgme.hWerner Koch1-160/+175
-- Signed-off-by: Werner Koch <[email protected]>
2018-04-18core: New convenience constant GPGME_KEYLIST_MODE_LOCATE.Werner Koch2-2/+3
* src/gpgme.h.in (GPGME_KEYLIST_MODE_LOCATE): New. Signed-off-by: Werner Koch <[email protected]>
2018-04-18json: Add command "decrypt" to gpgme-json.Werner Koch1-7/+139
* src/gpgme-json.c (make_data_object): Enable auto-detection of base-64. (op_encrypt): Support a 'mime' flag. (op_decrypt): New. (process_request): Add command "encrypt". Signed-off-by: Werner Koch <[email protected]>
2018-04-18core: Add 'is_mime' flags to the verify and decrypt results.Werner Koch5-11/+32
* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime. * src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag. * src/verify.c (_gpgme_verify_status_handler): Ditto. * src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime' and '_unused'. (gpgme_op_decrypt_result_t): New field 'is_mime'. Shrink '_unused'. * tests/run-decrypt.c (print_result): Print MIME flag. * tests/run-verify.c (print_result): Ditto. -- Note that this flag (Liternal Data packet's 'm' mode) is only specified in RFC-4880bis. To use it you currently need to add "rfc4880bis" to the the gpg.conf. Signed-off-by: Werner Koch <[email protected]>