gpgme.git
40 hours agojson: Add file handling for debug output master
Andre Heinecke [Wed, 20 Jun 2018 07:43:19 +0000 (09:43 +0200)]
json: Add file handling for debug output

* src/gpgme-json.c (main): Add possibilty to set log file.

--
This is similar to how GPGME_DEBUG works. It takes ; on
Windows as seperator and : on linux. Followed by a file name.

For Linux it might make sense to use a different seperator
to allow setting a socket explicitly. But this is better
in line with the current GPGME_DEBUG behavior.

The change helps on Windows where we don't have a
log socket.

4 days agopython bindings: core import statements
Ben McGinnes [Sun, 17 Jun 2018 12:42:43 +0000 (22:42 +1000)]
python bindings: core import statements

* Fixed the bit I broke while fixing the PEP8 compliance issues.

4 days agopython bindings: core — PEP8 compliance
Ben McGinnes [Sun, 17 Jun 2018 05:58:44 +0000 (15:58 +1000)]
python bindings: core — PEP8 compliance

* Fixed most of the PEP8 errors in core.py
* Those remaining may need more than little edits and are a bit
  strange (too clearly the result of a programmer who has spent far
  too much time dealing with Lisp so that for Python it looks
  ... strange).

4 days agopython bindings: core - key import gsoc/jacob-key-import
Ben McGinnes [Sun, 17 Jun 2018 04:35:20 +0000 (14:35 +1000)]
python bindings: core - key import

* Wrapped the key import function in the try/exception statements
  needed to catch at least the most likely unsuccessful import attempt
  errors.
* Mostly draws on the file error and no data import statuses for
  errors, with a couple of exceptions.

Signed-off-by: Ben McGinnes <ben@adversary.org>
5 days agopython bindings: core key import
Ben McGinnes [Sat, 16 Jun 2018 23:28:30 +0000 (09:28 +1000)]
python bindings: core key import

* The foundation of a pythonic key import function authored by Jacob
  Adams.
* A unit testing script for the same function originally authored by
  Tobias Mueller
* Added DCO reference for Jacob Adams to the GPGME AUTHORS file.
* Additional details regarding this patch are available here:
  https://dev.gnupg.org/T4001

Signed-off-by: Ben McGinnes <ben@adversary.org>
11 days agoscript: groups.py
Ben McGinnes [Sun, 10 Jun 2018 15:03:58 +0000 (01:03 +1000)]
script: groups.py

* Added check for if it is run on a Windows system so that the correct
  binary filename is invoked.

13 days agocpp: Add proper gpgme_op_createkey
Andre Heinecke [Fri, 8 Jun 2018 14:19:47 +0000 (16:19 +0200)]
cpp: Add proper gpgme_op_createkey

* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::createKeyEx): New.

--
The createKeyEx function follows the usual pattern that the
synchronous call returns a result directly while for the
async an extra call is neccessary.

13 days agojson: Return fingerprint as createkey result
Andre Heinecke [Fri, 8 Jun 2018 12:52:41 +0000 (14:52 +0200)]
json: Return fingerprint as createkey result

* src/gpgme-json.c (op_createkey): Return fingerprint of new key.

13 days agojson: Add op_createkey
Andre Heinecke [Fri, 8 Jun 2018 11:55:21 +0000 (13:55 +0200)]
json: Add op_createkey

* src/gpgme-json.c (hlp_createkey, op_createkey): New.
(process_request, hlp_help): Add it.

--
This uses an unrestricted context for now until

GnuPG-Bug-Id: T4010
is implemented in GnuPG.

13 days agojson: Generalize chunking and getmore
Andre Heinecke [Thu, 7 Jun 2018 15:48:55 +0000 (17:48 +0200)]
json: Generalize chunking and getmore

* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): Lower value to
new real minimum.
(DEF_REPLY_CHUNK_SIZE): Don't chunk by default.
(pending_data): Remove type and base64.
(make_data_object): Remove chunksize handling as this is now
generic.
(encode_and_chunk): Setup the pending_data buffer for chunking
if required.
(op_getmore): Changed to generically work on a response.
(hlp_getmore): Update accordingly.
(hlp_help): Document chunksize as generic parameter for all commands.
(process_request): Use encode_and_chunk on the response.
(hlp_encrypt, op_encrypt, hlp_decrypt, op_decrypt),
(hlp_verify, op_verify, hlp_sign, op_sign),
(op_keylist, hlp_keylist, hlp_export, op_export): Update accordingly.

--
To include handling for json properties e.g. in a keylist in
the chunk mechanism the mechanism is now more general.

If the chunksize property is provided the response will
always look exactly like a "getmore" response. E.g.

e.g.:
{
    "op": "keylist",
    "chunksize": 64
}
Results in:
{
   "more": true,
   "base64": true,
   "response": "ewoJImtleXMiOglbewoJCQkicmV2b2tlZCI6"
}

For simplicity this is even true if the chunksize is larger
then the response.

The client has to combine all "response" chunks and base64
decode them to get valid json.

The complete response (including json) is never larger then
the chunksize but might be smaller. Except for interactive
use due to additional format characters.

2 weeks agojson: Rework verify_result_to_json
Andre Heinecke [Thu, 7 Jun 2018 14:05:15 +0000 (16:05 +0200)]
json: Rework verify_result_to_json

* src/gpgme-json.c (sigsum_to_json): Add bool repr.
(signature_to_json, verify_result_to_json): Extend and follow better
pattern.
(hlp_decrypt, hlp_verify): Expand doc.

--
This should make it more clear which values are mapped as
the naming is more direct and clear and help to use
the gpgme documentation to understand the verify_result values.

2 weeks agojson: Add direct way to query a config option
Andre Heinecke [Thu, 7 Jun 2018 09:42:47 +0000 (11:42 +0200)]
json: Add direct way to query a config option

* src/gpgme-json.c (op_config_opt, hlp_config_opt): New operation.
(process_request, hlp_help): Add it.

--
This is more conveniant API for most query operations where
a single option is required.

An example would be:
{
    "op": "config_opt",
    "component": "gpg",
    "option": "default-key"
}

Which results in:
{
   "option":       {
           "name": "default-key",
           "description":  "use NAME as default secret key",
           "argname":      "NAME",
           "flags":        0,
           "level":        0,
           "type": 1,
           "alt_type":     1,
           "value":        [{
                           "string":       "F462B6B1",
                           "is_none":      false
                   }]
   }
}

2 weeks agojson: Add op_config to query gpgconf
Andre Heinecke [Thu, 7 Jun 2018 09:23:14 +0000 (11:23 +0200)]
json: Add op_config to query gpgconf

* src/gpgme-json.c (op_config, hlp_config): New.
(hlp_help, process_request): Add config.
(conf_arg_to_json, conf_opt_to_json, conf_comp_to_json): New
helpers.

2 weeks agoexamples: python howto
Ben McGinnes [Thu, 7 Jun 2018 05:06:20 +0000 (15:06 +1000)]
examples: python howto

* Uses the groups module to prepare a list of recipients and encrypt
  to those.
* The main version (encrypt-to-group.py) tries to check for invalid
  recipients, but still falls back to always trust for the second
  encryption attempt.
* The gullible version doesn't try pruning the recipient list at all,
  it just tries to encrypt and if it fails, switches straight to
  always trust.
* The trustno1 version doesn't use the always trust model at all and
  only attempts pruning the list of invalid recipients.

2 weeks agocore: Return a better error code on certain decryption failures.
Werner Koch [Wed, 6 Jun 2018 14:20:27 +0000 (16:20 +0200)]
core: Return a better error code on certain decryption failures.

* src/decrypt.c (op_data_t): Add field first_status_error.
(parse_status_error): Set it.
(_gpgme_decrypt_status_handler): Prefer an ERROR code over a
NO_SECKEY.
--

GnuPG-bug-id: 3983
Signed-off-by: Werner Koch <wk@gnupg.org>
2 weeks agojson: Allow to compile with libgpg-error < 1.28
Werner Koch [Tue, 5 Jun 2018 07:40:17 +0000 (09:40 +0200)]
json: Allow to compile with libgpg-error < 1.28

* src/cJSON.c: Use gpgrt fucntion only if available.
--

We have a hack in gpgme-json to allow building with older libgpg-error
versions.  That whole thing will not work but the instead the binary
will print an error at runtime that it needs to be build with a newer
libgcrypt.  There was a little bug here for the Debian packages
libgpg-error versions which failed to build cJSON.  cJSON is only
needed be the full gpgme-json but nevertheless the Makefile wants to
build it.  The fix is straightforward.

GnuPG-bug-id: 3971
Signed-off-by: Werner Koch <wk@gnupg.org>
2 weeks agodocs: python bindings howto
Ben McGinnes [Sat, 2 Jun 2018 14:46:46 +0000 (00:46 +1000)]
docs: python bindings howto

* Another attempt at fixing the org-mode version.
* A proof reader ascertained there were tabs in it instead of whitespace.
* Stripped the lot out and replaced with standard 4 spaces, fixed
  every incorrect example ... and it still breaks upon save and/or export.
* Added the reference to the mutt-groups.py script to demonstrate the
  groups.py module/code.

2 weeks agoAuthors: DCO
Ben McGinnes [Sat, 2 Jun 2018 07:15:40 +0000 (17:15 +1000)]
Authors: DCO

* Added mine to the GPGME AUTHORS file.  Mainly so I'm doing what I
  say myself when about to request another from someone ...  ;)

2 weeks agocpp: Add gpgme_(get)set_ctx_flag
Andre Heinecke [Fri, 1 Jun 2018 09:08:12 +0000 (11:08 +0200)]
cpp: Add gpgme_(get)set_ctx_flag

* NEWS: Mention API extensions.
* lang/cpp/src/context.cpp, lang/cpp/src/context.h
(Context::setFlag, Context::getFlag): New.

2 weeks agocpp: Add legacy_cipher_nomdc
Andre Heinecke [Fri, 1 Jun 2018 08:58:24 +0000 (10:58 +0200)]
cpp: Add legacy_cipher_nomdc

* lang/cpp/src/decryptionresult.cpp, lang/cpp/src/decryptionresult.h
(DecryptionResult::isLegacyCipherNoMDC): New.

--

3 weeks agocore: New context flag "ignore-mdc-error".
Werner Koch [Thu, 31 May 2018 23:29:20 +0000 (01:29 +0200)]
core: New context flag "ignore-mdc-error".

* src/context.h (gpgme_context): Add field ignore_mdc_error.
* src/gpgme.c (gpgme_set_ctx_flag, gpgme_get_ctx_flag): Set/get it.
* src/engine-gpg.c (engine_gpg): Add flags.ignore_mdc_error.
(gpg_set_engine_flags): Set it.
(build_argv): Pass option to gpg.
* src/decrypt.c (_gpgme_decrypt_status_handler): Take care of flag.
(gpgme_op_decrypt_result): Clear flag.
(gpgme_op_decrypt): Clear flag.
* src/decrypt-verify.c (gpgme_op_decrypt_verify): Clear flag
(gpgme_op_decrypt_ext): Clear flag.

* tests/run-decrypt.c (show_usage): Add option --ignore-mdc-error.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agocore: New decryption result flag 'legacy_cipher_nomdc'.
Werner Koch [Thu, 31 May 2018 23:01:08 +0000 (01:01 +0200)]
core: New decryption result flag 'legacy_cipher_nomdc'.

* src/gpgme.h.in (_gpgme_op_decrypt_result): Add flag
legacy_cipher_nomdc.
* src/decrypt.c (parse_status_error): Set this flag.
* tests/run-decrypt.c (print_result): print it.
(main): Print the result even on error.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agocore: Remove cruft from the engine-gpg code.
Werner Koch [Thu, 31 May 2018 22:13:18 +0000 (00:13 +0200)]
core: Remove cruft from the engine-gpg code.

* src/engine-gpg.c (read_status): Remove the handling of
GPGME_STATUS_END_STREAM; this was used only by the former experimental
--pipemode of gpg but that is not even anymore invoked here.
(struct engine_gpg): Remove cmd.linked_data and .linked_idx.
(build_argv): Remove code for linked_data.
(gpg_new): Ditto.
(gpg_set_command_handler): Remove arr linked_data.
* src/engine-backend.h (engine_ops): Remove arg data from
set_command_handler.
* src/engine.c (_gpgme_engine_set_command_handler): Remove arg
linked_data and adjust all callers.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agocore: Minor cleanup in engine-gpg and -gpgsm.
Werner Koch [Thu, 31 May 2018 21:56:06 +0000 (23:56 +0200)]
core: Minor cleanup in engine-gpg and -gpgsm.

* src/engine-gpg.c: Remove errno.h.
(build_argv): Use gpg_error_from_syserror instead of ERRNO.
* src/engine-gpgsm.c: Remove errno.h.
(status_handler): Remove check for EINTR; gpgme_data_write already
handles EINTR.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agocpp: Add gpgme_data_rewind to cpp API
Andre Heinecke [Tue, 29 May 2018 07:16:22 +0000 (09:16 +0200)]
cpp: Add gpgme_data_rewind to cpp API

* lang/cpp/src/data.h, lang/cpp/src/data.cpp (Data::rewind): New.
* lang/qt/tests/t-various.cpp (testDataRewind): Test it.

--
The advantage of this convieniance function in GPGME is that
it avoids the messiness that are declarations with off_t.

GnuPG-Bug-Id: T3996

3 weeks agojson: Fix compiler warning.
Werner Koch [Mon, 28 May 2018 07:58:02 +0000 (09:58 +0200)]
json: Fix compiler warning.

* src/gpgme-json.c (op_version): Mark request as unused.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agojson: Do not allow to export or delete secret keys.
Werner Koch [Mon, 28 May 2018 07:56:49 +0000 (09:56 +0200)]
json: Do not allow to export or delete secret keys.

* src/gpgme-json.c (op_export, op_delete): Return GPG_ERR_FORBIDDEN if
"secret" is used.
--

This should not be possible from a browser and we need to make this
fully clear.  Actually gpg-agent won't allow that anyway but having
this explicitly is better.

If that is ever needed a dedicated command line option may enable
this, for example when used by regular programs and not by the browser.
But that requires other changes as well.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agojson: Fix use of get_context.
Werner Koch [Mon, 28 May 2018 07:53:32 +0000 (09:53 +0200)]
json: Fix use of get_context.

* src/gpgme-json.c (create_onetime_context): New.
(release_onetime_context): New.
(op_sign): Use the new fucntions to create a separate context.
(op_encrypt): Use a separate context for key listings.
(create_keylist_patterns): Remove unneeded cast.
--

get_context retruns a static per-process context and can thus not be
used as a separate context.  Use dedicated fucntions for this.

Signed-off-by: Werner Koch <wk@gnupg.org>
3 weeks agojson: Implement encrypt-sign
Andre Heinecke [Fri, 25 May 2018 13:48:39 +0000 (15:48 +0200)]
json: Implement encrypt-sign

* src/gpgme-json.c (op_encrypt): Add optional signing_keys param.
(get_keys, create_keylist_patterns): Add param for json object name.

--
If the optional parameter signing_keys is provided to encrypt
it becomes an encrypt-sign operation.

3 weeks agojson: Implement delete command
Andre Heinecke [Fri, 25 May 2018 13:24:03 +0000 (15:24 +0200)]
json: Implement delete command

* src/gpgme-json.c (op_delete): New.
(hlp_help, process_request): Add it.

--
As with import / export delete also does not work for
the browser origin.

3 weeks agojson: Implement op_export
Andre Heinecke [Fri, 25 May 2018 12:52:51 +0000 (14:52 +0200)]
json: Implement op_export

* src/gpgme-json.c (op_export): New.
(hlp_getmore, process_request): Add it.

--
Secret key export does not work with request-origin browser.

3 weeks agojson: Fix double ctx alloc
Andre Heinecke [Fri, 25 May 2018 12:50:59 +0000 (14:50 +0200)]
json: Fix double ctx alloc

* src/gpgme-json.c (op_keylist): Only get one ctx.

3 weeks agojson: Add guard in create_keylist_patterns
Andre Heinecke [Fri, 25 May 2018 12:50:20 +0000 (14:50 +0200)]
json: Add guard in create_keylist_patterns

* src/gpgme-json.c (create_keylist_patterns): Guard against
a string ending with a linbreak.

3 weeks agojson: Implement import operation
Andre Heinecke [Fri, 25 May 2018 12:19:41 +0000 (14:19 +0200)]
json: Implement import operation

* src/gpgme-json.c (op_import): New.
(import_status_to_json, import_result_to_json): New.
(hlp_help, process_request): Add import.

3 weeks agojson: Improve keylist help
Andre Heinecke [Fri, 25 May 2018 11:09:34 +0000 (13:09 +0200)]
json: Improve keylist help

* src/gpgme-json.c (hlp_keylist): Clarify doc about keys parameter.

3 weeks agojson: Fix keylist pattern handling
Andre Heinecke [Fri, 25 May 2018 11:06:44 +0000 (13:06 +0200)]
json: Fix keylist pattern handling

* src/gpgme-json.c (xfree_array): New helper.
(create_keylist_patterns): Convert keystring to gpgme patterns.
(op_sign, op_keylist): Use it.

3 weeks agojson: Add additional commands to help
Andre Heinecke [Fri, 25 May 2018 10:22:37 +0000 (12:22 +0200)]
json: Add additional commands to help

* src/gpgme-json.c (hlp_help): Add additional commands.

3 weeks agojson: Refactor signature and ei code
Andre Heinecke [Fri, 25 May 2018 10:17:46 +0000 (12:17 +0200)]
json: Refactor signature and ei code

* src/gpgme-json.c (add_summary_to_object): Changed to:
sigsum_to_json.
(add_signature_to_object): Changed to signature_to_json.
(add_signatures_to_object): Changed to verify_result_to_json.
(add_ei_to_object): Changed to engine_info_to_json.
(op_decrypt, op_verify, op_version): Use new functions.

--
This pattern of gpgme_type to json object conversion
is much cleaner then the error returning "add to object"
functions.

3 weeks agojson: Implement keylist
Andre Heinecke [Fri, 25 May 2018 09:34:33 +0000 (11:34 +0200)]
json: Implement keylist

* src/gpgme-json.c (xjson_AddStringToObject0)
(xjson_AddItemToObject): New helpers.
(sig_notation_to_json, key_sig_to_json, tofu_to_json)
(uid_to_json, subkey_to_json, key_to_json): New
GPGME to JSON functions.
(op_keylist): New.
(process_request): Add op_keylist.

--
The conversion from GPGME data structures to
JSON follow the same pattern for the keylist
functions using the xjson wrappers instead
of error checking every cJSON call.

For large keylists the keylist command also
needs a data / getmore handling somehow.

3 weeks agojson: Deduplicate input handling code
Andre Heinecke [Fri, 25 May 2018 07:46:30 +0000 (09:46 +0200)]
json: Deduplicate input handling code

* gpgme-json.c (get_string_data): New.
(op_verify, op_sign, op_decrypt, op_encrypt): Use it.

--
This handles the common base64 decoding and creation of the
gpgme_data object.

4 weeks agoexamples: mutt crypt-hooks generator
Ben McGinnes [Thu, 24 May 2018 21:12:52 +0000 (07:12 +1000)]
examples: mutt crypt-hooks generator

* Added a script which demonstrates how the groups module works.
* Script generates Mutt/Neomutt crypt-hooks for every group entry in
  gpg.conf, including those entries for multiple keys (Mutt handles
  that differently).

4 weeks agodocs: python bindings howto
Ben McGinnes [Thu, 24 May 2018 19:22:16 +0000 (05:22 +1000)]
docs: python bindings howto

* Fixed the groups.py script so it really does what is described (the
  old code had the same result for groups, group_lines and
  group_lists).
* Updated the corresponding example in the doc to match.

4 weeks agodoc: python bindings howto
Ben McGinnes [Sun, 13 May 2018 18:14:45 +0000 (04:14 +1000)]
doc: python bindings howto

* Fixed org-mode python source indenting.
** Note: nested indented blocks do not indent correctly when exported
   to [X]HTML.

4 weeks agojson: Add code to gpg_error based messages
Andre Heinecke [Thu, 24 May 2018 14:35:42 +0000 (16:35 +0200)]
json: Add code to gpg_error based messages

* src/gpgme-json.c (gpg_error_object): New.
(error_object_v): Extend to take error.

--
Having the error code is helpful, especially as
the strerrors are localized. E.g. to detect
an ERROR_CANCELED.

4 weeks agojson: Implement op_version
Andre Heinecke [Thu, 24 May 2018 14:15:14 +0000 (16:15 +0200)]
json: Implement op_version

* src/gpgme-json.c (op_version): New.
(process_request): Extend for version.
(protocol_to_string, add_ei_to_object): New helpers.

4 weeks agojson: Implement op_verify
Andre Heinecke [Thu, 24 May 2018 11:56:16 +0000 (13:56 +0200)]
json: Implement op_verify

* src/gpgme-json.c (op_verify): New.
(hlp_help): Add verify.
(process_request): Add verify.

--
Mostly works, except for detached, base64 encoded signatures,
they are somehow not yet written to gpgme.

4 weeks agojson: Put signature info before data output
Andre Heinecke [Thu, 24 May 2018 11:36:31 +0000 (13:36 +0200)]
json: Put signature info before data output

* src/gpgme-json.c (op_decrypt): Move info before data.

--
This should enable it to first parse signatures before
handling very large chunks of data.

4 weeks agojson: Add sign to help
Andre Heinecke [Thu, 24 May 2018 11:31:15 +0000 (13:31 +0200)]
json: Add sign to help

* src/gpgme-json.c (hlp_help): Add sign.

4 weeks agojson: Add op_sign
Andre Heinecke [Thu, 24 May 2018 11:24:02 +0000 (13:24 +0200)]
json: Add op_sign

* src/gpgme-json.c (op_sign): New.

4 weeks agojson: Fix invalid function call
Andre Heinecke [Thu, 24 May 2018 11:16:55 +0000 (13:16 +0200)]
json: Fix invalid function call

* src/gpgme-json.c (add_signatures_to_object): Fix call to
xjson_CreateArray.

--
That is what happens if you edit code while reviewing changes,
without testing it again,..

4 weeks agojson: Print signatures for decrypt/verify
Andre Heinecke [Thu, 24 May 2018 10:34:31 +0000 (12:34 +0200)]
json: Print signatures for decrypt/verify

* gpgme-json.c (xJSON_CreateArray),
(add_summary_to_object, validity_to_string): New helpers.
(add_signature_to_object, add_signatures_to_object)
(add_signatures_object): New.
(op_decrypt): Handle verify_result.
(hlp_help): Mention decrypt.

4 weeks agojson: Minor typo fixes
Andre Heinecke [Thu, 24 May 2018 08:26:41 +0000 (10:26 +0200)]
json: Minor typo fixes

* src/gpgme-json.c: Minor typo fixes.

4 weeks agodocs and examples: python howto
Ben McGinnes [Wed, 23 May 2018 04:43:06 +0000 (14:43 +1000)]
docs and examples: python howto

* Updated the decryption example code in the HOWTO and the
  corresponding decrypt-file.py script to gracefully handle a
  decryption failure.  This error will always be triggered when GPGME
  is used to try to decrypt an old, MDC-less encrypted message or
  file.

4 weeks agocpp: Expose sessionKey and symkeyAlgo
Andre Heinecke [Tue, 22 May 2018 10:08:01 +0000 (12:08 +0200)]
cpp: Expose sessionKey and symkeyAlgo

* lang/cpp/decryptionresult.cpp, lang/cpp/decryptionresult.h
(DecryptionResult::symkeyAlgo, DecryptionResult::sessionKey): New.

5 weeks agocore, w32: Add w64 handling for regkeys
Andre Heinecke [Thu, 17 May 2018 15:41:53 +0000 (17:41 +0200)]
core, w32: Add w64 handling for regkeys

* src/w32-util.c (_gpgme_get_gpg_path): Use new defines.
(GNUPG_REGKEY_2): x64 aware regkey as used by GnuPG in Gpg4win 2.x
(GNUPG_REGKEY_3): x64 aware regkey as used by GnuPG in Gpg4win 3.x
(_gpgme_get_gpgconf_path): Use new regkeys. Add another fallback.

--
This should fix more "unsupported protocol" issues if Gpg4win /
GnuPG is installed in a non standard path on 64bit systems.

The regkey handling is similar to that of gpgex and gpgol.

GnuPG-Bug-Id: T3988

5 weeks agocore: Always fail if an OpenPG message is not integrity protected.
Werner Koch [Thu, 17 May 2018 07:14:40 +0000 (09:14 +0200)]
core: Always fail if an OpenPG message is not integrity protected.

* src/decrypt.c (struct op_data_t): Add field not_integrity_protected.
(parse_decryption_info): Set this.  Also rename mode to aead_algo for
clarity.
(_gpgme_decrypt_status_handler): Force failure in case of a missing
MDC.
--

This extra check makes sure that a missing or stripped MDC in
 - gpg < 2.1
 - or gpg 2.2 with an old cipher algorithm
will lead to a decryption failure.  gpg 2.3 will always fail in this
case.  Implementing this check here and not backporting the 2.3 change
to 2.2 has the benefit that all GPGME using applications are protected
but scripts relying on rfc2440 (i.e. without MDC) will only break when
migrating to 2.3.

Note that S/MIME has no integrity protection mechanism but gpgsm
neither emits a DECRYPTION_INFO status line, so an error will not be
triggered.  If in the future gpgsm supports authenticated encryption
it may issue a DECRYPTION_INFO line to force a failure here but it
will in that case also emit a DECRYPTION_FAILED anyway.

GnuPG-bug-id: 3981
Signed-off-by: Werner Koch <wk@gnupg.org>
6 weeks agojson: Improve auto-base64 encoding to not split UTF-8 chars.
Werner Koch [Wed, 9 May 2018 14:41:05 +0000 (16:41 +0200)]
json: Improve auto-base64 encoding to not split UTF-8 chars.

* src/gpgme-json.c (make_data_object): Switch to Base64 also for UTF-8
characters.

Signed-off-by: Werner Koch <wk@gnupg.org>
6 weeks agocore: Make the status-fd monitor work for all gpgsm commands.
Werner Koch [Wed, 9 May 2018 14:39:30 +0000 (16:39 +0200)]
core: Make the status-fd monitor work for all gpgsm commands.

* src/engine-gpgsm.c (status_handler): Call the status monitor also
here.

Signed-off-by: Werner Koch <wk@gnupg.org>
6 weeks agopython: key expiration datetime stamp tests
Ben McGinnes [Sat, 5 May 2018 02:27:17 +0000 (12:27 +1000)]
python: key expiration datetime stamp tests

* Changed the expiration date for the generated test key to NYE this
  century, rather than the NYE this millennium as originally suggested
  in job #3815.
* This covers the lifetimes of current users (except, maybe, some very
  healthy millennials) as well as the 32-bit clock end date in 2038;
  without falling foul of OpenPGP's 2106 expiration.

6 weeks agoqt: Respect --disable-gpg-test for tests
Andre Heinecke [Fri, 4 May 2018 08:03:42 +0000 (10:03 +0200)]
qt: Respect --disable-gpg-test for tests

* lang/qt/Makefile.am: Respect --disable-gpg-test

--
This is similar to the core switch to disable the tests.

8 weeks agoqt: Fix filename handling in cryptoconfig
Andre Heinecke [Thu, 26 Apr 2018 12:11:19 +0000 (14:11 +0200)]
qt: Fix filename handling in cryptoconfig

* src/qgpgmenewcryptoconfig.cpp (QGpgMENewCryptoConfigEntry::urlValue):
Build url from local file.
(QGpgMENewCryptoConfigEntry::setURLValue): Set native seperated
path.

--
This fixes setting files through cryptoconfig on Windows.
GnuPG-Bug-Id: T3939

2 months agocore: Do not modify args for ignored failures
Andre Heinecke [Fri, 20 Apr 2018 12:30:53 +0000 (14:30 +0200)]
core: Do not modify args for ignored failures

* src/op-support.c (_gpgme_parse_failure): Ignore gpg-exit failures
before modifying args.

--
For op_decrypt_verify the status handler for both decrypt and
verify would parse the failure when the first parser ignored
the failure. This resulted in an ERR_INV_ENGINE as the first
call to parse_failure modified the args.

GnuPG-Bug-Id: T3919

2 months agoPost release updates
Werner Koch [Fri, 20 Apr 2018 08:41:38 +0000 (10:41 +0200)]
Post release updates

--

2 months agoRelease 1.11.1 gpgme-1.11.1
Werner Koch [Fri, 20 Apr 2018 08:22:12 +0000 (10:22 +0200)]
Release 1.11.1

* configure.ac: Bump LT version to C31/A20/R1.  For cpp to C13/A7/R0.
For qt to: C10/A3/R2.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Remove another debug output leftover.
Werner Koch [Fri, 20 Apr 2018 08:32:37 +0000 (10:32 +0200)]
core: Remove another debug output leftover.

* src/decrypt.c (_gpgme_decrypt_status_handler): Remove log debug.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agobuild: More release creation automation.
Werner Koch [Fri, 20 Apr 2018 08:13:25 +0000 (10:13 +0200)]
build: More release creation automation.

* Makefile.am: Add release and sign-release targets.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agodoc: Suggest the use of strconcat for recipient strings.
Werner Koch [Fri, 20 Apr 2018 06:56:01 +0000 (08:56 +0200)]
doc: Suggest the use of strconcat for recipient strings.

--
GnuPG-bug-id: 3775

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agojson: Remove the -noinstall flag used during development.
Werner Koch [Thu, 19 Apr 2018 14:19:47 +0000 (16:19 +0200)]
json: Remove the -noinstall flag used during development.

* src/Makefile.am (gpgme-json_LDFLAGS): Remove.
--

Reported-by: Alon Bar-Lev <alon.barlev@gmail.com>
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocpp: Add origin and last_update to UserID
Andre Heinecke [Thu, 19 Apr 2018 09:56:15 +0000 (11:56 +0200)]
cpp: Add origin and last_update to UserID

* NEWS: Mention it.
* lang/cpp/src/key.cpp, lang/cpp/src/key.h (UserID::lastUpdate),
(UserID::origin): New.
(gpgme_origin_to_pp_origin): New helper.

2 months agocpp: Add origin and last_update
Andre Heinecke [Thu, 19 Apr 2018 08:44:01 +0000 (10:44 +0200)]
cpp: Add origin and last_update

* NEWS: mention interface change.
* lang/cpp/src/key.cpp (Key::origin, Key::lastUpdate): New.
* lang/cpp/src/key.h (Key::Origin): New enum.

2 months agocore: Remove leftover debug output.
Werner Koch [Thu, 19 Apr 2018 08:34:32 +0000 (10:34 +0200)]
core: Remove leftover debug output.

* src/verify.c (_gpgme_verify_status_handler): Remove debug output.
--

Actually this is a real bug because it uses a debug function available
only in the new libgpg-error versions.  Time to call Jenkins back from
vacation; there are rumors that he has been seen in the city looking
for a new Ryzen tail coat.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agotests: Fix t-verify test for GnuPG < 2.2.7.
Werner Koch [Thu, 19 Apr 2018 08:29:30 +0000 (10:29 +0200)]
tests: Fix t-verify test for GnuPG < 2.2.7.

* tests/gpg/t-verify.c (check_result): Tweak for gnupg < 2.2.7.
--

The not yet releases 2.2.7-beta may print a full fingerprint in the
ERRSIG status.  This is compliant with the dscription but the new
t-verify test case did not took in account that older GnuPG versions
print only a keyid.

Fixes-commit: b99502274ae5efdf6df0d967900ec3d1e64373d7
GnUPG-bug-id: 3920
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoPost release updates
Werner Koch [Wed, 18 Apr 2018 18:27:14 +0000 (20:27 +0200)]
Post release updates

--

2 months agoRelease 1.11.0 gpgme-1.11.0
Werner Koch [Wed, 18 Apr 2018 17:41:45 +0000 (19:41 +0200)]
Release 1.11.0

* configure.ac: Bump LT version to C31/A20/R0.  For cpp to C12/A6/R0.
For qt to: C10/A3/R1.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agojson: Add stpcpy replacement.
Werner Koch [Wed, 18 Apr 2018 18:11:27 +0000 (20:11 +0200)]
json: Add stpcpy replacement.

* src/gpgme-json.c [!HAVE_STPCPY](_my_stpcpy): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agodoc: Update copyright years and change two URLs.
Werner Koch [Wed, 18 Apr 2018 17:30:50 +0000 (19:30 +0200)]
doc: Update copyright years and change two URLs.

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agodoc: Unify comment style in gpgme.h
Werner Koch [Wed, 18 Apr 2018 17:28:51 +0000 (19:28 +0200)]
doc: Unify comment style in gpgme.h

--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: New convenience constant GPGME_KEYLIST_MODE_LOCATE.
Werner Koch [Wed, 18 Apr 2018 15:59:29 +0000 (17:59 +0200)]
core: New convenience constant GPGME_KEYLIST_MODE_LOCATE.

* src/gpgme.h.in (GPGME_KEYLIST_MODE_LOCATE): New.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agojson: Add command "decrypt" to gpgme-json.
Werner Koch [Wed, 18 Apr 2018 13:24:42 +0000 (15:24 +0200)]
json: Add command "decrypt" to gpgme-json.

* src/gpgme-json.c (make_data_object): Enable auto-detection of
base-64.
(op_encrypt): Support a 'mime' flag.
(op_decrypt): New.
(process_request): Add command "encrypt".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Add 'is_mime' flags to the verify and decrypt results.
Werner Koch [Wed, 18 Apr 2018 13:20:35 +0000 (15:20 +0200)]
core: Add 'is_mime' flags to the verify and decrypt results.

* src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime.
* src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag.
* src/verify.c (_gpgme_verify_status_handler): Ditto.
* src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime'
and '_unused'.
(gpgme_op_decrypt_result_t): New field 'is_mime'.  Shrink '_unused'.

* tests/run-decrypt.c (print_result): Print MIME flag.
* tests/run-verify.c (print_result): Ditto.
--

Note that this flag (Liternal Data packet's 'm' mode) is only
specified in RFC-4880bis.  To use it you currently need to add
"rfc4880bis" to the the gpg.conf.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Fix possible compliance mode detection error.
Werner Koch [Wed, 18 Apr 2018 12:41:50 +0000 (14:41 +0200)]
core: Fix possible compliance mode detection error.

* src/verify.c (_gpgme_verify_status_handler): Insert missing break.
--

Before the insertion of the compliance status checking the break in
the default clause was used by the STATUS_PLAINTEXT code.  That got
lost.  I don't see any actual harm due to different values currently
in use for the compliance status.

Fixes-commit: 05fa2a9c7764b28fdac35eb72631439df948ca0e
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agojson: Improve help meta command in gpgme-json.
Werner Koch [Wed, 18 Apr 2018 09:34:16 +0000 (11:34 +0200)]
json: Improve help meta command in gpgme-json.

* src/gpgme-json.c (process_meta_commands): Add ",help CMD".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agojson: Add command "getmore" to gpgme-json.
Werner Koch [Wed, 18 Apr 2018 09:12:46 +0000 (11:12 +0200)]
json: Add command "getmore" to gpgme-json.

* src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): New const.
(DEF_REPLY_CHUNK_SIZE): New const.
(MAX_REPLY_CHUNK_SIZE): New const.
(pending_data): New var.
(add_base64_to_object): Chnage to take a plain data pointer.
(get_chunksize): New.
(make_data_object): New.
(op_encrypt): Get chunksize and use make_data_object.
(op_getmore): New.
(process_request): Release pending data for all commands but "getmore"
and "help".
--

Native messaging has a limit on the data it may receive in one
request.  Thus the caller needs to watch for the "more" flag and
request the remaining data using "getmore" in a loop.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agojson: Add meta command ,read to gpgme-json.
Werner Koch [Wed, 18 Apr 2018 07:26:33 +0000 (09:26 +0200)]
json: Add meta command ,read to gpgme-json.

* src/gpgme-json.c: Include stat.h.
(get_file): New.
(process_meta_commands): Implement ",read".

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Extend decryption result with symkey_algo.
Werner Koch [Tue, 17 Apr 2018 11:48:56 +0000 (13:48 +0200)]
core: Extend decryption result with symkey_algo.

* src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'.
* src/decrypt.c (release_op_data): Free SYMKEY_ALGO.
(gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL.
(parse_decryption_info): New.
(_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status.
* src/conversion.c (_gpgme_cipher_algo_name): New.
(_gpgme_cipher_mode_name): New.

* tests/run-decrypt.c (print_result): Print SYMKEY_ALGO

* src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype.
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: New keyword --file for OpenPGP recpstring.
Werner Koch [Tue, 17 Apr 2018 10:40:30 +0000 (12:40 +0200)]
core: New keyword --file for OpenPGP recpstring.

* src/engine-gpg.c (append_args_from_recipients_string): Add new
flags.
--

Now you can use gpgme to encrypt without first importing a key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: For OpenPGP let offline mode disable dirmngr.
Werner Koch [Tue, 17 Apr 2018 09:06:27 +0000 (11:06 +0200)]
core: For OpenPGP let offline mode disable dirmngr.

* src/engine-gpg.c (struct engine_gpg): New flag.offline.
(gpg_set_engine_flags): Set it.  Also fix setting of no_symkey_cache.
(build_argv): Pass --disable-dirmngr in offline mode.
--

GnuPG-bug-id: 3831
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agopython: Fix crash by leaving struct members intact
Tobias Mueller [Tue, 20 Feb 2018 16:34:14 +0000 (17:34 +0100)]
python: Fix crash by leaving struct members intact

* lang/python/setup.py.in: Copy gpgme.h instead of parsing it.
--
The python bindings tried to parse deprecated functions
out of gpgme.h. This fails for the current gpgme.h in
that it removes an entire field in the key sig struct (_obsolete_class).
Hence, the fields were off by an int and the bindings accessed struct
members via the wrong offset. That caused python program to crash.
At least on 32bit platforms, the crash can be easily triggered by
accessing key.uids[0].signatures. On 64bit platforms the compiler
probably aligns the struct so that the missing 4 bytes are not noticed.

With this change, the python bindings will expose all functions
that gpgme exposes, including the deprecated ones.

Credits go to Justus Winter for debugging and identying the issue.

Signed-off-by: Tobias Mueller <muelli@cryptobitch.de>
GnuPG-bug-id: 3892

2 months agocore: Allow for --hidden keyword in OpenPGP recpstrings.
Werner Koch [Tue, 17 Apr 2018 08:04:20 +0000 (10:04 +0200)]
core: Allow for --hidden keyword in OpenPGP recpstrings.

* src/engine-gpg.c (append_args_from_recipients_string): Add special
keywords.
--

GnuPG-bug-id: 3775
Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: New encryption flag GPGME_ENCRYPT_WANT_ADDRESS.
Werner Koch [Tue, 17 Apr 2018 07:40:27 +0000 (09:40 +0200)]
core: New encryption flag GPGME_ENCRYPT_WANT_ADDRESS.

* src/gpgme.h.in (GPGME_ENCRYPT_WANT_ADDRESS): New flag.
* src/engine-gpg.c (add_arg_recipient): New.
(add_arg_recipient_string): New.
(append_args_from_recipients): Call new helper function.
(append_args_from_recipients_string): Ditto.
* src/gpgme-json.c (op_encrypt): Add flag "want-address".
--

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Add extended versions of the encrypt functions.
Werner Koch [Tue, 17 Apr 2018 06:33:44 +0000 (08:33 +0200)]
core: Add extended versions of the encrypt functions.

* src/gpgme.h.in (gpgme_op_encrypt_ext_start) New.
(gpgme_op_encrypt_ext): New.
(gpgme_op_encrypt_sign_ext_start): New.
(gpgme_op_encrypt_sign_ext): New.
* src/libgpgme.vers, tests/run-encrypt.c: Add them.

* src/encrypt.c (encrypt_start): Add arg recpstring.
(gpgme_op_encrypt): Factor code out to ...
(gpgme_op_encrypt_ext): new function with new arg recpstring.
(gpgme_op_encrypt_start): Factor code out to ...
(gpgme_op_encrypt_ext_start): new function with new arg recpstring.
* src/encrypt-sign.c (encrypt_sign_start): Add arg recpstring.
(gpgme_op_encrypt_sign): Factor code out to ...
(gpgme_op_encrypt_sign_ext): new function with new arg recpstring.
(gpgme_op_encrypt_sign_start): Factor code out to ...
(gpgme_op_encrypt_sign_ext_start): new function with new arg
recpstring.

* src/engine-backend.h (struct engine_ops): Change fields encrypt and
encrypt_sign.
* src/engine.c (_gpgme_engine_op_encrypt): Add arg recpstring and pass
to engine.
(_gpgme_engine_op_encrypt_sign): Ditto.
* src/engine-gpg.c (append_args_from_recipients_string): New.
(gpg_encrypt): Add arg recpstring and call new function as needed.
(gpg_encrypt_sign): Ditto.
* src/engine-gpgsm.c (set_recipients_from_string): New.
(gpgsm_encrypt): Add arg recpstring and call new function as needed.
* src/engine-uiserver.c (set_recipients_from_string): New.
(uiserver_encrypt): Add arg recpstring and call new function as
needed.

* tests/run-encrypt.c (xstrdup): New.
(main): Add option --keystring.

* src/gpgme-json.c (get_keys): Simplify.
(op_encrypt): Modify to make use of the extended encrypt function.

--

This new feature can be used to avoid the need for a key lookup and
thus several extra calls to the backend.

Note that run-test uses a semicolon as delimiter because that make
testing the feature on the command line much easier.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Tweak STATUS_FAILURE handling.
Werner Koch [Thu, 12 Apr 2018 18:36:30 +0000 (20:36 +0200)]
core: Tweak STATUS_FAILURE handling.

* src/op-support.c (_gpgme_parse_failure): Ignore failures with
location "gpg-exit".
* tests/gpg/t-verify.c (main): Adjust for the now working checking of
the second key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: For a failed verification return the sig's fingerprint.
Werner Koch [Thu, 12 Apr 2018 18:26:00 +0000 (20:26 +0200)]
core: For a failed verification return the sig's fingerprint.

* src/verify.c (parse_new_sig): Parse the new ERRSIG fpr.
--

This works only when the signatures features an ISSUER_FPR sub-packet
and with GnuPG >= 2.2.7.  If that is not the case the keyid is kept in
the FPR field.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agotests: Avoid segv in run-verify due to Policy URLs
Werner Koch [Thu, 12 Apr 2018 13:59:22 +0000 (15:59 +0200)]
tests: Avoid segv in run-verify due to Policy URLs

* tests/run-verify.c (print_result): Take care of Policy URLs.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agotests: Add another check to gpg/t-verify.
Werner Koch [Thu, 12 Apr 2018 13:39:20 +0000 (15:39 +0200)]
tests: Add another check to gpg/t-verify.

* tests/gpg/t-verify.c (PGM): New.  Use it instead of __FILE__.
(test_sig1_plus_unknown_key): New test signature.
(check_result): Allow checking of several signatures.
(main): Check a signature with a know and an unknown key.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agocore: Add new context flag "no-symkey-cache".
Werner Koch [Thu, 12 Apr 2018 07:17:27 +0000 (09:17 +0200)]
core: Add new context flag "no-symkey-cache".

* src/gpgme.c (gpgme_set_ctx_flag): Set flag.
(gpgme_get_ctx_flag): Get flag.
* src/context.h (struct gpgme_context): Add field no_symkey_cache.
* src/engine-gpg.c (struct engine_gpg): Ditto.
(gpg_set_engine_flags): Set flag.
(build_argv): Pass option --no-symkey-cache to gpg.

* tests/run-decrypt.c (print_result): Fix segv for symmetric messages.
(main): New option --no-symkey-cache.
* tests/run-encrypt.c (main): New option --no-symkey-cache.

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoqt: Add test for resetting config value
Andre Heinecke [Wed, 4 Apr 2018 09:21:53 +0000 (11:21 +0200)]
qt: Add test for resetting config value

* lang/qt/tests/t-config.cpp (CryptoConfigTest::testDefault): New.

--
There is a bug around here somewhere. This test does not show
it :-(

2 months agoMerge branch 'master' of ssh+git://playfair.gnupg.org/git/gpgme
Ben McGinnes [Thu, 29 Mar 2018 23:38:31 +0000 (10:38 +1100)]
Merge branch 'master' of ssh+git://playfair.gnupg.org/git/gpgme

* Also fixed a small grammatical error highlighted by a merge conflict
  (in the python bindings howto).

2 months agojson: Build only a dummy if libgpg-error is < 1.28
Werner Koch [Thu, 29 Mar 2018 13:06:47 +0000 (15:06 +0200)]
json: Build only a dummy if libgpg-error is < 1.28

Signed-off-by: Werner Koch <wk@gnupg.org>
2 months agoMerge branch 'ben/howto-update-02' of ssh+git://playfair.gnupg.org/git/gpgme
Ben McGinnes [Wed, 28 Mar 2018 23:27:41 +0000 (10:27 +1100)]
Merge branch 'ben/howto-update-02' of ssh+git://playfair.gnupg.org/git/gpgme