From cvs at cvs.gnupg.org Thu Mar 1 13:47:19 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Thu, 01 Mar 2018 13:47:19 +0100
Subject: [git] GpgOL - branch, async-enc, updated. gpgol-2.0.6-56-g3e851be
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, async-enc has been updated
via 3e851bed56cba229a1a6de656c6639ffbc288081 (commit)
via 16cf48705599010e380bc7c72ba8b2d945006471 (commit)
via d6246cd90e33d530cfecf654cecc097d73bef038 (commit)
via 6ec4348a7e575921db013b6cc9d1f0d07ae0ddb8 (commit)
via eb1ed3493ebe49cbbb61fb4deb311f44f553b176 (commit)
via 456cdf6165ef012769058507b5ef3edde729ca47 (commit)
via 14d0e2d9d1e0f058ee391363aeee67614d9a7734 (commit)
via 7700f5da2744cc7aa718aaaeedc66618b4088bff (commit)
via dc2f7424d081c1de0b639b3ab52aaa8092077c27 (commit)
via 13ec7979aaff33e2d3112bc397ab0a291ffade2f (commit)
from 325b90573a184b65bf1d66e5f6f0eebeb9f0d6ea (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3e851bed56cba229a1a6de656c6639ffbc288081
Author: Andre Heinecke
Date: Thu Mar 1 13:46:50 2018 +0100
Minor wait cleanup in overlay
* src/overlay.cpp (Overlay::~Overlay): Wait afteer writing
the quit.
diff --git a/src/overlay.cpp b/src/overlay.cpp
index f1467b9..8e088d6 100644
--- a/src/overlay.cpp
+++ b/src/overlay.cpp
@@ -81,8 +81,8 @@ Overlay::~Overlay()
{
log_debug ("%s:%s: Stopping overlay.",
SRCNAME, __func__);
- m_overlayCtx->wait ();
m_overlayStdin.write ("quit\n", 5);
m_overlayStdin.write (nullptr, 0);
+ m_overlayCtx->wait ();
EnableWindow (m_wid, TRUE);
}
commit 16cf48705599010e380bc7c72ba8b2d945006471
Author: Andre Heinecke
Date: Thu Mar 1 13:46:13 2018 +0100
Localize keyresolver
* src/cryptcontroller.cpp (CryptController::resolve_keys):
Add --lang argument.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index e2e4570..8557cc4 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -375,24 +375,23 @@ CryptController::resolve_keys ()
release_cArray (recipients);
}
- // Convert our collected vector to c strings
- // It's a bit overhead but should be quick for such small
- // data.
- char **cargs = vector_to_cArray (args);
+ args.push_back (std::string ("--lang"));
+ args.push_back (std::string (gettext_localename ()));
// Args are prepared. Spawn the resolver.
auto ctx = GpgME::Context::createForEngine (GpgME::SpawnEngine);
-
if (!ctx)
{
// can't happen
- release_cArray (cargs);
TRACEPOINT;
return -1;
}
- GpgME::Data mystdin (GpgME::Data::null), mystdout, mystderr;
+ // Convert our collected vector to c strings
+ // It's a bit overhead but should be quick for such small
+ // data.
+ char **cargs = vector_to_cArray (args);
#ifdef DEBUG_RESOLVER
log_debug ("Spawning args:");
for (size_t i = 0; cargs && cargs[i]; i++)
@@ -401,6 +400,7 @@ CryptController::resolve_keys ()
}
#endif
+ GpgME::Data mystdin (GpgME::Data::null), mystdout, mystderr;
GpgME::Error err = ctx->spawn (cargs[0], const_cast (cargs),
mystdin, mystdout, mystderr,
(GpgME::Context::SpawnFlags) (
commit d6246cd90e33d530cfecf654cecc097d73bef038
Author: Andre Heinecke
Date: Thu Mar 1 13:39:06 2018 +0100
Add keycache for located keys
* src/keycache.cpp, src/keycache.h: New.
* src/Makefile.am: Add new files.
* src/mail.cpp (in_de_vs_mode): Move to cpphelp.
Rename global maps to s_ prefix to be more clear.
(Mail::locate_keys): Use keycache.
(do_locate): Removed.
(Mail::locate_all_crypto_recipents): New.
* src/cpphelp.cpp: Add in_de_vs_mode.
* src/ribbon-callbacks.cpp (mark_mime_action): Trigger
locate on crypto toggle.
--
Every serious MUA needs a Keycache ;-)
This is needed to store the keys returned by
gpg --locate-keys if we want to use them later to automatically
send to the keys located this way.
diff --git a/src/Makefile.am b/src/Makefile.am
index 7ef1edd..125265d 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -88,7 +88,8 @@ gpgol_SOURCES = \
cryptcontroller.cpp cryptcontroller.h \
cpphelp.cpp cpphelp.h \
wks-helper.cpp wks-helper.h \
- overlay.cpp overlay.h
+ overlay.cpp overlay.h \
+ keycache.cpp keycache.h
#treeview_SOURCES = treeview.c
diff --git a/src/cpphelp.cpp b/src/cpphelp.cpp
index 20b91d3..85c8db3 100644
--- a/src/cpphelp.cpp
+++ b/src/cpphelp.cpp
@@ -26,6 +26,10 @@
#include "common.h"
+#include
+#include
+#include
+
void
release_cArray (char **carray)
{
@@ -55,3 +59,55 @@ vector_to_cArray(const std::vector &vec)
ret[vec.size()] = NULL;
return ret;
}
+
+bool
+in_de_vs_mode()
+{
+/* We cache the values only once. A change requires restart.
+ This is because checking this is very expensive as gpgconf
+ spawns each process to query the settings. */
+ static bool checked;
+ static bool vs_mode;
+
+ if (checked)
+ {
+ return vs_mode;
+ }
+ GpgME::Error err;
+ const auto components = GpgME::Configuration::Component::load (err);
+ log_debug ("%s:%s: Checking for de-vs mode.",
+ SRCNAME, __func__);
+ if (err)
+ {
+ log_error ("%s:%s: Failed to get gpgconf components: %s",
+ SRCNAME, __func__, err.asString ());
+ checked = true;
+ vs_mode = false;
+ return vs_mode;
+ }
+ for (const auto &component: components)
+ {
+ if (component.name () && !strcmp (component.name (), "gpg"))
+ {
+ for (const auto &option: component.options ())
+ {
+ if (option.name () && !strcmp (option.name (), "compliance") &&
+ option.currentValue ().stringValue () &&
+ !stricmp (option.currentValue ().stringValue (), "de-vs"))
+ {
+ log_debug ("%s:%s: Detected de-vs mode",
+ SRCNAME, __func__);
+ checked = true;
+ vs_mode = true;
+ return vs_mode;
+ }
+ }
+ checked = true;
+ vs_mode = false;
+ return vs_mode;
+ }
+ }
+ checked = true;
+ vs_mode = false;
+ return false;
+}
diff --git a/src/cpphelp.h b/src/cpphelp.h
index 0b60170..bbf68e0 100644
--- a/src/cpphelp.h
+++ b/src/cpphelp.h
@@ -36,4 +36,7 @@ void rtrim(std::string &s);
/* Convert a string vector to a null terminated char array */
char **vector_to_cArray (const std::vector &vec);
+/* Check if we are in de_vs mode. */
+bool in_de_vs_mode ();
+
#endif // CPPHELP_H
diff --git a/src/keycache.cpp b/src/keycache.cpp
new file mode 100644
index 0000000..3907772
--- /dev/null
+++ b/src/keycache.cpp
@@ -0,0 +1,366 @@
+/* @file keycache.cpp
+ * @brief Internal keycache
+ *
+ * Copyright (C) 2018 Intevation GmbH
+ *
+ * This file is part of GpgOL.
+ *
+ * GpgOL is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * GpgOL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, see .
+ */
+
+#include "keycache.h"
+
+#include "common.h"
+#include "cpphelp.h"
+
+#include
+#include
+#include
+
+#include
+
+#include
\n"
msgstr ""
-#: src/mail.cpp:813 src/mail.cpp:2058
+#: src/mail.cpp:820 src/mail.cpp:2006
msgid "Encrypted message"
msgstr "Mensagem encriptada"
-#: src/mail.cpp:814
+#: src/mail.cpp:821
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
"Por favor aguarda enquanto a mensagem est? a ser desencriptada / "
"verificada..."
-#: src/mail.cpp:1088
+#: src/mail.cpp:1095
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
-#: src/mail.cpp:1092
+#: src/mail.cpp:1099
msgid ""
"G Suite Sync breaks outgoing crypto mails with attachments.\n"
"Using crypto and attachments with G Suite Sync is not supported.\n"
@@ -460,7 +460,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1107
+#: src/mail.cpp:1114
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -468,7 +468,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1122
+#: src/mail.cpp:1129
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -478,91 +478,91 @@ msgid ""
"Do you want to only encrypt the message?"
msgstr ""
-#: src/mail.cpp:2003
+#: src/mail.cpp:1951
msgid "Security Level 4"
msgstr "N?vel de seguran?a 4"
-#: src/mail.cpp:2007
+#: src/mail.cpp:1955
msgid "Trust Level 4"
msgstr "N?vel de Confian?a 4"
-#: src/mail.cpp:2011
+#: src/mail.cpp:1959
msgid "Security Level 3"
msgstr "N?vel de Seguran?a 3"
-#: src/mail.cpp:2015
+#: src/mail.cpp:1963
msgid "Trust Level 3"
msgstr "N?vel de Confian?a 3"
-#: src/mail.cpp:2019
+#: src/mail.cpp:1967
msgid "Security Level 2"
msgstr "N?vel de Seguran?a 2"
-#: src/mail.cpp:2023
+#: src/mail.cpp:1971
msgid "Trust Level 2"
msgstr "N?vel de Confian?a 2"
-#: src/mail.cpp:2027
+#: src/mail.cpp:1975
msgid "Encrypted"
msgstr "Encriptada"
-#: src/mail.cpp:2036 src/mail.cpp:2038 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr "Insegura"
-#: src/mail.cpp:2050
+#: src/mail.cpp:1998
msgid "Signed and encrypted message"
msgstr "Mensagem assinada e encriptada"
-#: src/mail.cpp:2054
+#: src/mail.cpp:2002
msgid "Signed message"
msgstr "Mensagem assinada"
-#: src/mail.cpp:2061 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
msgid "Insecure message"
msgstr "Mensagem insegura"
-#: src/mail.cpp:2072 src/mail.cpp:2083
+#: src/mail.cpp:2020 src/mail.cpp:2031
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
"N?o podes ter a certeza de quem enviou, modificou e leu a mensagem em "
"tr?nsito."
-#: src/mail.cpp:2075
+#: src/mail.cpp:2023
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2041
msgid "The encryption was VS-NfD-compliant."
msgstr "A encripta??o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2097
+#: src/mail.cpp:2045
msgid "The encryption was not VS-NfD-compliant."
msgstr "A encripta??o n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2101
+#: src/mail.cpp:2049
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
"N?o podes ter certeza de quem enviou a mensagem, porque n?o est? assinada."
-#: src/mail.cpp:2124
+#: src/mail.cpp:2072
msgid "You signed this message."
msgstr "Assinaste esta mensagem."
-#: src/mail.cpp:2128
+#: src/mail.cpp:2076
msgid "The senders identity was certified by yourself."
msgstr "A identidade dos remetentes foi certificada por ti pr?prio."
-#: src/mail.cpp:2132
+#: src/mail.cpp:2080
msgid "The sender is allowed to certify identities for you."
msgstr "O remetente pode certificar identidades para ti."
-#: src/mail.cpp:2145
+#: src/mail.cpp:2093
msgid "The senders identity was certified by several trusted people."
msgstr ""
"A identidade dos remetentes foi certificada por v?rias pessoas confi?veis."
-#: src/mail.cpp:2150
+#: src/mail.cpp:2098
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
@@ -571,11 +571,11 @@ msgstr ""
"A identidade dos remetentes ? certificada pelo emissor confi?vel:\n"
"'%s'\n"
-#: src/mail.cpp:2158
+#: src/mail.cpp:2106
msgid "Some trusted people have certified the senders identity."
msgstr "Algumas pessoas confi?veis certificaram a identidade dos remetentes."
-#: src/mail.cpp:2168
+#: src/mail.cpp:2116
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -586,11 +586,11 @@ msgstr ""
"comunica??o com este endere?o desde %s.\n"
"Encriptaste %i e verificaste %i mensagens desde ent?o."
-#: src/mail.cpp:2184
+#: src/mail.cpp:2132
msgid "The senders signature was verified for the first time."
msgstr "A assinatura dos remetentes foi verificada pela primeira vez."
-#: src/mail.cpp:2191
+#: src/mail.cpp:2139
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
@@ -599,68 +599,68 @@ msgstr ""
"O endere?o dos remetentes ainda n?o ? confi?vel porque apenas verificaste %i "
"mensagens e encriptaste %i mensagens a eles desde %s."
-#: src/mail.cpp:2205
+#: src/mail.cpp:2153
msgid "But the sender address is not trustworthy because:"
msgstr "Mas o endere?o do remetente n?o ? confi?vel porque:"
-#: src/mail.cpp:2206
+#: src/mail.cpp:2154
msgid "The sender address is not trustworthy because:"
msgstr "O endere?o do remetente n?o ? confi?vel porque:"
-#: src/mail.cpp:2214
+#: src/mail.cpp:2162
msgid "The signature is invalid: \n"
msgstr "A assinatura ? inv?lida: \n"
-#: src/mail.cpp:2219
+#: src/mail.cpp:2167
msgid "There was an error verifying the signature.\n"
msgstr "Houve um erro ao verificar a assinatura.\n"
-#: src/mail.cpp:2223
+#: src/mail.cpp:2171
msgid "The signature is expired.\n"
msgstr "A assinatura expirou.\n"
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
msgid "The used key"
msgstr "A chave usada"
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
msgid "The used certificate"
msgstr "O certificado usado"
-#: src/mail.cpp:2235
+#: src/mail.cpp:2183
msgid "is not available."
msgstr "n?o est? dispon?vel."
-#: src/mail.cpp:2239
+#: src/mail.cpp:2187
msgid "is revoked."
msgstr "est? revogado."
-#: src/mail.cpp:2243
+#: src/mail.cpp:2191
msgid "is expired."
msgstr "expirou."
-#: src/mail.cpp:2247
+#: src/mail.cpp:2195
msgid "is not meant for signing."
msgstr "n?o ? destinado a assinar."
-#: src/mail.cpp:2251 src/mail.cpp:2255
+#: src/mail.cpp:2199 src/mail.cpp:2203
msgid "could not be checked for revocation."
msgstr "n?o pode ser verificado para revoga??o."
-#: src/mail.cpp:2260
+#: src/mail.cpp:2208
msgid "is not the same as the key that was used for this address in the past."
msgstr "n?o ? o mesmo que a chave usada para este endere?o no passado."
-#: src/mail.cpp:2266
+#: src/mail.cpp:2214
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr "n?o reivindica o endere?o: \"%s\"."
-#: src/mail.cpp:2279
+#: src/mail.cpp:2227
msgid "is not certified by any trustworthy key."
msgstr "n?o est? certificado por qualquer chave confi?vel."
-#: src/mail.cpp:2283
+#: src/mail.cpp:2231
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
@@ -668,58 +668,58 @@ msgstr ""
"n?o est? certificado por uma Autoridade de Certifica??o confi?vel ou a "
"Autoridade de Certifica??o ? desconhecida."
-#: src/mail.cpp:2288
+#: src/mail.cpp:2236
msgid "The sender marked this address as revoked."
msgstr "O remetente marcou este endere?o como revogado."
-#: src/mail.cpp:2292
+#: src/mail.cpp:2240
msgid "is marked as not trustworthy."
msgstr "est? marcado como n?o confi?vel."
-#: src/mail.cpp:2302
+#: src/mail.cpp:2250
msgid "The signature is VS-NfD-compliant."
msgstr "A assinatura est? em conformidade com VS-NfD."
-#: src/mail.cpp:2306
+#: src/mail.cpp:2254
msgid "The signature is not VS-NfD-compliant."
msgstr "A assinatura n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2314
+#: src/mail.cpp:2262
msgid "The encryption is VS-NfD-compliant."
msgstr "A encripta??o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2318
+#: src/mail.cpp:2266
msgid "The encryption is not VS-NfD-compliant."
msgstr "A encripta??o n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2329
+#: src/mail.cpp:2277
msgid "Click here to change the key used for this address."
msgstr "Clica aqui para alterar a chave usada para este endere?o."
-#: src/mail.cpp:2333
+#: src/mail.cpp:2281
msgid "Click here for details about the key."
msgstr "Clica aqui para obter detalhes sobre a chave."
-#: src/mail.cpp:2334
+#: src/mail.cpp:2282
msgid "Click here for details about the certificate."
msgstr "Clica aqui para obter detalhes sobre o certificado."
-#: src/mail.cpp:2338
+#: src/mail.cpp:2286
msgid "Click here to search the key on the configured keyserver."
msgstr "Clica aqui para localizar a chave no servidor de chaves configurado."
-#: src/mail.cpp:2339
+#: src/mail.cpp:2287
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
"Clica aqui para localizar o certificado no servidor de chaves X509 "
"configurado."
-#: src/mail.cpp:2567
+#: src/mail.cpp:2515
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "GpgOL: Mensagem Encriptada"
-#: src/mail.cpp:2569
+#: src/mail.cpp:2517
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
diff --git a/po/sv.po b/po/sv.po
index 9f99ae6..b5c5ad4 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GPGol\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-05 14:35+0100\n"
+"POT-Creation-Date: 2018-03-06 15:25+0100\n"
"PO-Revision-Date: 2006-12-12 23:52+0100\n"
"Last-Translator: Daniel Nylander \n"
"Language-Team: Swedish \n"
@@ -164,12 +164,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr ""
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1743 src/mail.cpp:1814
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "Dekryptera och validera meddelandet."
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1744 src/mail.cpp:1815
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -398,11 +398,11 @@ msgstr ""
msgid "GpgOL Warning"
msgstr ""
-#: src/mail.cpp:804
+#: src/mail.cpp:811
msgid "Pubkey directory confirmation"
msgstr ""
-#: src/mail.cpp:805
+#: src/mail.cpp:812
msgid ""
"This is a confirmation request to publish your Pubkey in the directory for "
"your domain.\n"
@@ -411,20 +411,20 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:813 src/mail.cpp:2058
+#: src/mail.cpp:820 src/mail.cpp:2006
#, fuzzy
msgid "Encrypted message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:814
+#: src/mail.cpp:821
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1088
+#: src/mail.cpp:1095
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
-#: src/mail.cpp:1092
+#: src/mail.cpp:1099
msgid ""
"G Suite Sync breaks outgoing crypto mails with attachments.\n"
"Using crypto and attachments with G Suite Sync is not supported.\n"
@@ -432,7 +432,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1107
+#: src/mail.cpp:1114
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -440,7 +440,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1122
+#: src/mail.cpp:1129
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -450,105 +450,105 @@ msgid ""
"Do you want to only encrypt the message?"
msgstr ""
-#: src/mail.cpp:2003
+#: src/mail.cpp:1951
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:2007
+#: src/mail.cpp:1955
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:2011
+#: src/mail.cpp:1959
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:2015
+#: src/mail.cpp:1963
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:2019
+#: src/mail.cpp:1967
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1971
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:2027
+#: src/mail.cpp:1975
#, fuzzy
msgid "Encrypted"
msgstr "Kryptering"
-#: src/mail.cpp:2036 src/mail.cpp:2038 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:2050
+#: src/mail.cpp:1998
#, fuzzy
msgid "Signed and encrypted message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2054
+#: src/mail.cpp:2002
#, fuzzy
msgid "Signed message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2061 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2072 src/mail.cpp:2083
+#: src/mail.cpp:2020 src/mail.cpp:2031
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2075
+#: src/mail.cpp:2023
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2041
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2097
+#: src/mail.cpp:2045
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2101
+#: src/mail.cpp:2049
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2124
+#: src/mail.cpp:2072
#, fuzzy
msgid "You signed this message."
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2128
+#: src/mail.cpp:2076
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2080
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2145
+#: src/mail.cpp:2093
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2150
+#: src/mail.cpp:2098
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2158
+#: src/mail.cpp:2106
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2168
+#: src/mail.cpp:2116
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -556,142 +556,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2184
+#: src/mail.cpp:2132
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2139
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2205
+#: src/mail.cpp:2153
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2206
+#: src/mail.cpp:2154
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2162
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2219
+#: src/mail.cpp:2167
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2223
+#: src/mail.cpp:2171
#, fuzzy
msgid "The signature is expired.\n"
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
#, fuzzy
msgid "The used certificate"
msgstr "Validering"
-#: src/mail.cpp:2235
+#: src/mail.cpp:2183
#, fuzzy
msgid "is not available."
msgstr "Sp?rrlistan ?r inte tillg?nglig\n"
-#: src/mail.cpp:2239
+#: src/mail.cpp:2187
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2243
+#: src/mail.cpp:2191
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2247
+#: src/mail.cpp:2195
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2251 src/mail.cpp:2255
+#: src/mail.cpp:2199 src/mail.cpp:2203
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2260
+#: src/mail.cpp:2208
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2266
+#: src/mail.cpp:2214
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2279
+#: src/mail.cpp:2227
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2283
+#: src/mail.cpp:2231
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2288
+#: src/mail.cpp:2236
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2292
+#: src/mail.cpp:2240
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2302
+#: src/mail.cpp:2250
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2306
+#: src/mail.cpp:2254
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2314
+#: src/mail.cpp:2262
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2318
+#: src/mail.cpp:2266
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2329
+#: src/mail.cpp:2277
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2333
+#: src/mail.cpp:2281
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2334
+#: src/mail.cpp:2282
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2338
+#: src/mail.cpp:2286
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2339
+#: src/mail.cpp:2287
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2567
+#: src/mail.cpp:2515
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2569
+#: src/mail.cpp:2517
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
diff --git a/po/zh_CN.po b/po/zh_CN.po
index 4daba20..bf3b05b 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-05 14:35+0100\n"
+"POT-Creation-Date: 2018-03-06 15:25+0100\n"
"PO-Revision-Date: 2015-08-15 21:58+0800\n"
"Last-Translator: Mingye Wang (Arthur2e5) \n"
"Language-Team: \n"
@@ -168,12 +168,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "????????????"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1743 src/mail.cpp:1814
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "????"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1744 src/mail.cpp:1815
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -397,11 +397,11 @@ msgstr ""
msgid "GpgOL Warning"
msgstr ""
-#: src/mail.cpp:804
+#: src/mail.cpp:811
msgid "Pubkey directory confirmation"
msgstr ""
-#: src/mail.cpp:805
+#: src/mail.cpp:812
msgid ""
"This is a confirmation request to publish your Pubkey in the directory for "
"your domain.\n"
@@ -410,20 +410,20 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:813 src/mail.cpp:2058
+#: src/mail.cpp:820 src/mail.cpp:2006
#, fuzzy
msgid "Encrypted message"
msgstr "????"
-#: src/mail.cpp:814
+#: src/mail.cpp:821
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1088
+#: src/mail.cpp:1095
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
-#: src/mail.cpp:1092
+#: src/mail.cpp:1099
msgid ""
"G Suite Sync breaks outgoing crypto mails with attachments.\n"
"Using crypto and attachments with G Suite Sync is not supported.\n"
@@ -431,7 +431,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1107
+#: src/mail.cpp:1114
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -439,7 +439,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1122
+#: src/mail.cpp:1129
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -449,105 +449,105 @@ msgid ""
"Do you want to only encrypt the message?"
msgstr ""
-#: src/mail.cpp:2003
+#: src/mail.cpp:1951
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:2007
+#: src/mail.cpp:1955
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:2011
+#: src/mail.cpp:1959
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:2015
+#: src/mail.cpp:1963
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:2019
+#: src/mail.cpp:1967
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1971
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:2027
+#: src/mail.cpp:1975
#, fuzzy
msgid "Encrypted"
msgstr "??"
-#: src/mail.cpp:2036 src/mail.cpp:2038 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:2050
+#: src/mail.cpp:1998
#, fuzzy
msgid "Signed and encrypted message"
msgstr "????"
-#: src/mail.cpp:2054
+#: src/mail.cpp:2002
#, fuzzy
msgid "Signed message"
msgstr "????"
-#: src/mail.cpp:2061 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "????"
-#: src/mail.cpp:2072 src/mail.cpp:2083
+#: src/mail.cpp:2020 src/mail.cpp:2031
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2075
+#: src/mail.cpp:2023
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2041
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2097
+#: src/mail.cpp:2045
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2101
+#: src/mail.cpp:2049
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2124
+#: src/mail.cpp:2072
#, fuzzy
msgid "You signed this message."
msgstr "????"
-#: src/mail.cpp:2128
+#: src/mail.cpp:2076
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2080
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2145
+#: src/mail.cpp:2093
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2150
+#: src/mail.cpp:2098
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2158
+#: src/mail.cpp:2106
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2168
+#: src/mail.cpp:2116
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -555,142 +555,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2184
+#: src/mail.cpp:2132
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2139
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2205
+#: src/mail.cpp:2153
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2206
+#: src/mail.cpp:2154
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2162
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "????\n"
-#: src/mail.cpp:2219
+#: src/mail.cpp:2167
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2223
+#: src/mail.cpp:2171
#, fuzzy
msgid "The signature is expired.\n"
msgstr "????\n"
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
#, fuzzy
msgid "The used certificate"
msgstr "????"
-#: src/mail.cpp:2235
+#: src/mail.cpp:2183
#, fuzzy
msgid "is not available."
msgstr "???????CRL????\n"
-#: src/mail.cpp:2239
+#: src/mail.cpp:2187
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2243
+#: src/mail.cpp:2191
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2247
+#: src/mail.cpp:2195
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2251 src/mail.cpp:2255
+#: src/mail.cpp:2199 src/mail.cpp:2203
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2260
+#: src/mail.cpp:2208
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2266
+#: src/mail.cpp:2214
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2279
+#: src/mail.cpp:2227
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2283
+#: src/mail.cpp:2231
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2288
+#: src/mail.cpp:2236
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2292
+#: src/mail.cpp:2240
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2302
+#: src/mail.cpp:2250
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2306
+#: src/mail.cpp:2254
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2314
+#: src/mail.cpp:2262
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2318
+#: src/mail.cpp:2266
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2329
+#: src/mail.cpp:2277
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2333
+#: src/mail.cpp:2281
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2334
+#: src/mail.cpp:2282
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2338
+#: src/mail.cpp:2286
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2339
+#: src/mail.cpp:2287
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2567
+#: src/mail.cpp:2515
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "????"
-#: src/mail.cpp:2569
+#: src/mail.cpp:2517
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
diff --git a/po/zh_TW.po b/po/zh_TW.po
index ea7e1a7..8b9f530 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-05 14:35+0100\n"
+"POT-Creation-Date: 2018-03-06 15:25+0100\n"
"PO-Revision-Date: 2015-08-15 21:58+0800\n"
"Last-Translator: Mingye Wang (Arthur2e5) \n"
"Language-Team: \n"
@@ -168,12 +168,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "????????????"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1743 src/mail.cpp:1814
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "????"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1744 src/mail.cpp:1815
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -397,11 +397,11 @@ msgstr ""
msgid "GpgOL Warning"
msgstr ""
-#: src/mail.cpp:804
+#: src/mail.cpp:811
msgid "Pubkey directory confirmation"
msgstr ""
-#: src/mail.cpp:805
+#: src/mail.cpp:812
msgid ""
"This is a confirmation request to publish your Pubkey in the directory for "
"your domain.\n"
@@ -410,20 +410,20 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:813 src/mail.cpp:2058
+#: src/mail.cpp:820 src/mail.cpp:2006
#, fuzzy
msgid "Encrypted message"
msgstr "????"
-#: src/mail.cpp:814
+#: src/mail.cpp:821
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1088
+#: src/mail.cpp:1095
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
-#: src/mail.cpp:1092
+#: src/mail.cpp:1099
msgid ""
"G Suite Sync breaks outgoing crypto mails with attachments.\n"
"Using crypto and attachments with G Suite Sync is not supported.\n"
@@ -431,7 +431,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1107
+#: src/mail.cpp:1114
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -439,7 +439,7 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1122
+#: src/mail.cpp:1129
msgid ""
"G Suite Sync breaks outgoing signed mails.\n"
"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
@@ -449,105 +449,105 @@ msgid ""
"Do you want to only encrypt the message?"
msgstr ""
-#: src/mail.cpp:2003
+#: src/mail.cpp:1951
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:2007
+#: src/mail.cpp:1955
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:2011
+#: src/mail.cpp:1959
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:2015
+#: src/mail.cpp:1963
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:2019
+#: src/mail.cpp:1967
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1971
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:2027
+#: src/mail.cpp:1975
#, fuzzy
msgid "Encrypted"
msgstr "??"
-#: src/mail.cpp:2036 src/mail.cpp:2038 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:2050
+#: src/mail.cpp:1998
#, fuzzy
msgid "Signed and encrypted message"
msgstr "????"
-#: src/mail.cpp:2054
+#: src/mail.cpp:2002
#, fuzzy
msgid "Signed message"
msgstr "????"
-#: src/mail.cpp:2061 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "????"
-#: src/mail.cpp:2072 src/mail.cpp:2083
+#: src/mail.cpp:2020 src/mail.cpp:2031
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2075
+#: src/mail.cpp:2023
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2041
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2097
+#: src/mail.cpp:2045
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2101
+#: src/mail.cpp:2049
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2124
+#: src/mail.cpp:2072
#, fuzzy
msgid "You signed this message."
msgstr "????"
-#: src/mail.cpp:2128
+#: src/mail.cpp:2076
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2080
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2145
+#: src/mail.cpp:2093
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2150
+#: src/mail.cpp:2098
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2158
+#: src/mail.cpp:2106
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2168
+#: src/mail.cpp:2116
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -555,142 +555,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2184
+#: src/mail.cpp:2132
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2139
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2205
+#: src/mail.cpp:2153
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2206
+#: src/mail.cpp:2154
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2162
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "????\n"
-#: src/mail.cpp:2219
+#: src/mail.cpp:2167
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2223
+#: src/mail.cpp:2171
#, fuzzy
msgid "The signature is expired.\n"
msgstr "????\n"
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2175
#, fuzzy
msgid "The used certificate"
msgstr "????"
-#: src/mail.cpp:2235
+#: src/mail.cpp:2183
#, fuzzy
msgid "is not available."
msgstr "???????CRL????\n"
-#: src/mail.cpp:2239
+#: src/mail.cpp:2187
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2243
+#: src/mail.cpp:2191
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2247
+#: src/mail.cpp:2195
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2251 src/mail.cpp:2255
+#: src/mail.cpp:2199 src/mail.cpp:2203
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2260
+#: src/mail.cpp:2208
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2266
+#: src/mail.cpp:2214
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2279
+#: src/mail.cpp:2227
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2283
+#: src/mail.cpp:2231
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2288
+#: src/mail.cpp:2236
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2292
+#: src/mail.cpp:2240
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2302
+#: src/mail.cpp:2250
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2306
+#: src/mail.cpp:2254
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2314
+#: src/mail.cpp:2262
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2318
+#: src/mail.cpp:2266
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2329
+#: src/mail.cpp:2277
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2333
+#: src/mail.cpp:2281
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2334
+#: src/mail.cpp:2282
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2338
+#: src/mail.cpp:2286
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2339
+#: src/mail.cpp:2287
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2567
+#: src/mail.cpp:2515
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "????"
-#: src/mail.cpp:2569
+#: src/mail.cpp:2517
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
commit 4040b97d6d4177ed64765c5666175b09f780a1bd
Author: Andre Heinecke
Date: Wed Mar 7 08:21:36 2018 +0100
Allow Inline for signed & encrypted with GSuite
* src/mail.cpp (Mail::encrypt_sign_start): Relax GSuite checks.
--
We now support clearsigned and signed & encrypted inline mails
thanks to the new crypto architecture.
GnuPG-Bug-Id: T3545
diff --git a/src/mail.cpp b/src/mail.cpp
index db27ee6..aba08d3 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -1091,10 +1091,10 @@ Mail::encrypt_sign_start ()
mapi_release_attach_table (att_table);
/* Check for attachments if we have some abort. */
- wchar_t *w_title = utf8_to_wchar (_(
- "GpgOL: Oops, G Suite Sync account detected"));
if (n_att_usable)
{
+ wchar_t *w_title = utf8_to_wchar (_(
+ "GpgOL: Oops, G Suite Sync account detected"));
wchar_t *msg = utf8_to_wchar (
_("G Suite Sync breaks outgoing crypto mails "
"with attachments.\nUsing crypto and attachments "
@@ -1108,45 +1108,6 @@ Mail::encrypt_sign_start ()
xfree (w_title);
return -1;
}
- if (flags == 2)
- {
- wchar_t *msg = utf8_to_wchar (
- _("G Suite Sync breaks outgoing signed mails.\n"
- "Ensuring mail integrity (signing) with G Suite Sync "
- "is not supported.\n\n"
- "See: https://dev.gnupg.org/T3545 for details."));
- MessageBoxW (window,
- msg,
- w_title,
- MB_ICONINFORMATION|MB_OK);
- xfree (msg);
- xfree (w_title);
- return -1;
- }
- if (flags == 3)
- {
- wchar_t *msg = utf8_to_wchar (
- _("G Suite Sync breaks outgoing signed mails.\n"
- "Ensuring mail integrity (signing) with G Suite Sync "
- "is not supported.\n\n"
- "See: https://dev.gnupg.org/T3545 for details.\n\n"
- "Do you want to only encrypt the message?"));
- if(MessageBoxW (window,
- msg,
- w_title,
- MB_ICONINFORMATION|MB_YESNO) != IDYES)
- {
- xfree (msg);
- xfree (w_title);
- return -1;
- }
- else
- {
- flags = 1;
- }
- xfree (msg);
- }
- xfree (w_title);
}
m_do_inline = m_is_gsuite ? true : opt.inline_pgp;
-----------------------------------------------------------------------
Summary of changes:
po/de.po | 134 +++++++++++++++++++++++++++++------------------------------
po/fr.po | 130 ++++++++++++++++++++++++++++-----------------------------
po/pt.po | 130 ++++++++++++++++++++++++++++-----------------------------
po/sv.po | 130 ++++++++++++++++++++++++++++-----------------------------
po/zh_CN.po | 130 ++++++++++++++++++++++++++++-----------------------------
po/zh_TW.po | 130 ++++++++++++++++++++++++++++-----------------------------
src/mail.cpp | 43 +------------------
7 files changed, 394 insertions(+), 433 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 7 10:06:56 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Wed, 07 Mar 2018 10:06:56 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-8-g7e40c5e
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 7e40c5efbea65c7804b06d62dfcd7f991557bfaa (commit)
from f060cb5c63923d6caec784f65f3bb0aadf52f795 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7e40c5efbea65c7804b06d62dfcd7f991557bfaa
Author: Ben McGinnes
Date: Wed Mar 7 10:28:48 2018 +1100
doc: man page grammar
--
Fixed two grammatical errors: their vs. there and oneself vs. one
(one's self would still be too stilted).
diff --git a/doc/gpg.texi b/doc/gpg.texi
index ddebc69..e3c3662 100644
--- a/doc/gpg.texi
+++ b/doc/gpg.texi
@@ -2213,8 +2213,8 @@ handy in case where an encrypted message contains a bogus key ID.
@opindex skip-hidden-recipients
@opindex no-skip-hidden-recipients
During decryption skip all anonymous recipients. This option helps in
-the case that people use the hidden recipients feature to hide there
-own encrypt-to key from others. If oneself has many secret keys this
+the case that people use the hidden recipients feature to hide their
+own encrypt-to key from others. If one has many secret keys this
may lead to a major annoyance because all keys are tried in turn to
decrypt something which was not really intended for it. The drawback
of this option is that it is currently not possible to decrypt a
-----------------------------------------------------------------------
Summary of changes:
doc/gpg.texi | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 7 10:14:23 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Wed, 07 Mar 2018 10:14:23 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-56-g8a76deb
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 8a76deb11efd7dadfde6e8e7e69fbcd92577982f (commit)
via 5215d58ae2521d81c3db0b45dfbdce01a679acab (commit)
via 8f2c0f4534ea2a07f071f360a63e877f60dc52f2 (commit)
via d4778bb23d0817ee6fbcbe4f0ff0ff0429bf3669 (commit)
from 3a746d5d46ffd7d332dc24fd6a4d24efc5fc1230 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8a76deb11efd7dadfde6e8e7e69fbcd92577982f
Author: Ben McGinnes
Date: Wed Mar 7 20:12:26 2018 +1100
HOWTO update
* removed one bit of whitespace.
* Marked up references to gpgme.h.
* Fixed one spelling error.
* Removed py2.6 from python search order since even if it is
supported, it shouldn't be encouraged.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index b9dc882..1767cd4 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -14,7 +14,7 @@
:CUSTOM_ID: intro
:END:
-Version: 0.0.1-alpha [2018-03-07 Wed]
+Version: 0.0.1-alpha [2018-03-07 Wed]
Author: Ben McGinnes
Author GPG Key: DB4724E6FA4286C92B4E55C4321E4E2373590E5D
@@ -35,7 +35,7 @@ Python bindings to programmatically leverage the GPGME library.
Unlike many modern APIs with which programmers will be more
familiar with these days, the GPGME API is a C API. The API is
intended for use by C coders who would be able to access its
- features by including the gpgme.h header file eith their own C
+ features by including the =gpgme.h= header file eith their own C
source code and then access its functions just as they would any
other C headers.
@@ -56,11 +56,11 @@ Python bindings to programmatically leverage the GPGME library.
provides a more pythonic means of calling these API functions.
The bindings are generated dynamically with SWIG and the copy of
- gpgme.h gemerated when GPGME is compiled.
+ =gpgme.h= generated when GPGME is compiled.
This means that a version of the Python bindings is fundamentally
tied to the exact same version of GPGME used to gemerate that copy
- of gpgme.h.
+ of =gpgme.h=.
** Difference between the Python bindings and other GnuPG Python packages
:PROPERTIES:
@@ -186,7 +186,7 @@ Python bindings to programmatically leverage the GPGME library.
numbers.
For Python 2 it checks for these executables in this order:
- =python=, =python2=, =python2.7= and =python2.6=.
+ =python=, =python2= and =python2.7=.
For Python 3 it checks for these executables in this order:
=python3=, =python3.6=, =python3.5= and =python3.4=.
commit 5215d58ae2521d81c3db0b45dfbdce01a679acab
Author: Ben McGinnes
Date: Wed Mar 7 20:05:21 2018 +1100
GPGME Python bindings HOWTO
* Started work on the GPGME Python bindings HOWTO.
* 1,050 words to begin with at approx. 7.5KB.
* Got as far as installation.
* Includes instruction not to use PyPI for this.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
new file mode 100644
index 0000000..b9dc882
--- /dev/null
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -0,0 +1,221 @@
+#+TITLE: GNU Privacy Guard (GnuPG) Made Easy Python Bindings HOWTO (English)
+
+#+LATEX_COMPILER: xelatex
+#+LATEX_CLASS: article
+#+LATEX_CLASS_OPTIONS: [12pt]
+#+LATEX_HEADER: \usepackage{xltxtra}
+#+LATEX_HEADER: \usepackage[margin=1in]{geometry}
+#+LATEX_HEADER: \setmainfont[Ligatures={Common}]{Times New Roman}
+#+LATEX_HEADER: \author{Ben McGinnes }
+
+
+* Introduction
+ :PROPERTIES:
+ :CUSTOM_ID: intro
+ :END:
+
+Version: 0.0.1-alpha [2018-03-07 Wed]
+Author: Ben McGinnes
+Author GPG Key: DB4724E6FA4286C92B4E55C4321E4E2373590E5D
+
+This document provides basic instruction in how to use the GPGME
+Python bindings to programmatically leverage the GPGME library.
+
+
+* GPGME Concepts
+ :PROPERTIES:
+ :CUSTOM_ID: gpgme-concepts
+ :END:
+
+** A C API
+ :PROPERTIES:
+ :CUSTOM_ID: gpgme-c-api
+ :END:
+
+ Unlike many modern APIs with which programmers will be more
+ familiar with these days, the GPGME API is a C API. The API is
+ intended for use by C coders who would be able to access its
+ features by including the gpgme.h header file eith their own C
+ source code and then access its functions just as they would any
+ other C headers.
+
+ This is a very effective method of gaining complete access to the
+ API and in the most efficient manner possible. It does, however,
+ have the drawback that it cannot be directly used by other
+ languages without some means of providing an interface to those
+ languages. This is where the need for bindings in various
+ languages stems.
+
+** Python bindings
+ :PROPERTIES:
+ :CUSTOM_ID: gpgme-python-bindings
+ :END:
+
+ The Python bindings for GPGME provide a higher level means of
+ accessing the complete feature set of GPGME itself. It also
+ provides a more pythonic means of calling these API functions.
+
+ The bindings are generated dynamically with SWIG and the copy of
+ gpgme.h gemerated when GPGME is compiled.
+
+ This means that a version of the Python bindings is fundamentally
+ tied to the exact same version of GPGME used to gemerate that copy
+ of gpgme.h.
+
+** Difference between the Python bindings and other GnuPG Python packages
+ :PROPERTIES:
+ :CUSTOM_ID: gpgme-python-bindings-diffs
+ :END:
+
+ There have been numerous attempts to add GnuPG support to Python
+ over the years. Some of the most well known are listed here, along
+ with what differentiates them.
+
+*** The python-gnupg package maintained by Vinay Sajip
+ :PROPERTIES:
+ :CUSTOM_ID: diffs-python-gnupg
+ :END:
+
+ This is arguably the most popular means of integrating GPG with
+ Python. The package utilises the =subprocess= module to implement
+ wrappers for the =gpg= and =gpg2= executables normally invoked on
+ the command line (=gpg.exe= and =gpg2.exe= on Windows).
+
+ The popularity of this package stemmed from its ease of use and
+ capability in providing the most commonly required features.
+
+ Unfortunately it has been beset by a number of security issues,
+ most of which stemmed from using unsafe methods of accessing the
+ command line via the =subprocess= calls.
+
+ The python-gnupg package is available under the MIT license.
+
+*** The gnupg package created and maintained by Isis Lovecruft
+ :PROPERTIES:
+ :CUSTOM_ID: diffs-isis-gnupg
+ :END:
+
+ In 2015 Isis Lovecruft from the Tor Project forked and then
+ re-implemented the python-gnupg package as just gnupg. This new
+ package also relied on subprocess to call the =gpg= or =gpg2=
+ binaries, but did so somewhat more securely.
+
+ However the naming and version numbering selected for this package
+ resulted in conflicts with the original python-gnupg and since its
+ functions were called in a different manner, the release of this
+ package also resulted in a great deal of consternation when people
+ installed what they thought was an upgrade that subsequently broke
+ the code relying on it.
+
+ The gnupg package is available under the GNU General Public
+ License version 3.0 (or later).
+
+*** The PyME package maintained by Martin Albrecht
+ :PROPERTIES:
+ :CUSTOM_ID: diffs-pyme
+ :END:
+
+ This package is the origin of these bindings, though they are
+ somewhat different now. For details of when and how the PyME
+ package was folded back into GPGME itself see the [[Short_History.org][Short History]]
+ document in this Python bindings =docs= directory.
+
+ The PyME package was first released in 2002 and was also the first
+ attempt to implement a low level binding to GPGME. In doing so it
+ provided access to considerably more functionality than either the
+ =python-gnupg= or =gnupg= packages.
+
+ The PyME package is only available for Python 2.6 and 2.7.
+
+ Porting the PyME package to Python 3.4 in 2015 is what resulted in
+ it being folded into the GPGME project and the current bindings
+ are the end result of that effort.
+
+ The PyME package is available under the same dual licensing as
+ GPGME itself: the GNU General Public License version 2.0 (or any
+ later version) and the GNU Lesser Public License version 2.1 (or
+ any later version).
+
+
+* GPGME Python bindings installation
+ :PROPERTIES:
+ :CUSTOM_ID: gpgme-python-install
+ :END:
+
+** No PyPI
+ :PROPERTIES:
+ :CUSTOM_ID: do-not-use-pypi
+ :END:
+
+ Most third-party Python packages and modules are available and
+ distributed through the Python Package Installer, known as PyPI.
+
+ Due to the nature of what these bindings are and how they work, it
+ is infeasible to install the GPGME Python bindings in the same way.
+
+** Requirements
+ :PROPERTIES:
+ :CUSTOM_ID: gpgme-python-requirements
+ :END:
+
+ The GPGME Python bindings only have three requirements:
+
+ 1. A suitable version of Python 2 or Python 3. With Python 2 that
+ means Python 2.7 and with Python 3 that means Python 3.4 or
+ higher.
+ 2. SWIG.
+ 3. GPGME itself. Which also means that all of GPGME's dependencies
+ must be installed too.
+
+** Installation
+ :PROPERTIES:
+ :CUSTOM_ID: installation
+ :END:
+
+ Installing the Python bindings is effectively achieved by compiling
+ and installing GPGME itself.
+
+ Once SWIG is installed with Python and all the dependencies for
+ GPGME are installed you only need to confirm that the version(s) of
+ Python you want the bindings installed for are in your =$PATH=.
+
+ By default GPGME will attempt to install the bindings for the most
+ recent or highest version number of Python 2 and Python 3 it
+ detects in =$PATH=. It specifically checks for the =python= and
+ =python3= executabled first and then checks for specific version
+ numbers.
+
+ For Python 2 it checks for these executables in this order:
+ =python=, =python2=, =python2.7= and =python2.6=.
+
+ For Python 3 it checks for these executables in this order:
+ =python3=, =python3.6=, =python3.5= and =python3.4=.
+
+*** Installing GPGME
+ :PROPERTIES:
+ :CUSTOM_ID: install-gpgme
+ :END:
+
+ See the [[../../../README][GPGME README file]] for details of how to install GPGME from
+ source.
+
+
+* Copyright and Licensing
+ :PROPERTIES:
+ :CUSTOM_ID: copyright-and-license
+ :END:
+
+** Copyright (C) The GnuPG Project, 2018
+ :PROPERTIES:
+ :CUSTOM_ID: copyright
+ :END:
+
+ Copyright ? The GnuPG Project, 2018.
+
+** License TBA
+ :PROPERTIES:
+ :CUSTOM_ID: license
+ :END:
+
+ Which license shall we use for these docs, hmm? Gotta be free, so
+ that rules the GFDL out. I'll pick a CC or something later ...
commit 8f2c0f4534ea2a07f071f360a63e877f60dc52f2
Author: Ben McGinnes
Date: Wed Mar 7 19:13:37 2018 +1100
TODO - HOWTO
* Added suv-entry for the new HOWTO being started and, since it has
been started, checked it off.
diff --git a/lang/python/docs/TODO.org b/lang/python/docs/TODO.org
index 9b042d9..4e067df 100644
--- a/lang/python/docs/TODO.org
+++ b/lang/python/docs/TODO.org
@@ -35,7 +35,8 @@
Write a HOWTO style guide for the current Python bindings.
-*** TODO Start python bindings HOWTO
+*** DONE Start python bindings HOWTO
+ CLOSED: [2018-03-07 Wed 18:14]
:PROPERTIES:
:CUSTOM_ID: howto-start
:END:
commit d4778bb23d0817ee6fbcbe4f0ff0ff0429bf3669
Author: Ben McGinnes
Date: Wed Mar 7 17:56:54 2018 +1100
TODO
* Slightly expanded the list.
diff --git a/lang/python/docs/TODO.org b/lang/python/docs/TODO.org
index 9f039d8..9b042d9 100644
--- a/lang/python/docs/TODO.org
+++ b/lang/python/docs/TODO.org
@@ -35,6 +35,11 @@
Write a HOWTO style guide for the current Python bindings.
+*** TODO Start python bindings HOWTO
+ :PROPERTIES:
+ :CUSTOM_ID: howto-start
+ :END:
+
** TODO Documentation SWIG
:PROPERTIES:
:CUSTOM_ID: todo-docs-swig
@@ -94,6 +99,7 @@
available or for which it is too difficult to create proper
bindings.
+
* Project Task Details
:PROPERTIES:
:CUSTOM_ID: detailed-tasks
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 221 ++++++++++++++++++++++++++++++++
lang/python/docs/TODO.org | 7 +
2 files changed, 228 insertions(+)
create mode 100644 lang/python/docs/GPGMEpythonHOWTOen.org
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 7 10:16:59 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Wed, 07 Mar 2018 10:16:59 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-80-g18db01e
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via 18db01ed4915a38622c90c81d16f1b7e812c3917 (commit)
via fde43045b717413d5358f3cc06592a83ebef7805 (commit)
via 6a3fc31f4b02388fb6b7e2ca1e8673303632d002 (commit)
from 808be5a08d8a6f46f9e6eff82e23797ae9ec5343 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 18db01ed4915a38622c90c81d16f1b7e812c3917
Author: Andre Heinecke
Date: Wed Mar 7 10:01:38 2018 +0100
Update translations and fix some german strings
* po: Update.
diff --git a/po/de.po b/po/de.po
index d516fd5..d58fd75 100644
--- a/po/de.po
+++ b/po/de.po
@@ -8,8 +8,8 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL 1.0.0\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-06 15:25+0100\n"
-"PO-Revision-Date: 2018-03-07 08:24+0100\n"
+"POT-Creation-Date: 2018-03-07 10:01+0100\n"
+"PO-Revision-Date: 2018-03-07 08:59+0100\n"
"Last-Translator: Andre Heinecke \n"
"Language-Team: English \n"
"Language: en_US\n"
@@ -175,11 +175,11 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "M?chten Sie diesen Ordner von GpgOL befreien?"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
msgid "GpgOL: Encrypted Message"
msgstr "GpgOL: Verschl?sselte Nachricht"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
msgid "GpgOL: Trusted Sender Address"
msgstr "GpgOL: Vertraute Absenderadresse"
@@ -443,7 +443,7 @@ msgstr ""
"Wenn sie dies nicht angefordert haben, k?nnen Sie diese Mail ignorieren."
"p>\n"
-#: src/mail.cpp:820 src/mail.cpp:2006
+#: src/mail.cpp:820 src/mail.cpp:1967
msgid "Encrypted message"
msgstr "Verschl?sselte Nachricht"
@@ -451,7 +451,7 @@ msgstr "Verschl?sselte Nachricht"
msgid "Please wait while the message is being decrypted / verified..."
msgstr "Bitte warten Sie w?hrend die Nachricht entschl?sselt / gepr?ft wird..."
-#: src/mail.cpp:1095
+#: src/mail.cpp:1097
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr "GpgOL: Oops, G Suite Sync Konto erkannt"
@@ -468,123 +468,93 @@ msgstr ""
"\n"
"Details siehe: https://dev.gnupg.org/T3545"
-#: src/mail.cpp:1114
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details."
-msgstr ""
-"G Suite Sync bricht ausgehende, signierte, Mails.\n"
-"Sicherung der Integrit?t (signieren) wird mit G Suite Sync nicht "
-"unterst?tzt.\n"
-"\n"
-"Details siehe: https://dev.gnupg.org/T3545"
-
-#: src/mail.cpp:1129
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details.\n"
-"\n"
-"Do you want to only encrypt the message?"
-msgstr ""
-"G Suite Sync bricht ausgehende, signierte, Mails.\n"
-"Sicherung der Integrit?t (signieren) wird mit G Suite Sync nicht "
-"unterst?tzt.\n"
-"\n"
-"Details siehe: https://dev.gnupg.org/T3545\n"
-"\n"
-"M?chten Sie die Nachricht nur verschl?sseln?"
-
-#: src/mail.cpp:1951
+#: src/mail.cpp:1912
msgid "Security Level 4"
msgstr "Sicherheit Stufe 4"
-#: src/mail.cpp:1955
+#: src/mail.cpp:1916
msgid "Trust Level 4"
msgstr "Vertrauen Stufe 4"
-#: src/mail.cpp:1959
+#: src/mail.cpp:1920
msgid "Security Level 3"
msgstr "Sicherheit Stufe 3"
-#: src/mail.cpp:1963
+#: src/mail.cpp:1924
msgid "Trust Level 3"
msgstr "Vertrauen Stufe 3"
-#: src/mail.cpp:1967
+#: src/mail.cpp:1928
msgid "Security Level 2"
msgstr "Sicherheit Stufe 2"
-#: src/mail.cpp:1971
+#: src/mail.cpp:1932
msgid "Trust Level 2"
msgstr "Vertrauen Stufe 2"
-#: src/mail.cpp:1975
+#: src/mail.cpp:1936
msgid "Encrypted"
msgstr "Verschl?sselt"
-#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr "Unsicher"
-#: src/mail.cpp:1998
+#: src/mail.cpp:1959
msgid "Signed and encrypted message"
msgstr "Signierte und verschl?sselte Nachricht"
-#: src/mail.cpp:2002
+#: src/mail.cpp:1963
msgid "Signed message"
msgstr "Signierte Nachricht"
-#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
msgid "Insecure message"
msgstr "Unsichere Nachricht"
-#: src/mail.cpp:2020 src/mail.cpp:2031
+#: src/mail.cpp:1981 src/mail.cpp:1992
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
"Sie k?nnen nicht sicher sein wer die Nachricht gesendet, modifiziert oder "
"w?hrend der ?bertragung gelesen hat."
-#: src/mail.cpp:2023
+#: src/mail.cpp:1984
msgid "The message was signed but the verification failed with:"
msgstr "Die Nachricht ist signiert aber die ?berpr?fung schlug fehl mit:"
-#: src/mail.cpp:2041
+#: src/mail.cpp:2002
msgid "The encryption was VS-NfD-compliant."
msgstr "Diese Verschl?sselung war VS-NfD-konform."
-#: src/mail.cpp:2045
+#: src/mail.cpp:2006
msgid "The encryption was not VS-NfD-compliant."
msgstr "Diese Verschl?sselung war nicht VS-NfD-konform."
-#: src/mail.cpp:2049
+#: src/mail.cpp:2010
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
"Aber Sie k?nnen nicht sicher sein wer der Absender der Nachricht ist da "
"diese nicht signiert wurde. "
-#: src/mail.cpp:2072
+#: src/mail.cpp:2033
msgid "You signed this message."
msgstr "Sie haben diese Nachricht signiert."
-#: src/mail.cpp:2076
+#: src/mail.cpp:2037
msgid "The senders identity was certified by yourself."
msgstr "Die Idenit?t des Absenders wurde von ihnen selbst beglaubigt."
-#: src/mail.cpp:2080
+#: src/mail.cpp:2041
msgid "The sender is allowed to certify identities for you."
msgstr "Der Absender ist berechtigt f?r Sie Identit?ten zu beglaubigen."
-#: src/mail.cpp:2093
+#: src/mail.cpp:2054
msgid "The senders identity was certified by several trusted people."
msgstr ""
"Die Identit?t des Absenders wurde von mehreren vertrauensw?rdigen Personen "
"beglaubigt."
-#: src/mail.cpp:2098
+#: src/mail.cpp:2059
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
@@ -593,12 +563,12 @@ msgstr ""
"Die Idenit?t des Absenders wurde best?tigt von:\n"
"'%s'\n"
-#: src/mail.cpp:2106
+#: src/mail.cpp:2067
msgid "Some trusted people have certified the senders identity."
msgstr ""
"Einige vertrauensw?rde Personen haben die Identit?t des Absenders beglaubigt."
-#: src/mail.cpp:2116
+#: src/mail.cpp:2077
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -610,11 +580,11 @@ msgstr ""
"Seit %s haben Sie %i Nachrichten an diesen Absender verschl?sselt und %i "
"Signaturen gepr?ft."
-#: src/mail.cpp:2132
+#: src/mail.cpp:2093
msgid "The senders signature was verified for the first time."
msgstr "The Signatur des Absenders wurde das erste mal verifiziert."
-#: src/mail.cpp:2139
+#: src/mail.cpp:2100
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
@@ -624,70 +594,70 @@ msgstr ""
"Nachrichten von diesem absender verifziert und %i Nachrichten verschl?ssel "
"haben. Seit dem %s."
-#: src/mail.cpp:2153
+#: src/mail.cpp:2114
msgid "But the sender address is not trustworthy because:"
msgstr "Aber die Absenderadresse ist nicht vertrauensw?rdig da:"
-#: src/mail.cpp:2154
+#: src/mail.cpp:2115
msgid "The sender address is not trustworthy because:"
msgstr "Die Absenderadresse ist nicht vertrauensw?rdig da:"
-#: src/mail.cpp:2162
+#: src/mail.cpp:2123
msgid "The signature is invalid: \n"
msgstr "Die Signatur ist ung?ltig: \n"
-#: src/mail.cpp:2167
+#: src/mail.cpp:2128
msgid "There was an error verifying the signature.\n"
msgstr "Beim ?berpr?fen der Signatur ist ein Fehler aufgetreten.\n"
-#: src/mail.cpp:2171
+#: src/mail.cpp:2132
msgid "The signature is expired.\n"
msgstr "Die Signatur ist abgelaufen.\n"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used key"
msgstr "Der verwendete Schl?ssel"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used certificate"
msgstr "Das verwendete Zertifikat"
-#: src/mail.cpp:2183
+#: src/mail.cpp:2144
msgid "is not available."
msgstr "ist nicht verf?gbar."
-#: src/mail.cpp:2187
+#: src/mail.cpp:2148
msgid "is revoked."
msgstr "wurde zur?ckgezogen."
-#: src/mail.cpp:2191
+#: src/mail.cpp:2152
msgid "is expired."
msgstr "ist veraltet. "
-#: src/mail.cpp:2195
+#: src/mail.cpp:2156
msgid "is not meant for signing."
msgstr "ist nicht zum signieren vorgesehen. "
-#: src/mail.cpp:2199 src/mail.cpp:2203
+#: src/mail.cpp:2160 src/mail.cpp:2164
msgid "could not be checked for revocation."
msgstr "wurde m?glicherweise zur?ckgezogen."
-#: src/mail.cpp:2208
+#: src/mail.cpp:2169
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
"ist nicht der gleiche Schl?ssel der in der vergangenheit f?r diese Adresse "
"verwendet wurde."
-#: src/mail.cpp:2214
+#: src/mail.cpp:2175
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr "passt nicht zu der mailaddresse: \"%s\". "
-#: src/mail.cpp:2227
+#: src/mail.cpp:2188
msgid "is not certified by any trustworthy key."
msgstr "wurde von keinem vertrauensw?rdigen Schl?ssel beglaubigt."
-#: src/mail.cpp:2231
+#: src/mail.cpp:2192
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
@@ -695,59 +665,59 @@ msgstr ""
"wurde von keiner vertrauensw?rdigen Zertifizierungsstelle beglaubigt oder "
"die Zertifizierungsstelle ist unbekannt."
-#: src/mail.cpp:2236
+#: src/mail.cpp:2197
msgid "The sender marked this address as revoked."
msgstr "Der Absender hat diese Adresse zur?ckgezogen."
-#: src/mail.cpp:2240
+#: src/mail.cpp:2201
msgid "is marked as not trustworthy."
msgstr "ist als nicht vertrauensw?rdig markiert."
-#: src/mail.cpp:2250
+#: src/mail.cpp:2211
msgid "The signature is VS-NfD-compliant."
msgstr "Die Signatur ist VS-NfD-konform."
-#: src/mail.cpp:2254
+#: src/mail.cpp:2215
msgid "The signature is not VS-NfD-compliant."
msgstr "Die Signatur ist nicht VS-NfD-konform."
-#: src/mail.cpp:2262
+#: src/mail.cpp:2223
msgid "The encryption is VS-NfD-compliant."
msgstr "Diese Verschl?sselung ist VS-NfD-konform."
-#: src/mail.cpp:2266
+#: src/mail.cpp:2227
msgid "The encryption is not VS-NfD-compliant."
msgstr "Diese Verschl?sselung ist nicht VS-NfD-konform."
-#: src/mail.cpp:2277
+#: src/mail.cpp:2238
msgid "Click here to change the key used for this address."
msgstr "Klicken Sie hier um den Schl?ssel f?r diese Adresse zu ?ndern."
-#: src/mail.cpp:2281
+#: src/mail.cpp:2242
msgid "Click here for details about the key."
msgstr "Klicken Sie hier f?r Details zu dem Schl?ssel"
-#: src/mail.cpp:2282
+#: src/mail.cpp:2243
msgid "Click here for details about the certificate."
msgstr "Klicken Sie hier f?r Details zu dem Zertifiakt."
-#: src/mail.cpp:2286
+#: src/mail.cpp:2247
msgid "Click here to search the key on the configured keyserver."
msgstr ""
"Klicken Sie hier um den Schl?ssel auf dem konfigurierten Schl?sselserver zu "
"suchen. "
-#: src/mail.cpp:2287
+#: src/mail.cpp:2248
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
"Klicken Sie hier um das Zertifikat auf dem konfigurierten X509 "
"Schl?sselserver zu suchen."
-#: src/mail.cpp:2515
+#: src/mail.cpp:2476
msgid "GpgOL: Encryption not possible!"
msgstr "GpgOL: Verschl?sselung nicht m?glich!"
-#: src/mail.cpp:2517
+#: src/mail.cpp:2478
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -1198,6 +1168,50 @@ msgstr ""
msgid "GpgOL: Request confirmed!"
msgstr "GpgOL: Eintragung best?tigt."
+#: src/cryptcontroller.cpp:394
+msgid "Resolving recipients..."
+msgstr "Empf?nger aufl?sen..."
+
+#: src/cryptcontroller.cpp:398
+msgid "Resolving signers..."
+msgstr "Signierer aufl?sen..."
+
+#: src/cryptcontroller.cpp:994
+msgid "Encrypting..."
+msgstr "Verschl?sseln..."
+
+#: src/cryptcontroller.cpp:998
+msgid "Signing..."
+msgstr "Signieren..."
+
+#~ msgid ""
+#~ "G Suite Sync breaks outgoing signed mails.\n"
+#~ "Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
+#~ "\n"
+#~ "See: https://dev.gnupg.org/T3545 for details."
+#~ msgstr ""
+#~ "G Suite Sync bricht ausgehende, signierte, Mails.\n"
+#~ "Sicherung der Integrit?t (signieren) wird mit G Suite Sync nicht "
+#~ "unterst?tzt.\n"
+#~ "\n"
+#~ "Details siehe: https://dev.gnupg.org/T3545"
+
+#~ msgid ""
+#~ "G Suite Sync breaks outgoing signed mails.\n"
+#~ "Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
+#~ "\n"
+#~ "See: https://dev.gnupg.org/T3545 for details.\n"
+#~ "\n"
+#~ "Do you want to only encrypt the message?"
+#~ msgstr ""
+#~ "G Suite Sync bricht ausgehende, signierte, Mails.\n"
+#~ "Sicherung der Integrit?t (signieren) wird mit G Suite Sync nicht "
+#~ "unterst?tzt.\n"
+#~ "\n"
+#~ "Details siehe: https://dev.gnupg.org/T3545\n"
+#~ "\n"
+#~ "M?chten Sie die Nachricht nur verschl?sseln?"
+
#~ msgid "&Search for OpenPGP keys automatically when encrypting"
#~ msgstr "OpenPGP-&Schl?ssel zum verschl?sseln automatisch suchen"
@@ -1344,9 +1358,6 @@ msgstr "GpgOL: Eintragung best?tigt."
#~ "\n"
#~ "Die Nachricht wird deswegen nicht f?r dieses Zertifikat verschl?sselt!"
-#~ msgid "Encryption"
-#~ msgstr "Verschl?sselung"
-
#~ msgid "Fingerprint: "
#~ msgstr "Fingerabdruck: "
@@ -1469,9 +1480,6 @@ msgstr "GpgOL: Eintragung best?tigt."
#~ msgid "Validity"
#~ msgstr "G?ltigkeit"
-#~ msgid "Selected recipients:"
-#~ msgstr "Ausgew?hlte Empf?nger:"
-
#~ msgid "Recipient which were NOT found"
#~ msgstr "Empf?nger die NICHT gefunden wurden:"
diff --git a/po/fr.po b/po/fr.po
index 3e9939d..f69b207 100644
--- a/po/fr.po
+++ b/po/fr.po
@@ -6,7 +6,7 @@ msgid ""
msgstr ""
"Project-Id-Version: \n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-06 15:25+0100\n"
+"POT-Creation-Date: 2018-03-07 10:01+0100\n"
"PO-Revision-Date: 2015-10-01 17:05+0200\n"
"Last-Translator: Olivier Serve \n"
"Language-Team: French \n"
@@ -172,12 +172,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "Voulez-vous r?cup?rer ce dossier ?"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "D?chiffrer le message"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -422,7 +422,7 @@ msgid ""
"directory, simply ignore this message.
\n"
msgstr ""
-#: src/mail.cpp:820 src/mail.cpp:2006
+#: src/mail.cpp:820 src/mail.cpp:1967
#, fuzzy
msgid "Encrypted message"
msgstr "D?chiffrer le message"
@@ -431,7 +431,7 @@ msgstr "D?chiffrer le message"
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1095
+#: src/mail.cpp:1097
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
@@ -443,123 +443,105 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1114
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details."
-msgstr ""
-
-#: src/mail.cpp:1129
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details.\n"
-"\n"
-"Do you want to only encrypt the message?"
-msgstr ""
-
-#: src/mail.cpp:1951
+#: src/mail.cpp:1912
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:1955
+#: src/mail.cpp:1916
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:1959
+#: src/mail.cpp:1920
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:1963
+#: src/mail.cpp:1924
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:1967
+#: src/mail.cpp:1928
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:1971
+#: src/mail.cpp:1932
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:1975
+#: src/mail.cpp:1936
#, fuzzy
msgid "Encrypted"
msgstr "Chiffrer"
-#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:1998
+#: src/mail.cpp:1959
#, fuzzy
msgid "Signed and encrypted message"
msgstr "D?chiffrer le message"
-#: src/mail.cpp:2002
+#: src/mail.cpp:1963
#, fuzzy
msgid "Signed message"
msgstr "D?chiffrer le message"
-#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "D?chiffrer le message"
-#: src/mail.cpp:2020 src/mail.cpp:2031
+#: src/mail.cpp:1981 src/mail.cpp:1992
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1984
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2041
+#: src/mail.cpp:2002
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2045
+#: src/mail.cpp:2006
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2049
+#: src/mail.cpp:2010
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2072
+#: src/mail.cpp:2033
#, fuzzy
msgid "You signed this message."
msgstr "D?chiffrer le message"
-#: src/mail.cpp:2076
+#: src/mail.cpp:2037
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2080
+#: src/mail.cpp:2041
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2054
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2098
+#: src/mail.cpp:2059
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2106
+#: src/mail.cpp:2067
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2116
+#: src/mail.cpp:2077
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -567,142 +549,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2093
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2139
+#: src/mail.cpp:2100
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2153
+#: src/mail.cpp:2114
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2154
+#: src/mail.cpp:2115
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2162
+#: src/mail.cpp:2123
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2167
+#: src/mail.cpp:2128
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2171
+#: src/mail.cpp:2132
#, fuzzy
msgid "The signature is expired.\n"
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
#, fuzzy
msgid "The used certificate"
msgstr "Erreur de v?rification"
-#: src/mail.cpp:2183
+#: src/mail.cpp:2144
#, fuzzy
msgid "is not available."
msgstr "La liste de r?vocation (CRL) n'est pas disponible\n"
-#: src/mail.cpp:2187
+#: src/mail.cpp:2148
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2152
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2195
+#: src/mail.cpp:2156
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2199 src/mail.cpp:2203
+#: src/mail.cpp:2160 src/mail.cpp:2164
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2208
+#: src/mail.cpp:2169
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2175
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2188
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2231
+#: src/mail.cpp:2192
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2236
+#: src/mail.cpp:2197
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2240
+#: src/mail.cpp:2201
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2250
+#: src/mail.cpp:2211
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2254
+#: src/mail.cpp:2215
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2262
+#: src/mail.cpp:2223
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2266
+#: src/mail.cpp:2227
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "Cette signature est valide\n"
-#: src/mail.cpp:2277
+#: src/mail.cpp:2238
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2281
+#: src/mail.cpp:2242
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2282
+#: src/mail.cpp:2243
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2286
+#: src/mail.cpp:2247
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2287
+#: src/mail.cpp:2248
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2515
+#: src/mail.cpp:2476
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "D?chiffrer le message"
-#: src/mail.cpp:2517
+#: src/mail.cpp:2478
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -1087,6 +1069,24 @@ msgstr ""
msgid "GpgOL: Request confirmed!"
msgstr ""
+#: src/cryptcontroller.cpp:394
+#, fuzzy
+msgid "Resolving recipients..."
+msgstr "Destinataires s?lectionn?s?:"
+
+#: src/cryptcontroller.cpp:398
+msgid "Resolving signers..."
+msgstr ""
+
+#: src/cryptcontroller.cpp:994
+#, fuzzy
+msgid "Encrypting..."
+msgstr "Chiffrement"
+
+#: src/cryptcontroller.cpp:998
+msgid "Signing..."
+msgstr ""
+
#, fuzzy
#~ msgid ""
#~ "Error creating file\n"
@@ -1164,9 +1164,6 @@ msgstr ""
#~ "\n"
#~ "Ce message ne sera pas chiffr? avec ce certificat ! "
-#~ msgid "Encryption"
-#~ msgstr "Chiffrement"
-
#~ msgid "Fingerprint: "
#~ msgstr "Empreinte : "
@@ -1283,9 +1280,6 @@ msgstr ""
#~ msgid "Validity"
#~ msgstr "Validit?"
-#~ msgid "Selected recipients:"
-#~ msgstr "Destinataires s?lectionn?s?:"
-
#~ msgid "Recipient which were NOT found"
#~ msgstr "Destinataire non trouv?"
diff --git a/po/pt.po b/po/pt.po
index 5bfe6fd..a7208d8 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL 1.1.1\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-06 15:25+0100\n"
+"POT-Creation-Date: 2018-03-07 10:01+0100\n"
"PO-Revision-Date: 2017-10-16 14:17+0100\n"
"Last-Translator: Marco A.G.Pinto \n"
"Language-Team: Portuguese \n"
@@ -175,11 +175,11 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "Queres reverter esta pasta?"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
msgid "GpgOL: Encrypted Message"
msgstr "GpgOL: Mensagem Encriptada"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
msgid "GpgOL: Trusted Sender Address"
msgstr "GpgOL: Endere?o de Remetente Confi?vel"
@@ -438,7 +438,7 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:820 src/mail.cpp:2006
+#: src/mail.cpp:820 src/mail.cpp:1967
msgid "Encrypted message"
msgstr "Mensagem encriptada"
@@ -448,7 +448,7 @@ msgstr ""
"Por favor aguarda enquanto a mensagem est? a ser desencriptada / "
"verificada..."
-#: src/mail.cpp:1095
+#: src/mail.cpp:1097
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
@@ -460,109 +460,91 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1114
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details."
-msgstr ""
-
-#: src/mail.cpp:1129
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details.\n"
-"\n"
-"Do you want to only encrypt the message?"
-msgstr ""
-
-#: src/mail.cpp:1951
+#: src/mail.cpp:1912
msgid "Security Level 4"
msgstr "N?vel de seguran?a 4"
-#: src/mail.cpp:1955
+#: src/mail.cpp:1916
msgid "Trust Level 4"
msgstr "N?vel de Confian?a 4"
-#: src/mail.cpp:1959
+#: src/mail.cpp:1920
msgid "Security Level 3"
msgstr "N?vel de Seguran?a 3"
-#: src/mail.cpp:1963
+#: src/mail.cpp:1924
msgid "Trust Level 3"
msgstr "N?vel de Confian?a 3"
-#: src/mail.cpp:1967
+#: src/mail.cpp:1928
msgid "Security Level 2"
msgstr "N?vel de Seguran?a 2"
-#: src/mail.cpp:1971
+#: src/mail.cpp:1932
msgid "Trust Level 2"
msgstr "N?vel de Confian?a 2"
-#: src/mail.cpp:1975
+#: src/mail.cpp:1936
msgid "Encrypted"
msgstr "Encriptada"
-#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr "Insegura"
-#: src/mail.cpp:1998
+#: src/mail.cpp:1959
msgid "Signed and encrypted message"
msgstr "Mensagem assinada e encriptada"
-#: src/mail.cpp:2002
+#: src/mail.cpp:1963
msgid "Signed message"
msgstr "Mensagem assinada"
-#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
msgid "Insecure message"
msgstr "Mensagem insegura"
-#: src/mail.cpp:2020 src/mail.cpp:2031
+#: src/mail.cpp:1981 src/mail.cpp:1992
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
"N?o podes ter a certeza de quem enviou, modificou e leu a mensagem em "
"tr?nsito."
-#: src/mail.cpp:2023
+#: src/mail.cpp:1984
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2041
+#: src/mail.cpp:2002
msgid "The encryption was VS-NfD-compliant."
msgstr "A encripta??o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2045
+#: src/mail.cpp:2006
msgid "The encryption was not VS-NfD-compliant."
msgstr "A encripta??o n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2049
+#: src/mail.cpp:2010
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
"N?o podes ter certeza de quem enviou a mensagem, porque n?o est? assinada."
-#: src/mail.cpp:2072
+#: src/mail.cpp:2033
msgid "You signed this message."
msgstr "Assinaste esta mensagem."
-#: src/mail.cpp:2076
+#: src/mail.cpp:2037
msgid "The senders identity was certified by yourself."
msgstr "A identidade dos remetentes foi certificada por ti pr?prio."
-#: src/mail.cpp:2080
+#: src/mail.cpp:2041
msgid "The sender is allowed to certify identities for you."
msgstr "O remetente pode certificar identidades para ti."
-#: src/mail.cpp:2093
+#: src/mail.cpp:2054
msgid "The senders identity was certified by several trusted people."
msgstr ""
"A identidade dos remetentes foi certificada por v?rias pessoas confi?veis."
-#: src/mail.cpp:2098
+#: src/mail.cpp:2059
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
@@ -571,11 +553,11 @@ msgstr ""
"A identidade dos remetentes ? certificada pelo emissor confi?vel:\n"
"'%s'\n"
-#: src/mail.cpp:2106
+#: src/mail.cpp:2067
msgid "Some trusted people have certified the senders identity."
msgstr "Algumas pessoas confi?veis certificaram a identidade dos remetentes."
-#: src/mail.cpp:2116
+#: src/mail.cpp:2077
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -586,11 +568,11 @@ msgstr ""
"comunica??o com este endere?o desde %s.\n"
"Encriptaste %i e verificaste %i mensagens desde ent?o."
-#: src/mail.cpp:2132
+#: src/mail.cpp:2093
msgid "The senders signature was verified for the first time."
msgstr "A assinatura dos remetentes foi verificada pela primeira vez."
-#: src/mail.cpp:2139
+#: src/mail.cpp:2100
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
@@ -599,68 +581,68 @@ msgstr ""
"O endere?o dos remetentes ainda n?o ? confi?vel porque apenas verificaste %i "
"mensagens e encriptaste %i mensagens a eles desde %s."
-#: src/mail.cpp:2153
+#: src/mail.cpp:2114
msgid "But the sender address is not trustworthy because:"
msgstr "Mas o endere?o do remetente n?o ? confi?vel porque:"
-#: src/mail.cpp:2154
+#: src/mail.cpp:2115
msgid "The sender address is not trustworthy because:"
msgstr "O endere?o do remetente n?o ? confi?vel porque:"
-#: src/mail.cpp:2162
+#: src/mail.cpp:2123
msgid "The signature is invalid: \n"
msgstr "A assinatura ? inv?lida: \n"
-#: src/mail.cpp:2167
+#: src/mail.cpp:2128
msgid "There was an error verifying the signature.\n"
msgstr "Houve um erro ao verificar a assinatura.\n"
-#: src/mail.cpp:2171
+#: src/mail.cpp:2132
msgid "The signature is expired.\n"
msgstr "A assinatura expirou.\n"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used key"
msgstr "A chave usada"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used certificate"
msgstr "O certificado usado"
-#: src/mail.cpp:2183
+#: src/mail.cpp:2144
msgid "is not available."
msgstr "n?o est? dispon?vel."
-#: src/mail.cpp:2187
+#: src/mail.cpp:2148
msgid "is revoked."
msgstr "est? revogado."
-#: src/mail.cpp:2191
+#: src/mail.cpp:2152
msgid "is expired."
msgstr "expirou."
-#: src/mail.cpp:2195
+#: src/mail.cpp:2156
msgid "is not meant for signing."
msgstr "n?o ? destinado a assinar."
-#: src/mail.cpp:2199 src/mail.cpp:2203
+#: src/mail.cpp:2160 src/mail.cpp:2164
msgid "could not be checked for revocation."
msgstr "n?o pode ser verificado para revoga??o."
-#: src/mail.cpp:2208
+#: src/mail.cpp:2169
msgid "is not the same as the key that was used for this address in the past."
msgstr "n?o ? o mesmo que a chave usada para este endere?o no passado."
-#: src/mail.cpp:2214
+#: src/mail.cpp:2175
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr "n?o reivindica o endere?o: \"%s\"."
-#: src/mail.cpp:2227
+#: src/mail.cpp:2188
msgid "is not certified by any trustworthy key."
msgstr "n?o est? certificado por qualquer chave confi?vel."
-#: src/mail.cpp:2231
+#: src/mail.cpp:2192
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
@@ -668,58 +650,58 @@ msgstr ""
"n?o est? certificado por uma Autoridade de Certifica??o confi?vel ou a "
"Autoridade de Certifica??o ? desconhecida."
-#: src/mail.cpp:2236
+#: src/mail.cpp:2197
msgid "The sender marked this address as revoked."
msgstr "O remetente marcou este endere?o como revogado."
-#: src/mail.cpp:2240
+#: src/mail.cpp:2201
msgid "is marked as not trustworthy."
msgstr "est? marcado como n?o confi?vel."
-#: src/mail.cpp:2250
+#: src/mail.cpp:2211
msgid "The signature is VS-NfD-compliant."
msgstr "A assinatura est? em conformidade com VS-NfD."
-#: src/mail.cpp:2254
+#: src/mail.cpp:2215
msgid "The signature is not VS-NfD-compliant."
msgstr "A assinatura n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2262
+#: src/mail.cpp:2223
msgid "The encryption is VS-NfD-compliant."
msgstr "A encripta??o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2266
+#: src/mail.cpp:2227
msgid "The encryption is not VS-NfD-compliant."
msgstr "A encripta??o n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2277
+#: src/mail.cpp:2238
msgid "Click here to change the key used for this address."
msgstr "Clica aqui para alterar a chave usada para este endere?o."
-#: src/mail.cpp:2281
+#: src/mail.cpp:2242
msgid "Click here for details about the key."
msgstr "Clica aqui para obter detalhes sobre a chave."
-#: src/mail.cpp:2282
+#: src/mail.cpp:2243
msgid "Click here for details about the certificate."
msgstr "Clica aqui para obter detalhes sobre o certificado."
-#: src/mail.cpp:2286
+#: src/mail.cpp:2247
msgid "Click here to search the key on the configured keyserver."
msgstr "Clica aqui para localizar a chave no servidor de chaves configurado."
-#: src/mail.cpp:2287
+#: src/mail.cpp:2248
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
"Clica aqui para localizar o certificado no servidor de chaves X509 "
"configurado."
-#: src/mail.cpp:2515
+#: src/mail.cpp:2476
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "GpgOL: Mensagem Encriptada"
-#: src/mail.cpp:2517
+#: src/mail.cpp:2478
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -1141,6 +1123,24 @@ msgstr ""
msgid "GpgOL: Request confirmed!"
msgstr ""
+#: src/cryptcontroller.cpp:394
+#, fuzzy
+msgid "Resolving recipients..."
+msgstr "Destinat?rios seleccionados:"
+
+#: src/cryptcontroller.cpp:398
+msgid "Resolving signers..."
+msgstr ""
+
+#: src/cryptcontroller.cpp:994
+#, fuzzy
+msgid "Encrypting..."
+msgstr "Encripta??o"
+
+#: src/cryptcontroller.cpp:998
+msgid "Signing..."
+msgstr ""
+
#~ msgid "&Search for OpenPGP keys automatically when encrypting"
#~ msgstr "Procurar as chaves OpenPGP automaticamente ao encriptar"
@@ -1257,9 +1257,6 @@ msgstr ""
#~ "\n"
#~ "Esta mensagem n?o ser? encriptada para este certificado!"
-#~ msgid "Encryption"
-#~ msgstr "Encripta??o"
-
#~ msgid "Fingerprint: "
#~ msgstr "Fingerprint: "
@@ -1379,9 +1376,6 @@ msgstr ""
#~ msgid "Validity"
#~ msgstr "Validade"
-#~ msgid "Selected recipients:"
-#~ msgstr "Destinat?rios seleccionados:"
-
#~ msgid "Recipient which were NOT found"
#~ msgstr "Destinat?rios N?O encontrados"
diff --git a/po/sv.po b/po/sv.po
index b5c5ad4..28f8ce9 100644
--- a/po/sv.po
+++ b/po/sv.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GPGol\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-06 15:25+0100\n"
+"POT-Creation-Date: 2018-03-07 10:01+0100\n"
"PO-Revision-Date: 2006-12-12 23:52+0100\n"
"Last-Translator: Daniel Nylander \n"
"Language-Team: Swedish \n"
@@ -164,12 +164,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr ""
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "Dekryptera och validera meddelandet."
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -411,7 +411,7 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:820 src/mail.cpp:2006
+#: src/mail.cpp:820 src/mail.cpp:1967
#, fuzzy
msgid "Encrypted message"
msgstr "Dekryptera och validera meddelandet."
@@ -420,7 +420,7 @@ msgstr "Dekryptera och validera meddelandet."
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1095
+#: src/mail.cpp:1097
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
@@ -432,123 +432,105 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1114
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details."
-msgstr ""
-
-#: src/mail.cpp:1129
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details.\n"
-"\n"
-"Do you want to only encrypt the message?"
-msgstr ""
-
-#: src/mail.cpp:1951
+#: src/mail.cpp:1912
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:1955
+#: src/mail.cpp:1916
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:1959
+#: src/mail.cpp:1920
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:1963
+#: src/mail.cpp:1924
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:1967
+#: src/mail.cpp:1928
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:1971
+#: src/mail.cpp:1932
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:1975
+#: src/mail.cpp:1936
#, fuzzy
msgid "Encrypted"
msgstr "Kryptering"
-#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:1998
+#: src/mail.cpp:1959
#, fuzzy
msgid "Signed and encrypted message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2002
+#: src/mail.cpp:1963
#, fuzzy
msgid "Signed message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2020 src/mail.cpp:2031
+#: src/mail.cpp:1981 src/mail.cpp:1992
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1984
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2041
+#: src/mail.cpp:2002
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2045
+#: src/mail.cpp:2006
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2049
+#: src/mail.cpp:2010
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2072
+#: src/mail.cpp:2033
#, fuzzy
msgid "You signed this message."
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2076
+#: src/mail.cpp:2037
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2080
+#: src/mail.cpp:2041
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2054
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2098
+#: src/mail.cpp:2059
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2106
+#: src/mail.cpp:2067
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2116
+#: src/mail.cpp:2077
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -556,142 +538,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2093
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2139
+#: src/mail.cpp:2100
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2153
+#: src/mail.cpp:2114
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2154
+#: src/mail.cpp:2115
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2162
+#: src/mail.cpp:2123
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2167
+#: src/mail.cpp:2128
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2171
+#: src/mail.cpp:2132
#, fuzzy
msgid "The signature is expired.\n"
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
#, fuzzy
msgid "The used certificate"
msgstr "Validering"
-#: src/mail.cpp:2183
+#: src/mail.cpp:2144
#, fuzzy
msgid "is not available."
msgstr "Sp?rrlistan ?r inte tillg?nglig\n"
-#: src/mail.cpp:2187
+#: src/mail.cpp:2148
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2152
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2195
+#: src/mail.cpp:2156
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2199 src/mail.cpp:2203
+#: src/mail.cpp:2160 src/mail.cpp:2164
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2208
+#: src/mail.cpp:2169
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2175
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2188
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2231
+#: src/mail.cpp:2192
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2236
+#: src/mail.cpp:2197
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2240
+#: src/mail.cpp:2201
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2250
+#: src/mail.cpp:2211
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2254
+#: src/mail.cpp:2215
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2262
+#: src/mail.cpp:2223
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2266
+#: src/mail.cpp:2227
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "Den h?r signaturen ?r giltig\n"
-#: src/mail.cpp:2277
+#: src/mail.cpp:2238
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2281
+#: src/mail.cpp:2242
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2282
+#: src/mail.cpp:2243
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2286
+#: src/mail.cpp:2247
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2287
+#: src/mail.cpp:2248
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2515
+#: src/mail.cpp:2476
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "Dekryptera och validera meddelandet."
-#: src/mail.cpp:2517
+#: src/mail.cpp:2478
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -1046,6 +1028,23 @@ msgstr ""
msgid "GpgOL: Request confirmed!"
msgstr ""
+#: src/cryptcontroller.cpp:394
+msgid "Resolving recipients..."
+msgstr ""
+
+#: src/cryptcontroller.cpp:398
+msgid "Resolving signers..."
+msgstr ""
+
+#: src/cryptcontroller.cpp:994
+#, fuzzy
+msgid "Encrypting..."
+msgstr "Kryptering"
+
+#: src/cryptcontroller.cpp:998
+msgid "Signing..."
+msgstr ""
+
#, fuzzy
#~ msgid ""
#~ "Error creating file\n"
@@ -1111,9 +1110,6 @@ msgstr ""
#~ "\n"
#~ "Det h?r meddelandet kommer inte att krypteras med den h?r nyckeln!"
-#~ msgid "Encryption"
-#~ msgstr "Kryptering"
-
#~ msgid "Fingerprint: "
#~ msgstr "Fingeravtryck: "
diff --git a/po/zh_CN.po b/po/zh_CN.po
index bf3b05b..c47d904 100644
--- a/po/zh_CN.po
+++ b/po/zh_CN.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-06 15:25+0100\n"
+"POT-Creation-Date: 2018-03-07 10:01+0100\n"
"PO-Revision-Date: 2015-08-15 21:58+0800\n"
"Last-Translator: Mingye Wang (Arthur2e5) \n"
"Language-Team: \n"
@@ -168,12 +168,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "????????????"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "????"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -410,7 +410,7 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:820 src/mail.cpp:2006
+#: src/mail.cpp:820 src/mail.cpp:1967
#, fuzzy
msgid "Encrypted message"
msgstr "????"
@@ -419,7 +419,7 @@ msgstr "????"
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1095
+#: src/mail.cpp:1097
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
@@ -431,123 +431,105 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1114
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details."
-msgstr ""
-
-#: src/mail.cpp:1129
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details.\n"
-"\n"
-"Do you want to only encrypt the message?"
-msgstr ""
-
-#: src/mail.cpp:1951
+#: src/mail.cpp:1912
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:1955
+#: src/mail.cpp:1916
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:1959
+#: src/mail.cpp:1920
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:1963
+#: src/mail.cpp:1924
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:1967
+#: src/mail.cpp:1928
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:1971
+#: src/mail.cpp:1932
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:1975
+#: src/mail.cpp:1936
#, fuzzy
msgid "Encrypted"
msgstr "??"
-#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:1998
+#: src/mail.cpp:1959
#, fuzzy
msgid "Signed and encrypted message"
msgstr "????"
-#: src/mail.cpp:2002
+#: src/mail.cpp:1963
#, fuzzy
msgid "Signed message"
msgstr "????"
-#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "????"
-#: src/mail.cpp:2020 src/mail.cpp:2031
+#: src/mail.cpp:1981 src/mail.cpp:1992
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1984
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2041
+#: src/mail.cpp:2002
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2045
+#: src/mail.cpp:2006
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2049
+#: src/mail.cpp:2010
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2072
+#: src/mail.cpp:2033
#, fuzzy
msgid "You signed this message."
msgstr "????"
-#: src/mail.cpp:2076
+#: src/mail.cpp:2037
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2080
+#: src/mail.cpp:2041
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2054
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2098
+#: src/mail.cpp:2059
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2106
+#: src/mail.cpp:2067
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2116
+#: src/mail.cpp:2077
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -555,142 +537,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2093
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2139
+#: src/mail.cpp:2100
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2153
+#: src/mail.cpp:2114
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2154
+#: src/mail.cpp:2115
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2162
+#: src/mail.cpp:2123
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "????\n"
-#: src/mail.cpp:2167
+#: src/mail.cpp:2128
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2171
+#: src/mail.cpp:2132
#, fuzzy
msgid "The signature is expired.\n"
msgstr "????\n"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
#, fuzzy
msgid "The used certificate"
msgstr "????"
-#: src/mail.cpp:2183
+#: src/mail.cpp:2144
#, fuzzy
msgid "is not available."
msgstr "???????CRL????\n"
-#: src/mail.cpp:2187
+#: src/mail.cpp:2148
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2152
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2195
+#: src/mail.cpp:2156
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2199 src/mail.cpp:2203
+#: src/mail.cpp:2160 src/mail.cpp:2164
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2208
+#: src/mail.cpp:2169
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2175
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2188
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2231
+#: src/mail.cpp:2192
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2236
+#: src/mail.cpp:2197
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2240
+#: src/mail.cpp:2201
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2250
+#: src/mail.cpp:2211
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2254
+#: src/mail.cpp:2215
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2262
+#: src/mail.cpp:2223
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2266
+#: src/mail.cpp:2227
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2277
+#: src/mail.cpp:2238
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2281
+#: src/mail.cpp:2242
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2282
+#: src/mail.cpp:2243
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2286
+#: src/mail.cpp:2247
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2287
+#: src/mail.cpp:2248
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2515
+#: src/mail.cpp:2476
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "????"
-#: src/mail.cpp:2517
+#: src/mail.cpp:2478
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -1072,6 +1054,24 @@ msgstr ""
msgid "GpgOL: Request confirmed!"
msgstr ""
+#: src/cryptcontroller.cpp:394
+#, fuzzy
+msgid "Resolving recipients..."
+msgstr "??????"
+
+#: src/cryptcontroller.cpp:398
+msgid "Resolving signers..."
+msgstr ""
+
+#: src/cryptcontroller.cpp:994
+#, fuzzy
+msgid "Encrypting..."
+msgstr "??"
+
+#: src/cryptcontroller.cpp:998
+msgid "Signing..."
+msgstr ""
+
#, fuzzy
#~ msgid ""
#~ "Error creating file\n"
@@ -1146,9 +1146,6 @@ msgstr ""
#~ "\n"
#~ "???????????????"
-#~ msgid "Encryption"
-#~ msgstr "??"
-
#~ msgid "Fingerprint: "
#~ msgstr "???"
@@ -1262,9 +1259,6 @@ msgstr ""
#~ msgid "Validity"
#~ msgstr "???"
-#~ msgid "Selected recipients:"
-#~ msgstr "??????"
-
#~ msgid "Recipient which were NOT found"
#~ msgstr "???????"
diff --git a/po/zh_TW.po b/po/zh_TW.po
index 8b9f530..f3e9ff5 100644
--- a/po/zh_TW.po
+++ b/po/zh_TW.po
@@ -7,7 +7,7 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-06 15:25+0100\n"
+"POT-Creation-Date: 2018-03-07 10:01+0100\n"
"PO-Revision-Date: 2015-08-15 21:58+0800\n"
"Last-Translator: Mingye Wang (Arthur2e5) \n"
"Language-Team: \n"
@@ -168,12 +168,12 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "????????????"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1691 src/mail.cpp:1762
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
#, fuzzy
msgid "GpgOL: Encrypted Message"
msgstr "????"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1692 src/mail.cpp:1763
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
msgid "GpgOL: Trusted Sender Address"
msgstr ""
@@ -410,7 +410,7 @@ msgid ""
"directory, simply ignore this message.\n"
msgstr ""
-#: src/mail.cpp:820 src/mail.cpp:2006
+#: src/mail.cpp:820 src/mail.cpp:1967
#, fuzzy
msgid "Encrypted message"
msgstr "????"
@@ -419,7 +419,7 @@ msgstr "????"
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-#: src/mail.cpp:1095
+#: src/mail.cpp:1097
msgid "GpgOL: Oops, G Suite Sync account detected"
msgstr ""
@@ -431,123 +431,105 @@ msgid ""
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
-#: src/mail.cpp:1114
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details."
-msgstr ""
-
-#: src/mail.cpp:1129
-msgid ""
-"G Suite Sync breaks outgoing signed mails.\n"
-"Ensuring mail integrity (signing) with G Suite Sync is not supported.\n"
-"\n"
-"See: https://dev.gnupg.org/T3545 for details.\n"
-"\n"
-"Do you want to only encrypt the message?"
-msgstr ""
-
-#: src/mail.cpp:1951
+#: src/mail.cpp:1912
msgid "Security Level 4"
msgstr ""
-#: src/mail.cpp:1955
+#: src/mail.cpp:1916
msgid "Trust Level 4"
msgstr ""
-#: src/mail.cpp:1959
+#: src/mail.cpp:1920
msgid "Security Level 3"
msgstr ""
-#: src/mail.cpp:1963
+#: src/mail.cpp:1924
msgid "Trust Level 3"
msgstr ""
-#: src/mail.cpp:1967
+#: src/mail.cpp:1928
msgid "Security Level 2"
msgstr ""
-#: src/mail.cpp:1971
+#: src/mail.cpp:1932
msgid "Trust Level 2"
msgstr ""
-#: src/mail.cpp:1975
+#: src/mail.cpp:1936
#, fuzzy
msgid "Encrypted"
msgstr "??"
-#: src/mail.cpp:1984 src/mail.cpp:1986 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr ""
-#: src/mail.cpp:1998
+#: src/mail.cpp:1959
#, fuzzy
msgid "Signed and encrypted message"
msgstr "????"
-#: src/mail.cpp:2002
+#: src/mail.cpp:1963
#, fuzzy
msgid "Signed message"
msgstr "????"
-#: src/mail.cpp:2009 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
#, fuzzy
msgid "Insecure message"
msgstr "????"
-#: src/mail.cpp:2020 src/mail.cpp:2031
+#: src/mail.cpp:1981 src/mail.cpp:1992
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
-#: src/mail.cpp:2023
+#: src/mail.cpp:1984
msgid "The message was signed but the verification failed with:"
msgstr ""
-#: src/mail.cpp:2041
+#: src/mail.cpp:2002
#, fuzzy
msgid "The encryption was VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2045
+#: src/mail.cpp:2006
#, fuzzy
msgid "The encryption was not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2049
+#: src/mail.cpp:2010
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
-#: src/mail.cpp:2072
+#: src/mail.cpp:2033
#, fuzzy
msgid "You signed this message."
msgstr "????"
-#: src/mail.cpp:2076
+#: src/mail.cpp:2037
msgid "The senders identity was certified by yourself."
msgstr ""
-#: src/mail.cpp:2080
+#: src/mail.cpp:2041
msgid "The sender is allowed to certify identities for you."
msgstr ""
-#: src/mail.cpp:2093
+#: src/mail.cpp:2054
msgid "The senders identity was certified by several trusted people."
msgstr ""
-#: src/mail.cpp:2098
+#: src/mail.cpp:2059
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
"'%s'\n"
msgstr ""
-#: src/mail.cpp:2106
+#: src/mail.cpp:2067
msgid "Some trusted people have certified the senders identity."
msgstr ""
-#: src/mail.cpp:2116
+#: src/mail.cpp:2077
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -555,142 +537,142 @@ msgid ""
"You encrypted %i and verified %i messages since."
msgstr ""
-#: src/mail.cpp:2132
+#: src/mail.cpp:2093
msgid "The senders signature was verified for the first time."
msgstr ""
-#: src/mail.cpp:2139
+#: src/mail.cpp:2100
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
"messages and encrypted %i messages to it since %s."
msgstr ""
-#: src/mail.cpp:2153
+#: src/mail.cpp:2114
msgid "But the sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2154
+#: src/mail.cpp:2115
msgid "The sender address is not trustworthy because:"
msgstr ""
-#: src/mail.cpp:2162
+#: src/mail.cpp:2123
#, fuzzy
msgid "The signature is invalid: \n"
msgstr "????\n"
-#: src/mail.cpp:2167
+#: src/mail.cpp:2128
msgid "There was an error verifying the signature.\n"
msgstr ""
-#: src/mail.cpp:2171
+#: src/mail.cpp:2132
#, fuzzy
msgid "The signature is expired.\n"
msgstr "????\n"
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
msgid "The used key"
msgstr ""
-#: src/mail.cpp:2175
+#: src/mail.cpp:2136
#, fuzzy
msgid "The used certificate"
msgstr "????"
-#: src/mail.cpp:2183
+#: src/mail.cpp:2144
#, fuzzy
msgid "is not available."
msgstr "???????CRL????\n"
-#: src/mail.cpp:2187
+#: src/mail.cpp:2148
msgid "is revoked."
msgstr ""
-#: src/mail.cpp:2191
+#: src/mail.cpp:2152
msgid "is expired."
msgstr ""
-#: src/mail.cpp:2195
+#: src/mail.cpp:2156
msgid "is not meant for signing."
msgstr ""
-#: src/mail.cpp:2199 src/mail.cpp:2203
+#: src/mail.cpp:2160 src/mail.cpp:2164
msgid "could not be checked for revocation."
msgstr ""
-#: src/mail.cpp:2208
+#: src/mail.cpp:2169
msgid "is not the same as the key that was used for this address in the past."
msgstr ""
-#: src/mail.cpp:2214
+#: src/mail.cpp:2175
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr ""
-#: src/mail.cpp:2227
+#: src/mail.cpp:2188
msgid "is not certified by any trustworthy key."
msgstr ""
-#: src/mail.cpp:2231
+#: src/mail.cpp:2192
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
msgstr ""
-#: src/mail.cpp:2236
+#: src/mail.cpp:2197
msgid "The sender marked this address as revoked."
msgstr ""
-#: src/mail.cpp:2240
+#: src/mail.cpp:2201
msgid "is marked as not trustworthy."
msgstr ""
-#: src/mail.cpp:2250
+#: src/mail.cpp:2211
#, fuzzy
msgid "The signature is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2254
+#: src/mail.cpp:2215
#, fuzzy
msgid "The signature is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2262
+#: src/mail.cpp:2223
#, fuzzy
msgid "The encryption is VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2266
+#: src/mail.cpp:2227
#, fuzzy
msgid "The encryption is not VS-NfD-compliant."
msgstr "????\n"
-#: src/mail.cpp:2277
+#: src/mail.cpp:2238
msgid "Click here to change the key used for this address."
msgstr ""
-#: src/mail.cpp:2281
+#: src/mail.cpp:2242
msgid "Click here for details about the key."
msgstr ""
-#: src/mail.cpp:2282
+#: src/mail.cpp:2243
msgid "Click here for details about the certificate."
msgstr ""
-#: src/mail.cpp:2286
+#: src/mail.cpp:2247
msgid "Click here to search the key on the configured keyserver."
msgstr ""
-#: src/mail.cpp:2287
+#: src/mail.cpp:2248
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
-#: src/mail.cpp:2515
+#: src/mail.cpp:2476
#, fuzzy
msgid "GpgOL: Encryption not possible!"
msgstr "????"
-#: src/mail.cpp:2517
+#: src/mail.cpp:2478
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -1074,6 +1056,24 @@ msgstr ""
msgid "GpgOL: Request confirmed!"
msgstr ""
+#: src/cryptcontroller.cpp:394
+#, fuzzy
+msgid "Resolving recipients..."
+msgstr "??????"
+
+#: src/cryptcontroller.cpp:398
+msgid "Resolving signers..."
+msgstr ""
+
+#: src/cryptcontroller.cpp:994
+#, fuzzy
+msgid "Encrypting..."
+msgstr "??"
+
+#: src/cryptcontroller.cpp:998
+msgid "Signing..."
+msgstr ""
+
#, fuzzy
#~ msgid ""
#~ "Error creating file\n"
@@ -1148,9 +1148,6 @@ msgstr ""
#~ "\n"
#~ "???????????????"
-#~ msgid "Encryption"
-#~ msgstr "??"
-
#~ msgid "Fingerprint: "
#~ msgstr "???"
@@ -1264,9 +1261,6 @@ msgstr ""
#~ msgid "Validity"
#~ msgstr "???"
-#~ msgid "Selected recipients:"
-#~ msgstr "??????"
-
#~ msgid "Recipient which were NOT found"
#~ msgstr "???????"
commit fde43045b717413d5358f3cc06592a83ebef7805
Author: Andre Heinecke
Date: Wed Mar 7 10:00:44 2018 +0100
Provide protocol argument to resolver
* src/cryptcontroller.cpp (CryptController::resolve_recipients):
Use Protocol parameter if S/MIME is disabled.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index b3d39e5..be4f7fb 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -398,6 +398,12 @@ CryptController::resolve_keys ()
args.push_back (std::string (_("Resolving signers...")));
}
+ if (!opt.enable_smime)
+ {
+ args.push_back (std::string ("--protocol"));
+ args.push_back (std::string ("pgp"));
+ }
+
if (m_sign)
{
args.push_back (std::string ("--sign"));
commit 6a3fc31f4b02388fb6b7e2ca1e8673303632d002
Author: Andre Heinecke
Date: Wed Mar 7 08:59:23 2018 +0100
Add cryptcontroller to Potfiles
* po/POTFILES.in: Add cryptcontroller.
diff --git a/po/POTFILES.in b/po/POTFILES.in
index c815cd0..65ff428 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -40,3 +40,4 @@ src/user-events.h
src/keycache.cpp
src/wks-helper.cpp
src/overlay.cpp
+src/cryptcontroller.cpp
-----------------------------------------------------------------------
Summary of changes:
po/POTFILES.in | 1 +
po/de.po | 200 +++++++++++++++++++++++++-----------------------
po/fr.po | 160 +++++++++++++++++++-------------------
po/pt.po | 160 +++++++++++++++++++-------------------
po/sv.po | 156 ++++++++++++++++++-------------------
po/zh_CN.po | 160 +++++++++++++++++++-------------------
po/zh_TW.po | 160 +++++++++++++++++++-------------------
src/cryptcontroller.cpp | 6 ++
8 files changed, 495 insertions(+), 508 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 7 11:30:23 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Wed, 07 Mar 2018 11:30:23 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-57-g47d401d
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 47d401d159852ea08e90af21d91bb4b93be9000d (commit)
from 8a76deb11efd7dadfde6e8e7e69fbcd92577982f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 47d401d159852ea08e90af21d91bb4b93be9000d
Author: Ben McGinnes
Date: Wed Mar 7 21:27:54 2018 +1100
GPL compatible license for documentation
* Added the same, slightly modified GPL based license that is used in
other parts of GnuPG.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 1767cd4..2803861 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -212,10 +212,16 @@ Python bindings to programmatically leverage the GPGME library.
Copyright ? The GnuPG Project, 2018.
-** License TBA
+** License GPL compatible
:PROPERTIES:
:CUSTOM_ID: license
:END:
- Which license shall we use for these docs, hmm? Gotta be free, so
- that rules the GFDL out. I'll pick a CC or something later ...
+ This file is free software; as a special exception the author gives
+ unlimited permission to copy and/or distribute it, with or without
+ modifications, as long as this notice is preserved.
+
+ This file is distributed in the hope that it will be useful, but
+ WITHOUT ANY WARRANTY, to the extent permitted by law; without even
+ the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
+ PURPOSE.
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 12 +++++++++---
1 file changed, 9 insertions(+), 3 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 7 13:36:29 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Wed, 07 Mar 2018 13:36:29 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-84-g8f1e092
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via 8f1e092ad3d711878f8f569877ec7e0eb0860337 (commit)
via 2dba229712ba521c30e8a5ad1d208509eb287a26 (commit)
via 76e5456dc1f17d60d6a22f718b8197842759fa26 (commit)
via 4e96a74833e5b644b5d36b0d11526e524abe21bd (commit)
from 18db01ed4915a38622c90c81d16f1b7e812c3917 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8f1e092ad3d711878f8f569877ec7e0eb0860337
Author: Andre Heinecke
Date: Wed Mar 7 13:36:07 2018 +0100
Bump Version to 2.1.0 and update NEWS
--
diff --git a/NEWS b/NEWS
index c885f95..c773c0b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,14 @@
-Noteworthy changes for version 2.0.7 (unreleased)
+Noteworthy changes for version 2.1.0 (unreleased)
=================================================
+ * Encryption and Signing has been reworked to, again,
+ work without Kleopatra.
+
+ * WKS Setup is supported in a basic way.
+
+ * PGP/Inline is now fully supported.
+
+ * Many Bugfixes and Parser improvements.
Noteworthy changes for version 2.0.6 (2018-01-12)
diff --git a/configure.ac b/configure.ac
index 009860d..7fb6a92 100644
--- a/configure.ac
+++ b/configure.ac
@@ -17,7 +17,7 @@ min_automake_version="1.14"
# (git tag -s gpgol-k.n.m) and run "./autogen.sh --force". Please
# bump the version number immediately *after* the release and do
# another commit and push so that the git magic is able to work.
-m4_define([mym4_version], [2.0.7])
+m4_define([mym4_version], [2.1.0])
# Below is m4 magic to extract and compute the git revision number,
# the decimalized short revision number, a beta version string and a
commit 2dba229712ba521c30e8a5ad1d208509eb287a26
Author: Andre Heinecke
Date: Wed Mar 7 13:33:01 2018 +0100
Fix protocol selection for autoresolve
* src/cryptcontroller.cpp (CryptController::resolve_keys_cached):
Handle Protocol.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index 269ca96..da23de4 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -303,16 +303,19 @@ CryptController::resolve_keys_cached()
if (m_encrypt)
{
m_recipients = cache->getEncryptionKeys((const char **)m_recipient_addrs, GpgME::OpenPGP);
+ m_proto = GpgME::OpenPGP;
if (m_recipients.empty() && opt.enable_smime)
{
m_recipients = cache->getEncryptionKeys((const char **)m_recipient_addrs, GpgME::CMS);
fallbackToSMIME = true;
+ m_proto = GpgME::CMS;
}
if (m_recipients.empty())
{
log_debug ("%s:%s: Failed to resolve keys through cache",
SRCNAME, __func__);
+ m_proto = GpgME::UnknownProtocol;
return 1;
}
}
@@ -323,17 +326,20 @@ CryptController::resolve_keys_cached()
{
m_signer_key = cache->getSigningKey (m_mail->get_cached_sender ().c_str (),
GpgME::OpenPGP);
+ m_proto = GpgME::OpenPGP;
}
if (m_signer_key.isNull() && opt.enable_smime)
{
m_signer_key = cache->getSigningKey (m_mail->get_cached_sender ().c_str (),
GpgME::CMS);
+ m_proto = GpgME::CMS;
}
if (m_signer_key.isNull())
{
log_debug ("%s:%s: Failed to resolve signer key through cache",
SRCNAME, __func__);
m_recipients.clear();
+ m_proto = GpgME::UnknownProtocol;
return 1;
}
}
commit 76e5456dc1f17d60d6a22f718b8197842759fa26
Author: Andre Heinecke
Date: Wed Mar 7 13:31:54 2018 +0100
Improve error handling and fix encoding
* src/cryptcontroller.cpp: Take care that command line
args are not encoded to utf8.
* src/mail.cpp (do_crypt): Inform user when crypto failed.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index be4f7fb..269ca96 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -34,14 +34,7 @@
#include
#include
-#ifdef HAVE_W32_SYSTEM
#include "common.h"
-/* We use UTF-8 internally. */
-#undef _
-# define _(a) utf8_gettext (a)
-#else
-# define _(a) a
-#endif
#include
@@ -286,9 +279,9 @@ CryptController::parse_output (GpgME::Data &resolverOutput)
if (m_sign && sigFpr.empty())
{
- log_error ("%s:%s: Sign requested but no signing fingerprint",
+ log_error ("%s:%s: Sign requested but no signing fingerprint - sending unsigned",
SRCNAME, __func__);
- return -1;
+ m_sign = false;
}
if (m_encrypt && !recpFprs.size())
{
@@ -487,7 +480,8 @@ CryptController::resolve_keys ()
SRCNAME, __func__, err.code(), err.asString());
}
- if (parse_output (mystdout))
+ int ret = parse_output (mystdout);
+ if (ret == -1)
{
log_debug ("%s:%s: Failed to parse / resolve keys.",
SRCNAME, __func__);
@@ -496,7 +490,7 @@ CryptController::resolve_keys ()
return -1;
}
- return 0;
+ return ret;
}
int
@@ -508,10 +502,20 @@ CryptController::do_crypto ()
/* Start a WKS check if necessary. */
WKSHelper::instance()->start_check (m_mail->get_cached_sender ());
- if (resolve_keys ())
+ int ret = resolve_keys ();
+ if (ret == -1)
{
+ //error
log_debug ("%s:%s: Failure to resolve keys.",
SRCNAME, __func__);
+ gpgol_message_box (nullptr,
+ utf8_gettext ("Failure to resolve keys."),
+ utf8_gettext ("GpgOL"), MB_OK);
+ return ret;
+ }
+ if (ret == -2)
+ {
+ // Cancel
return -2;
}
@@ -529,6 +533,9 @@ CryptController::do_crypto ()
{
log_error ("%s:%s: Failure to create context.",
SRCNAME, __func__);
+ gpgol_message_box (nullptr,
+ "Failure to create context.",
+ utf8_gettext ("GpgOL"), MB_OK);
return -1;
}
if (!m_signer_key.isNull())
@@ -995,7 +1002,7 @@ CryptController::start_crypto_overlay ()
}
else if (m_sign)
{
- text =_("Signing...");
+ text = _("Signing...");
}
m_overlay = std::unique_ptr (new Overlay (wid, text));
}
diff --git a/src/mail.cpp b/src/mail.cpp
index 34ef2a1..7d30895 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -738,6 +738,12 @@ do_crypt (LPVOID arg)
mail->set_window_enabled (true);
+ if (rc == -1)
+ {
+ gpgol_message_box (nullptr,
+ "Crypto failed",
+ _("GpgOL"), MB_OK);
+ }
if (rc)
{
log_debug ("%s:%s: crypto failed for: %p with: %i",
commit 4e96a74833e5b644b5d36b0d11526e524abe21bd
Author: Andre Heinecke
Date: Wed Mar 7 13:30:14 2018 +0100
Fix deadlock in Outlook 2010
* src/mail.cpp (do_crypt): In Outlook 2010 sending destroys
the Mail. So we may not hold the dtor lock for the send call.
diff --git a/src/mail.cpp b/src/mail.cpp
index aba08d3..34ef2a1 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -751,6 +751,8 @@ do_crypt (LPVOID arg)
if (!mail->is_inline_response ())
{
mail->set_crypt_state (Mail::NeedsUpdateInOOM);
+ gpgrt_lock_unlock (&dtor_lock);
+ // This deletes the Mail in Outlook 2010
do_in_ui_thread (CRYPTO_DONE, arg);
}
else
@@ -758,6 +760,7 @@ do_crypt (LPVOID arg)
mail->set_crypt_state (Mail::NeedsUpdateInMAPI);
mail->update_crypt_mapi ();
mail->set_crypt_state (Mail::NeedsUpdateInOOM);
+ gpgrt_lock_unlock (&dtor_lock);
}
/* This works around a bug in pinentry that it might
bring the wrong window to front. So after encryption /
@@ -766,7 +769,6 @@ do_crypt (LPVOID arg)
See GnuPG-Bug-Id: T3732
*/
do_in_ui_thread_async (BRING_TO_FRONT, nullptr);
- gpgrt_lock_unlock (&dtor_lock);
return 0;
}
-----------------------------------------------------------------------
Summary of changes:
NEWS | 10 +++++++++-
configure.ac | 2 +-
src/cryptcontroller.cpp | 39 ++++++++++++++++++++++++++-------------
src/mail.cpp | 10 +++++++++-
4 files changed, 45 insertions(+), 16 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 8 05:45:37 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 08 Mar 2018 05:45:37 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-59-ga98f2c5
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via a98f2c556fe6e33a9cd38279e64e4b09f05cc675 (commit)
via e8adab68f8c0cd865ff220f06dfaff7fe183e8a1 (commit)
from 47d401d159852ea08e90af21d91bb4b93be9000d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a98f2c556fe6e33a9cd38279e64e4b09f05cc675
Author: Ben McGinnes
Date: Thu Mar 8 15:23:05 2018 +1100
doc-howto: fundamental aspects of GPGME vs Python
* Added a section for those pythonistas who are too used to web
programming. Stressed that it's not simply not RESTful, it's not
even REST-like.
* Letting me move on to drawing a very loose parallel between a
session and a context. The differences should become obvious in the
subsequent sections.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 2803861..e7dc53d 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -1,5 +1,4 @@
#+TITLE: GNU Privacy Guard (GnuPG) Made Easy Python Bindings HOWTO (English)
-
#+LATEX_COMPILER: xelatex
#+LATEX_CLASS: article
#+LATEX_CLASS_OPTIONS: [12pt]
@@ -200,6 +199,61 @@ Python bindings to programmatically leverage the GPGME library.
source.
+* Fundamentals
+ :PROPERTIES:
+ :CUSTOM_ID: howto-fund-a-mental
+ :END:
+
+ Before we can get to the fun stuff, there are a few matters
+ regarding GPGME's design which hold true whether you're dealing with
+ the C code directly or these Python bindings.
+
+** No REST
+ :PROPERTIES:
+ :CUSTOM_ID: no-rest-for-the-wicked
+ :END:
+
+ The first part of which is or will be fairly blatantly obvious upon
+ viewing the first example, but it's worth reiterating anyway. That
+ being that this API is /*not*/ a REST API. Nor indeed could it
+ ever be one.
+
+ Most, if not all, Python programmers (and not just Python
+ programmers) know how easy it is to work with a RESTful API. In
+ fact they've become so popular that many other APIs attempt to
+ emulate REST-like behaviour as much as they are able. Right down
+ to the use of JSON formatted output to facilitate the use of their
+ API without having to retrain developers.
+
+ This API does not do that. It would not be able to do that and
+ also provide access to the entire C API on which it's built. It
+ does, however, provide a very pythonic interface on top of the
+ direct bindings and it's this pythonic layer with which this HOWTO
+ deals with.
+
+** Context
+ :PROPERTIES:
+ :CUSTOM_ID: howto-get-context
+ :END:
+
+ One of the reasons which prevents this API from being RESTful is
+ that most operations require more than one instruction to the API
+ to perform the task. Sure, there are certain functions which can
+ be performed simultaneously, particularly if the result known or
+ strongly anticipated (e.g selecting and encrypting to a key known
+ to be in the public keybox).
+
+ There are many more, however, which cannot be manipulated so
+ readily: they must be performed in a specific sequence and the
+ result of one operation has a direct bearing on the outcome of
+ subsequent operations. Not merely by generating an error either.
+
+ When dealing with this type of persistant state on the web, full of
+ both the RESTful and REST-like, it's most commonly referred to as a
+ session. In GPGME, however, it is called a context and every
+ operation type has one.
+
+
* Copyright and Licensing
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
commit e8adab68f8c0cd865ff220f06dfaff7fe183e8a1
Author: Ben McGinnes
Date: Thu Mar 8 14:13:00 2018 +1100
doc: Added multiple TODOs for inclusion in the HOWTO
* Some instructions to include are fairly obvious; as with encryption,
decryption and signature verification.
* Some are a little less obvious.
* This includes the requests received to specifically include subkey
management (adding and revoking subkeys on a primary key that's
being retained.
* Added the UID equivalents to the list, as well as key selection
matters (and may or may not include something for handling group
lines since that involves wrapping a CLI binary).
* Key control documentation and examples requested by Mike Ingle of
confidantmail.org.
diff --git a/lang/python/docs/TODO.org b/lang/python/docs/TODO.org
index 4e067df..897c617 100644
--- a/lang/python/docs/TODO.org
+++ b/lang/python/docs/TODO.org
@@ -28,11 +28,13 @@
to produce reST versions via Pandoc and DITA XML can be reached
through converting to either Markdown or XHTML first.
-** TODO Documentation HOWTO
+** STARTED Documentation HOWTO
:PROPERTIES:
:CUSTOM_ID: todo-docs-howto
:END:
+ - State "STARTED" from "TODO" [2018-03-08 Thu 13:59] \\
+ Started yesterday.
Write a HOWTO style guide for the current Python bindings.
*** DONE Start python bindings HOWTO
@@ -41,6 +43,46 @@
:CUSTOM_ID: howto-start
:END:
+*** TODO Include certain specific instructions in the HOWTO
+ :PROPERTIES:
+ :CUSTOM_ID: howto-requests
+ :END:
+
+ Some functions can be worked out from the handful of examples
+ available, but many more can't and I've already begun receiving
+ requests for certain functions to be explained.
+
+**** TODO Standard scenarios
+ :PROPERTIES:
+ :CUSTOM_ID: howto-the-basics
+ :END:
+
+ What everyone expects: encryption, decryption, signing and verifying.
+
+**** TODO Key control
+ :PROPERTIES:
+ :CUSTOM_ID: howto-key-control
+ :END:
+
+ Generating keys, adding subkeys, revoking subkeys (and keeping
+ the cert key), adding and revoking UIDs, signing/certifying keys.
+
+**** TODO Key control
+ :PROPERTIES:
+ :CUSTOM_ID: howto-key-selection
+ :END:
+
+ Selecting keys to encrypt to or manipulate in other ways (e.g. as
+ with key control or the basics).
+
+**** TODO S/MIME
+ :PROPERTIES:
+ :CUSTOM_ID: howto-s-mime
+ :END:
+
+ Eventually add some of this, but it the OpenPGP details are far
+ more important at the moment.
+
** TODO Documentation SWIG
:PROPERTIES:
:CUSTOM_ID: todo-docs-swig
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 56 ++++++++++++++++++++++++++++++++-
lang/python/docs/TODO.org | 44 +++++++++++++++++++++++++-
2 files changed, 98 insertions(+), 2 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 8 06:12:30 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Thu, 08 Mar 2018 06:12:30 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-9-g334b948
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 334b94898112b5d2c7c97ff0496b9a67b3de0d26 (commit)
from 7e40c5efbea65c7804b06d62dfcd7f991557bfaa (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 334b94898112b5d2c7c97ff0496b9a67b3de0d26
Author: NIIBE Yutaka
Date: Thu Mar 8 14:08:51 2018 +0900
gpg: Fix build on Windows.
--
WIN32_LEAN_AND_MEAN is required to avoid definitions of grp1, grp2,
and grp3 in dlgs.h, which is included by windows.h.
Fixes-commit: fd595c9d3642dba437fbe0f6e25d7aaaae095f94
Signed-off-by: NIIBE Yutaka
diff --git a/g10/gpg.h b/g10/gpg.h
index 9b8b77c..1bad551 100644
--- a/g10/gpg.h
+++ b/g10/gpg.h
@@ -24,6 +24,10 @@
correct value and may be of advantage if we ever have to do
special things. */
+#ifdef HAVE_W32_SYSTEM
+# define WIN32_LEAN_AND_MEAN 1
+#endif
+
#ifdef GPG_ERR_SOURCE_DEFAULT
#error GPG_ERR_SOURCE_DEFAULT already defined
#endif
diff --git a/g10/misc.c b/g10/misc.c
index 77c8f26..9780969 100644
--- a/g10/misc.c
+++ b/g10/misc.c
@@ -42,6 +42,7 @@
#include
#include
#ifdef HAVE_WINSOCK2_H
+# define WIN32_LEAN_AND_MEAN 1
# include
#endif
#include
-----------------------------------------------------------------------
Summary of changes:
g10/gpg.h | 4 ++++
g10/misc.c | 1 +
2 files changed, 5 insertions(+)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 8 09:02:04 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Thu, 08 Mar 2018 09:02:04 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-10-gf8b8b6a
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via f8b8b6aac2ca1cb34d7a346aee1d874e7650557b (commit)
from 334b94898112b5d2c7c97ff0496b9a67b3de0d26 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f8b8b6aac2ca1cb34d7a346aee1d874e7650557b
Author: NIIBE Yutaka
Date: Thu Mar 8 16:51:51 2018 +0900
scd: Fix status check when using PC/SC.
* scd/apdu.c (struct reader_table_s): Add field of current_state.
(new_reader_slot): Initialize current_state.
(pcsc_get_status): Keep the status in READER_TABLE array.
Return SW_HOST_NO_READER when PCSC_STATE_CHANGED.
* scd/scdaemon.c (handle_connections): Silence a warning.
--
To detect some change of card status, including suspend/resume
possibly, SCardGetStatusChange should be used keeping the
dwCurrentState field.
This change could improve situation for suspend/resume with Yubikey on
Windows. Even not, this is doing the Right Thing.
Signed-off-by: NIIBE Yutaka
diff --git a/scd/apdu.c b/scd/apdu.c
index c50afbd..6758e69 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -119,6 +119,7 @@ struct reader_table_s {
pcsc_dword_t modify_ioctl;
int pinmin;
int pinmax;
+ pcsc_dword_t current_state;
} pcsc;
#ifdef USE_G10CODE_RAPDU
struct {
@@ -453,6 +454,7 @@ new_reader_slot (void)
reader_table[reader].pcsc.modify_ioctl = 0;
reader_table[reader].pcsc.pinmin = -1;
reader_table[reader].pcsc.pinmax = -1;
+ reader_table[reader].pcsc.current_state = PCSC_STATE_UNAWARE;
return reader;
}
@@ -652,12 +654,12 @@ pcsc_get_status (int slot, unsigned int *status, int on_wire)
(void)on_wire;
memset (rdrstates, 0, sizeof *rdrstates);
rdrstates[0].reader = reader_table[slot].rdrname;
- rdrstates[0].current_state = PCSC_STATE_UNAWARE;
+ rdrstates[0].current_state = reader_table[slot].pcsc.current_state;
err = pcsc_get_status_change (reader_table[slot].pcsc.context,
0,
rdrstates, 1);
if (err == PCSC_E_TIMEOUT)
- err = 0; /* Timeout is no error error here. */
+ err = 0; /* Timeout is no error here. */
if (err)
{
log_error ("pcsc_get_status_change failed: %s (0x%lx)\n",
@@ -665,6 +667,9 @@ pcsc_get_status (int slot, unsigned int *status, int on_wire)
return pcsc_error_to_sw (err);
}
+ reader_table[slot].pcsc.current_state =
+ (rdrstates[0].event_state & ~PCSC_STATE_CHANGED);
+
/* log_debug */
/* ("pcsc_get_status_change: %s%s%s%s%s%s%s%s%s%s\n", */
/* (rdrstates[0].event_state & PCSC_STATE_IGNORE)? " ignore":"", */
@@ -701,7 +706,11 @@ pcsc_get_status (int slot, unsigned int *status, int on_wire)
*status |= APDU_CARD_USABLE;
#endif
- return 0;
+ if (!on_wire && (rdrstates[0].event_state & PCSC_STATE_CHANGED))
+ /* Event like sleep/resume occurs, which requires RESET. */
+ return SW_HOST_NO_READER;
+ else
+ return 0;
}
diff --git a/scd/scdaemon.c b/scd/scdaemon.c
index cebeea9..91b5599 100644
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -1348,6 +1348,8 @@ handle_connections (int listen_fd)
FD_SET (pipe_fd[0], &read_fdset);
if (max_fd < pipe_fd[0])
max_fd = pipe_fd[0];
+#else
+ (void)max_fd;
#endif
#ifndef HAVE_W32_SYSTEM
-----------------------------------------------------------------------
Summary of changes:
scd/apdu.c | 15 ++++++++++++---
scd/scdaemon.c | 2 ++
2 files changed, 14 insertions(+), 3 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 8 23:02:41 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 08 Mar 2018 23:02:41 +0100
Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-50-ge846c3d
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via e846c3daeeb4e7092169cdb7bf4f55e0b105aac3 (commit)
via 6849924ffbd48ba3f9d32b4a59a02e1d2083fc19 (commit)
from 75f5e6e6672a1bbd16b7680313c0f96796c219bd (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit e846c3daeeb4e7092169cdb7bf4f55e0b105aac3
Author: Ben McGinnes
Date: Fri Mar 9 09:01:53 2018 +1100
docs: TODO
* Removed WS.
diff --git a/TODO b/TODO
index 17a5f8c..5f03fb6 100644
--- a/TODO
+++ b/TODO
@@ -389,7 +389,7 @@ Hey Emacs, this is -*- org -*- mode!
:END:
- State "CANCELLED" from "TODO" [2018-03-09 Fri 08:24] \\
WON'T FIX.
-
+
Also, there is no rungpg.c file in GPGME (or in GPG or most, if not
all of the rest of the libs and packages; I suspect there hasn't been
for a very long time).
commit 6849924ffbd48ba3f9d32b4a59a02e1d2083fc19
Author: Ben McGinnes
Date: Fri Mar 9 08:36:12 2018 +1100
doc: TODO list update
* Closed off a few ancient items and added recommendation to others to
use the dev.gnupg.org site for real bugs/features updates.
* See also this statement on the gnupg-devel list regarding this file:
https://lists.gnupg.org/pipermail/gnupg-devel/2018-March/033499.html
diff --git a/TODO b/TODO
index d02a0d2..17a5f8c 100644
--- a/TODO
+++ b/TODO
@@ -1,13 +1,29 @@
+#+TITLE: TODO List
Hey Emacs, this is -*- org -*- mode!
-* Document all the new stuff.
+* IMPORTANT!
+ :PROPERTIES:
+ :CUSTOM_ID: dev-gnupg-org
+ :END:
+
+ There was a nine year gap (2009 to 2018) between edits of this file,
+ so it is likely that much of the old information in it is wrong or
+ no longer applicable.
+
+ Bugs, feature requests and other development related work will be
+ tracked through the [[https://dev.gnupg.org/][dev.gnupg.org]] site.
+
+
+* TODO Document all the new stuff.
:PROPERTIES:
:CUSTOM_ID: more-docs-is-better
:END:
-** TODO Fix this TODO list.
+
+** STARTED Fix this TODO list.
:PROPERTIES:
:CUSTOM_ID: fix-todo
:END:
+ - State "STARTED" from "TODO" [2018-03-09 Fri 08:31]
Clean up the current TODO list. Include properties as relevant (so
if someone does make a PDF or HTML version the TOC will work).
@@ -51,10 +67,13 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: pre-release
:END:
-** Some gpg tests fail with gpg 1.3.4-cvs (gpg/t-keylist-sig)
+** CANCELLED Some gpg tests fail with gpg 1.3.4-cvs (gpg/t-keylist-sig)
+ CLOSED: [2018-03-09 Fri 08:16]
:PROPERTIES:
:CUSTOM_ID: gpg-1-3-4-really
:END:
+ - State "CANCELLED" from "TODO" [2018-03-09 Fri 08:16] \\
+ WON'T FIX ? too old or no longer applies.
The test is currently disabled there and in gpg/t-import.
** When gpg supports it, write binary subpackets directly,
:PROPERTIES:
@@ -335,29 +354,45 @@ Hey Emacs, this is -*- org -*- mode!
:PROPERTIES:
:CUSTOM_ID: gpg-breakage
:END:
-** gpg 1.4.2 lacks error reporting if sign/encrypt with revoked key.
+** CANCELLED gpg 1.4.2 lacks error reporting if sign/encrypt with revoked key.
+ CLOSED: [2018-03-09 Fri 08:19]
:PROPERTIES:
:CUSTOM_ID: gpg-classic-lacks-stuff
:END:
-** gpg 1.4.2 does crappy error reporting (namely none at all) when
+ - State "CANCELLED" from "TODO" [2018-03-09 Fri 08:19] \\
+ WON'T FIX.
+** CANCELLED gpg 1.4.2 does crappy error reporting (namely none at all) when
+ CLOSED: [2018-03-09 Fri 08:20]
:PROPERTIES:
:CUSTOM_ID: gpg-classic-problems-but-do-we-care
:END:
+ - State "CANCELLED" from "TODO" [2018-03-09 Fri 08:20] \\
+ WON'T FIX.
smart card is missing for sign operation:
[GNUPG:] CARDCTRL 4
gpg: selecting openpgp failed: ec=6.110
gpg: signing failed: general error
[GNUPG:] BEGIN_ENCRYPTION 2 10
gpg: test: sign+encrypt failed: general error
-** Without agent and with wrong passphrase, gpg 1.4.2 enters into an
+** DONE Without agent and with wrong passphrase, gpg 1.4.2 enters into an
+ CLOSED: [2018-03-09 Fri 08:20]
:PROPERTIES:
:CUSTOM_ID: recursive-gpg-classic
:END:
+ - State "DONE" from "TODO" [2018-03-09 Fri 08:20] \\
+ Must have been fixed in a subsequent release.
infinite loop.
-** Use correct argv[0]
+** CANCELLED Use correct argv[0]
+ CLOSED: [2018-03-09 Fri 08:24]
:PROPERTIES:
:CUSTOM_ID: correct-argv
:END:
+ - State "CANCELLED" from "TODO" [2018-03-09 Fri 08:24] \\
+ WON'T FIX.
+
+ Also, there is no rungpg.c file in GPGME (or in GPG or most, if not
+ all of the rest of the libs and packages; I suspect there hasn't been
+ for a very long time).
In rungpg.c:build_argv we use
argv[argc] = strdup ("gpg"); /* argv[0] */
This should be changed to take the real file name used in account.
-----------------------------------------------------------------------
Summary of changes:
TODO | 49 ++++++++++++++++++++++++++++++++++++++++++-------
1 file changed, 42 insertions(+), 7 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 8 23:33:26 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 08 Mar 2018 23:33:26 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-65-gf685cda
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via f685cda281c6148072e8a6cd139c990cb041ea3d (commit)
via e846c3daeeb4e7092169cdb7bf4f55e0b105aac3 (commit)
via 6849924ffbd48ba3f9d32b4a59a02e1d2083fc19 (commit)
via fa4927146b68dd045903285f1c45fb64deb2e361 (commit)
via c767a4a3590bd8a224d0268746df443942cb28c2 (commit)
via 75463d589522cba427f9e5a3a408192ffad8bb21 (commit)
from a98f2c556fe6e33a9cd38279e64e4b09f05cc675 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f685cda281c6148072e8a6cd139c990cb041ea3d
Merge: fa49271 e846c3d
Author: Ben McGinnes
Date: Fri Mar 9 09:31:44 2018 +1100
Merge branch 'master' of ssh+git://playfair.gnupg.org/git/gpgme into ben/docs/2018-03
* Fixed conflicts with TODO.
diff --cc TODO
index a431651,5f03fb6..a915ed7
--- a/TODO
+++ b/TODO
@@@ -1,5 -1,38 +1,61 @@@
+ #+TITLE: TODO List
Hey Emacs, this is -*- org -*- mode!
+ * IMPORTANT!
+ :PROPERTIES:
+ :CUSTOM_ID: dev-gnupg-org
+ :END:
+
+ There was a nine year gap (2009 to 2018) between edits of this file,
+ so it is likely that much of the old information in it is wrong or
+ no longer applicable.
+
+ Bugs, feature requests and other development related work will be
+ tracked through the [[https://dev.gnupg.org/][dev.gnupg.org]] site.
+
+
-* TODO Document all the new stuff.
++* Documentation
+ :PROPERTIES:
- :CUSTOM_ID: more-docs-is-better
++ :CUSTOM_ID: documentation
+ :END:
+
-** STARTED Fix this TODO list.
++** Document all the new stuff.
+ :PROPERTIES:
- :CUSTOM_ID: fix-todo
++ :CUSTOM_ID: more-docs-is-better
+ :END:
- - State "STARTED" from "TODO" [2018-03-09 Fri 08:31]
- Clean up the current TODO list. Include properties as relevant (so
- if someone does make a PDF or HTML version the TOC will work).
+
- Also check ans see if some of these ancient things can be removed
- (e.g. do we really need to fix things that were broken in GPG
- 1.3.x? I'm thinking not so much).
++*** TODO Fix this TODO list.
++ :PROPERTIES:
++ :CUSTOM_ID: fix-todo
++ :END:
++
++ Clean up the current TODO list. Include properties as relevant (so
++ if someone does make a PDF or HTML version the TOC will work).
++
++ Also check ans see if some of these ancient things can be removed
++ (e.g. do we really need to fix things that were broken in GPG
++ 1.3.x? I'm thinking not so much).
++
++**** DONE fix TODO items
++ CLOSED: [2018-03-04 Sun 08:55]
++ :PROPERTIES:
++ :CUSTOM_ID: fix-todo-items
++ :END:
++
++ Adjust todo items so each can now be referenced by custom-id and
++ checked off as necessary.
+
++** TODO Document validity and trust issues.
++ :PROPERTIES:
++ :CUSTOM_ID: valid-trust-issues
++ :END:
++
++** In gpgme.texi: Register callbacks under the right letter in the index.
++ :PROPERTIES:
++ :CUSTOM_ID: gpgme-texi
++ :END:
+
+
* Fix the remaining UI Server problems:
:PROPERTIES:
:CUSTOM_ID: ui-server-fix
@@@ -30,109 -63,112 +86,137 @@@
:END:
Right now we block reading the next line with assuan.
++
* Before release:
:PROPERTIES:
:CUSTOM_ID: pre-release
:END:
- ** Some gpg tests fail with gpg 1.3.4-cvs (gpg/t-keylist-sig)
++
+ ** CANCELLED Some gpg tests fail with gpg 1.3.4-cvs (gpg/t-keylist-sig)
+ CLOSED: [2018-03-09 Fri 08:16]
:PROPERTIES:
:CUSTOM_ID: gpg-1-3-4-really
:END:
+ - State "CANCELLED" from "TODO" [2018-03-09 Fri 08:16] \\
+ WON'T FIX ? too old or no longer applies.
The test is currently disabled there and in gpg/t-import.
++
** When gpg supports it, write binary subpackets directly,
:PROPERTIES:
:CUSTOM_ID: binary-subpackets
:END:
and parse SUBPACKET status lines.
++
* ABI's to break:
:PROPERTIES:
:CUSTOM_ID: abi-breakage-apparently-on-purpose
:END:
++
** Old opassuan interface.
:PROPERTIES:
:CUSTOM_ID: old-opassuan
:END:
++
** Implementation: Remove support for old style error codes in
:PROPERTIES:
:CUSTOM_ID: remove-old-error-codes
:END:
conversion.c::_gpgme_map_gnupg_error.
++
** gpgme_edit_cb_t: Add "processed" return argument
:PROPERTIES:
:CUSTOM_ID: add-processed-return
:END:
(see edit.c::command_handler).
++
** I/O and User Data could be made extensible. But this can be done
:PROPERTIES:
:CUSTOM_ID: add-io-user-data
:END:
without breaking the ABI hopefully.
++
** All enums should be replaced by ints and simple macros for
:PROPERTIES:
:CUSTOM_ID: enums-should-be-ints
:END:
maximum compatibility.
++
** Compatibility interfaces that can be removed in future versions:
:PROPERTIES:
:CUSTOM_ID: compat-interfaces-to-go
:END:
++
*** gpgme_data_new_from_filepart
:PROPERTIES:
:CUSTOM_ID: gpgme-data-new-from-filepart
:END:
++
*** gpgme_data_new_from_file
:PROPERTIES:
:CUSTOM_ID: gpgme-data-new-from-file
:END:
++
*** gpgme_data_new_with_read_cb
:PROPERTIES:
:CUSTOM_ID: gpgme-data-new-with-read-cb
:END:
++
*** gpgme_data_rewind
:PROPERTIES:
:CUSTOM_ID: gpgme-data-rewind
:END:
++
*** gpgme_op_import_ext
:PROPERTIES:
:CUSTOM_ID: gpgme-op-import-ext
:END:
++
*** gpgme_get_sig_key
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-key
:END:
++
*** gpgme_get_sig_ulong_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-ulong-attr
:END:
++
*** gpgme_get_sig_string_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-string-attr
:END:
++
*** GPGME_SIG_STAT_*
:PROPERTIES:
:CUSTOM_ID: gpgme-sig-stat
:END:
++
*** gpgme_get_sig_status
:PROPERTIES:
:CUSTOM_ID: gpgme-get-sig-status
:END:
++
*** gpgme_trust_item_release
:PROPERTIES:
:CUSTOM_ID: gpgme-trust-item-release
:END:
++
*** gpgme_trust_item_get_string_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-trust-item-get-string-attr
:END:
++
*** gpgme_trust_item_get_ulong_attr
:PROPERTIES:
:CUSTOM_ID: gpgme-trust-item-get-ulong-attr
:END:
++
*** gpgme_attr_t
:PROPERTIES:
:CUSTOM_ID: gpgme-attr-t
:END:
++
*** All Gpgme* typedefs.
:PROPERTIES:
:CUSTOM_ID: all-gpgme-typedefs
@@@ -143,20 -179,20 +227,24 @@@
:PROPERTIES:
:CUSTOM_ID: threads
:END:
++
** When GNU Pth supports sendmsg/recvmsg, wrap them properly.
:PROPERTIES:
:CUSTOM_ID: wrap-oth
:END:
++
** Without timegm (3) support our ISO time parser is not thread safe.
:PROPERTIES:
:CUSTOM_ID: time-threads
:END:
There is a configure time warning, though.
++
* New features:
:PROPERTIES:
:CUSTOM_ID: new-features
:END:
++
** Flow control for data objects.
:PROPERTIES:
:CUSTOM_ID: flow-control-is-not-a-euphemism-for-an-s-bend
@@@ -169,11 -205,11 +257,13 @@@
respective event loop. or (B) a way for gpgme data objects to be
associated with a waitable object, that can be registered with the
user event loop. Neither is particularly simple.
++
** Extended notation support. When gpg supports arbitrary binary
:PROPERTIES:
:CUSTOM_ID: extended-notation
:END:
notation data, provide a user interface for that.
++
** notification system
:PROPERTIES:
:CUSTOM_ID: notification-system
@@@ -200,25 -236,25 +290,30 @@@
:PROPERTIES:
:CUSTOM_ID: stat-data
:END:
++
** Implement support for photo ids.
:PROPERTIES:
:CUSTOM_ID: photo-id
:END:
++
** Allow selection of subkeys
:PROPERTIES:
:CUSTOM_ID: subkey-selection
:END:
++
** Allow to return time stamps in ISO format
:PROPERTIES:
:CUSTOM_ID: iso-format-datetime
:END:
-- This allows us to handle years later than 2037 properly. With the
-- time_t interface they are all mapped to 2037-12-31
++ This allows us to handle years later than 2037 properly. With the
++ time_t interface they are all mapped to 2037-12-31
++
** New features requested by our dear users, but rejected or left for
:PROPERTIES:
:CUSTOM_ID: feature-requests
:END:
later consideration:
++
*** Allow to export secret keys.
:PROPERTIES:
:CUSTOM_ID: export-secret-keys
@@@ -226,6 -262,6 +321,7 @@@
Rejected because this is conceptually flawed. Secret keys on a
smart card can not be exported, for example.
May eventually e supproted with a keywrapping system.
++
*** Selecting the key ring, setting the version or comment in output.
:PROPERTIES:
:CUSTOM_ID: select-keyring-version
@@@ -233,61 -269,46 +329,23 @@@
Rejected because the naive implementation is engine specific, the
configuration is part of the engine's configuration or readily
worked around in a different way
++
*** Selecting the symmetric cipher.
:PROPERTIES:
:CUSTOM_ID: symmetric-cipher-selection
:END:
++
*** Exchanging keys with key servers.
:PROPERTIES:
:CUSTOM_ID: key-server-exchange
:END:
--* Documentation
-- :PROPERTIES:
-- :CUSTOM_ID: documentation
-- :END:
-
--** TODO Document validity and trust issues.
-- :PROPERTIES:
-- :CUSTOM_ID: valid-trust-issues
-- :END:
-
--** In gpgme.texi: Register callbacks under the right letter in the index.
-- :PROPERTIES:
-- :CUSTOM_ID: gpgme-texi
-- :END:
-
- ** Document all the new stuff.
-** TODO Update TODO file
-- :PROPERTIES:
- :CUSTOM_ID: more-docs-is-better
- :CUSTOM_ID: todo-update
-- :END:
--
- *** TODO Fix this TODO list.
-*** DONE fix TODO items
- CLOSED: [2018-03-04 Sun 08:55]
-- :PROPERTIES:
- :CUSTOM_ID: fix-todo
- :CUSTOM_ID: fix-todo-items
-- :END:
-
- Clean up the current TODO list. Include properties as relevant (so
- if someone does make a PDF or HTML version the TOC will work).
-
- Also check ans see if some of these ancient things can be removed
- (e.g. do we really need to fix things that were broken in GPG
- 1.3.x? I'm thinking not so much).
-
- **** DONE fix TODO items
- CLOSED: [2018-03-04 Sun 08:55]
- :PROPERTIES:
- :CUSTOM_ID: fix-todo-items
- :END:
--
- Adjust todo items so each can now be referenced by custom-id and
- checked off as necessary.
- Adjust todo items so each can now be referenced by custom-id and
- checked off as necessary.
--
* Engines
:PROPERTIES:
:CUSTOM_ID: engines
:END:
++
** Do not create/destroy engines, but create engine and then reset it.
:PROPERTIES:
:CUSTOM_ID: reset-engine-is-not-quite-just-ignition
@@@ -300,26 -321,26 +358,31 @@@
Note that we need support in gpgsm to set include-certs to default
as RESET does not reset it, also for no_encrypt_to and probably
other options.
++
** Optimize the case where a data object has an underlying fd we can pass
:PROPERTIES:
:CUSTOM_ID: optimus-data-cousin-of-optimus-prime
:END:
directly to the engine. This will be automatic with socket I/O and
descriptor passing.
++
** Move code common to all engines up from gpg to engine.
:PROPERTIES:
:CUSTOM_ID: move-code-common-to-engines-out-of-gpg
:END:
++
** engine operations can return General Error on unknown protocol
:PROPERTIES:
:CUSTOM_ID: general-error-looking-to-be-court-martialled
:END:
(it's an internal error, as select_protocol checks already).
++
** When server mode is implemented properly, more care has to be taken to
:PROPERTIES:
:CUSTOM_ID: server-mode
:END:
release all resources on error (for example to free assuan_cmd).
++
** op_import_keys and op_export_keys have a limit in the number of keys.
:PROPERTIES:
:CUSTOM_ID: import-export-problems
@@@ -333,11 -354,15 +396,17 @@@
:PROPERTIES:
:CUSTOM_ID: gpg-breakage
:END:
- ** gpg 1.4.2 lacks error reporting if sign/encrypt with revoked key.
++
+ ** CANCELLED gpg 1.4.2 lacks error reporting if sign/encrypt with revoked key.
+ CLOSED: [2018-03-09 Fri 08:19]
:PROPERTIES:
:CUSTOM_ID: gpg-classic-lacks-stuff
:END:
- ** gpg 1.4.2 does crappy error reporting (namely none at all) when
+ - State "CANCELLED" from "TODO" [2018-03-09 Fri 08:19] \\
+ WON'T FIX.
++
+ ** CANCELLED gpg 1.4.2 does crappy error reporting (namely none at all) when
+ CLOSED: [2018-03-09 Fri 08:20]
:PROPERTIES:
:CUSTOM_ID: gpg-classic-problems-but-do-we-care
:END:
@@@ -347,12 -374,16 +418,18 @@@
gpg: signing failed: general error
[GNUPG:] BEGIN_ENCRYPTION 2 10
gpg: test: sign+encrypt failed: general error
- ** Without agent and with wrong passphrase, gpg 1.4.2 enters into an
++
+ ** DONE Without agent and with wrong passphrase, gpg 1.4.2 enters into an
+ CLOSED: [2018-03-09 Fri 08:20]
:PROPERTIES:
:CUSTOM_ID: recursive-gpg-classic
:END:
+ - State "DONE" from "TODO" [2018-03-09 Fri 08:20] \\
+ Must have been fixed in a subsequent release.
infinite loop.
- ** Use correct argv[0]
++
+ ** CANCELLED Use correct argv[0]
+ CLOSED: [2018-03-09 Fri 08:24]
:PROPERTIES:
:CUSTOM_ID: correct-argv
:END:
@@@ -365,71 -402,71 +448,86 @@@
:PROPERTIES:
:CUSTOM_ID: operations-are-not-surgical
:END:
++
** Include cert values -2, -1, 0 and 1 should be defined as macros.
:PROPERTIES:
:CUSTOM_ID: certified-macros
:END:
++
** If an operation failed, make sure that the result functions don't return
:PROPERTIES:
:CUSTOM_ID: operation-failure
:END:
corrupt partial information. !!!
NOTE: The EOF status handler is not called in this case !!!
++
** Verify must not fail on NODATA premature if auto-key-retrieval failed.
:PROPERTIES:
:CUSTOM_ID: autobot-key-retrieval
:END:
It should not fail silently if it knows there is an error. !!!
++
** All operations: Better error reporting. !!
:PROPERTIES:
:CUSTOM_ID: better-reporting-not-like-fox-news
:END:
++
** Export status handler need much more work. !!!
:PROPERTIES:
:CUSTOM_ID: export-status-handler
:END:
++
** Import should return a useful error when one happened.
:PROPERTIES:
:CUSTOM_ID: import-useful-stuff-even-wrong-stuff
:END:
++
*** Import does not take notice of NODATA status report.
:PROPERTIES:
:CUSTOM_ID: import-no-data
:END:
++
*** When GPGSM does issue IMPORT_OK status reports, make sure to check for
:PROPERTIES:
:CUSTOM_ID: gpgsm-import-ok
:END:
them in tests/gpgs m/t-import.c.
++
** Verify can include info about version/algo/class, but currently
:PROPERTIES:
:CUSTOM_ID: verify-class
:END:
this is only available for gpg, not gpgsm.
++
** Return ENC_TO output in verify result. Again, this is not available
:PROPERTIES:
:CUSTOM_ID: return-to-enc
:END:
for gpgsm.
++
** Genkey should return something more useful than General_Error.
:PROPERTIES:
:CUSTOM_ID: general-key-assumed-command-from-general-error
:END:
++
** If possible, use --file-setsize to set the file size for proper progress
:PROPERTIES:
:CUSTOM_ID: file-setsize
:END:
callback handling. Write data interface for file size.
++
** Optimize the file descriptor list, so the number of open fds is
:PROPERTIES:
:CUSTOM_ID: optimus-descriptus-younger-brother-of-optimus-prime
:END:
always known easily.
++
** Encryption: It should be verified that the behaviour for partially untrusted
:PROPERTIES:
:CUSTOM_ID: only-mostly-dead-means-partially-alive
:END:
recipients is correct.
++
** When GPG issues INV_something for invalid signers, catch them.
:PROPERTIES:
:CUSTOM_ID: invalid-sig
@@@ -440,15 -477,15 +538,18 @@@
:PROPERTIES:
:CUSTOM_ID: error-value
:END:
++
** Map ASSUAN/GpgSM ERR error values in a better way than is done now. !!
:PROPERTIES:
:CUSTOM_ID: map-ass-error
:END:
++
** Some error values should identify the source more correctly (mostly error
:PROPERTIES:
:CUSTOM_ID: source-errors
:END:
values derived from status messages).
++
** In rungpg.c we need to check the version of the engine
:PROPERTIES:
:CUSTOM_ID: rungpg-c-engine-ver
@@@ -461,6 -498,6 +562,7 @@@
:PROPERTIES:
:CUSTOM_ID: tests
:END:
++
** TODO Write a fake gpg-agent so that we can supply known passphrases to
:PROPERTIES:
:CUSTOM_ID: test-fake-gpg-agent
@@@ -468,23 -505,23 +570,28 @@@
gpgsm and setup the configuration files to use the agent. Without
this we are testing a currently running gpg-agent which is not a
clever idea. !
++
** t-data
:PROPERTIES:
:CUSTOM_ID: test-data
:END:
++
*** Test gpgme_data_release_and_get_mem.
:PROPERTIES:
:CUSTOM_ID: test-gpgme-data-release-mem
:END:
++
*** Test gpgme_data_seek for invalid types.
:PROPERTIES:
:CUSTOM_ID: test-gpgme-data-seek
:END:
++
** t-keylist
:PROPERTIES:
:CUSTOM_ID: test-keylist
:END:
Write a test for ext_keylist.
++
** Test reading key signatures.
:PROPERTIES:
:CUSTOM_ID: test-key-sig
@@@ -495,6 -532,6 +602,7 @@@
:PROPERTIES:
:CUSTOM_ID: debug
:END:
++
** Tracepoints should be added at: Every public interface enter/leave,
:PROPERTIES:
:CUSTOM_ID: tracepoint-pub-int
@@@ -510,6 -547,6 +618,7 @@@
decrypt-verify.c delete.c edit.c encrypt.c encrypt-sign.c export.c
genkey.c import.c key.c keylist.c passphrase.c progress.c signers.c
sig-notation.c trust-item.c trustlist.c verify.c
++
** TODO Handle malloc and vasprintf errors. But decide first if they should be
:PROPERTIES:
:CUSTOM_ID: malloc-vasprintf
@@@ -522,10 -559,10 +631,12 @@@
:PROPERTIES:
:CUSTOM_ID: build-suite
:END:
++
** TODO Make sure everything is cleaned correctly (esp. test area).
:PROPERTIES:
:CUSTOM_ID: clean-tests
:END:
++
** TODO Enable AC_CONFIG_MACRO_DIR and bump up autoconf version requirement.
:PROPERTIES:
:CUSTOM_ID: autoconf-macros
@@@ -538,6 -575,6 +649,7 @@@
:PROPERTIES:
:CUSTOM_ID: error-checking
:END:
++
** TODO engine-gpgsm, with-validation
:PROPERTIES:
:CUSTOM_ID: gpgsm-validation
commit fa4927146b68dd045903285f1c45fb64deb2e361
Author: Ben McGinnes
Date: Fri Mar 9 07:53:57 2018 +1100
docs: python bindings howto update.
* Added all four signing code examples that are most likely to be
used: armoured, clearsigned, detached armoured and detached binary.
* May remove some examples and just discuss the differences, but it
depends on the way the text is filled out.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index ab7e9db..17ec428 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -338,6 +338,96 @@ Python bindings to programmatically leverage the GPGME library.
pass
#+end_src
+** Signing text
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-signing
+ :END:
+
+ Need to determine whether or not to include clearsigning and
+ detached signing here or give them separate sections.
+
+ #+begin_src python
+ import gpg
+
+ text = """Declaration of ... something.
+
+ """
+
+ c = gpg.Context()
+ c.armor = True
+ signed = c.sign(text, mode=mode.NORMAL)
+
+ afile = open("/path/to/statement.txt.asc", "w")
+ for i in range(len(signed[0].splitlines())):
+ afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile.close()
+ #+end_src
+
+ Clearsigning:
+
+ #+begin_src python
+ import gpg
+
+ text = """Declaration of ... something.
+
+ """
+
+ c = gpg.Context()
+ c.armor = True
+ signed = c.sign(text, mode=mode.CLEAR)
+
+ afile = open("/path/to/statement.txt.asc", "w")
+ for i in range(len(signed[0].splitlines())):
+ afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile.close()
+ #+end_src
+
+ Detached ASCII Armoured signing:
+
+ #+begin_src python
+ import gpg
+
+ text = """Declaration of ... something.
+
+ """
+
+ c = gpg.Context()
+ c.armor = True
+ signed = c.sign(text, mode=mode.DETACH)
+
+ afile = open("/path/to/statement.txt.asc", "w")
+ for i in range(len(signed[0].splitlines())):
+ afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile.close()
+ #+end_src
+
+ Detached binary signing (maybe change text to be reading a file's
+ content):
+
+ #+begin_src python
+import gpg
+
+text = """Declaration of ... something.
+
+"""
+
+c = gpg.Context()
+c.armor = True
+signed = c.sign(text, mode=mode.DETACH)
+
+afile = open("/path/to/statement.txt.sig", "wb")
+afile.write(signed[0])
+afile.close()
+ #+end_src
+
+
+** Signature verification
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-verification
+ :END:
+
+x
+
* Copyright and Licensing
:PROPERTIES:
commit c767a4a3590bd8a224d0268746df443942cb28c2
Author: Ben McGinnes
Date: Fri Mar 9 05:25:49 2018 +1100
doc: python bindings howto update
* Added example of decryption.
* included some quick notes for myself regarding aspects to explain
when I flesh out the explanatory text.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 8f81511..ab7e9db 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -269,7 +269,6 @@ Python bindings to programmatically leverage the GPGME library.
#+begin_src python
import gpg
import os
- import os.path
rkey = "0x12345678DEADBEEF"
text = """
@@ -297,13 +296,48 @@ Python bindings to programmatically leverage the GPGME library.
cipher.seek(0, os.SEEK_SET)
del(text)
del(plain)
- afile = open("secret_plans.txt.asc", "wb")
+ afile = open("secret_plans.org.asc", "wb")
afile.write(cipher.read())
afile.close()
except gpg.errors.GPGMEError as ex:
print(ex.getstring())
#+end_src
+** Decryption
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-encryption
+ :END:
+
+ Decrypting something encrypted to a key in one's secret keyring
+ (will display some extra data you normally wouldn't show, but which
+ may be of use):
+
+ #+begin_src python
+ import os.path
+ import gpg
+
+ if os.path.exists("/path/to/secret_plans.org.asc") is True:
+ ciphertext = "/path/to/secret_plans.org.asc"
+ elif os.path.exists("/path/to/secret_plans.org.gpg") is True:
+ ciphertext = "/path/to/secret_plans.org.gpg"
+ else:
+ ciphertext = None
+
+ if ciphertext is not None:
+ afile = open(ciphertext, "rb")
+ plaintext = gpg.Context().decrypt(afile)
+ afile.close()
+ newfile = open("/path/to/secret_plans.org", "wb")
+ newfile.write(plaintext[0])
+ newfile.close()
+ print(plaintext[0])
+ plaintext[1]
+ plaintext[2]
+ del(plaintext)
+ else:
+ pass
+ #+end_src
+
* Copyright and Licensing
:PROPERTIES:
commit 75463d589522cba427f9e5a3a408192ffad8bb21
Author: Ben McGinnes
Date: Fri Mar 9 04:42:41 2018 +1100
doc: Basic operation of the python bindings
* Added sample code for encrypting some text to a single key.
* Basically I'm just lifting existing production code and changing the
key IDs from mine to "0x12345678DEADBEEF" for these first few
examples.
* I'll fill in the text description after.
* Note: due to my regional location, I might split some tasks into
more commits in order to be sure no work gets lost in case of
emergency (or to put it another way: I know Telstra too well to
trust them).
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index e7dc53d..8f81511 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -254,6 +254,57 @@ Python bindings to programmatically leverage the GPGME library.
operation type has one.
+* Basic Functions
+ :PROPERTIES:
+ :CUSTOM_ID: howto-the-basics
+ :END:
+
+** Encryption
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-encryption
+ :END:
+
+ Encrypting to one key:
+
+ #+begin_src python
+ import gpg
+ import os
+ import os.path
+
+ rkey = "0x12345678DEADBEEF"
+ text = """
+ Some plain text to test with. Obtained from any input source Python can read.
+
+ It makes no difference whether it is string or bytes, but the bindings always
+ produce byte output data. Which is useful to know when writing out either the
+ encrypted or decrypted results.
+
+ """
+
+ plain = gpg.core.Data(text)
+ cipher = gpg.core.Data()
+ c = gpg.core.Context()
+ c.set_armor(1)
+
+ c.op_keylist_start(rkey, 0)
+ r = c.op_keylist_next()
+
+ if r == None:
+ print("""The key for user "{0}" was not found""".format(rkey))
+ else:
+ try:
+ c.op_encrypt([r], 1, plain, cipher)
+ cipher.seek(0, os.SEEK_SET)
+ del(text)
+ del(plain)
+ afile = open("secret_plans.txt.asc", "wb")
+ afile.write(cipher.read())
+ afile.close()
+ except gpg.errors.GPGMEError as ex:
+ print(ex.getstring())
+ #+end_src
+
+
* Copyright and Licensing
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
-----------------------------------------------------------------------
Summary of changes:
TODO | 208 ++++++++++++++++++++++++--------
lang/python/docs/GPGMEpythonHOWTOen.org | 175 +++++++++++++++++++++++++++
2 files changed, 335 insertions(+), 48 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 00:59:43 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Fri, 09 Mar 2018 00:59:43 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-11-g1e27c0e
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 1e27c0e04cd3280d498dc8b72d2e410f6287f656 (commit)
from f8b8b6aac2ca1cb34d7a346aee1d874e7650557b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1e27c0e04cd3280d498dc8b72d2e410f6287f656
Author: NIIBE Yutaka
Date: Fri Mar 9 08:56:50 2018 +0900
scd: More fix with PC/SC for Windows.
* scd/apdu.c (pcsc_get_status): Return status based on CURRENT_STATUS.
Add debug log.
--
GnuPG-bug-id: 3825
Signed-off-by: NIIBE Yutaka
diff --git a/scd/apdu.c b/scd/apdu.c
index 6758e69..e797c09 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -667,27 +667,29 @@ pcsc_get_status (int slot, unsigned int *status, int on_wire)
return pcsc_error_to_sw (err);
}
- reader_table[slot].pcsc.current_state =
- (rdrstates[0].event_state & ~PCSC_STATE_CHANGED);
-
- /* log_debug */
- /* ("pcsc_get_status_change: %s%s%s%s%s%s%s%s%s%s\n", */
- /* (rdrstates[0].event_state & PCSC_STATE_IGNORE)? " ignore":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_CHANGED)? " changed":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_UNKNOWN)? " unknown":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_UNAVAILABLE)?" unavail":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_EMPTY)? " empty":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_PRESENT)? " present":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_ATRMATCH)? " atr":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_EXCLUSIVE)? " excl":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_INUSE)? " unuse":"", */
- /* (rdrstates[0].event_state & PCSC_STATE_MUTE)? " mute":"" ); */
+ if ((rdrstates[0].event_state & PCSC_STATE_CHANGED))
+ reader_table[slot].pcsc.current_state =
+ (rdrstates[0].event_state & ~PCSC_STATE_CHANGED);
+
+ if (DBG_CARD_IO)
+ log_debug
+ ("pcsc_get_status_change: %s%s%s%s%s%s%s%s%s%s\n",
+ (rdrstates[0].event_state & PCSC_STATE_IGNORE)? " ignore":"",
+ (rdrstates[0].event_state & PCSC_STATE_CHANGED)? " changed":"",
+ (rdrstates[0].event_state & PCSC_STATE_UNKNOWN)? " unknown":"",
+ (rdrstates[0].event_state & PCSC_STATE_UNAVAILABLE)?" unavail":"",
+ (rdrstates[0].event_state & PCSC_STATE_EMPTY)? " empty":"",
+ (rdrstates[0].event_state & PCSC_STATE_PRESENT)? " present":"",
+ (rdrstates[0].event_state & PCSC_STATE_ATRMATCH)? " atr":"",
+ (rdrstates[0].event_state & PCSC_STATE_EXCLUSIVE)? " excl":"",
+ (rdrstates[0].event_state & PCSC_STATE_INUSE)? " unuse":"",
+ (rdrstates[0].event_state & PCSC_STATE_MUTE)? " mute":"" );
*status = 0;
- if ( (rdrstates[0].event_state & PCSC_STATE_PRESENT) )
+ if ( (reader_table[slot].pcsc.current_state & PCSC_STATE_PRESENT) )
{
*status |= APDU_CARD_PRESENT;
- if ( !(rdrstates[0].event_state & PCSC_STATE_MUTE) )
+ if ( !(reader_table[slot].pcsc.current_state & PCSC_STATE_MUTE) )
*status |= APDU_CARD_ACTIVE;
}
#ifndef HAVE_W32_SYSTEM
@@ -696,7 +698,7 @@ pcsc_get_status (int slot, unsigned int *status, int on_wire)
mode. */
if ( (*status & (APDU_CARD_PRESENT|APDU_CARD_ACTIVE))
== (APDU_CARD_PRESENT|APDU_CARD_ACTIVE)
- && !(rdrstates[0].event_state & PCSC_STATE_INUSE) )
+ && !(reader_table[slot].pcsc.current_state & PCSC_STATE_INUSE) )
*status |= APDU_CARD_USABLE;
#else
/* Some winscard drivers may set EXCLUSIVE and INUSE at the same
-----------------------------------------------------------------------
Summary of changes:
scd/apdu.c | 38 ++++++++++++++++++++------------------
1 file changed, 20 insertions(+), 18 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 05:24:06 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Fri, 09 Mar 2018 05:24:06 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-66-gab81c2d
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via ab81c2d868bba79fdb8f8d7f576b6bd88c6bdf3c (commit)
from f685cda281c6148072e8a6cd139c990cb041ea3d (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ab81c2d868bba79fdb8f8d7f576b6bd88c6bdf3c
Author: Ben McGinnes
Date: Fri Mar 9 15:22:24 2018 +1100
doc: python bindings howto
* Added example for verifying both detached and "in-line" signatures.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 17ec428..75f1ebd 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -13,12 +13,12 @@
:CUSTOM_ID: intro
:END:
-Version: 0.0.1-alpha [2018-03-07 Wed]
-Author: Ben McGinnes
-Author GPG Key: DB4724E6FA4286C92B4E55C4321E4E2373590E5D
+ Version: 0.0.1-alpha [2018-03-07 Wed]
+ Author: Ben McGinnes
+ Author GPG Key: DB4724E6FA4286C92B4E55C4321E4E2373590E5D
-This document provides basic instruction in how to use the GPGME
-Python bindings to programmatically leverage the GPGME library.
+ This document provides basic instruction in how to use the GPGME
+ Python bindings to programmatically leverage the GPGME library.
* GPGME Concepts
@@ -401,23 +401,22 @@ Python bindings to programmatically leverage the GPGME library.
afile.close()
#+end_src
- Detached binary signing (maybe change text to be reading a file's
- content):
+ Detached binary signing of a file.
#+begin_src python
-import gpg
-
-text = """Declaration of ... something.
+ import gpg
-"""
+ tfile = open("/path/to/statement.txt", "r")
+ text = tfile.read()
+ tfile.close()
-c = gpg.Context()
-c.armor = True
-signed = c.sign(text, mode=mode.DETACH)
+ c = gpg.Context()
+ c.armor = True
+ signed = c.sign(text, mode=mode.DETACH)
-afile = open("/path/to/statement.txt.sig", "wb")
-afile.write(signed[0])
-afile.close()
+ afile = open("/path/to/statement.txt.sig", "wb")
+ afile.write(signed[0])
+ afile.close()
#+end_src
@@ -426,7 +425,31 @@ afile.close()
:CUSTOM_ID: howto-basic-verification
:END:
-x
+ Verify a signed file, both detached and not:
+
+ #+begin_src python
+ import gpg
+ import sys
+ import time
+
+ c = gpg.Context()
+
+ data, result = c.verify(open(filename),
+ open(detached_sig_filename)
+ if detached_sig_filename else None)
+
+ for index, sign in enumerate(result.signatures):
+ print("signature", index, ":")
+ print(" summary: %#0x" % (sign.summary))
+ print(" status: %#0x" % (sign.status))
+ print(" timestamp: ", sign.timestamp)
+ print(" timestamp: ", time.ctime(sign.timestamp))
+ print(" fingerprint:", sign.fpr)
+ print(" uid: ", c.get_key(sign.fpr).uids[0].uid)
+
+ if data:
+ sys.stdout.buffer.write(data)
+ #+end_src
* Copyright and Licensing
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 59 +++++++++++++++++++++++----------
1 file changed, 41 insertions(+), 18 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 05:29:43 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Fri, 09 Mar 2018 05:29:43 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-67-g93252df
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 93252df9dc4c9932467814745655350a8cab900e (commit)
from ab81c2d868bba79fdb8f8d7f576b6bd88c6bdf3c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 93252df9dc4c9932467814745655350a8cab900e
Author: Ben McGinnes
Date: Fri Mar 9 15:27:40 2018 +1100
doc: python bindings TODO list
* Updated to reflect the most recent work on the HOWTO for the Python
bindings.
diff --git a/lang/python/docs/TODO.org b/lang/python/docs/TODO.org
index 897c617..df1aa4e 100644
--- a/lang/python/docs/TODO.org
+++ b/lang/python/docs/TODO.org
@@ -43,20 +43,23 @@
:CUSTOM_ID: howto-start
:END:
-*** TODO Include certain specific instructions in the HOWTO
+*** STARTED Include certain specific instructions in the HOWTO
:PROPERTIES:
:CUSTOM_ID: howto-requests
:END:
+ - State "STARTED" from "TODO" [2018-03-09 Fri 15:27]
Some functions can be worked out from the handful of examples
available, but many more can't and I've already begun receiving
requests for certain functions to be explained.
-**** TODO Standard scenarios
+**** STARTED Standard scenarios
:PROPERTIES:
:CUSTOM_ID: howto-the-basics
:END:
+ - State "STARTED" from "TODO" [2018-03-09 Fri 15:26] \\
+ Began with the example code, now to add the text.
What everyone expects: encryption, decryption, signing and verifying.
**** TODO Key control
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/TODO.org | 7 +++++--
1 file changed, 5 insertions(+), 2 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 06:51:58 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Fri, 09 Mar 2018 06:51:58 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-68-g0168646
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 01686463948ac6096dd8579a110c478d3a1f9a83 (commit)
from 93252df9dc4c9932467814745655350a8cab900e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 01686463948ac6096dd8579a110c478d3a1f9a83
Author: Ben McGinnes
Date: Fri Mar 9 16:49:05 2018 +1100
doc: python bindings howto
* Wrote the text description explaining each step in the most basic
encryption operation.
* Will need to include additional examples for encrypting to multiple
recipients using Context().encrypt instead of Context().op_encrypt.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 75f1ebd..0b882b5 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -259,12 +259,51 @@
:CUSTOM_ID: howto-the-basics
:END:
+ The most frequently called features of any cryptographic library
+ will be the most fundamental tasks for enxryption software. In this
+ section we will look at how to programmatically encrypt data,
+ decrypt it, sign it and verify signatures.
+
** Encryption
:PROPERTIES:
:CUSTOM_ID: howto-basic-encryption
:END:
- Encrypting to one key:
+ Encrypting is very straight forward. In the first example below
+ the message, =text=, is encrypted to a single recipient's key. In
+ the second example the message will be encrypted to multiple
+ recipients.
+
+*** Encrypting to one key
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-encryption-single
+ :END:
+
+ The text is then encapsulated in a GPGME Data object as =plain= and
+ the =cipher= object is created with another Data object. Then we
+ create the Context as =c= and set it to use the ASCII armoured
+ OpenPGP format. In later examples there will be alternative
+ methods of setting the OpenPGP output to be ASCII armoured.
+
+ Next we prepare a keylist object in our Context and follow it with
+ specifying the recipients as =r=. Note that the configuration in
+ one's =gpg.conf= file is honoured, so if you have the options set
+ to encrypt to one key or to a default key, that will be included
+ with this operation.
+
+ This is followed by a quick check to be sure that the recipient is
+ actually selected and that the key is available. Assuming it is,
+ the encryption can proceed, but if not a message will print stating
+ the key was not found.
+
+ The encryption operation is invoked within the Context with the
+ =c.op_encrypt= function, loading the recipien (=r=), the message
+ (=plain=) and the =cipher=. The =cipher.seek= uses =os.SEEK_SET=
+ to set the data to the correct byte format for GPGME to use it.
+
+ At this point we no longer need the plaintext material, so we
+ delete both the =text= and the =plain= objects. Then we write the
+ encrypted data out to a file, =secret_plans.txt.asc=.
#+begin_src python
import gpg
@@ -296,13 +335,19 @@
cipher.seek(0, os.SEEK_SET)
del(text)
del(plain)
- afile = open("secret_plans.org.asc", "wb")
+ afile = open("secret_plans.txt.asc", "wb")
afile.write(cipher.read())
afile.close()
except gpg.errors.GPGMEError as ex:
print(ex.getstring())
#+end_src
+*** Encrypting to multiple keys
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-encryption-multiple
+ :END:
+
+
** Decryption
:PROPERTIES:
:CUSTOM_ID: howto-basic-encryption
@@ -316,10 +361,10 @@
import os.path
import gpg
- if os.path.exists("/path/to/secret_plans.org.asc") is True:
- ciphertext = "/path/to/secret_plans.org.asc"
- elif os.path.exists("/path/to/secret_plans.org.gpg") is True:
- ciphertext = "/path/to/secret_plans.org.gpg"
+ if os.path.exists("/path/to/secret_plans.txt.asc") is True:
+ ciphertext = "/path/to/secret_plans.txt.asc"
+ elif os.path.exists("/path/to/secret_plans.txt.gpg") is True:
+ ciphertext = "/path/to/secret_plans.txt.gpg"
else:
ciphertext = None
@@ -327,7 +372,7 @@
afile = open(ciphertext, "rb")
plaintext = gpg.Context().decrypt(afile)
afile.close()
- newfile = open("/path/to/secret_plans.org", "wb")
+ newfile = open("/path/to/secret_plans.txt", "wb")
newfile.write(plaintext[0])
newfile.close()
print(plaintext[0])
@@ -338,6 +383,7 @@
pass
#+end_src
+
** Signing text
:PROPERTIES:
:CUSTOM_ID: howto-basic-signing
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 60 +++++++++++++++++++++++++++++----
1 file changed, 53 insertions(+), 7 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 10:42:51 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Fri, 09 Mar 2018 10:42:51 +0100
Subject: [git] GnuPG - branch, tpm-work, created. gnupg-2.2.5-126-gfb0470a
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, tpm-work has been created
at fb0470a9f5834b77fba2bf5e1b41f56d063e556f (commit)
- Log -----------------------------------------------------------------
commit fb0470a9f5834b77fba2bf5e1b41f56d063e556f
Author: Werner Koch
Date: Fri Mar 9 10:36:14 2018 +0100
agent: Minor cleanup of the TPM patches.
* configure.ac (AC_CHECK_HEADERS): Add tss2/tss.h.
* agent/divert-tpm2.c: Print an error if that file is not available.
* agent/Makefile.am (gpg_agent_SOURCES): Add tpm.h
* agent/command.c (do_one_keyinfo): Replace xstrdup by xtrystrdup.
* agent/protect.c (agent_get_shadow_info_type): Check error of
xtrystrdup.
Signed-off-by: Werner Koch
diff --git a/agent/Makefile.am b/agent/Makefile.am
index 290ef12..4fe74f5 100644
--- a/agent/Makefile.am
+++ b/agent/Makefile.am
@@ -52,7 +52,7 @@ gpg_agent_SOURCES = \
trustlist.c \
divert-scd.c \
divert-tpm2.c \
- tpm2.c \
+ tpm2.c tpm2.h \
cvt-openpgp.c cvt-openpgp.h \
call-scd.c \
learncard.c
diff --git a/agent/command.c b/agent/command.c
index c439aa5..a46e288 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1104,7 +1104,8 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
char hexgrip[40+1];
char *fpr = NULL;
int keytype;
- unsigned char *shadow_info = NULL, *shadow_info_type = NULL;
+ unsigned char *shadow_info = NULL;
+ unsigned char *shadow_info_type = NULL;
char *serialno = NULL;
char *idstr = NULL;
const char *keytypestr;
@@ -1194,7 +1195,12 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
}
else if (strcmp (shadow_info_type, "tpm2-v1") == 0)
{
- serialno = xstrdup("TPM-Protected");
+ serialno = xtrystrdup("TPM-Protected");
+ if (!serialno)
+ {
+ err = gpg_error_from_syserror ();
+ goto leave;
+ }
idstr = NULL;
}
else
diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
index deb655a..84935de 100644
--- a/agent/divert-tpm2.c
+++ b/agent/divert-tpm2.c
@@ -8,6 +8,12 @@
#include
#include
+/* FIXME: Until we have a proper checking in configure we give a hint
+ * on what to do */
+#ifndef HAVE_TSS2_TSS_H
+# error Please install the libtss2 dev package first
+#endif
+
#include "agent.h"
#include "../common/i18n.h"
#include "../common/sexp-parse.h"
diff --git a/agent/protect.c b/agent/protect.c
index 0920667..09c7d61 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -1559,11 +1559,12 @@ agent_shadow_key_type (const unsigned char *pubkey,
/* Calculate required length by taking in account: the "shadowed-"
prefix, the "shadowed", shadow type as well as some parenthesis */
+ /* FIXME: We should use membuf functions here. */
n = 12 + pubkey_len + 1 + 3+8 + 2+5 + shadow_info_len + 1;
*result = xtrymalloc (n);
p = (char*)*result;
if (!p)
- return out_of_core ();
+ return out_of_core ();
p = stpcpy (p, "(20:shadowed-private-key");
/* (10:public-key ...)*/
memcpy (p, pubkey+14, point - (pubkey+14));
@@ -1643,12 +1644,15 @@ agent_get_shadow_info_type (const unsigned char *shadowkey,
n = snext (&s);
if (!n)
return gpg_error (GPG_ERR_INV_SEXP);
- if (shadow_type) {
- char *buf = xtrymalloc(n+1);
- memcpy(buf, s, n);
- buf[n] = '\0';
- *shadow_type = buf;
- }
+ if (shadow_type)
+ {
+ char *buf = xtrymalloc(n+1);
+ if (!buf)
+ return gpg_error_from_syserror ();
+ memcpy (buf, s, n);
+ buf[n] = '\0';
+ *shadow_type = buf;
+ }
if (smatch (&s, n, "t1-v1") || smatch(&s, n, "tpm2-v1"))
{
diff --git a/configure.ac b/configure.ac
index 7522b69..9dd9230 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1301,7 +1301,7 @@ AC_HEADER_STDC
AC_CHECK_HEADERS([string.h unistd.h langinfo.h termio.h locale.h getopt.h \
pty.h utmp.h pwd.h inttypes.h signal.h sys/select.h \
stdint.h signal.h util.h libutil.h termios.h \
- ucred.h sys/ucred.h sys/sysmacros.h sys/mkdev.h])
+ ucred.h sys/ucred.h sys/sysmacros.h sys/mkdev.h tss2/tss.h])
AC_HEADER_TIME
commit 72ece35fb713eaf88d425f8b3468bec0d2b887e1
Author: James Bottomley
Date: Mon Mar 5 11:18:15 2018 -0800
tpm2: add handling for elliptic curve keys
* agent/divert-tpm2.c: Support ECC.
--
This adds handling for the way gnupg does elliptic keys, namely ECDSA
for signatures and using ECDH with an ephemeral key to generate an
encrypted message. The main problem is that the TPM2 usually has a
very small list of built in curves and it won't handle any others.
Thanks to TCG mandates, all TPM2 systems in the USA should come with
NIST P-256, but do not come with the Bernstien curve 25519, so the
only way to use the TPM2 to protect an elliptic curve key is first to
create it with a compatible algorithm.
Signed-off-by: James Bottomley
diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
index dc3110d..deb655a 100644
--- a/agent/divert-tpm2.c
+++ b/agent/divert-tpm2.c
@@ -22,15 +22,16 @@ divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text,
{
TSS_CONTEXT *tssc;
TPM_HANDLE key;
+ TPMI_ALG_PUBLIC type;
int ret;
ret = tpm2_start(&tssc);
if (ret)
return ret;
- ret = tpm2_load_key(tssc, shadow_info, &key);
+ ret = tpm2_load_key(tssc, shadow_info, &key, &type);
if (ret)
goto out;
- ret = tpm2_sign(ctrl, tssc, key, digest, digestlen, r_sig, r_siglen);
+ ret = tpm2_sign(ctrl, tssc, key, type, digest, digestlen, r_sig, r_siglen);
tpm2_flush_handle(tssc, key);
@@ -130,11 +131,12 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
{
TSS_CONTEXT *tssc;
TPM_HANDLE key;
+ TPMI_ALG_PUBLIC type;
int ret;
const unsigned char *s;
size_t n;
- *r_padding = 0;
+ *r_padding = -1;
(void)desc_text;
@@ -155,6 +157,7 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
return gpg_error (GPG_ERR_INV_SEXP);
if (smatch (&s, n, "rsa"))
{
+ *r_padding = 0;
if (*s != '(')
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
s++;
@@ -165,6 +168,30 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
return gpg_error (GPG_ERR_UNKNOWN_SEXP);
n = snext (&s);
}
+ else if (smatch (&s, n, "ecdh"))
+ {
+ if (*s != '(')
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ s++;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+ if (smatch (&s, n, "s"))
+ {
+ n = snext (&s);
+ s += n;
+ if (*s++ != ')')
+ return gpg_error (GPG_ERR_INV_SEXP);
+ if (*s++ != '(')
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+ }
+ if (!smatch (&s, n, "e"))
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ n = snext (&s);
+ }
else
return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
@@ -173,10 +200,14 @@ divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
ret = tpm2_start(&tssc);
if (ret)
return ret;
- ret = tpm2_load_key(tssc, shadow_info, &key);
+ ret = tpm2_load_key(tssc, shadow_info, &key, &type);
if (ret)
goto out;
- ret = tpm2_decrypt(ctrl, tssc, key, s, n, r_buf, r_len);
+
+ if (type == TPM_ALG_RSA)
+ ret = tpm2_rsa_decrypt(ctrl, tssc, key, s, n, r_buf, r_len);
+ else if (type == TPM_ALG_ECC)
+ ret = tpm2_ecc_decrypt(ctrl, tssc, key, s, n, r_buf, r_len);
tpm2_flush_handle(tssc, key);
diff --git a/agent/tpm2.c b/agent/tpm2.c
index 734f0fe..ff57560 100644
--- a/agent/tpm2.c
+++ b/agent/tpm2.c
@@ -313,7 +313,7 @@ parse_tpm2_shadow_info (const unsigned char *shadow_info,
int
tpm2_load_key(TSS_CONTEXT *tssc, const unsigned char *shadow_info,
- TPM_HANDLE *key)
+ TPM_HANDLE *key, TPMI_ALG_PUBLIC *type)
{
uint32_t parent;
Load_In in;
@@ -339,6 +339,8 @@ tpm2_load_key(TSS_CONTEXT *tssc, const unsigned char *shadow_info,
size = pub_len;
pTPM2B_PUBLIC_Unmarshal(&in.inPublic, &buf, &size, FALSE);
+ *type = in.inPublic.publicArea.type;
+
rc = pTSS_Execute(tssc,
(RESPONSE_PARAMETERS *)&out,
(COMMAND_PARAMETERS *)&in,
@@ -358,7 +360,8 @@ tpm2_load_key(TSS_CONTEXT *tssc, const unsigned char *shadow_info,
int
tpm2_sign(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
- const unsigned char *digest, size_t digestlen,
+ TPMI_ALG_PUBLIC type,
+ const unsigned char *digest, size_t digestlen,
unsigned char **r_sig, size_t *r_siglen)
{
Sign_In in;
@@ -367,7 +370,6 @@ tpm2_sign(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
/* The TPM insists on knowing the digest type, so
* calculate that from the size */
- in.inScheme.scheme = TPM_ALG_RSASSA;
switch (digestlen) {
case 20:
in.inScheme.details.rsassa.hashAlg = TPM_ALG_SHA1;
@@ -394,22 +396,181 @@ tpm2_sign(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
in.validation.hierarchy = TPM_RH_NULL;
in.validation.digest.t.size = 0;
+ if (type == TPM_ALG_RSA)
+ in.inScheme.scheme = TPM_ALG_RSASSA;
+ else if (type == TPM_ALG_ECC)
+ in.inScheme.scheme = TPM_ALG_ECDSA;
+ else
+ return GPG_ERR_PUBKEY_ALGO;
+
+
ret = tpm2_exec_with_auth(ctrl, tssc, TPM_CC_Sign, "TPM2_Sign", &out, &in);
if (ret)
return ret;
- *r_siglen = out.signature.signature.rsassa.sig.t.size;
+ if (type == TPM_ALG_RSA)
+ *r_siglen = out.signature.signature.rsassa.sig.t.size;
+ else if (type == TPM_ALG_ECC)
+ *r_siglen = out.signature.signature.ecdsa.signatureR.t.size
+ + out.signature.signature.ecdsa.signatureS.t.size;
+
*r_sig = xtrymalloc(*r_siglen);
if (!r_sig)
return GPG_ERR_ENOMEM;
- memcpy(*r_sig, out.signature.signature.rsassa.sig.t.buffer, *r_siglen);
+ if (type == TPM_ALG_RSA)
+ {
+ memcpy(*r_sig, out.signature.signature.rsassa.sig.t.buffer, *r_siglen);
+ }
+ else if (type == TPM_ALG_ECC)
+ {
+ memcpy(*r_sig, out.signature.signature.ecdsa.signatureR.t.buffer,
+ out.signature.signature.ecdsa.signatureR.t.size);
+ memcpy(*r_sig + out.signature.signature.ecdsa.signatureR.t.size,
+ out.signature.signature.ecdsa.signatureS.t.buffer,
+ out.signature.signature.ecdsa.signatureS.t.size);
+ }
return 0;
}
static int
-sexp_to_tpm2_sensitive(TPMT_SENSITIVE *s, gcry_sexp_t key)
+sexp_to_tpm2_sensitive_ecc(TPMT_SENSITIVE *s, gcry_sexp_t key)
+{
+ gcry_mpi_t d;
+ gcry_sexp_t l;
+ int rc = -1;
+ size_t len;
+
+ s->sensitiveType = TPM_ALG_ECC;
+ s->seedValue.b.size = 0;
+
+ l = gcry_sexp_find_token (key, "d", 0);
+ if (!l)
+ return rc;
+ d = gcry_sexp_nth_mpi (l, 1, GCRYMPI_FMT_USG);
+ gcry_sexp_release (l);
+ len = sizeof(s->sensitive.ecc.t.buffer);
+ rc = gcry_mpi_print (GCRYMPI_FMT_USG, s->sensitive.ecc.t.buffer, len, &len, d);
+ s->sensitive.ecc.t.size = len;
+ gcry_mpi_release (d);
+
+ return rc;
+}
+
+/* try to match the libgcrypt curve names to known TPM parameters.
+ *
+ * As of 2018 the TCG defined curves are only NIST
+ * (192,224,256,384,521) Barreto-Naehring (256,638) and the Chinese
+ * SM2 (256), which means only the NIST ones overlap with libgcrypt */
+static struct {
+ const char *name;
+ TPMI_ECC_CURVE c;
+} tpm2_curves[] = {
+ { "NIST P-192", TPM_ECC_NIST_P192 },
+ { "prime192v1", TPM_ECC_NIST_P192 },
+ { "secp192r1", TPM_ECC_NIST_P192 },
+ { "nistp192", TPM_ECC_NIST_P192 },
+ { "NIST P-224", TPM_ECC_NIST_P224 },
+ { "secp224r1", TPM_ECC_NIST_P224 },
+ { "nistp224", TPM_ECC_NIST_P224 },
+ { "NIST P-256", TPM_ECC_NIST_P256 },
+ { "prime256v1", TPM_ECC_NIST_P256 },
+ { "secp256r1", TPM_ECC_NIST_P256 },
+ { "nistp256", TPM_ECC_NIST_P256 },
+ { "NIST P-384", TPM_ECC_NIST_P384 },
+ { "secp384r1", TPM_ECC_NIST_P384 },
+ { "nistp384", TPM_ECC_NIST_P384 },
+ { "NIST P-521", TPM_ECC_NIST_P521 },
+ { "secp521r1", TPM_ECC_NIST_P521 },
+ { "nistp521", TPM_ECC_NIST_P521 },
+};
+
+static int
+tpm2_ecc_curve (const char *curve_name, TPMI_ECC_CURVE *c)
+{
+ int i;
+
+ for (i = 0; i < DIM (tpm2_curves); i++)
+ if (strcmp (tpm2_curves[i].name, curve_name) == 0)
+ break;
+ if (i == DIM (tpm2_curves)) {
+ log_error ("curve %s does not match any available TPM curves\n", curve_name);
+ return GPG_ERR_UNKNOWN_CURVE;
+ }
+
+ *c = tpm2_curves[i].c;
+
+ return 0;
+}
+
+static int
+sexp_to_tpm2_public_ecc(TPMT_PUBLIC *p, gcry_sexp_t key)
+{
+ const char *q;
+ gcry_sexp_t l;
+ int rc = GPG_ERR_BAD_PUBKEY;
+ size_t len;
+ TPMI_ECC_CURVE curve;
+ char *curve_name;
+
+ l = gcry_sexp_find_token (key, "curve", 0);
+ if (!l)
+ return rc;
+ curve_name = gcry_sexp_nth_string (l, 1);
+ if (!curve_name)
+ goto out;
+ rc = tpm2_ecc_curve (curve_name, &curve);
+ gcry_free (curve_name);
+ if (rc)
+ goto out;
+ gcry_sexp_release(l);
+
+ l = gcry_sexp_find_token (key, "q", 0);
+ if (!l)
+ return rc;
+ q = gcry_sexp_nth_data (l, 1, &len);
+ /* This is a point representation, the first byte tells you what
+ * type. The only format we understand is uncompressed (0x04)
+ * which has layout 0x04 | x | y */
+ if (q[0] != 0x04)
+ {
+ log_error ("Point format for q is not uncompressed\n");
+ goto out;
+ }
+ q++;
+ len--;
+ /* now should have to equal sized big endian point numbers */
+ if ((len & 0x01) == 1)
+ {
+ log_error ("Point format for q has incorrect length\n");
+ goto out;
+ }
+
+ len >>= 1;
+
+ p->type = TPM_ALG_ECC;
+ p->nameAlg = TPM_ALG_SHA256;
+ p->objectAttributes.val = TPMA_OBJECT_NODA |
+ TPMA_OBJECT_SIGN |
+ TPMA_OBJECT_DECRYPT |
+ TPMA_OBJECT_USERWITHAUTH;
+ p->authPolicy.t.size = 0;
+ p->parameters.eccDetail.symmetric.algorithm = TPM_ALG_NULL;
+ p->parameters.eccDetail.scheme.scheme = TPM_ALG_NULL;
+ p->parameters.eccDetail.curveID = curve;
+ p->parameters.eccDetail.kdf.scheme = TPM_ALG_NULL;
+ memcpy(p->unique.ecc.x.t.buffer, q, len);
+ p->unique.ecc.x.t.size = len;
+ memcpy(p->unique.ecc.y.t.buffer, q + len, len);
+ p->unique.ecc.y.t.size = len;
+ out:
+ gcry_sexp_release (l);
+ return rc;
+}
+
+static int
+sexp_to_tpm2_sensitive_rsa(TPMT_SENSITIVE *s, gcry_sexp_t key)
{
gcry_mpi_t p;
gcry_sexp_t l;
@@ -433,7 +594,7 @@ sexp_to_tpm2_sensitive(TPMT_SENSITIVE *s, gcry_sexp_t key)
}
static int
-sexp_to_tpm2_public(TPMT_PUBLIC *p, gcry_sexp_t key)
+sexp_to_tpm2_public_rsa(TPMT_PUBLIC *p, gcry_sexp_t key)
{
gcry_mpi_t n, e;
gcry_sexp_t l;
@@ -506,12 +667,18 @@ sexp_to_tpm2(TPMT_PUBLIC *p, TPMT_SENSITIVE *s, gcry_sexp_t s_skey)
return rc;
l2 = gcry_sexp_find_token (l1, "rsa", 0);
- if (!l2)
- goto out;
-
- rc = sexp_to_tpm2_public(p, l2);
- if (!rc)
- rc = sexp_to_tpm2_sensitive(s, l2);
+ if (l2) {
+ rc = sexp_to_tpm2_public_rsa (p, l2);
+ if (!rc)
+ rc = sexp_to_tpm2_sensitive_rsa (s, l2);
+ } else {
+ l2 = gcry_sexp_find_token (l1, "ecc", 0);
+ if (!l2)
+ goto out;
+ rc = sexp_to_tpm2_public_ecc (p, l2);
+ if (!rc)
+ rc = sexp_to_tpm2_sensitive_ecc (s, l2);
+ }
gcry_sexp_release(l2);
@@ -757,9 +924,61 @@ tpm2_import_key(ctrl_t ctrl, TSS_CONTEXT *tssc, char *pub, int *pub_len,
}
int
-tpm2_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
- const char *ciphertext, int ciphertext_len,
- char **decrypt, size_t *decrypt_len)
+tpm2_ecc_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const char *ciphertext, int ciphertext_len,
+ char **decrypt, size_t *decrypt_len)
+{
+ ECDH_ZGen_In in;
+ ECDH_ZGen_Out out;
+ size_t len;
+ int ret;
+
+ /* This isn't really a decryption per se. The ciphertext actually
+ * contains an EC Point which we must multiply by the private key number.
+ *
+ * The reason is to generate a diffe helman agreement on a shared
+ * point. This shared point is then used to generate the per
+ * session encryption key.
+ */
+ if (ciphertext[0] != 0x04)
+ {
+ log_error ("Decryption Shared Point format is not uncompressed\n");
+ return GPG_ERR_ENCODING_PROBLEM;
+ }
+ if ((ciphertext_len & 0x01) != 1)
+ {
+ log_error ("Decryption Shared Point has incorrect length\n");
+ return GPG_ERR_ENCODING_PROBLEM;
+ }
+ len = ciphertext_len >> 1;
+
+ in.keyHandle = key;
+ memcpy(in.inPoint.point.x.t.buffer, ciphertext + 1, len);
+ in.inPoint.point.x.t.size = len;
+ memcpy(in.inPoint.point.y.t.buffer, ciphertext + 1 + len, len);
+ in.inPoint.point.y.t.size = len;
+
+ ret = tpm2_exec_with_auth(ctrl, tssc, TPM_CC_ECDH_ZGen, "TPM2_ECDH_ZGen",
+ &out, &in);
+ if (ret)
+ return ret;
+
+ *decrypt_len = out.outPoint.point.x.t.size + out.outPoint.point.y.t.size + 1;
+ *decrypt = xtrymalloc(*decrypt_len);
+ (*decrypt)[0] = 0x04;
+ memcpy(*decrypt + 1, out.outPoint.point.x.t.buffer,
+ out.outPoint.point.x.t.size);
+ memcpy(*decrypt + 1 + out.outPoint.point.x.t.size,
+ out.outPoint.point.y.t.buffer,
+ out.outPoint.point.y.t.size);
+
+ return 0;
+}
+
+int
+tpm2_rsa_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const char *ciphertext, int ciphertext_len,
+ char **decrypt, size_t *decrypt_len)
{
RSA_Decrypt_In in;
RSA_Decrypt_Out out;
diff --git a/agent/tpm2.h b/agent/tpm2.h
index 2e16803..7a63aab 100644
--- a/agent/tpm2.h
+++ b/agent/tpm2.h
@@ -10,13 +10,18 @@ int tpm2_start(TSS_CONTEXT **tssc);
void tpm2_end(TSS_CONTEXT *tssc);
void tpm2_flush_handle(TSS_CONTEXT *tssc, TPM_HANDLE h);
int tpm2_load_key(TSS_CONTEXT *tssc, const unsigned char *shadow_info,
- TPM_HANDLE *key);
+ TPM_HANDLE *key, TPMI_ALG_PUBLIC *type);
int tpm2_sign(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ TPMI_ALG_PUBLIC type,
const unsigned char *digest, size_t digestlen,
unsigned char **r_sig, size_t *r_siglen);
int tpm2_import_key(ctrl_t ctrl, TSS_CONTEXT *tssc, char *pub, int *pub_len,
char *priv, int *priv_len, gcry_sexp_t s_skey);
-int tpm2_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
- const char *ciphertext, int ciphertext_len,
- char **decrypt, size_t *decrypt_len);
+int tpm2_rsa_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const char *ciphertext, int ciphertext_len,
+ char **decrypt, size_t *decrypt_len);
+int tpm2_ecc_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const char *ciphertext, int ciphertext_len,
+ char **decrypt, size_t *decrypt_len);
+
#endif
commit c4c7b7d7ba6b9d52bb7884b4bb4f84b7dd96340b
Author: James Bottomley
Date: Mon Mar 5 11:16:40 2018 -0800
g10: add ability to transfer a private key to the tpm
* g10/keyedit.c (cmdKEYTOTPM): New enum value.
(cmds): New command "keytotpm".
(keyedit_menu): Implement cmdKEYTOTPM.
--
Exactly like the gpg --edit-key command keytosc, keytotpm has been
added which immedately converts the private key file to TPM shadowed
form. Once this is done, the key cannot be recovered and may only be
used via the TPM of the computer system on which the conversion was
done. If that system is ever lost, or its TPM cleared, the shadowed
key becomes unusable.
Signed-off-by: James Bottomley
diff --git a/g10/call-agent.c b/g10/call-agent.c
index b1f589b..8b224f7 100644
--- a/g10/call-agent.c
+++ b/g10/call-agent.c
@@ -778,6 +778,28 @@ agent_scd_apdu (const char *hexapdu, unsigned int *r_sw)
return err;
}
+int
+agent_keytotpm (ctrl_t ctrl, const char *hexgrip)
+{
+ int rc;
+ char line[ASSUAN_LINELENGTH];
+ struct default_inq_parm_s parm;
+
+ snprintf(line, DIM(line), "KEYTOTPM %s\n", hexgrip);
+
+ rc = start_agent (ctrl, 0);
+ if (rc)
+ return rc;
+ parm.ctx = agent_ctx;
+ parm.ctrl = ctrl;
+
+ rc = assuan_transact (agent_ctx, line, NULL, NULL, default_inq_cb, &parm,
+ NULL, NULL);
+ if (rc)
+ log_log (GPGRT_LOGLVL_ERROR, _("error from TPM: %s\n"), gpg_strerror (rc));
+ return rc;
+}
+
int
agent_keytocard (const char *hexgrip, int keyno, int force,
diff --git a/g10/call-agent.h b/g10/call-agent.h
index 53775c5..ba4c398 100644
--- a/g10/call-agent.h
+++ b/g10/call-agent.h
@@ -91,6 +91,9 @@ gpg_error_t agent_scd_apdu (const char *hexapdu, unsigned int *r_sw);
/* Update INFO with the attribute NAME. */
int agent_scd_getattr (const char *name, struct agent_card_info_s *info);
+/* send the KEYTOTPM command */
+int agent_keytotpm (ctrl_t ctrl, const char *hexgrip);
+
/* Send the KEYTOCARD command. */
int agent_keytocard (const char *hexgrip, int keyno, int force,
const char *serialno, const char *timestamp);
diff --git a/g10/keyedit.c b/g10/keyedit.c
index 2c33a29..038c318 100644
--- a/g10/keyedit.c
+++ b/g10/keyedit.c
@@ -1241,7 +1241,7 @@ enum cmdids
#endif /*!NO_TRUST_MODELS*/
cmdSHOWPREF,
cmdSETPREF, cmdPREFKS, cmdNOTATION, cmdINVCMD, cmdSHOWPHOTO, cmdUPDTRUST,
- cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdBKUPTOCARD,
+ cmdCHKTRUST, cmdADDCARDKEY, cmdKEYTOCARD, cmdKEYTOTPM, cmdBKUPTOCARD,
cmdCLEAN, cmdMINIMIZE, cmdGRIP, cmdNOP
};
@@ -1292,6 +1292,8 @@ static struct
N_("add a key to a smartcard")},
{ "keytocard", cmdKEYTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
N_("move a key to a smartcard")},
+ { "keytotpm", cmdKEYTOTPM, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
+ N_("convert a key to TPM form using the local TPM")},
{ "bkuptocard", cmdBKUPTOCARD, KEYEDIT_NEED_SK | KEYEDIT_NEED_SUBSK,
N_("move a backup key to a smartcard")},
#endif /*ENABLE_CARD_SUPPORT */
@@ -1789,6 +1791,47 @@ keyedit_menu (ctrl_t ctrl, const char *username, strlist_t locusr,
}
break;
+ case cmdKEYTOTPM:
+ /* FIXME need to store the key and not commit until later */
+ {
+ KBNODE node = NULL;
+ switch (count_selected_keys (keyblock))
+ {
+ case 0:
+ if (cpr_get_answer_is_yes
+ ("keyedit.keytocard.use_primary",
+ /* TRANSLATORS: Please take care: This is about
+ moving the key and not about removing it. */
+ _("Really move the primary key? (y/N) ")))
+ node = keyblock;
+ break;
+ case 1:
+ for (node = keyblock; node; node = node->next)
+ {
+ if (node->pkt->pkttype == PKT_PUBLIC_SUBKEY
+ && node->flag & NODFLG_SELKEY)
+ break;
+ }
+ break;
+ default:
+ tty_printf (_("You must select exactly one key.\n"));
+ break;
+ }
+ if (node)
+ {
+ PKT_public_key *xxpk = node->pkt->pkt.public_key;
+ char *hexgrip;
+
+ hexkeygrip_from_pk (xxpk, &hexgrip);
+ if (!agent_keytotpm (ctrl, hexgrip))
+ {
+ redisplay = 1;
+ }
+ xfree (hexgrip);
+ }
+ }
+ break;
+
case cmdKEYTOCARD:
{
KBNODE node = NULL;
commit 1a4a4a8f5fa575df64ab130b03e666920f7093ee
Author: James Bottomley
Date: Mon Mar 5 11:15:29 2018 -0800
agent: plumb in TPM handling
* agent/divert-tpm2.c: New.
* Makefile.am (gpg_agent_SOURCES): Add it.
* agent/command.c (do_one_keyinfo): Fake serialno for TPM.
(cmd_keytotpm): New.
(register_commands): Register KEYTOTPM command.
* agent/pkdecrypt.c (agent_pkdecrypt): Divert to TPM.
* agent/pksign.c (agent_pksign_do): Divert to TPM.
--
This code installs diversions for pksign and pkdecrypt to do the
operations via the TPM if a TPM shadowed key is present. It also adds
an extra assuan command KEYTOTPM which moves an existing private key
to a TPM shadowed key.
The way TPM shadowing works is that the public and private key parts
are fed in to the TPM command TPM2_Import. The output of this command
is a TPM specific public and private key data where the private key
data is symmetrically encrypted using a TPM internal key. If this
physical TPM is ever lost or cleared, that TPM internal key will
likewise be lost and nothing will ever be able to read the private
key. Once the import is done, the shadow information for the key is
updated to be a three part list consisting of the parent key (hard
coded to 81000001 which is the Microsoft preferred RSA incarnation of
the storage seed) and the public and private TPM data blobs.
Now when a TPM shadowed key is used, the data blobs must be loaded
into the TPM with TPM2_Load before any operation can be performed.
Signed-off-by: James Bottomley
- Added ChangeLog entries
Signed-off-by: Werner Koch
diff --git a/agent/Makefile.am b/agent/Makefile.am
index 39e69cd..290ef12 100644
--- a/agent/Makefile.am
+++ b/agent/Makefile.am
@@ -51,6 +51,7 @@ gpg_agent_SOURCES = \
protect.c \
trustlist.c \
divert-scd.c \
+ divert-tpm2.c \
tpm2.c \
cvt-openpgp.c cvt-openpgp.h \
call-scd.c \
diff --git a/agent/agent.h b/agent/agent.h
index e13ee1f..7a77eb6 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -417,6 +417,7 @@ gpg_error_t agent_public_key_from_file (ctrl_t ctrl,
gcry_sexp_t *result);
int agent_is_dsa_key (gcry_sexp_t s_key);
int agent_is_eddsa_key (gcry_sexp_t s_key);
+int agent_is_tpm2_key(gcry_sexp_t s_key);
int agent_key_available (const unsigned char *grip);
gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
int *r_keytype,
@@ -533,6 +534,18 @@ gpg_error_t agent_marktrusted (ctrl_t ctrl, const char *name,
const char *fpr, int flag);
void agent_reload_trustlist (void);
+/*-- divert-tpm2.c --*/
+int divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text,
+ const unsigned char *digest, size_t digestlen, int algo,
+ const unsigned char *shadow_info, unsigned char **r_sig,
+ size_t *r_siglen);
+int divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
+ const unsigned char *cipher,
+ const unsigned char *shadow_info,
+ char **r_buf, size_t *r_len, int *r_padding);
+int divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip,
+ gcry_sexp_t s_skey);
+
/*-- divert-scd.c --*/
int divert_pksign (ctrl_t ctrl, const char *desc_text,
diff --git a/agent/command.c b/agent/command.c
index 32c12d9..c439aa5 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1192,6 +1192,11 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
if (err)
goto leave;
}
+ else if (strcmp (shadow_info_type, "tpm2-v1") == 0)
+ {
+ serialno = xstrdup("TPM-Protected");
+ idstr = NULL;
+ }
else
{
log_error ("Unrecognised shadow key type %s\n", shadow_info_type);
@@ -2578,6 +2583,57 @@ cmd_keytocard (assuan_context_t ctx, char *line)
+static const char hlp_keytotpm[] =
+ "KEYTOTPM \n"
+ "\n";
+static gpg_error_t
+cmd_keytotpm (assuan_context_t ctx, char *line)
+{
+ ctrl_t ctrl = assuan_get_pointer (ctx);
+ gpg_error_t err = 0;
+ unsigned char grip[20];
+ gcry_sexp_t s_skey;
+ unsigned char *shadow_info = NULL;
+
+ if (ctrl->restricted)
+ return leave_cmd (ctx, gpg_error (GPG_ERR_FORBIDDEN));
+
+ err = parse_keygrip (ctx, line, grip);
+ if (err)
+ goto leave;
+
+ if (agent_key_available (grip))
+ {
+ err =gpg_error (GPG_ERR_NO_SECKEY);
+ goto leave;
+ }
+
+ err = agent_key_from_file (ctrl, NULL, ctrl->server_local->keydesc, grip,
+ &shadow_info, CACHE_MODE_IGNORE, NULL,
+ &s_skey, NULL);
+ if (err)
+ {
+ xfree (shadow_info);
+ goto leave;
+ }
+ if (shadow_info)
+ {
+ /* Key is on a TPM or smartcard already. */
+ xfree (shadow_info);
+ gcry_sexp_release (s_skey);
+ err = gpg_error (GPG_ERR_UNUSABLE_SECKEY);
+ goto leave;
+ }
+
+ err = divert_tpm2_writekey (ctrl, grip, s_skey);
+ gcry_sexp_release (s_skey);
+
+ leave:
+ return leave_cmd (ctx, err);
+}
+
+
+
static const char hlp_getval[] =
"GETVAL \n"
"\n"
@@ -3243,6 +3299,7 @@ register_commands (assuan_context_t ctx)
{ "RELOADAGENT", cmd_reloadagent,hlp_reloadagent },
{ "GETINFO", cmd_getinfo, hlp_getinfo },
{ "KEYTOCARD", cmd_keytocard, hlp_keytocard },
+ { "KEYTOTPM", cmd_keytotpm, hlp_keytotpm },
{ NULL }
};
int i, rc;
diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
new file mode 100644
index 0000000..dc3110d
--- /dev/null
+++ b/agent/divert-tpm2.c
@@ -0,0 +1,187 @@
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "agent.h"
+#include "../common/i18n.h"
+#include "../common/sexp-parse.h"
+
+#include "tpm2.h"
+
+int
+divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text,
+ const unsigned char *digest, size_t digestlen, int algo,
+ const unsigned char *shadow_info, unsigned char **r_sig,
+ size_t *r_siglen)
+{
+ TSS_CONTEXT *tssc;
+ TPM_HANDLE key;
+ int ret;
+
+ ret = tpm2_start(&tssc);
+ if (ret)
+ return ret;
+ ret = tpm2_load_key(tssc, shadow_info, &key);
+ if (ret)
+ goto out;
+ ret = tpm2_sign(ctrl, tssc, key, digest, digestlen, r_sig, r_siglen);
+
+ tpm2_flush_handle(tssc, key);
+
+ out:
+ tpm2_end(tssc);
+ return ret;
+}
+
+static unsigned char *
+make_tpm2_shadow_info (uint32_t parent, const char *pub, int pub_len,
+ const char *priv, int priv_len)
+{
+ gcry_sexp_t s_exp;
+ size_t len;
+ char *info;
+
+ gcry_sexp_build(&s_exp, NULL, "(%u%b%b)", parent, pub_len, pub, priv_len, priv);
+
+ len = gcry_sexp_sprint(s_exp, GCRYSEXP_FMT_CANON, NULL, 0);
+ info = xtrymalloc(len);
+ gcry_sexp_sprint(s_exp, GCRYSEXP_FMT_CANON, info, len);
+
+ gcry_sexp_release(s_exp);
+
+ return (unsigned char *)info;
+}
+
+static gpg_error_t
+agent_write_tpm2_shadow_key (ctrl_t ctrl, const unsigned char *grip,
+ int parent, char *pub, int pub_len,
+ char *priv, int priv_len)
+{
+ gpg_error_t err;
+ unsigned char *shadow_info;
+ unsigned char *shdkey;
+ unsigned char *pkbuf;
+ size_t len;
+ gcry_sexp_t s_pkey;
+
+ err = agent_public_key_from_file (ctrl, grip, &s_pkey);
+ len = gcry_sexp_sprint(s_pkey, GCRYSEXP_FMT_CANON, NULL, 0);
+ pkbuf = xtrymalloc (len);
+ gcry_sexp_sprint (s_pkey, GCRYSEXP_FMT_CANON, pkbuf, len);
+ gcry_sexp_release (s_pkey);
+
+ shadow_info = make_tpm2_shadow_info (parent, pub, pub_len, priv, priv_len);
+ if (!shadow_info) {
+ xfree (pkbuf);
+ return gpg_error_from_syserror ();
+ }
+
+ err = agent_shadow_key_type (pkbuf, shadow_info, "tpm2-v1", &shdkey);
+ xfree (shadow_info);
+ xfree (pkbuf);
+ if (err)
+ {
+ log_error ("shadowing the key failed: %s\n", gpg_strerror (err));
+ return err;
+ }
+
+ len = gcry_sexp_canon_len (shdkey, 0, NULL, NULL);
+ err = agent_write_private_key (grip, shdkey, len, 1 /*force*/);
+ xfree (shdkey);
+ if (err)
+ log_error ("error writing key: %s\n", gpg_strerror (err));
+
+ return err;
+}
+
+int
+divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip,
+ gcry_sexp_t s_skey)
+{
+ TSS_CONTEXT *tssc;
+ int ret, pub_len, priv_len;
+ /* priv is always shielded so no special handling required */
+ char pub[sizeof(TPM2B_PUBLIC)], priv[sizeof(TPM2B_PRIVATE)];
+
+ ret = tpm2_start(&tssc);
+ if (ret)
+ return ret;
+ ret = tpm2_import_key (ctrl, tssc, pub, &pub_len, priv, &priv_len, s_skey);
+ if (ret)
+ goto out;
+ ret = agent_write_tpm2_shadow_key (ctrl, grip, TPM2_PARENT, pub, pub_len,
+ priv, priv_len);
+ out:
+ tpm2_end(tssc);
+ return ret;
+}
+
+int
+divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
+ const unsigned char *cipher,
+ const unsigned char *shadow_info,
+ char **r_buf, size_t *r_len, int *r_padding)
+{
+ TSS_CONTEXT *tssc;
+ TPM_HANDLE key;
+ int ret;
+ const unsigned char *s;
+ size_t n;
+
+ *r_padding = 0;
+
+ (void)desc_text;
+
+ s = cipher;
+ if (*s != '(')
+ return gpg_error (GPG_ERR_INV_SEXP);
+ s++;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+ if (!smatch (&s, n, "enc-val"))
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ if (*s != '(')
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ s++;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+ if (smatch (&s, n, "rsa"))
+ {
+ if (*s != '(')
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ s++;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+ if (!smatch (&s, n, "a"))
+ return gpg_error (GPG_ERR_UNKNOWN_SEXP);
+ n = snext (&s);
+ }
+ else
+ return gpg_error (GPG_ERR_UNSUPPORTED_ALGORITHM);
+
+ /* know we have RSA to decrypt at s,n */
+
+ ret = tpm2_start(&tssc);
+ if (ret)
+ return ret;
+ ret = tpm2_load_key(tssc, shadow_info, &key);
+ if (ret)
+ goto out;
+ ret = tpm2_decrypt(ctrl, tssc, key, s, n, r_buf, r_len);
+
+ tpm2_flush_handle(tssc, key);
+
+ out:
+ tpm2_end(tssc);
+ return ret;
+
+}
diff --git a/agent/pkdecrypt.c b/agent/pkdecrypt.c
index 06a8e0b..6f766ca 100644
--- a/agent/pkdecrypt.c
+++ b/agent/pkdecrypt.c
@@ -86,8 +86,12 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
goto leave;
}
- rc = divert_pkdecrypt (ctrl, desc_text, ciphertext, shadow_info,
- &buf, &len, r_padding);
+ if (agent_is_tpm2_key (s_skey))
+ rc = divert_tpm2_pkdecrypt (ctrl, desc_text, ciphertext, shadow_info,
+ &buf, &len, r_padding);
+ else
+ rc = divert_pkdecrypt (ctrl, desc_text, ciphertext, shadow_info,
+ &buf, &len, r_padding);
if (rc)
{
log_error ("smartcard decryption failed: %s\n", gpg_strerror (rc));
diff --git a/agent/pksign.c b/agent/pksign.c
index f54af08..dae2638 100644
--- a/agent/pksign.c
+++ b/agent/pksign.c
@@ -353,10 +353,16 @@ agent_pksign_do (ctrl_t ctrl, const char *cache_nonce,
if (desc_text)
agent_modify_description (desc_text, NULL, s_skey, &desc2);
- err = divert_pksign (ctrl, desc2? desc2 : desc_text,
- data, datalen,
- ctrl->digest.algo,
- shadow_info, &buf, &len);
+ if (agent_is_tpm2_key (s_skey))
+ err = divert_tpm2_pksign (ctrl, desc2? desc2 : desc_text,
+ data, datalen,
+ ctrl->digest.algo,
+ shadow_info, &buf, &len);
+ else
+ err = divert_pksign (ctrl, desc2? desc2 : desc_text,
+ data, datalen,
+ ctrl->digest.algo,
+ shadow_info, &buf, &len);
xfree (desc2);
}
if (err)
commit 144cceec7ca132d471cc6b7b200e0c59a23663d1
Author: James Bottomley
Date: Mon Mar 5 11:14:34 2018 -0800
agent: add tpm specific functions
* agent/tpm2.c: New.
* agent/Makefile.am (gpg_agent_SOURCES): Add new file.
(gpg_agent_LDFLAGS): Add DL_LIBS.
* agent/tpm2.h: New.
--
This commit adds code to handle the three specific functions needed to
make the agent TPM aware, namely the ability to load a key from shadow
information, the ability to sign a digest with that key, the ability
to decrypt with the key and the ability to import a key to the TPM.
The TPM2 is a bit of an esoteric beast, so all TPM specific callouts
are confined inside this code. Additionaly, it requires the tss2
library to function, so the code is designed such that if the library
isn't present then all TPM functions simply fail. This allows the
code to be compiled with TPM support, but not require that the support
library be present on the system.
Signed-off-by: James Bottomley
- Added ChangeLog entries.
- Added DL_LIBS.
- Removed one -Wdeclaration-after-statement case.
Signed-off-by: Werner Koch
diff --git a/agent/Makefile.am b/agent/Makefile.am
index ce29462..39e69cd 100644
--- a/agent/Makefile.am
+++ b/agent/Makefile.am
@@ -51,6 +51,7 @@ gpg_agent_SOURCES = \
protect.c \
trustlist.c \
divert-scd.c \
+ tpm2.c \
cvt-openpgp.c cvt-openpgp.h \
call-scd.c \
learncard.c
@@ -70,7 +71,7 @@ gpg_agent_LDADD = $(commonpth_libs) \
$(LIBGCRYPT_LIBS) $(LIBASSUAN_LIBS) $(NPTH_LIBS) \
$(GPG_ERROR_LIBS) $(LIBINTL) $(NETLIBS) $(LIBICONV) \
$(resource_objs)
-gpg_agent_LDFLAGS = $(extra_bin_ldflags)
+gpg_agent_LDFLAGS = $(DL_LIBS) $(extra_bin_ldflags)
gpg_agent_DEPENDENCIES = $(resource_objs)
gpg_protect_tool_SOURCES = \
diff --git a/agent/tpm2.c b/agent/tpm2.c
new file mode 100644
index 0000000..734f0fe
--- /dev/null
+++ b/agent/tpm2.c
@@ -0,0 +1,784 @@
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include "../common/i18n.h"
+#include "../common/sexp-parse.h"
+
+#include
+#include
+#include
+#include
+#include
+
+/* List of tss2 functions we use. This is macro jiggery-pokery:
+ * the F argument gives us the ability to run an arbitrary macro over
+ * the function list as for each function do macro F */
+#define _TSS2_LIST(F) \
+ F(TSS_Create); \
+ F(TSS_SetProperty); \
+ F(TSS_Execute); \
+ F(TSS_ResponseCode_toString); \
+ F(TPM2B_PUBLIC_Unmarshal); \
+ F(TPM2B_PRIVATE_Unmarshal); \
+ F(TSS_TPM2B_PUBLIC_Marshal); \
+ F(TSS_TPMT_PUBLIC_Marshal); \
+ F(TSS_TPM2B_PRIVATE_Marshal); \
+ F(TSS_UINT16_Marshal); \
+ F(TSS_TPMT_SENSITIVE_Marshal); \
+ F(TSS_SetProperty); \
+ F(TSS_GetDigestSize); \
+ F(TSS_Hash_Generate); \
+ F(TSS_Delete);
+
+/* create static declarations for the function pointers */
+#define _DL_DECLARE(func) \
+ static typeof(func) *p##func
+_TSS2_LIST(_DL_DECLARE);
+
+static const char *tpm2_dir;
+
+/* The TPM builds a small database of active files representing key
+ * parameters used for authentication and session encryption. Make sure
+ * they're contained in a separate directory to avoid stepping on any
+ * other application uses of the TPM */
+static const char *
+tpm2_set_unique_tssdir(void)
+{
+ char *prefix = getenv("XDG_RUNTIME_DIR"), *template,
+ *dir;
+ int len = 0;
+
+ if (!prefix)
+ prefix = "/tmp";
+
+ len = snprintf(NULL, 0, "%s/tss2.XXXXXX", prefix);
+ if (len <= 0)
+ return NULL;
+ template = xtrymalloc(len + 1);
+ if (!template)
+ return NULL;
+
+ len++;
+ len = snprintf(template, len, "%s/tss2.XXXXXX", prefix);
+
+ dir = mkdtemp(template);
+
+ return dir;
+}
+
+/* now dynamically load the tss library (if it exists) and resolve the
+ * above symbols. This allows us simply to return 0 for tpm2_init on
+ * systems where there is no TPM library */
+static int
+tpm2_init(void)
+{
+ static int inited = 0;
+ const char *sym;
+ void *dl;
+
+ if (inited)
+ return 0;
+
+ dl = dlopen(TSS2_LIB, RTLD_LAZY);
+
+ if (!dl)
+ {
+ log_error("opening of tss2 library failed %s\n", strerror(errno));
+ return GPG_ERR_CARD_NOT_PRESENT;
+ }
+
+ /* load each symbol pointer and check for existence */
+# define _DL_SYM(func) \
+ sym = #func; \
+ p##func = dlsym(dl, #func); \
+ if (p##func == NULL) \
+ goto out_symfail
+
+ _TSS2_LIST(_DL_SYM);
+
+ tpm2_dir = tpm2_set_unique_tssdir();
+ if (!tpm2_dir)
+ /* make this non fatal */
+ log_error("Failed to set unique TPM directory\n");
+ inited = 1;
+ return 0;
+
+ out_symfail:
+ log_error("Failed to find symbol %s in tss2 library\n", sym);
+ return GPG_ERR_CARD_NOT_PRESENT;
+}
+
+static void
+tpm2_error(TPM_RC rc, char *prefix)
+{
+ const char *msg, *submsg, *num;
+
+ pTSS_ResponseCode_toString(&msg, &submsg, &num, rc);
+ log_error("%s gave TPM2 Error: %s%s%s", prefix, msg, submsg, num);
+}
+
+#define _TSS_CHECK(f) \
+ rc = f; \
+ if (rc != TPM_RC_SUCCESS) \
+ { \
+ tpm2_error(rc, #f); \
+ return GPG_ERR_CARD; \
+ }
+
+int
+tpm2_start(TSS_CONTEXT **tssc)
+{
+ TPM_RC rc;
+ int ret;
+
+ ret = tpm2_init();
+ if (ret)
+ return ret;
+
+ _TSS_CHECK(pTSS_Create(tssc));
+ _TSS_CHECK(pTSS_SetProperty(*tssc, TPM_DATA_DIR, tpm2_dir));
+ return 0;
+}
+
+void
+tpm2_end(TSS_CONTEXT *tssc)
+{
+ pTSS_Delete(tssc);
+}
+
+void
+tpm2_flush_handle(TSS_CONTEXT *tssc, TPM_HANDLE h)
+{
+ FlushContext_In in;
+
+ if (!h)
+ return;
+
+ in.flushHandle = h;
+ pTSS_Execute(tssc, NULL,
+ (COMMAND_PARAMETERS *)&in,
+ NULL,
+ TPM_CC_FlushContext,
+ TPM_RH_NULL, NULL, 0);
+}
+
+static int
+tpm2_get_hmac_handle(TSS_CONTEXT *tssc, TPM_HANDLE *handle,
+ TPM_HANDLE salt_key)
+{
+ TPM_RC rc;
+ StartAuthSession_In in;
+ StartAuthSession_Out out;
+ StartAuthSession_Extra extra;
+
+ memset(&in, 0, sizeof(in));
+ memset(&extra, 0 , sizeof(extra));
+ in.bind = TPM_RH_NULL;
+ in.sessionType = TPM_SE_HMAC;
+ in.authHash = TPM_ALG_SHA256;
+ in.tpmKey = TPM_RH_NULL;
+ in.symmetric.algorithm = TPM_ALG_AES;
+ in.symmetric.keyBits.aes = 128;
+ in.symmetric.mode.aes = TPM_ALG_CFB;
+ if (salt_key) {
+ ReadPublic_In rin;
+ ReadPublic_Out rout;
+
+ rin.objectHandle = salt_key;
+ rc = pTSS_Execute (tssc,
+ (RESPONSE_PARAMETERS *)&rout,
+ (COMMAND_PARAMETERS *)&rin,
+ NULL,
+ TPM_CC_ReadPublic,
+ TPM_RH_NULL, NULL, 0);
+ if (rc) {
+ tpm2_error(rc, "TPM2_ReadPublic");
+ return GPG_ERR_CARD;
+ }
+
+ /* don't care what rout returns, the purpose of the operation was
+ * to get the public key parameters into the tss so it can
+ * construct the salt */
+ in.tpmKey = salt_key;
+ }
+ rc = pTSS_Execute(tssc,
+ (RESPONSE_PARAMETERS *)&out,
+ (COMMAND_PARAMETERS *)&in,
+ (EXTRA_PARAMETERS *)&extra,
+ TPM_CC_StartAuthSession,
+ TPM_RH_NULL, NULL, 0);
+ if (rc) {
+ tpm2_error(rc, "TPM2_StartAuthSession");
+ return GPG_ERR_CARD;
+ }
+
+ *handle = out.sessionHandle;
+
+ return 0;
+}
+
+static int
+tpm2_exec_with_auth(ctrl_t ctrl, TSS_CONTEXT *tssc, int cmd, char *cmd_str,
+ void *out, void *in)
+{
+ TPM_HANDLE ah;
+ struct pin_entry_info_s *pi;
+ TPM_RC rc;
+
+ pi = gcry_xmalloc_secure(sizeof(*pi) + MAX_PASSPHRASE_LEN + 10);
+ pi->max_length = MAX_PASSPHRASE_LEN;
+ pi->min_digits = 0; /* want a real passphrase */
+ pi->max_digits = 16;
+ pi->max_tries = 3;
+ rc = agent_askpin(ctrl, NULL, "TPM Key Passphrase", NULL, pi, NULL, 0);
+ if (rc) {
+ gcry_free (pi);
+ return rc;
+ }
+
+ rc = tpm2_get_hmac_handle(tssc, &ah, 0);
+ if (rc)
+ return rc;
+
+ rc = pTSS_Execute(tssc, out, in, NULL,
+ cmd,
+ ah, pi->pin, 0,
+ TPM_RH_NULL, NULL, 0);
+ gcry_free (pi);
+ if (rc) {
+ tpm2_error(rc, cmd_str);
+ tpm2_flush_handle(tssc, ah);
+ switch (rc & 0xFF) {
+ case TPM_RC_BAD_AUTH:
+ case TPM_RC_AUTH_FAIL:
+ return GPG_ERR_BAD_PASSPHRASE;
+ default:
+ return GPG_ERR_CARD;
+ }
+ }
+ return 0;
+}
+
+static gpg_error_t
+parse_tpm2_shadow_info (const unsigned char *shadow_info,
+ uint32_t *parent,
+ const char **pub, int *pub_len,
+ const char **priv, int *priv_len)
+{
+ const unsigned char *s;
+ size_t n;
+ int i;
+
+ s = shadow_info;
+ if (*s != '(')
+ return gpg_error (GPG_ERR_INV_SEXP);
+ s++;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+ *parent = 0;
+ for (i = 0; i < n; i++) {
+ *parent *= 10;
+ *parent += atoi_1(s+i);
+ }
+
+ s += n;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+
+ *pub_len = n;
+ *pub = s;
+
+ s += n;
+ n = snext (&s);
+ if (!n)
+ return gpg_error (GPG_ERR_INV_SEXP);
+
+ *priv_len = n;
+ *priv = s;
+
+ return 0;
+}
+
+int
+tpm2_load_key(TSS_CONTEXT *tssc, const unsigned char *shadow_info,
+ TPM_HANDLE *key)
+{
+ uint32_t parent;
+ Load_In in;
+ Load_Out out;
+ const char *pub, *priv;
+ int ret, pub_len, priv_len;
+ TPM_RC rc;
+ BYTE *buf;
+ uint32_t size;
+
+ ret = parse_tpm2_shadow_info (shadow_info, &parent, &pub, &pub_len,
+ &priv, &priv_len);
+ if (ret)
+ return ret;
+
+ in.parentHandle = parent;
+
+ buf = (BYTE *)priv;
+ size = priv_len;
+ pTPM2B_PRIVATE_Unmarshal(&in.inPrivate, &buf, &size);
+
+ buf = (BYTE *)pub;
+ size = pub_len;
+ pTPM2B_PUBLIC_Unmarshal(&in.inPublic, &buf, &size, FALSE);
+
+ rc = pTSS_Execute(tssc,
+ (RESPONSE_PARAMETERS *)&out,
+ (COMMAND_PARAMETERS *)&in,
+ NULL,
+ TPM_CC_Load,
+ TPM_RS_PW, NULL, 0,
+ TPM_RH_NULL, NULL, 0);
+ if (rc != TPM_RC_SUCCESS) {
+ tpm2_error(rc, "TPM2_Load");
+ return GPG_ERR_CARD;
+ }
+
+ *key = out.objectHandle;
+
+ return 0;
+}
+
+int
+tpm2_sign(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const unsigned char *digest, size_t digestlen,
+ unsigned char **r_sig, size_t *r_siglen)
+{
+ Sign_In in;
+ Sign_Out out;
+ int ret;
+
+ /* The TPM insists on knowing the digest type, so
+ * calculate that from the size */
+ in.inScheme.scheme = TPM_ALG_RSASSA;
+ switch (digestlen) {
+ case 20:
+ in.inScheme.details.rsassa.hashAlg = TPM_ALG_SHA1;
+ break;
+ case 32:
+ in.inScheme.details.rsassa.hashAlg = TPM_ALG_SHA256;
+ break;
+ case 48:
+ in.inScheme.details.rsassa.hashAlg = TPM_ALG_SHA384;
+ break;
+#ifdef TPM_ALG_SHA512
+ case 64:
+ in.inScheme.details.rsassa.hashAlg = TPM_ALG_SHA512;
+ break;
+#endif
+ default:
+ log_error("Unknown signature digest length, cannot deduce hash type for TPM\n");
+ return GPG_ERR_NO_SIGNATURE_SCHEME;
+ }
+ in.digest.t.size = digestlen;
+ memcpy(in.digest.t.buffer, digest, digestlen);
+ in.keyHandle = key;
+ in.validation.tag = TPM_ST_HASHCHECK;
+ in.validation.hierarchy = TPM_RH_NULL;
+ in.validation.digest.t.size = 0;
+
+ ret = tpm2_exec_with_auth(ctrl, tssc, TPM_CC_Sign, "TPM2_Sign", &out, &in);
+ if (ret)
+ return ret;
+
+ *r_siglen = out.signature.signature.rsassa.sig.t.size;
+ *r_sig = xtrymalloc(*r_siglen);
+ if (!r_sig)
+ return GPG_ERR_ENOMEM;
+
+ memcpy(*r_sig, out.signature.signature.rsassa.sig.t.buffer, *r_siglen);
+
+ return 0;
+}
+
+static int
+sexp_to_tpm2_sensitive(TPMT_SENSITIVE *s, gcry_sexp_t key)
+{
+ gcry_mpi_t p;
+ gcry_sexp_t l;
+ int rc = -1;
+ size_t len;
+
+ s->sensitiveType = TPM_ALG_RSA;
+ s->seedValue.b.size = 0;
+
+ l = gcry_sexp_find_token (key, "p", 0);
+ if (!l)
+ return rc;
+ p = gcry_sexp_nth_mpi (l, 1, GCRYMPI_FMT_USG);
+ gcry_sexp_release (l);
+ len = sizeof(s->sensitive.rsa.t.buffer);
+ rc = gcry_mpi_print (GCRYMPI_FMT_USG, s->sensitive.rsa.t.buffer, len, &len, p);
+ s->sensitive.rsa.t.size = len;
+ gcry_mpi_release (p);
+
+ return rc;
+}
+
+static int
+sexp_to_tpm2_public(TPMT_PUBLIC *p, gcry_sexp_t key)
+{
+ gcry_mpi_t n, e;
+ gcry_sexp_t l;
+ int rc = -1, i;
+ size_t len;
+ /* longer than an int */
+ unsigned char ebuf[5];
+ uint32_t exp = 0;
+
+ p->type = TPM_ALG_RSA;
+ p->nameAlg = TPM_ALG_SHA256;
+ /* note: all our keys are decrypt only. This is because
+ * we use the TPM2_RSA_Decrypt operation for both signing
+ * and decryption (see e_tpm2.c for details) */
+ p->objectAttributes.val = TPMA_OBJECT_NODA |
+ TPMA_OBJECT_DECRYPT |
+ TPMA_OBJECT_SIGN |
+ TPMA_OBJECT_USERWITHAUTH;
+ p->authPolicy.t.size = 0;
+ p->parameters.rsaDetail.symmetric.algorithm = TPM_ALG_NULL;
+ p->parameters.rsaDetail.scheme.scheme = TPM_ALG_NULL;
+
+ l = gcry_sexp_find_token (key, "n", 0);
+ if (!l)
+ return rc;
+ n = gcry_sexp_nth_mpi (l, 1, GCRYMPI_FMT_USG);
+ gcry_sexp_release (l);
+ len = sizeof(p->unique.rsa.t.buffer);
+ p->parameters.rsaDetail.keyBits = gcry_mpi_get_nbits (n);
+ rc = gcry_mpi_print (GCRYMPI_FMT_USG, p->unique.rsa.t.buffer, len, &len, n);
+ p->unique.rsa.t.size = len;
+ gcry_mpi_release (n);
+ if (rc)
+ return rc;
+ rc = -1;
+ l = gcry_sexp_find_token (key, "e", 0);
+ if (!l)
+ return rc;
+ e = gcry_sexp_nth_mpi (l, 1, GCRYMPI_FMT_USG);
+ gcry_sexp_release (l);
+ len = sizeof (ebuf);
+ rc = gcry_mpi_print (GCRYMPI_FMT_USG, ebuf, len, &len, e);
+ gcry_mpi_release (e);
+ if (rc)
+ return rc;
+ if (len > 4)
+ return -1;
+
+ /* MPI are simply big endian integers, so convert to uint32 */
+ for (i = 0; i < len; i++) {
+ exp <<= 8;
+ exp += ebuf[i];
+ }
+ if (exp == 0x10001)
+ p->parameters.rsaDetail.exponent = 0;
+ else
+ p->parameters.rsaDetail.exponent = exp;
+ return 0;
+}
+
+static int
+sexp_to_tpm2(TPMT_PUBLIC *p, TPMT_SENSITIVE *s, gcry_sexp_t s_skey)
+{
+ gcry_sexp_t l1, l2;
+ int rc = -1;
+
+ /* find the value of (private-key */
+ l1 = gcry_sexp_nth (s_skey, 1);
+ if (!l1)
+ return rc;
+
+ l2 = gcry_sexp_find_token (l1, "rsa", 0);
+ if (!l2)
+ goto out;
+
+ rc = sexp_to_tpm2_public(p, l2);
+ if (!rc)
+ rc = sexp_to_tpm2_sensitive(s, l2);
+
+ gcry_sexp_release(l2);
+
+ out:
+ gcry_sexp_release(l1);
+ return rc;
+}
+
+/* copied from TPM implementation code */
+static TPM_RC
+tpm2_ObjectPublic_GetName(TPM2B_NAME *name,
+ TPMT_PUBLIC *tpmtPublic)
+{
+ TPM_RC rc = 0;
+ uint16_t written = 0;
+ TPMT_HA digest;
+ uint32_t sizeInBytes;
+ uint8_t buffer[MAX_RESPONSE_SIZE];
+
+ /* marshal the TPMT_PUBLIC */
+ if (rc == 0) {
+ INT32 size = MAX_RESPONSE_SIZE;
+ uint8_t *buffer1 = buffer;
+ rc = pTSS_TPMT_PUBLIC_Marshal(tpmtPublic, &written, &buffer1, &size);
+ }
+ /* hash the public area */
+ if (rc == 0) {
+ sizeInBytes = pTSS_GetDigestSize(tpmtPublic->nameAlg);
+ digest.hashAlg = tpmtPublic->nameAlg; /* Name digest algorithm */
+ /* generate the TPMT_HA */
+ rc = pTSS_Hash_Generate(&digest,
+ written, buffer,
+ 0, NULL);
+ }
+ if (rc == 0) {
+ TPMI_ALG_HASH nameAlgNbo;
+
+ /* copy the digest */
+ memcpy(name->t.name + sizeof(TPMI_ALG_HASH), (uint8_t *)&digest.digest, sizeInBytes);
+ /* copy the hash algorithm */
+ nameAlgNbo = htons(tpmtPublic->nameAlg);
+ memcpy(name->t.name, (uint8_t *)&nameAlgNbo, sizeof(TPMI_ALG_HASH));
+ /* set the size */
+ name->t.size = sizeInBytes + sizeof(TPMI_ALG_HASH);
+ }
+ return rc;
+}
+
+/*
+ * Cut down version of Part 4 Supporting Routines 7.6.3.10
+ *
+ * Hard coded to symmetrically encrypt with aes128 as the inner
+ * wrapper and no outer wrapper but with a prototype that allows
+ * drop in replacement with a tss equivalent
+ */
+TPM_RC tpm2_SensitiveToDuplicate(TPMT_SENSITIVE *s,
+ TPM2B_NAME *name,
+ TPM_ALG_ID nalg,
+ TPMT_SYM_DEF_OBJECT *symdef,
+ TPM2B_DATA *innerkey,
+ TPM2B_PRIVATE *p)
+{
+ BYTE *buf = p->t.buffer;
+
+ p->t.size = 0;
+ memset(p, 0, sizeof(*p));
+
+ /* hard code AES CFB */
+ if (symdef->algorithm == TPM_ALG_AES
+ && symdef->mode.aes == TPM_ALG_CFB) {
+ TPMT_HA hash;
+ const int hlen = pTSS_GetDigestSize(nalg);
+ TPM2B *digest = (TPM2B *)buf;
+ TPM2B *s2b;
+ int32_t size;
+ unsigned char null_iv[AES_128_BLOCK_SIZE_BYTES];
+ UINT16 bsize, written = 0;
+ gcry_cipher_hd_t hd;
+
+ /* WARNING: don't use the static null_iv trick here:
+ * the AES routines alter the passed in iv */
+ memset(null_iv, 0, sizeof(null_iv));
+
+ /* reserve space for hash before the encrypted sensitive */
+ bsize = sizeof(digest->size) + hlen;
+ buf += bsize;
+ p->t.size += bsize;
+ s2b = (TPM2B *)buf;
+
+ /* marshal the digest size */
+ buf = (BYTE *)&digest->size;
+ bsize = hlen;
+ size = 2;
+ pTSS_UINT16_Marshal(&bsize, &written, &buf, &size);
+
+ /* marshal the unencrypted sensitive in place */
+ size = sizeof(*s);
+ bsize = 0;
+ buf = s2b->buffer;
+ pTSS_TPMT_SENSITIVE_Marshal(s, &bsize, &buf, &size);
+ buf = (BYTE *)&s2b->size;
+ size = 2;
+ pTSS_UINT16_Marshal(&bsize, &written, &buf, &size);
+
+ bsize = bsize + sizeof(s2b->size);
+ p->t.size += bsize;
+
+ /* compute hash of unencrypted marshalled sensitive and
+ * write to the digest buffer */
+ hash.hashAlg = nalg;
+ pTSS_Hash_Generate(&hash, bsize, s2b,
+ name->t.size, name->t.name,
+ 0, NULL);
+ memcpy(digest->buffer, &hash.digest, hlen);
+ gcry_cipher_open (&hd, GCRY_CIPHER_AES128,
+ GCRY_CIPHER_MODE_CFB, GCRY_CIPHER_SECURE);
+ gcry_cipher_setiv(hd, null_iv, sizeof(null_iv));
+ gcry_cipher_setkey(hd, innerkey->b.buffer, innerkey->b.size);
+ /* encrypt the hash and sensitive in-place */
+ gcry_cipher_encrypt(hd, p->t.buffer, p->t.size, NULL, 0);
+ gcry_cipher_close(hd);
+
+ } else if (symdef->algorithm == TPM_ALG_NULL) {
+ TPM2B *s2b = (TPM2B *)buf;
+ int32_t size = sizeof(*s);
+ UINT16 bsize = 0, written = 0;
+
+ buf = s2b->buffer;
+
+ /* marshal the unencrypted sensitive in place */
+ pTSS_TPMT_SENSITIVE_Marshal(s, &bsize, &buf, &size);
+ buf = (BYTE *)&s2b->size;
+ size = 2;
+ pTSS_UINT16_Marshal(&bsize, &written, &buf, &size);
+
+ p->b.size += bsize + sizeof(s2b->size);
+ } else {
+ log_error ("Unknown symmetric algorithm\n");
+ return TPM_RC_SYMMETRIC;
+ }
+
+ return TPM_RC_SUCCESS;
+}
+
+static void
+tpm2_encrypt_duplicate(Import_In *iin, TPMT_SENSITIVE *s)
+{
+ TPM2B_NAME name;
+ TPMT_PUBLIC *p = &iin->objectPublic.publicArea;
+ const int aes_key_bits = 128;
+ const int aes_key_bytes = aes_key_bits/8;
+
+ tpm2_ObjectPublic_GetName(&name, p);
+ gcry_randomize(iin->encryptionKey.t.buffer,
+ aes_key_bytes, GCRY_STRONG_RANDOM);
+ iin->encryptionKey.t.size = aes_key_bytes;
+
+ /* set random iin.symSeed */
+ iin->inSymSeed.t.size = 0;
+ iin->symmetricAlg.algorithm = TPM_ALG_AES;
+ iin->symmetricAlg.keyBits.aes = aes_key_bits;
+ iin->symmetricAlg.mode.aes = TPM_ALG_CFB;
+
+ tpm2_SensitiveToDuplicate(s, &name, p->nameAlg, &iin->symmetricAlg,
+ &iin->encryptionKey, &iin->duplicate);
+}
+
+int
+tpm2_import_key(ctrl_t ctrl, TSS_CONTEXT *tssc, char *pub, int *pub_len,
+ char *priv, int *priv_len, gcry_sexp_t s_skey)
+{
+ Import_In iin;
+ Import_Out iout;
+ TPMT_SENSITIVE s;
+ TPM_HANDLE ah;
+ TPM_RC rc;
+
+ uint32_t size;
+ uint16_t len;
+ BYTE *buffer;
+ int ret;
+ char *passphrase;
+
+ iin.parentHandle = TPM2_PARENT;
+ ret = sexp_to_tpm2(&iin.objectPublic.publicArea, &s, s_skey);
+ if (ret) {
+ log_error("Failed to parse Key s-expression: key corrupt?\n");
+ return ret;
+ }
+
+ /* add an authorization password to the key which the TPM will check */
+
+ ret = agent_ask_new_passphrase (ctrl, _("Please enter the TPM Authorization passphrase for the key."), &passphrase);
+ if (ret)
+ return ret;
+ s.authValue.b.size = strlen(passphrase);
+ memcpy(s.authValue.b.buffer, passphrase, s.authValue.b.size);
+
+ /* We're responsible for securing the data in transmission to the
+ * TPM here. The TPM provides parameter encryption via a session,
+ * but only for the first parameter. For TPM2_Import, the first
+ * parameter is a symmetric key used to encrypt the sensitive data,
+ * so we must populate this key with random value and encrypt the
+ * sensitive data with it */
+ tpm2_encrypt_duplicate(&iin, &s);
+
+ /* use salted parameter encryption to hide the key. First we read
+ * the public parameters of the parent key and use them to agree an
+ * encryption for the first parameter */
+ rc = tpm2_get_hmac_handle(tssc, &ah, TPM2_PARENT);
+ if (rc)
+ return GPG_ERR_CARD;
+
+ rc = pTSS_Execute(tssc,
+ (RESPONSE_PARAMETERS *)&iout,
+ (COMMAND_PARAMETERS *)&iin,
+ NULL,
+ TPM_CC_Import,
+ ah, NULL, TPMA_SESSION_DECRYPT,
+ TPM_RH_NULL, NULL, 0);
+ if (rc) {
+ tpm2_error(rc, "TPM2_Import");
+ /* failure means auth handle is not flushed */
+ tpm2_flush_handle(tssc, ah);
+ return GPG_ERR_CARD;
+ }
+
+ size = sizeof(TPM2B_PUBLIC);
+ buffer = pub;
+ len = 0;
+ pTSS_TPM2B_PUBLIC_Marshal(&iin.objectPublic,
+ &len, &buffer, &size);
+ *pub_len = len;
+
+ size = sizeof(TPM2B_PRIVATE);
+ buffer = priv;
+ len = 0;
+ pTSS_TPM2B_PRIVATE_Marshal(&iout.outPrivate,
+ &len, &buffer, &size);
+ *priv_len = len;
+
+ return 0;
+}
+
+int
+tpm2_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const char *ciphertext, int ciphertext_len,
+ char **decrypt, size_t *decrypt_len)
+{
+ RSA_Decrypt_In in;
+ RSA_Decrypt_Out out;
+ int ret;
+
+ in.keyHandle = key;
+ in.inScheme.scheme = TPM_ALG_RSAES;
+ in.cipherText.t.size = ciphertext_len;
+ memcpy (in.cipherText.t.buffer, ciphertext, ciphertext_len);
+ in.label.t.size = 0;
+
+ ret = tpm2_exec_with_auth(ctrl, tssc, TPM_CC_RSA_Decrypt, "TPM2_RSA_Decrypt",
+ &out, &in);
+ if (ret)
+ return ret;
+
+ *decrypt_len = out.message.t.size;
+ *decrypt = xtrymalloc(out.message.t.size);
+ memcpy (*decrypt, out.message.t.buffer, out.message.t.size);
+
+ return 0;
+}
diff --git a/agent/tpm2.h b/agent/tpm2.h
new file mode 100644
index 0000000..2e16803
--- /dev/null
+++ b/agent/tpm2.h
@@ -0,0 +1,22 @@
+#ifndef _TPM2_H
+#define _TPM2_H
+
+#include
+
+#define TSS2_LIB "libtss.so.0"
+#define TPM2_PARENT 0x81000001
+
+int tpm2_start(TSS_CONTEXT **tssc);
+void tpm2_end(TSS_CONTEXT *tssc);
+void tpm2_flush_handle(TSS_CONTEXT *tssc, TPM_HANDLE h);
+int tpm2_load_key(TSS_CONTEXT *tssc, const unsigned char *shadow_info,
+ TPM_HANDLE *key);
+int tpm2_sign(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const unsigned char *digest, size_t digestlen,
+ unsigned char **r_sig, size_t *r_siglen);
+int tpm2_import_key(ctrl_t ctrl, TSS_CONTEXT *tssc, char *pub, int *pub_len,
+ char *priv, int *priv_len, gcry_sexp_t s_skey);
+int tpm2_decrypt(ctrl_t ctrl, TSS_CONTEXT *tssc, TPM_HANDLE key,
+ const char *ciphertext, int ciphertext_len,
+ char **decrypt, size_t *decrypt_len);
+#endif
commit 30c434eaf34e8facb3df0eebdd2de26f4fa604af
Author: James Bottomley
Date: Mon Mar 5 11:13:25 2018 -0800
agent: expose shadow key type
* agent/findkey.c (agent_key_info_from_file): Add new return arg
r_shadow_info_type.
* agent/protect.c (agent_shadow_key): Factor code out to ...
(agent_shadow_key_type): new. Add arg 'type'.
(agent_get_shadow_info): Factor code out to ...
(agent_get_shadow_info_type): new. Add arg 'shadow_type'.
(agent_is_tpm2_key): New.
(agent_get_shadow_type): New.
* agent/command.c (do_one_keyinfo): Get and check the
shadow_info_type.
--
For TPM support it is necessary to indroduce another type of shadow
key, so allow other agent functions to extract the type so they can
make the right decisions based on it.
Signed-off-by: James Bottomley
Added ChangeLog entries.
Signed-off-by: Werner Koch
diff --git a/agent/agent.h b/agent/agent.h
index 0d5cf4f..e13ee1f 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -420,7 +420,8 @@ int agent_is_eddsa_key (gcry_sexp_t s_key);
int agent_key_available (const unsigned char *grip);
gpg_error_t agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
int *r_keytype,
- unsigned char **r_shadow_info);
+ unsigned char **r_shadow_info,
+ unsigned char **r_shadow_info_type);
gpg_error_t agent_delete_key (ctrl_t ctrl, const char *desc_text,
const unsigned char *grip,
int force, int only_stubs);
@@ -503,8 +504,15 @@ unsigned char *make_shadow_info (const char *serialno, const char *idstring);
int agent_shadow_key (const unsigned char *pubkey,
const unsigned char *shadow_info,
unsigned char **result);
+int agent_shadow_key_type (const unsigned char *pubkey,
+ const unsigned char *shadow_info,
+ const unsigned char *type,
+ unsigned char **result);
gpg_error_t agent_get_shadow_info (const unsigned char *shadowkey,
unsigned char const **shadow_info);
+gpg_error_t agent_get_shadow_info_type (const unsigned char *shadowkey,
+ unsigned char const **shadow_info,
+ unsigned char **shadow_type);
gpg_error_t parse_shadow_info (const unsigned char *shadow_info,
char **r_hexsn, char **r_idstr, int *r_pinlen);
gpg_error_t s2k_hash_passphrase (const char *passphrase, int hashalgo,
diff --git a/agent/command.c b/agent/command.c
index e2486a5..32c12d9 100644
--- a/agent/command.c
+++ b/agent/command.c
@@ -1104,7 +1104,7 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
char hexgrip[40+1];
char *fpr = NULL;
int keytype;
- unsigned char *shadow_info = NULL;
+ unsigned char *shadow_info = NULL, *shadow_info_type = NULL;
char *serialno = NULL;
char *idstr = NULL;
const char *keytypestr;
@@ -1115,7 +1115,8 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
char ttlbuf[20];
char flagsbuf[5];
- err = agent_key_info_from_file (ctrl, grip, &keytype, &shadow_info);
+ err = agent_key_info_from_file (ctrl, grip, &keytype, &shadow_info,
+ &shadow_info_type);
if (err)
{
if (in_ssh && gpg_err_code (err) == GPG_ERR_NOT_FOUND)
@@ -1185,9 +1186,18 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
if (shadow_info)
{
- err = parse_shadow_info (shadow_info, &serialno, &idstr, NULL);
- if (err)
- goto leave;
+ if (strcmp (shadow_info_type, "t1-v1") == 0)
+ {
+ err = parse_shadow_info (shadow_info, &serialno, &idstr, NULL);
+ if (err)
+ goto leave;
+ }
+ else
+ {
+ log_error ("Unrecognised shadow key type %s\n", shadow_info_type);
+ err = GPG_ERR_BAD_KEY;
+ goto leave;
+ }
}
if (!data)
@@ -1222,6 +1232,7 @@ do_one_keyinfo (ctrl_t ctrl, const unsigned char *grip, assuan_context_t ctx,
leave:
xfree (fpr);
+ xfree (shadow_info_type);
xfree (shadow_info);
xfree (serialno);
xfree (idstr);
diff --git a/agent/findkey.c b/agent/findkey.c
index e3e9a12..d6c600e 100644
--- a/agent/findkey.c
+++ b/agent/findkey.c
@@ -1359,7 +1359,8 @@ agent_key_available (const unsigned char *grip)
S-expression. */
gpg_error_t
agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
- int *r_keytype, unsigned char **r_shadow_info)
+ int *r_keytype, unsigned char **r_shadow_info,
+ unsigned char **r_shadow_info_type)
{
gpg_error_t err;
unsigned char *buf;
@@ -1406,7 +1407,7 @@ agent_key_info_from_file (ctrl_t ctrl, const unsigned char *grip,
const unsigned char *s;
size_t n;
- err = agent_get_shadow_info (buf, &s);
+ err = agent_get_shadow_info_type (buf, &s, r_shadow_info_type);
if (!err)
{
n = gcry_sexp_canon_len (s, 0, NULL, NULL);
diff --git a/agent/protect.c b/agent/protect.c
index 16ae715..0920667 100644
--- a/agent/protect.c
+++ b/agent/protect.c
@@ -1499,9 +1499,10 @@ make_shadow_info (const char *serialno, const char *idstring)
to. The input parameters are expected to be valid canonicalized
S-expressions */
int
-agent_shadow_key (const unsigned char *pubkey,
- const unsigned char *shadow_info,
- unsigned char **result)
+agent_shadow_key_type (const unsigned char *pubkey,
+ const unsigned char *shadow_info,
+ const unsigned char *type,
+ unsigned char **result)
{
const unsigned char *s;
const unsigned char *point;
@@ -1557,7 +1558,7 @@ agent_shadow_key (const unsigned char *pubkey,
assert (depth == 1);
/* Calculate required length by taking in account: the "shadowed-"
- prefix, the "shadowed", "t1-v1" as well as some parenthesis */
+ prefix, the "shadowed", shadow type as well as some parenthesis */
n = 12 + pubkey_len + 1 + 3+8 + 2+5 + shadow_info_len + 1;
*result = xtrymalloc (n);
p = (char*)*result;
@@ -1567,7 +1568,7 @@ agent_shadow_key (const unsigned char *pubkey,
/* (10:public-key ...)*/
memcpy (p, pubkey+14, point - (pubkey+14));
p += point - (pubkey+14);
- p = stpcpy (p, "(8:shadowed5:t1-v1");
+ p += sprintf (p, "(8:shadowed%d:%s", (int)strlen(type), type);
memcpy (p, shadow_info, shadow_info_len);
p += shadow_info_len;
*p++ = ')';
@@ -1577,11 +1578,20 @@ agent_shadow_key (const unsigned char *pubkey,
return 0;
}
+int
+agent_shadow_key (const unsigned char *pubkey,
+ const unsigned char *shadow_info,
+ unsigned char **result)
+{
+ return agent_shadow_key_type (pubkey, shadow_info, "t1-v1", result);
+}
+
/* Parse a canonical encoded shadowed key and return a pointer to the
- inner list with the shadow_info */
+ inner list with the shadow_info and the shadow type */
gpg_error_t
-agent_get_shadow_info (const unsigned char *shadowkey,
- unsigned char const **shadow_info)
+agent_get_shadow_info_type (const unsigned char *shadowkey,
+ unsigned char const **shadow_info,
+ unsigned char **shadow_type)
{
const unsigned char *s;
size_t n;
@@ -1633,17 +1643,59 @@ agent_get_shadow_info (const unsigned char *shadowkey,
n = snext (&s);
if (!n)
return gpg_error (GPG_ERR_INV_SEXP);
- if (smatch (&s, n, "t1-v1"))
+ if (shadow_type) {
+ char *buf = xtrymalloc(n+1);
+ memcpy(buf, s, n);
+ buf[n] = '\0';
+ *shadow_type = buf;
+ }
+
+ if (smatch (&s, n, "t1-v1") || smatch(&s, n, "tpm2-v1"))
{
if (*s != '(')
return gpg_error (GPG_ERR_INV_SEXP);
- *shadow_info = s;
+ if (shadow_info)
+ *shadow_info = s;
}
else
return gpg_error (GPG_ERR_UNSUPPORTED_PROTOCOL);
return 0;
}
+gpg_error_t
+agent_get_shadow_info(const unsigned char *shadowkey,
+ unsigned char const **shadow_info)
+{
+ return agent_get_shadow_info_type(shadowkey, shadow_info, NULL);
+}
+
+int
+agent_is_tpm2_key(gcry_sexp_t s_skey)
+{
+ unsigned char *buf;
+ unsigned char *type;
+ size_t len;
+ gpg_error_t err;
+
+ err = make_canon_sexp(s_skey, &buf, &len);
+ if (err)
+ return 0;
+
+ err = agent_get_shadow_info_type(buf, NULL, &type);
+ if (err)
+ return 0;
+
+ err = strcmp(type, "tpm2-v1") == 0;
+ xfree(type);
+ return err;
+}
+
+gpg_error_t
+agent_get_shadow_type(const unsigned char *shadowkey,
+ unsigned char **shadow_type)
+{
+ return agent_get_shadow_info_type(shadowkey, NULL, shadow_type);
+}
/* Parse the canonical encoded SHADOW_INFO S-expression. On success
the hex encoded serial number is returned as a malloced strings at
-----------------------------------------------------------------------
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 10:47:23 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Fri, 09 Mar 2018 10:47:23 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-70-g172baaf
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 172baaf4d3e4ed03a4d3437be9efa3dfe6a847bc (commit)
via f2c1e8d8d54068a7f072efa178fc30460821eff3 (commit)
from 01686463948ac6096dd8579a110c478d3a1f9a83 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 172baaf4d3e4ed03a4d3437be9efa3dfe6a847bc
Author: Ben McGinnes
Date: Fri Mar 9 20:45:14 2018 +1100
doc: python bindings HOWTO
* Added instructions and code to count the number of public and secret
keys available since it was quick and easy.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 0b882b5..4385bc9 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -498,6 +498,39 @@
#+end_src
+* Working with keys
+ :PROPERTIES:
+ :CUSTOM_ID: howto-keys
+ :END:
+
+** Counting keys
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-verification
+ :END:
+
+ Counting the number of keys in your public keybox (=pubring.kbx=),
+ the format shich has superceded the old keyring format
+ (=pubring.gpg= and =secring.gpg=) is a very simple task.
+
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+ seckeys = c.keylist(pattern=None, secret=True)
+ pubkeys = c.keylist(pattern=None, secret=False)
+
+ seclist = list(seckeys)
+ secnum = len(seclist)
+
+ publist = list(pubkeys)
+ pubnum = len(publist)
+
+ print("""
+ Number of secret keys: {0}
+ Number of public keys: {1}
+ """.format(secnum, pubnum)
+ #+end_src
+
* Copyright and Licensing
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
commit f2c1e8d8d54068a7f072efa178fc30460821eff3
Author: Ben McGinnes
Date: Fri Mar 9 20:44:02 2018 +1100
doc: python TODO list
* Slightly tweaked one heading to make it clear it wasn't a duplicate.
diff --git a/lang/python/docs/TODO.org b/lang/python/docs/TODO.org
index df1aa4e..21d2216 100644
--- a/lang/python/docs/TODO.org
+++ b/lang/python/docs/TODO.org
@@ -70,7 +70,7 @@
Generating keys, adding subkeys, revoking subkeys (and keeping
the cert key), adding and revoking UIDs, signing/certifying keys.
-**** TODO Key control
+**** TODO More key control
:PROPERTIES:
:CUSTOM_ID: howto-key-selection
:END:
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 33 +++++++++++++++++++++++++++++++++
lang/python/docs/TODO.org | 2 +-
2 files changed, 34 insertions(+), 1 deletion(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Fri Mar 9 10:48:07 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Fri, 09 Mar 2018 10:48:07 +0100
Subject: [git] GnuPG - branch, master, updated. gnupg-2.2.5-121-gb32de1b
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, master has been updated
via b32de1bf3e5114eb29472c301f2d5bb9ffd2f4fa (commit)
from f574aabeeb873f14a586f80cac16b857e6088534 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b32de1bf3e5114eb29472c301f2d5bb9ffd2f4fa
Author: Werner Koch
Date: Fri Mar 9 10:41:44 2018 +0100
doc: Register DCOs for Ben McGinnes and James Bottomley
--
diff --git a/AUTHORS b/AUTHORS
index 0dabbc1..f43208a 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -172,6 +172,9 @@ Andreas Schwier
Arnaud Fontaine
2016-10-17:580484F4.8040806 at ssi.gouv.fr:
+Ben McGinnes
+2017-12-16:20171216002102.l6aejk5xdp6xhtfi at adversary.org:
+
Christian Aistleitner
2013-05-26:20130626112332.GA2228 at quelltextlich.at:
@@ -187,6 +190,9 @@ Hans of Guardian
Ineiev
2017-05-09:20170509121611.GH25850 at gnu.org:
+James Bottomley
+2018-02-01:1517501629.3145.9.camel at HansenPartnership.com:
+
Jonas Borgstr?m
2013-08-29:521F1E7A.5080602 at borgstrom.se:
-----------------------------------------------------------------------
Summary of changes:
AUTHORS | 6 ++++++
1 file changed, 6 insertions(+)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 02:17:35 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Mon, 12 Mar 2018 02:17:35 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-12-g655f0b9
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via 655f0b9ad0138e6f960bf4befaf0eea569256614 (commit)
from 1e27c0e04cd3280d498dc8b72d2e410f6287f656 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 655f0b9ad0138e6f960bf4befaf0eea569256614
Author: NIIBE Yutaka
Date: Mon Mar 12 10:17:05 2018 +0900
scd: Fix typo in previous commit.
Signed-off-by: NIIBE Yutaka
diff --git a/scd/apdu.c b/scd/apdu.c
index e797c09..2ae6253 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -682,7 +682,7 @@ pcsc_get_status (int slot, unsigned int *status, int on_wire)
(rdrstates[0].event_state & PCSC_STATE_PRESENT)? " present":"",
(rdrstates[0].event_state & PCSC_STATE_ATRMATCH)? " atr":"",
(rdrstates[0].event_state & PCSC_STATE_EXCLUSIVE)? " excl":"",
- (rdrstates[0].event_state & PCSC_STATE_INUSE)? " unuse":"",
+ (rdrstates[0].event_state & PCSC_STATE_INUSE)? " inuse":"",
(rdrstates[0].event_state & PCSC_STATE_MUTE)? " mute":"" );
*status = 0;
-----------------------------------------------------------------------
Summary of changes:
scd/apdu.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 10:44:07 2018
From: cvs at cvs.gnupg.org (by James Bottomley)
Date: Mon, 12 Mar 2018 10:44:07 +0100
Subject: [git] GnuPG - branch, tpm-work, updated. gnupg-2.2.5-127-g06c0d7f
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, tpm-work has been updated
via 06c0d7f28fa1842f9c52885b142a0d31ba60c8ae (commit)
from fb0470a9f5834b77fba2bf5e1b41f56d063e556f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 06c0d7f28fa1842f9c52885b142a0d31ba60c8ae
Author: James Bottomley
Date: Tue Mar 6 15:02:43 2018 -0800
build: Make TPM2 support conditional
* configure.ac (HAVE_LIBTSS): New acdefine and am_conditional.
* agent/Makefile.am: (gpg_agent_SOURCES): Move tpm files to ...
(gpg_agent_SOURCES) [HAVE_LIBTSS]: ... here.
* agent/agent.h (divert_tpm2_pksign, divert_tpm2_pkdecrypt)
(divert_tpm2_writekey) [!HAVE_LIBTSS]: Add stub functions.
--
This adds a configure stanza to check for the necessary libtss to
support TPM functions. If found, the library functions will be
dynamically loaded, meaning that a system built with TPM2 support will
still execute correctly (obviously minus TPM2 support) if installed
without libtss being present.
Signed-off-by: James Bottomley
diff --git a/agent/Makefile.am b/agent/Makefile.am
index 4fe74f5..3abdde4 100644
--- a/agent/Makefile.am
+++ b/agent/Makefile.am
@@ -51,12 +51,15 @@ gpg_agent_SOURCES = \
protect.c \
trustlist.c \
divert-scd.c \
- divert-tpm2.c \
- tpm2.c tpm2.h \
cvt-openpgp.c cvt-openpgp.h \
call-scd.c \
learncard.c
+if HAVE_LIBTSS
+gpg_agent_SOURCES += tpm2.c tpm2.h \
+ divert-tpm2.c
+endif
+
common_libs = $(libcommon)
commonpth_libs = $(libcommonpth)
if HAVE_W32CE_SYSTEM
diff --git a/agent/agent.h b/agent/agent.h
index 7a77eb6..67e82b7 100644
--- a/agent/agent.h
+++ b/agent/agent.h
@@ -535,6 +535,7 @@ gpg_error_t agent_marktrusted (ctrl_t ctrl, const char *name,
void agent_reload_trustlist (void);
/*-- divert-tpm2.c --*/
+#ifdef HAVE_LIBTSS
int divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text,
const unsigned char *digest, size_t digestlen, int algo,
const unsigned char *shadow_info, unsigned char **r_sig,
@@ -545,6 +546,31 @@ int divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
char **r_buf, size_t *r_len, int *r_padding);
int divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip,
gcry_sexp_t s_skey);
+#else
+static inline int divert_tpm2_pksign (ctrl_t ctrl, const char *desc_text,
+ const unsigned char *digest,
+ size_t digestlen, int algo,
+ const unsigned char *shadow_info,
+ unsigned char **r_sig,
+ size_t *r_siglen)
+{
+ return -EINVAL;
+}
+static inline int divert_tpm2_pkdecrypt (ctrl_t ctrl, const char *desc_text,
+ const unsigned char *cipher,
+ const unsigned char *shadow_info,
+ char **r_buf, size_t *r_len,
+ int *r_padding)
+{
+ return -EINVAL;
+}
+static inline int divert_tpm2_writekey (ctrl_t ctrl, const unsigned char *grip,
+ gcry_sexp_t s_skey)
+{
+ return -EINVAL;
+}
+#endif
+
/*-- divert-scd.c --*/
diff --git a/configure.ac b/configure.ac
index 9dd9230..fe1078a 100644
--- a/configure.ac
+++ b/configure.ac
@@ -100,6 +100,7 @@ have_gnutls=no
have_sqlite=no
have_npth=no
have_libusb=no
+have_libtss=no
have_system_resolver=no
gnupg_have_ldap="n/a"
@@ -1590,6 +1591,15 @@ AC_SUBST(NETLIBS)
AC_SUBST(W32SOCKLIBS)
#
+# TPM libtss library .. don't compile TPM support if we don't have it
+#
+AC_CHECK_LIB(tss, TSS_Create, [have_libtss=yes])
+if test "$have_libtss" = yes; then
+ AC_DEFINE(HAVE_LIBTSS, 1, [Defined if we have TPM2 support library])
+fi
+AM_CONDITIONAL(HAVE_LIBTSS, test "$have_libtss" = yes)
+
+#
# Setup gcc specific options
#
USE_C99_CFLAGS=
@@ -2072,6 +2082,7 @@ echo "
TLS support: $use_tls_library
TOFU support: $use_tofu
Tor support: $show_tor_support
+ TPM support: $have_libtss
"
if test x"$use_regex" != xyes ; then
echo "
-----------------------------------------------------------------------
Summary of changes:
agent/Makefile.am | 7 +++++--
agent/agent.h | 26 ++++++++++++++++++++++++++
configure.ac | 11 +++++++++++
3 files changed, 42 insertions(+), 2 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 11:57:46 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Mon, 12 Mar 2018 11:57:46 +0100
Subject: [git] GPG-ERROR - branch, master,
updated. libgpg-error-1.27-247-g863948a
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Error codes used by GnuPG et al.".
The branch, master has been updated
via 863948ab29d1016a271fd7e6d48af316dad4e939 (commit)
via 0e503cae75cb1a6aa257228a65941b7630ff35d6 (commit)
from 596c0d701edeb45e0069bb74b9343e3d5b708ef0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 863948ab29d1016a271fd7e6d48af316dad4e939
Author: Werner Koch
Date: Mon Mar 12 11:50:51 2018 +0100
core: Remove accidently committed time function API.
--
Fixes-commit: f9a33a7f7e44a644ff4e31f7e9f1c2c1ec1f8eee
diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in
index dc6f637..e78a6f1 100644
--- a/src/gpg-error.h.in
+++ b/src/gpg-error.h.in
@@ -1078,37 +1078,6 @@ void gpgrt_release_process (pid_t pid);
#endif /*0*/
-/*
- * Time functions
- */
-
-/* Our representation of time requires 8 byte. The value guaranteed
- * to be a C string with no '\n' in it. The time is always UTC. */
-typedef unsigned char gpgrt_time_t[8];
-
-/* Check that ATIME is a valid time. */
-gpg_err_code_t gpgrt_check_time (const gpgrt_time_t atime);
-
-/* Convert time into a Julian Date. Returns 0 for invalid dates. */
-unsigned int gpgrt_time2jd (const gpgrt_time_t atime, int *r_seconds);
-
-/* Convert the Julian Date (JD,SECS) into a time. If SECS is -1 noon
- * is assumed. */
-void gpgrt_jd2time (gpgrt_time_t atime, unsigned int jd, int secs);
-
-/* Convert a time into a Julian Date and return it as a float with
- * fractional seconds. */
-static GPG_ERR_INLINE double
-gpgrt_time2jd_dbl (const gpgrt_time_t atime)
-{
- unsigned int jd;
- int secs;
- jd = gpgrt_time2jd (atime, &secs);
- return jd + (secs/86400.0);
-}
-
-
-
#ifdef __cplusplus
}
#endif
commit 0e503cae75cb1a6aa257228a65941b7630ff35d6
Author: Werner Koch
Date: Mon Mar 12 11:01:27 2018 +0100
core: Do not export the process API
--
We may need to change the API and thus we better wait before
publishing this new interface.
Signed-off-by: Werner Koch
diff --git a/src/gpg-error.def.in b/src/gpg-error.def.in
index 3f26a89..eea6e4a 100644
--- a/src/gpg-error.def.in
+++ b/src/gpg-error.def.in
@@ -197,14 +197,15 @@ EXPORTS
gpgrt_chdir @150
gpgrt_getcwd @151
- gpgrt_make_pipe @152
- gpgrt_spawn_process @153
- gpgrt_spawn_process_fd @154
- gpgrt_spawn_process_detached @155
- gpgrt_wait_process @156
- gpgrt_wait_processes @157
- gpgrt_kill_process @158
- gpgrt_release_process @159
+;; API not yet finished for:
+;; gpgrt_make_pipe @152
+;; gpgrt_spawn_process @153
+;; gpgrt_spawn_process_fd @154
+;; gpgrt_spawn_process_detached @155
+;; gpgrt_wait_process @156
+;; gpgrt_wait_processes @157
+;; gpgrt_kill_process @158
+;; gpgrt_release_process @159
;; end of file with public symbols for Windows.
diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in
index 46e8f53..dc6f637 100644
--- a/src/gpg-error.h.in
+++ b/src/gpg-error.h.in
@@ -1027,8 +1027,9 @@ void _gpgrt_log_assert (const char *expr, const char *file, int line,
/*
- * Spawn functions
+ * Spawn functions (Not yet available)
*/
+#if 0
#define GPGRT_SPAWN_NONBLOCK 16 /* Set the streams to non-blocking. */
#define GPGRT_SPAWN_RUN_ASFW 64 /* Use AllowSetForegroundWindow on W32. */
@@ -1075,6 +1076,8 @@ void gpgrt_kill_process (pid_t pid);
/* Release process resources identified by PID. */
void gpgrt_release_process (pid_t pid);
+#endif /*0*/
+
/*
* Time functions
*/
diff --git a/src/gpg-error.vers b/src/gpg-error.vers
index a5f91aa..1105e80 100644
--- a/src/gpg-error.vers
+++ b/src/gpg-error.vers
@@ -169,14 +169,15 @@ GPG_ERROR_1.0 {
gpgrt_chdir;
gpgrt_getcwd;
- gpgrt_make_pipe;
- gpgrt_spawn_process;
- gpgrt_spawn_process_fd;
- gpgrt_spawn_process_detached;
- gpgrt_wait_process;
- gpgrt_wait_processes;
- gpgrt_kill_process;
- gpgrt_release_process;
+## API not yet finished for:
+# gpgrt_make_pipe;
+# gpgrt_spawn_process;
+# gpgrt_spawn_process_fd;
+# gpgrt_spawn_process_detached;
+# gpgrt_wait_process;
+# gpgrt_wait_processes;
+# gpgrt_kill_process;
+# gpgrt_release_process;
local:
diff --git a/src/sysutils.c b/src/sysutils.c
index 1f2c293..c3aaf42 100644
--- a/src/sysutils.c
+++ b/src/sysutils.c
@@ -50,7 +50,7 @@ _gpgrt_fd_valid_p (int fd)
/* Our variant of getenv. The returned string must be freed. If the
- * environment variable does not exists NULL is retruned and ERRNO set
+ * environment variable does not exists NULL is returned and ERRNO set
* to 0. */
char *
_gpgrt_getenv (const char *name)
diff --git a/src/visibility.c b/src/visibility.c
index 2039ef7..9358163 100644
--- a/src/visibility.c
+++ b/src/visibility.c
@@ -1009,6 +1009,7 @@ _gpgrt_log_assert (const char *expr, const char *file,
}
+#if 0
gpg_err_code_t
gpgrt_make_pipe (int filedes[2], estream_t *r_fp, int direction, int nonblock)
{
@@ -1063,7 +1064,7 @@ gpgrt_release_process (pid_t pid)
{
_gpgrt_release_process (pid);
}
-
+#endif /*0*/
/* For consistency reasons we use function wrappers also for Windows
-----------------------------------------------------------------------
Summary of changes:
src/gpg-error.def.in | 17 +++++++++--------
src/gpg-error.h.in | 34 +++-------------------------------
src/gpg-error.vers | 17 +++++++++--------
src/sysutils.c | 2 +-
src/visibility.c | 3 ++-
5 files changed, 24 insertions(+), 49 deletions(-)
hooks/post-receive
--
Error codes used by GnuPG et al.
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 14:36:23 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Mon, 12 Mar 2018 14:36:23 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-71-g7ebc5a3
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 7ebc5a357057d01b7ef965521ab68b7cb7e20a8f (commit)
from 172baaf4d3e4ed03a4d3437be9efa3dfe6a847bc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 7ebc5a357057d01b7ef965521ab68b7cb7e20a8f
Author: Ben McGinnes
Date: Tue Mar 13 00:33:11 2018 +1100
doc: python bindings howto
* Switched from links to some external docs to using footnotes where
necessary.
* Ideally the howto should be as stand alone as possible.
* Also it makes it difficult to convert to another format for
proof-reading if there are links that the conversion can't find.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 4385bc9..42cd3c0 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -116,8 +116,8 @@
This package is the origin of these bindings, though they are
somewhat different now. For details of when and how the PyME
- package was folded back into GPGME itself see the [[Short_History.org][Short History]]
- document in this Python bindings =docs= directory.
+ package was folded back into GPGME itself see the /Short History/
+ document[fn:1] in this Python bindings =docs= directory.[fn:2]
The PyME package was first released in 2002 and was also the first
attempt to implement a low level binding to GPGME. In doing so it
@@ -195,7 +195,7 @@
:CUSTOM_ID: install-gpgme
:END:
- See the [[../../../README][GPGME README file]] for details of how to install GPGME from
+ See the GPGME =README= file for details of how to install GPGME from
source.
@@ -556,3 +556,13 @@
WITHOUT ANY WARRANTY, to the extent permitted by law; without even
the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
PURPOSE.
+
+
+* Footnotes
+ :PROPERTIES:
+ :CUSTOM_ID: footnotes
+ :END:
+
+[fn:1] Short_History.org and/or Short_History.html.
+
+[fn:2] The =lang/python/docs/= directory in the GPGME source.
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 16:02:21 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Mon, 12 Mar 2018 16:02:21 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-86-gf63db08
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via f63db085c5d86839bb5ed8b4203b4c7b5f28975e (commit)
via a3dd23ceb50bb29973dc135bc63d7e14587164c1 (commit)
from 8f1e092ad3d711878f8f569877ec7e0eb0860337 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f63db085c5d86839bb5ed8b4203b4c7b5f28975e
Author: Andre Heinecke
Date: Mon Mar 12 15:02:25 2018 +0100
Turn up debugging at the end of crypto
* src/mail.cpp (Mail::~Mail): Very verbose logging in oom_extra.
(Mail::~Mail): Use release_cArray. Explicitly null shared ptrs.
(do_crypt): Log when done.
(Mail::update_oom_data): Use release_cArray.
--
GnuPG-Bug-Id: T3617
diff --git a/src/mail.cpp b/src/mail.cpp
index 7d30895..ba2b501 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -125,11 +125,17 @@ Mail::~Mail()
that the parser is alive even if the mail is deleted
while parsing. */
gpgrt_lock_lock (&dtor_lock);
+ log_oom_extra ("%s:%s: dtor: Mail: %p item: %p",
+ SRCNAME, __func__, this, m_mailitem);
std::map::iterator it;
+ log_oom_extra ("%s:%s: Detaching event sink",
+ SRCNAME, __func__);
detach_MailItemEvents_sink (m_event_sink);
gpgol_release(m_event_sink);
+ log_oom_extra ("%s:%s: Erasing mail",
+ SRCNAME, __func__);
it = s_mail_map.find(m_mailitem);
if (it != s_mail_map.end())
{
@@ -145,7 +151,12 @@ Mail::~Mail()
}
}
+ log_oom_extra ("%s:%s: releasing mailitem",
+ SRCNAME, __func__);
gpgol_release(m_mailitem);
+ xfree (m_cached_html_body);
+ xfree (m_cached_plain_body);
+ release_cArray (m_cached_recipients);
if (!m_uuid.empty())
{
log_oom_extra ("%s:%s: destroyed: %p uuid: %s",
@@ -153,15 +164,16 @@ Mail::~Mail()
}
else
{
- log_oom_extra ("%s:%s: non crypto mail: %p destroyed",
+ log_oom_extra ("%s:%s: non crypto (or sent) mail: %p destroyed",
SRCNAME, __func__, this);
}
- xfree (m_cached_html_body);
- xfree (m_cached_plain_body);
- for (int i = 0; m_cached_recipients && m_cached_recipients[i]; ++i)
- xfree (m_cached_recipients[i]);
- xfree (m_cached_recipients);
+ log_oom_extra ("%s:%s: nulling shared pointer",
+ SRCNAME, __func__);
+ m_parser = nullptr;
+ m_crypter = nullptr;
gpgrt_lock_unlock (&dtor_lock);
+ log_oom_extra ("%s:%s: returning",
+ SRCNAME, __func__);
}
Mail *
@@ -775,6 +787,8 @@ do_crypt (LPVOID arg)
See GnuPG-Bug-Id: T3732
*/
do_in_ui_thread_async (BRING_TO_FRONT, nullptr);
+ log_debug ("%s:%s: crypto thread for %p finished",
+ SRCNAME, __func__, arg);
return 0;
}
@@ -1212,9 +1226,7 @@ Mail::update_oom_data ()
xfree (m_cached_plain_body);
m_cached_plain_body = get_oom_string (m_mailitem, "Body");
- for (int i = 0; m_cached_recipients && m_cached_recipients[i]; ++i)
- xfree (m_cached_recipients[i]);
- xfree (m_cached_recipients);
+ release_cArray (m_cached_recipients);
m_cached_recipients = get_recipients ();
}
/* For some reason outlook may store the recipient address
commit a3dd23ceb50bb29973dc135bc63d7e14587164c1
Author: Andre Heinecke
Date: Mon Mar 12 15:01:07 2018 +0100
Update portuguese translation
* po/pt.po: Update.
--
Translation provided by Marco A.G. Pinto. Thanks.
diff --git a/po/pt.po b/po/pt.po
index a7208d8..712f14a 100644
--- a/po/pt.po
+++ b/po/pt.po
@@ -7,8 +7,8 @@ msgid ""
msgstr ""
"Project-Id-Version: GpgOL 1.1.1\n"
"Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n"
-"POT-Creation-Date: 2018-03-07 10:01+0100\n"
-"PO-Revision-Date: 2017-10-16 14:17+0100\n"
+"POT-Creation-Date: 2018-03-07 13:37+0100\n"
+"PO-Revision-Date: 2018-03-09 11:00+0000\n"
"Last-Translator: Marco A.G.Pinto \n"
"Language-Team: Portuguese \n"
"Language: pt\n"
@@ -16,7 +16,7 @@ msgstr ""
"Content-Type: text/plain; charset=UTF-8\n"
"Content-Transfer-Encoding: 8bit\n"
"X-Poedit-SourceCharset: UTF-8\n"
-"X-Generator: Poedit 2.0.4\n"
+"X-Generator: Poedit 2.0.6\n"
#: src/addin-options.cpp:37 src/gpgoladdin.cpp:1172 src/gpgoladdin.cpp:1255
#: src/gpgoladdin.cpp:1334 src/olflange-dlgs.cpp:43
@@ -37,7 +37,7 @@ msgstr "Envio de mensagem"
#: src/addin-options.cpp:44 src/olflange-dlgs.cpp:47
msgid "&Encrypt new messages by default"
-msgstr "Encriptar novas mensagens por omiss?o"
+msgstr "&Encriptar novas mensagens por omiss?o"
#: src/addin-options.cpp:45 src/olflange-dlgs.cpp:48
msgid "&Sign new messages by default"
@@ -55,7 +55,7 @@ msgstr ""
#: src/addin-options.cpp:50
msgid "&Resolve recipient keys automatically"
-msgstr ""
+msgstr "&Resolver automaticamente as chaves dos destinat?rios"
#: src/addin-options.cpp:53
msgid "Debug..."
@@ -78,7 +78,7 @@ msgstr "Mudar a interface necessita reiniciar o Outlook."
#: src/gpgoladdin.cpp:864 src/gpgoladdin.cpp:907 src/gpgoladdin.cpp:980
#: src/gpgoladdin.cpp:982 src/gpgoladdin.cpp:1018 src/gpgoladdin.cpp:1172
#: src/gpgoladdin.cpp:1255 src/gpgoladdin.cpp:1261 src/gpgoladdin.cpp:1334
-#: src/gpgoladdin.cpp:1338 src/main.c:467 src/message.cpp:303
+#: src/gpgoladdin.cpp:1338 src/mail.cpp:745 src/main.c:467 src/message.cpp:303
#: src/ribbon-callbacks.cpp:134 src/ribbon-callbacks.cpp:248
#: src/ribbon-callbacks.cpp:263 src/ribbon-callbacks.cpp:275
#: src/ribbon-callbacks.cpp:312 src/ribbon-callbacks.cpp:324
@@ -113,7 +113,7 @@ msgid ""
msgstr ""
"Desculpa, n?o conseguimos desencriptar este anexo.\n"
"\n"
-"Por favor usa o bot?o desencriptar/verificar para desencriptar\n"
+"Por favor, usa o bot?o desencriptar/verificar para desencriptar\n"
"a mensagem completa novamente. Depois abre este anexo."
#: src/cmdbarcontrols.cpp:104
@@ -175,11 +175,11 @@ msgstr ""
msgid "Do you want to revert this folder?"
msgstr "Queres reverter esta pasta?"
-#: src/gpgoladdin.cpp:446 src/mail.cpp:1652 src/mail.cpp:1723
+#: src/gpgoladdin.cpp:446 src/mail.cpp:1660 src/mail.cpp:1731
msgid "GpgOL: Encrypted Message"
msgstr "GpgOL: Mensagem Encriptada"
-#: src/gpgoladdin.cpp:447 src/mail.cpp:1653 src/mail.cpp:1724
+#: src/gpgoladdin.cpp:447 src/mail.cpp:1661 src/mail.cpp:1732
msgid "GpgOL: Trusted Sender Address"
msgstr "GpgOL: Endere?o de Remetente Confi?vel"
@@ -425,11 +425,11 @@ msgstr ""
msgid "GpgOL Warning"
msgstr "Aviso do GpgOL"
-#: src/mail.cpp:811
+#: src/mail.cpp:819
msgid "Pubkey directory confirmation"
-msgstr ""
+msgstr "Confirma??o de diretoria Pubkey"
-#: src/mail.cpp:812
+#: src/mail.cpp:820
msgid ""
"This is a confirmation request to publish your Pubkey in the directory for "
"your domain.\n"
@@ -437,114 +437,123 @@ msgid ""
"If you did not request to publish your Pubkey in your providers "
"directory, simply ignore this message.
\n"
msgstr ""
+"Este ? um pedido de confirma??o para publicares a tua Pubkey na diretoria "
+"para o teu dom?nio.\n"
+"\n"
+"Se n?o pediste para publicar a tua Pubkey na diretoria do teu provedor, "
+"simplesmente ignora esta mensagem.
\n"
-#: src/mail.cpp:820 src/mail.cpp:1967
+#: src/mail.cpp:828 src/mail.cpp:1975
msgid "Encrypted message"
msgstr "Mensagem encriptada"
-#: src/mail.cpp:821
+#: src/mail.cpp:829
msgid "Please wait while the message is being decrypted / verified..."
msgstr ""
-"Por favor aguarda enquanto a mensagem est? a ser desencriptada / "
+"Por favor, aguarda enquanto a mensagem est? a ser desencriptada / "
"verificada..."
-#: src/mail.cpp:1097
+#: src/mail.cpp:1105
msgid "GpgOL: Oops, G Suite Sync account detected"
-msgstr ""
+msgstr "GpgOL: Oops, conta G Suite Sync detetada"
-#: src/mail.cpp:1099
+#: src/mail.cpp:1107
msgid ""
"G Suite Sync breaks outgoing crypto mails with attachments.\n"
"Using crypto and attachments with G Suite Sync is not supported.\n"
"\n"
"See: https://dev.gnupg.org/T3545 for details."
msgstr ""
+"G Suite Sync danifica a sa?da de e-mails criptografados com anexos.\n"
+"Usar criptografia e anexos com G Suite Sync n?o ? suportado.\n"
+"\n"
+"V?: https://dev.gnupg.org/T3545 para detalhes."
-#: src/mail.cpp:1912
+#: src/mail.cpp:1920
msgid "Security Level 4"
msgstr "N?vel de seguran?a 4"
-#: src/mail.cpp:1916
+#: src/mail.cpp:1924
msgid "Trust Level 4"
msgstr "N?vel de Confian?a 4"
-#: src/mail.cpp:1920
+#: src/mail.cpp:1928
msgid "Security Level 3"
msgstr "N?vel de Seguran?a 3"
-#: src/mail.cpp:1924
+#: src/mail.cpp:1932
msgid "Trust Level 3"
msgstr "N?vel de Confian?a 3"
-#: src/mail.cpp:1928
+#: src/mail.cpp:1936
msgid "Security Level 2"
msgstr "N?vel de Seguran?a 2"
-#: src/mail.cpp:1932
+#: src/mail.cpp:1940
msgid "Trust Level 2"
msgstr "N?vel de Confian?a 2"
-#: src/mail.cpp:1936
+#: src/mail.cpp:1944
msgid "Encrypted"
msgstr "Encriptada"
-#: src/mail.cpp:1945 src/mail.cpp:1947 src/ribbon-callbacks.cpp:1625
+#: src/mail.cpp:1953 src/mail.cpp:1955 src/ribbon-callbacks.cpp:1625
msgid "Insecure"
msgstr "Insegura"
-#: src/mail.cpp:1959
+#: src/mail.cpp:1967
msgid "Signed and encrypted message"
msgstr "Mensagem assinada e encriptada"
-#: src/mail.cpp:1963
+#: src/mail.cpp:1971
msgid "Signed message"
msgstr "Mensagem assinada"
-#: src/mail.cpp:1970 src/ribbon-callbacks.cpp:1648
+#: src/mail.cpp:1978 src/ribbon-callbacks.cpp:1648
msgid "Insecure message"
msgstr "Mensagem insegura"
-#: src/mail.cpp:1981 src/mail.cpp:1992
+#: src/mail.cpp:1989 src/mail.cpp:2000
msgid "You cannot be sure who sent, modified and read the message in transit."
msgstr ""
"N?o podes ter a certeza de quem enviou, modificou e leu a mensagem em "
"tr?nsito."
-#: src/mail.cpp:1984
+#: src/mail.cpp:1992
msgid "The message was signed but the verification failed with:"
-msgstr ""
+msgstr "A mensagem foi assinada, mas a verifica??o falhou com:"
-#: src/mail.cpp:2002
+#: src/mail.cpp:2010
msgid "The encryption was VS-NfD-compliant."
msgstr "A encripta??o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2006
+#: src/mail.cpp:2014
msgid "The encryption was not VS-NfD-compliant."
msgstr "A encripta??o n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2010
+#: src/mail.cpp:2018
msgid "You cannot be sure who sent the message because it is not signed."
msgstr ""
"N?o podes ter certeza de quem enviou a mensagem, porque n?o est? assinada."
-#: src/mail.cpp:2033
+#: src/mail.cpp:2041
msgid "You signed this message."
msgstr "Assinaste esta mensagem."
-#: src/mail.cpp:2037
+#: src/mail.cpp:2045
msgid "The senders identity was certified by yourself."
msgstr "A identidade dos remetentes foi certificada por ti pr?prio."
-#: src/mail.cpp:2041
+#: src/mail.cpp:2049
msgid "The sender is allowed to certify identities for you."
msgstr "O remetente pode certificar identidades para ti."
-#: src/mail.cpp:2054
+#: src/mail.cpp:2062
msgid "The senders identity was certified by several trusted people."
msgstr ""
"A identidade dos remetentes foi certificada por v?rias pessoas confi?veis."
-#: src/mail.cpp:2059
+#: src/mail.cpp:2067
#, c-format
msgid ""
"The senders identity is certified by the trusted issuer:\n"
@@ -553,11 +562,11 @@ msgstr ""
"A identidade dos remetentes ? certificada pelo emissor confi?vel:\n"
"'%s'\n"
-#: src/mail.cpp:2067
+#: src/mail.cpp:2075
msgid "Some trusted people have certified the senders identity."
msgstr "Algumas pessoas confi?veis certificaram a identidade dos remetentes."
-#: src/mail.cpp:2077
+#: src/mail.cpp:2085
#, c-format
msgid ""
"The senders address is trusted, because you have established a communication "
@@ -568,11 +577,11 @@ msgstr ""
"comunica??o com este endere?o desde %s.\n"
"Encriptaste %i e verificaste %i mensagens desde ent?o."
-#: src/mail.cpp:2093
+#: src/mail.cpp:2101
msgid "The senders signature was verified for the first time."
msgstr "A assinatura dos remetentes foi verificada pela primeira vez."
-#: src/mail.cpp:2100
+#: src/mail.cpp:2108
#, c-format
msgid ""
"The senders address is not trustworthy yet because you only verified %i "
@@ -581,68 +590,68 @@ msgstr ""
"O endere?o dos remetentes ainda n?o ? confi?vel porque apenas verificaste %i "
"mensagens e encriptaste %i mensagens a eles desde %s."
-#: src/mail.cpp:2114
+#: src/mail.cpp:2122
msgid "But the sender address is not trustworthy because:"
msgstr "Mas o endere?o do remetente n?o ? confi?vel porque:"
-#: src/mail.cpp:2115
+#: src/mail.cpp:2123
msgid "The sender address is not trustworthy because:"
msgstr "O endere?o do remetente n?o ? confi?vel porque:"
-#: src/mail.cpp:2123
+#: src/mail.cpp:2131
msgid "The signature is invalid: \n"
msgstr "A assinatura ? inv?lida: \n"
-#: src/mail.cpp:2128
+#: src/mail.cpp:2136
msgid "There was an error verifying the signature.\n"
msgstr "Houve um erro ao verificar a assinatura.\n"
-#: src/mail.cpp:2132
+#: src/mail.cpp:2140
msgid "The signature is expired.\n"
msgstr "A assinatura expirou.\n"
-#: src/mail.cpp:2136
+#: src/mail.cpp:2144
msgid "The used key"
msgstr "A chave usada"
-#: src/mail.cpp:2136
+#: src/mail.cpp:2144
msgid "The used certificate"
msgstr "O certificado usado"
-#: src/mail.cpp:2144
+#: src/mail.cpp:2152
msgid "is not available."
msgstr "n?o est? dispon?vel."
-#: src/mail.cpp:2148
+#: src/mail.cpp:2156
msgid "is revoked."
msgstr "est? revogado."
-#: src/mail.cpp:2152
+#: src/mail.cpp:2160
msgid "is expired."
msgstr "expirou."
-#: src/mail.cpp:2156
+#: src/mail.cpp:2164
msgid "is not meant for signing."
msgstr "n?o ? destinado a assinar."
-#: src/mail.cpp:2160 src/mail.cpp:2164
+#: src/mail.cpp:2168 src/mail.cpp:2172
msgid "could not be checked for revocation."
msgstr "n?o pode ser verificado para revoga??o."
-#: src/mail.cpp:2169
+#: src/mail.cpp:2177
msgid "is not the same as the key that was used for this address in the past."
msgstr "n?o ? o mesmo que a chave usada para este endere?o no passado."
-#: src/mail.cpp:2175
+#: src/mail.cpp:2183
#, c-format
msgid "does not claim the address: \"%s\"."
msgstr "n?o reivindica o endere?o: \"%s\"."
-#: src/mail.cpp:2188
+#: src/mail.cpp:2196
msgid "is not certified by any trustworthy key."
msgstr "n?o est? certificado por qualquer chave confi?vel."
-#: src/mail.cpp:2192
+#: src/mail.cpp:2200
msgid ""
"is not certified by a trustworthy Certificate Authority or the Certificate "
"Authority is unknown."
@@ -650,58 +659,57 @@ msgstr ""
"n?o est? certificado por uma Autoridade de Certifica??o confi?vel ou a "
"Autoridade de Certifica??o ? desconhecida."
-#: src/mail.cpp:2197
+#: src/mail.cpp:2205
msgid "The sender marked this address as revoked."
msgstr "O remetente marcou este endere?o como revogado."
-#: src/mail.cpp:2201
+#: src/mail.cpp:2209
msgid "is marked as not trustworthy."
msgstr "est? marcado como n?o confi?vel."
-#: src/mail.cpp:2211
+#: src/mail.cpp:2219
msgid "The signature is VS-NfD-compliant."
msgstr "A assinatura est? em conformidade com VS-NfD."
-#: src/mail.cpp:2215
+#: src/mail.cpp:2223
msgid "The signature is not VS-NfD-compliant."
msgstr "A assinatura n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2223
+#: src/mail.cpp:2231
msgid "The encryption is VS-NfD-compliant."
msgstr "A encripta??o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2227
+#: src/mail.cpp:2235
msgid "The encryption is not VS-NfD-compliant."
msgstr "A encripta??o n?o est? em conformidade com VS-NfD."
-#: src/mail.cpp:2238
+#: src/mail.cpp:2246
msgid "Click here to change the key used for this address."
msgstr "Clica aqui para alterar a chave usada para este endere?o."
-#: src/mail.cpp:2242
+#: src/mail.cpp:2250
msgid "Click here for details about the key."
msgstr "Clica aqui para obter detalhes sobre a chave."
-#: src/mail.cpp:2243
+#: src/mail.cpp:2251
msgid "Click here for details about the certificate."
msgstr "Clica aqui para obter detalhes sobre o certificado."
-#: src/mail.cpp:2247
+#: src/mail.cpp:2255
msgid "Click here to search the key on the configured keyserver."
msgstr "Clica aqui para localizar a chave no servidor de chaves configurado."
-#: src/mail.cpp:2248
+#: src/mail.cpp:2256
msgid "Click here to search the certificate on the configured X509 keyserver."
msgstr ""
"Clica aqui para localizar o certificado no servidor de chaves X509 "
"configurado."
-#: src/mail.cpp:2476
-#, fuzzy
+#: src/mail.cpp:2484
msgid "GpgOL: Encryption not possible!"
-msgstr "GpgOL: Mensagem Encriptada"
+msgstr "GpgOL: Encripta??o n?o poss?vel!"
-#: src/mail.cpp:2478
+#: src/mail.cpp:2486
msgid ""
"Outlook returned an error when trying to send the encrypted mail.\n"
"\n"
@@ -710,6 +718,12 @@ msgid ""
"If it still fails consider using an encrypted attachment or\n"
"switching to PGP/Inline in GpgOL's options."
msgstr ""
+"O Outlook retornou um erro ao tentar enviar o e-mail encriptado.\n"
+"\n"
+"Por favor, reinicia o Outlook e tenta novamente.\n"
+"\n"
+"Se continuar a falhar, considera usar um anexo encriptado ou\n"
+"alternar para PGP/Inline nas op??es do GpgOL."
#: src/mailitem.cpp:160 src/message-events.cpp:279
msgid ""
@@ -718,7 +732,7 @@ msgid ""
"format has been selected."
msgstr ""
"Desculpa, s? podemos encriptar mensagens de texto simples e\n"
-"n?o mensagens RTF. Por favor certifica-te que apenas o formato\n"
+"n?o mensagens RTF. Por favor, certifica-te que apenas o formato\n"
"de texto foi selecionado."
#: src/mailitem-events.cpp:295
@@ -737,7 +751,7 @@ msgid ""
"For example by right clicking but not selecting the message.\n"
msgstr ""
"O GpgOL impediu a altera??o para a propriedade \"%s\".\n"
-"As altera??es de propriedade n?o s?o ainda manejadas para mensagens de "
+"As altera??es de propriedade n?o s?o ainda manipuladas para mensagens de "
"criptografia.\n"
"\n"
"Para contornar esta limita??o, por favor altera a propriedade quando a "
@@ -803,14 +817,14 @@ msgstr "A verifica??o da assinatura de uma mensagem encriptada n?o ? poss?v
#: src/message.cpp:534
msgid "Signature verification of this message class is not possible."
-msgstr "A verifica??o da assinatura desta classe de mensagem n?o ? poss?vel."
+msgstr "A verifica??o da assinatura desta classe de mensagens n?o ? poss?vel."
#: src/message.cpp:537
msgid ""
"Signature verification of this S/MIME message is not possible. Please check "
"that S/MIME processing has been enabled."
msgstr ""
-"A verifica??o da assinatura desta mensagem S/MIME n?o ? poss?vel. Por favor "
+"A verifica??o da assinatura desta mensagem S/MIME n?o ? poss?vel. Por favor, "
"verifica se o processamento S/MIME foi ativado."
#: src/message.cpp:541
@@ -882,7 +896,7 @@ msgstr ""
"OpenPGP e S/MIME ao Outlook 2003 e 2007.\n"
"\n"
"Embora test?mos este software extensivamente, n?o podemos dar qualquer "
-"garantia que funcione da forma esperada. A interface de programa??o em uso "
+"garantia que funcione da forma esperada. A interface de programa??o usada "
"n?o foi devidamente documentada pela Microsoft e da? a funcionalidade do "
"GpgOL poder cessar com uma atualiza??o do teu sistema Windows.\n"
"\n"
@@ -904,7 +918,7 @@ msgid ""
msgstr ""
"Instalaste uma vers?o nova do GpgOL.\n"
"\n"
-"Por favor abre o di?logo de op??es e confirma se as defini??es est?o "
+"Por favor, abre o di?logo de op??es e confirma se as defini??es est?o "
"corretas para as tuas necessidades. O di?logo de op??es pode ser encontrado "
"em: Extras->Op??es->GpgOL\n"
@@ -922,7 +936,8 @@ msgstr ""
"As vers?es do Outlook 2003 anteriores ao SP2 exibem crashes ao enviar as "
"mensagens, podendo estas ficar presas na fila de sa?da.\n"
"\n"
-"Por favor atualiza pelo menos para o SP2 antes de tentar enviar uma mensagem."
+"Por favor, atualiza pelo menos para o SP2 antes de tentar enviar uma "
+"mensagem."
#: src/olflange.cpp:811
msgid ""
@@ -984,7 +999,7 @@ msgstr "Chave Desconhecida:"
#: src/parsecontroller.cpp:177
msgid "Decryption canceled or timed out."
-msgstr "Desencripta??o cancelada ou expirou."
+msgstr "Desencripta??o cancelada ou o tempo esgotou."
#: src/parsecontroller.cpp:190
msgid ""
@@ -1000,7 +1015,7 @@ msgstr "N?o foi poss?vel desencriptar os dados: "
#: src/parsecontroller.cpp:200
msgid "Failed to parse the mail."
-msgstr ""
+msgstr "Falha ao analisar o e-mail."
#: src/parsecontroller.cpp:211 src/parsecontroller.cpp:266
msgid "Encrypted message (decryption not possible)"
@@ -1016,7 +1031,7 @@ msgstr ""
#: src/ribbon-callbacks.cpp:262
msgid "Please select text to encrypt."
-msgstr "Por favor seleciona o texto a encriptar."
+msgstr "Por favor, seleciona o texto a encriptar."
#: src/ribbon-callbacks.cpp:274
msgid "Textbody empty."
@@ -1024,15 +1039,15 @@ msgstr "Corpo do texto vazio."
#: src/ribbon-callbacks.cpp:323 src/ribbon-callbacks.cpp:1077
msgid "Please add at least one recipent."
-msgstr "Por favor adiciona pelo menos um destinat?rio."
+msgstr "Por favor, adiciona pelo menos um destinat?rio."
#: src/ribbon-callbacks.cpp:685
msgid "Please select a Mail."
-msgstr "Por favor seleciona um e-mail."
+msgstr "Por favor, seleciona um e-mail."
#: src/ribbon-callbacks.cpp:699
msgid "Please select the data you wish to decrypt."
-msgstr "Por favor seleciona os dados que desejas desencriptar."
+msgstr "Por favor, seleciona os dados que desejas desencriptar."
#: src/ribbon-callbacks.cpp:712
msgid "Nothing to decrypt."
@@ -1071,7 +1086,7 @@ msgid ""
"Please reinstall Gpg4win with the Kleopatra component enabled."
msgstr ""
"N?o foi poss?vel encontrar o Kleopatra.\n"
-"Por favor reinstala o Gpg4win com o componente Kleopatra ativado."
+"Por favor, reinstala o Gpg4win com o componente Kleopatra ativado."
#: src/wks-helper.cpp:404
msgid ""
@@ -1084,62 +1099,70 @@ msgid ""
"\n"
"Register automatically?"
msgstr ""
+"Uma diretoria de Pubkey est? dispon?vel para o teu dom?nio.\n"
+"\n"
+"Regista a tua Pubkey nessa diretoria para facilitar\n"
+"que outras pessoas te enviem e-mails encriptados.\n"
+"\n"
+"? seguro e gr?tis!\n"
+"\n"
+"Registar automaticamente?"
#: src/wks-helper.cpp:409
msgid "GpgOL: Pubkey directory available!"
-msgstr ""
+msgstr "GpgOL: Diretoria de Pubkey dispon?vel!"
#: src/wks-helper.cpp:491
msgid "GpgOL: Directory request failed"
-msgstr ""
+msgstr "GpgOL: Pedido de diretoria falhou"
#: src/wks-helper.cpp:504
msgid ""
"You might receive a confirmation challenge from\n"
"your provider to finish the registration."
msgstr ""
+"Poder?s receber um desafio de confirma??o do\n"
+"teu provedor para concluir o registo."
#: src/wks-helper.cpp:506
msgid "GpgOL: Registration request sent!"
-msgstr ""
+msgstr "GpgOL: Pedido de registo enviado!"
#: src/wks-helper.cpp:687
msgid "Confirm registration?"
-msgstr ""
+msgstr "Confirmar o registo?"
#: src/wks-helper.cpp:688
msgid "GpgOL: Pubkey directory confirmation"
-msgstr ""
+msgstr "GpgOL: Confirma??o da diretoria de Pubkey"
#: src/wks-helper.cpp:741
msgid "GpgOL: Confirmation failed"
-msgstr ""
+msgstr "GpgOL: Confirma??o falhou"
#: src/wks-helper.cpp:753
msgid "Your Pubkey can soon be retrieved from your domain."
-msgstr ""
+msgstr "A tua Pubkey pode ser brevemente recuperada do teu dom?nio."
#: src/wks-helper.cpp:754
msgid "GpgOL: Request confirmed!"
-msgstr ""
+msgstr "GpgOL: Pedido confirmado!"
-#: src/cryptcontroller.cpp:394
-#, fuzzy
+#: src/cryptcontroller.cpp:393
msgid "Resolving recipients..."
-msgstr "Destinat?rios seleccionados:"
+msgstr "A resolver destinat?rios..."
-#: src/cryptcontroller.cpp:398
+#: src/cryptcontroller.cpp:397
msgid "Resolving signers..."
-msgstr ""
+msgstr "A resolver assinantes..."
-#: src/cryptcontroller.cpp:994
-#, fuzzy
+#: src/cryptcontroller.cpp:1007
msgid "Encrypting..."
-msgstr "Encripta??o"
+msgstr "A encriptar..."
-#: src/cryptcontroller.cpp:998
+#: src/cryptcontroller.cpp:1011
msgid "Signing..."
-msgstr ""
+msgstr "A assinar..."
#~ msgid "&Search for OpenPGP keys automatically when encrypting"
#~ msgstr "Procurar as chaves OpenPGP automaticamente ao encriptar"
-----------------------------------------------------------------------
Summary of changes:
po/pt.po | 237 ++++++++++++++++++++++++++++++++---------------------------
src/mail.cpp | 30 +++++---
2 files changed, 151 insertions(+), 116 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 18:58:26 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Mon, 12 Mar 2018 18:58:26 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-72-g0e1300c
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 0e1300ce777dd0c87f31ac8bc49846b9df242df9 (commit)
from 7ebc5a357057d01b7ef965521ab68b7cb7e20a8f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0e1300ce777dd0c87f31ac8bc49846b9df242df9
Author: Ben McGinnes
Date: Tue Mar 13 04:55:44 2018 +1100
doc: python bindings howto
* Added a more complicated encryption example with a few variations on
the encryption method to account for untrusted recipient keys,
signing or not signing, including or excluding default keys and so
on.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 42cd3c0..84be851 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -347,6 +347,83 @@
:CUSTOM_ID: howto-basic-encryption-multiple
:END:
+ Encrypting to multiple keys, in addition to a default key or a key
+ configured to always encrypt to, is a little different and uses a
+ slightly different call to the op_encrypt call demonstrated in the
+ previous section.
+
+ The following example encrypts a message (=text=) to everyone with
+ an email address on the =gnupg.org= domain,[fn:3] but does /not/ encrypt
+ to a default key or other key which is configured to normally
+ encrypt to.
+
+ #+begin_src python
+ import gpg
+
+ text=b"""Oh look, another test message.
+
+ The same rules apply as with the previous example and more likely
+ than not, the message will actually be drawn from reading the
+ contents of a file or, maybe, from entering data at an input()
+ prompt.
+
+ Since the text in this case must be bytes, it is most likely that
+ the input form will be a separate file which is opened with "rb"
+ as this is the simplest method of obtaining the correct data
+ format.
+ """
+
+ c = gpg.Context(armor=True)
+ rpattern = list(c.keylist(pattern="@gnupg.org", secret=False))
+ rlogrus = []
+
+ for i in range(len(rpattern)):
+ if rpattern[i].can_encrypt == 1:
+ rlogrus.append(rpattern[i])
+
+ cipher = c.encrypt(text, recipients=rlogrus, sign=False, always_trust=True)
+
+ afile = open("encrypted_file.txt.asc", "wb")
+ afile.write(cipher[0])
+ afile.close()
+ #+end_src
+
+ All it would take to change the above example to sign the message
+ and also encrypt the message to any configured default keys would
+ be to change the =c.encrypt= line to this:
+
+ #+begin_src python
+ cipher = c.encrypt(text, recipients=rlogrus, always_trust=True,
+ add_encrypt_to=True)
+ #+end_src
+
+ The only keyword arguments requiring modification are those for
+ which the default values are changing. The default value of
+ =sign= is =True=, the default of =always_trust= is =False=, the
+ default of =add_encrypt_to= is =False=.
+
+ If =always_trust= is not set to =True= and any of the recipient
+ keys are not trusted (e.g. not signed or locally signed) then the
+ encryption will raise an error. It is possible to mitigate this
+ somewhat with something more like this:
+
+ #+begin_src python
+ try:
+ cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
+ except gpg.errors.InvalidRecipients as e:
+ for i in range(len(e.recipients)):
+ for n in range(len(rlogrus)):
+ if rlogrus[n].fpr == e.recipients[i].fpr:
+ rlogrus.remove(e.recipients[i])
+ try:
+ cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
+ except:
+ pass
+ #+end_src
+
+ This will attempt to encrypt to all the keys searched for, then
+ remove invalid recipients if it fails and try again.
+
** Decryption
:PROPERTIES:
@@ -531,6 +608,7 @@
""".format(secnum, pubnum)
#+end_src
+
* Copyright and Licensing
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
@@ -559,10 +637,12 @@
* Footnotes
- :PROPERTIES:
- :CUSTOM_ID: footnotes
- :END:
[fn:1] Short_History.org and/or Short_History.html.
[fn:2] The =lang/python/docs/= directory in the GPGME source.
+
+[fn:3] You probably don't really want to do this. Searching the
+keyservers for "gnupg.org" produces over 400 results, the majority of
+which aren't actually at the gnupg.org domain, but just included a
+comment regarding the project in their key somewhere.
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 86 +++++++++++++++++++++++++++++++--
1 file changed, 83 insertions(+), 3 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 20:12:55 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Mon, 12 Mar 2018 20:12:55 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-74-ga8f48b6
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via a8f48b6f577d562c25fd0191c0cc2cc8e96078c1 (commit)
via 83b1336ceebb86e13a55bbf220df2d750f6b3ec6 (commit)
from 0e1300ce777dd0c87f31ac8bc49846b9df242df9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a8f48b6f577d562c25fd0191c0cc2cc8e96078c1
Author: Ben McGinnes
Date: Tue Mar 13 06:09:53 2018 +1100
doc: python bindings howto
* error corrections.
* multiple typesetting fixes only required due to certain archaic
eccentricities of LaTeX.
* a couple of minor python PEP8 compliance corrections.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 22b47cc..46bd231 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -13,9 +13,10 @@
:CUSTOM_ID: intro
:END:
- Version: 0.0.1-alpha [2018-03-07 Wed]
- Author: Ben McGinnes
- Author GPG Key: DB4724E6FA4286C92B4E55C4321E4E2373590E5D
+ | Version: | 0.0.1-alpha |
+ | Author: | Ben McGinnes |
+ | Author GPG Key: | DB4724E6FA4286C92B4E55C4321E4E2373590E5D |
+ | Language: | English |
This document provides basic instruction in how to use the GPGME
Python bindings to programmatically leverage the GPGME library.
@@ -349,7 +350,7 @@
Encrypting to multiple keys, in addition to a default key or a key
configured to always encrypt to, is a little different and uses a
- slightly different call to the op_encrypt call demonstrated in the
+ slightly different call to the =op_encrypt call= demonstrated in the
previous section.
The following example encrypts a message (=text=) to everyone with
@@ -360,7 +361,7 @@
#+begin_src python
import gpg
- text=b"""Oh look, another test message.
+ text = b"""Oh look, another test message.
The same rules apply as with the previous example and more likely
than not, the message will actually be drawn from reading the
@@ -640,7 +641,7 @@
* Footnotes
-[fn:1] Short_History.org and/or Short_History.html.
+[fn:1] =Short_History.org= and/or =Short_History.html=.
[fn:2] The =lang/python/docs/= directory in the GPGME source.
commit 83b1336ceebb86e13a55bbf220df2d750f6b3ec6
Author: Ben McGinnes
Date: Tue Mar 13 05:42:50 2018 +1100
doc: python bindings howto
* Fixed an error in the encryption try/except statement.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 84be851..22b47cc 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -414,7 +414,9 @@
for i in range(len(e.recipients)):
for n in range(len(rlogrus)):
if rlogrus[n].fpr == e.recipients[i].fpr:
- rlogrus.remove(e.recipients[i])
+ rlogrus.remove(rlogrus[n])
+ else:
+ pass
try:
cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
except:
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 17 ++++++++++-------
1 file changed, 10 insertions(+), 7 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 21:44:49 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Mon, 12 Mar 2018 21:44:49 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-75-g484e9a6
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 484e9a6229ac9c80c6be4df638bce711f08a74c6 (commit)
from a8f48b6f577d562c25fd0191c0cc2cc8e96078c1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 484e9a6229ac9c80c6be4df638bce711f08a74c6
Author: Ben McGinnes
Date: Tue Mar 13 07:42:04 2018 +1100
doc: python bindings howto
* updated multi-encryption final example to be complete.
* second example shows most likely method of reading plaintext.
* updated example filenames to stick with running gag
(i.e. secret_plans.txt).
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 46bd231..622475f 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -384,7 +384,7 @@
cipher = c.encrypt(text, recipients=rlogrus, sign=False, always_trust=True)
- afile = open("encrypted_file.txt.asc", "wb")
+ afile = open("secret_plans.txt.asc", "wb")
afile.write(cipher[0])
afile.close()
#+end_src
@@ -409,6 +409,20 @@
somewhat with something more like this:
#+begin_src python
+ import gpg
+
+ afile = open("secret_plans.txt", "rb")
+ text = afile.read()
+ afile.close()
+
+ c = gpg.Context(armor=True)
+ rpattern = list(c.keylist(pattern="@gnupg.org", secret=False))
+ rlogrus = []
+
+ for i in range(len(rpattern)):
+ if rpattern[i].can_encrypt == 1:
+ rlogrus.append(rpattern[i])
+
try:
cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
except gpg.errors.InvalidRecipients as e:
@@ -422,6 +436,10 @@
cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
except:
pass
+
+ afile = open("secret_plans.txt.asc", "wb")
+ afile.write(cipher[0])
+ afile.close()
#+end_src
This will attempt to encrypt to all the keys searched for, then
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 20 +++++++++++++++++++-
1 file changed, 19 insertions(+), 1 deletion(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 21:50:52 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Mon, 12 Mar 2018 21:50:52 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-76-g36dfbdf
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 36dfbdffea60c529a6d1e1ff3e507be016b6a0f6 (commit)
from 484e9a6229ac9c80c6be4df638bce711f08a74c6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 36dfbdffea60c529a6d1e1ff3e507be016b6a0f6
Author: Ben McGinnes
Date: Tue Mar 13 07:49:42 2018 +1100
doc: python bindings howto
* Fixed a spelling error in the key counting text.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 622475f..979ffa0 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -607,8 +607,9 @@
:END:
Counting the number of keys in your public keybox (=pubring.kbx=),
- the format shich has superceded the old keyring format
- (=pubring.gpg= and =secring.gpg=) is a very simple task.
+ the format which has superceded the old keyring format
+ (=pubring.gpg= and =secring.gpg=), or the number of secret keys is
+ a very simple task.
#+begin_src python
import gpg
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Mon Mar 12 22:29:58 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Mon, 12 Mar 2018 22:29:58 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-77-gf81adeb
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via f81adeba992a9fd3b5a199e9a2e242a0f53cf639 (commit)
from 36dfbdffea60c529a6d1e1ff3e507be016b6a0f6 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f81adeba992a9fd3b5a199e9a2e242a0f53cf639
Author: Ben McGinnes
Date: Tue Mar 13 08:26:22 2018 +1100
doc: python bindings howto
* Added a miscellaneous work-arounds section at the end.
* Included code in said miscellaneous section for accessing the groups
specified in a gpg.conf file.
* It's a bit ugly since it does require subprocess (but not call,
Popen or shell access and only accesses one command).
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 979ffa0..4d02f97 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -631,6 +631,56 @@
#+end_src
+* Miscellaneous work-arounds
+ :PROPERTIES:
+ :CUSTOM_ID: cheats-and-hacks
+ :END:
+
+** Group lines
+ :PROPERTIES:
+ :CUSTOM_ID: group-lines
+ :END:
+
+ There is not yet an easy way to access groups configured in the
+ gpg.conf file from within GPGME. As a consequence these central
+ groupings of keys cannot be shared amongst multiple programs, such
+ as MUAs readily.
+
+ The following code, however, provides a work-around for obtaining
+ this information in Python.
+
+ #+begin_src python
+ import subprocess
+
+ lines = subprocess.getoutput("gpgconf --list-options gpg").splitlines()
+
+ for i in range(len(lines)):
+ if lines[i].startswith("group") is True:
+ line = lines[i]
+ else:
+ pass
+
+ groups = line.split(":")[-1].replace('"', '').split(',')
+
+ group_lines = groups
+ for i in range(len(group_lines)):
+ group_lines[i] = group_lines[i].split("=")
+
+ group_lists = group_lines
+ for i in range(len(group_lists)):
+ group_lists[i][1] = group_lists[i][1].split()
+ #+end_src
+
+ The result of that code is that =group_lines= is a list of lists
+ where =group_lines[i][0]= is the name of the group and
+ =group_lines[i][1]= is the key IDs of the group as a string.
+
+ The =group_lists= result is very similar in that it is a list of
+ lists. The first part, =group_lists[i][0]= matches
+ =group_lines[i][0]= as the name of the group, but
+ =group_lists[i][1]= is the key IDs of the group as a string.
+
+
* Copyright and Licensing
:PROPERTIES:
:CUSTOM_ID: copyright-and-license
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 50 +++++++++++++++++++++++++++++++++
1 file changed, 50 insertions(+)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 01:51:52 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Tue, 13 Mar 2018 01:51:52 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-78-gc27a7a3
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via c27a7a3f994dad0eccee890185582f4350fbf233 (commit)
from f81adeba992a9fd3b5a199e9a2e242a0f53cf639 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c27a7a3f994dad0eccee890185582f4350fbf233
Author: Ben McGinnes
Date: Tue Mar 13 11:50:38 2018 +1100
doc: python bindings howto
* Added text description for the decryption example.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 4d02f97..40d2814 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -451,9 +451,14 @@
:CUSTOM_ID: howto-basic-encryption
:END:
- Decrypting something encrypted to a key in one's secret keyring
- (will display some extra data you normally wouldn't show, but which
- may be of use):
+ Decrypting something encrypted to a key in one's secret keyring is
+ fairly straight forward.
+
+ In this example code, however, preconfiguring either
+ =gpg.Context()= or =gpg.core.Context()= as =c= is unnecessary
+ because there is no need to modify the Context prior to conducting
+ the decryption and since the Context is only used once, setting it
+ to =c= simply adds lines for no gain.
#+begin_src python
import os.path
@@ -481,6 +486,11 @@
pass
#+end_src
+ The data available in plaintext in this example is the decrypted
+ content as a byte object in =plaintext[0]=, the recipient key IDs
+ and algorithms in =plaintext[1]= and the results of verifying any
+ signatures of the data in =plaintext[0]=.
+
** Signing text
:PROPERTIES:
@@ -550,7 +560,7 @@
#+begin_src python
import gpg
- tfile = open("/path/to/statement.txt", "r")
+ tfile = open("/path/to/statement.txt", "rb")
text = tfile.read()
tfile.close()
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 04:55:34 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Tue, 13 Mar 2018 04:55:34 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-14-gc84bae6
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via c84bae69e9e02923f7180e09d161cb0b13257436 (commit)
via 71e5282c25ba812c7091e587edd721839bc4c2ac (commit)
from 655f0b9ad0138e6f960bf4befaf0eea569256614 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c84bae69e9e02923f7180e09d161cb0b13257436
Author: NIIBE Yutaka
Date: Tue Mar 13 12:53:49 2018 +0900
scd: After fatal error, shutdown a reader.
* scd/apdu.c (pcsc_send_apdu): Notify main loop after
fatal errors.
--
GnuPG-bug-id: 3825
Signed-off-by: NIIBE Yutaka
diff --git a/scd/apdu.c b/scd/apdu.c
index 2ae6253..cd98cc9 100644
--- a/scd/apdu.c
+++ b/scd/apdu.c
@@ -229,6 +229,7 @@ static npth_mutex_t reader_table_lock;
#define PCSC_E_READER_UNAVAILABLE 0x80100017
#define PCSC_E_NO_SERVICE 0x8010001D
#define PCSC_E_SERVICE_STOPPED 0x8010001E
+#define PCSC_W_RESET_CARD 0x80100068
#define PCSC_W_REMOVED_CARD 0x80100069
/* Fix pcsc-lite ABI incompatibility. */
@@ -751,6 +752,14 @@ pcsc_send_apdu (int slot, unsigned char *apdu, size_t apdulen,
log_error ("pcsc_transmit failed: %s (0x%lx)\n",
pcsc_error_string (err), err);
+ /* Handle fatal errors which require shutdown of reader. */
+ if (err == PCSC_E_NOT_TRANSACTED || err == PCSC_W_RESET_CARD
+ || err == PCSC_W_REMOVED_CARD)
+ {
+ reader_table[slot].pcsc.current_state = PCSC_STATE_UNAWARE;
+ scd_kick_the_loop ();
+ }
+
return pcsc_error_to_sw (err);
}
commit 71e5282c25ba812c7091e587edd721839bc4c2ac
Author: NIIBE Yutaka
Date: Tue Mar 13 12:05:57 2018 +0900
scd: Fix for GNU/Linux suspend/resume.
* configure.ac (require_pipe_to_unblock_pselect): Default is "yes".
* scd/scdaemon.c (scd_kick_the_loop): Minor clean up.
--
Normally SIGCONT or SIGUSR2 works for unblocking pselect. But on my
machine with GNU/Linux, when a machine is suspend/resume-ed, pselect
keeps blocked, while signal itself is delivered.
It's better to use pipe.
Signed-off-by: NIIBE Yutaka
diff --git a/configure.ac b/configure.ac
index 8252db9..086af12 100644
--- a/configure.ac
+++ b/configure.ac
@@ -639,7 +639,7 @@ have_android_system=no
use_simple_gettext=no
use_ldapwrapper=yes
mmap_needed=yes
-require_pipe_to_unblock_pselect=no
+require_pipe_to_unblock_pselect=yes
case "${host}" in
*-mingw32*)
# special stuff for Windoze NT
@@ -654,6 +654,7 @@ case "${host}" in
have_w32_system=yes
require_iconv=no
use_ldapwrapper=no # Fixme: Do this only for CE.
+ require_pipe_to_unblock_pselect=no
case "${host}" in
*-mingw32ce*)
have_w32ce_system=yes
diff --git a/scd/scdaemon.c b/scd/scdaemon.c
index 91b5599..e63aca7 100644
--- a/scd/scdaemon.c
+++ b/scd/scdaemon.c
@@ -1206,18 +1206,16 @@ start_connection_thread (void *arg)
void
scd_kick_the_loop (void)
{
- int ret;
-
/* Kick the select loop. */
#ifdef HAVE_W32_SYSTEM
- ret = SetEvent (the_event);
+ int ret = SetEvent (the_event);
if (ret == 0)
log_error ("SetEvent for scd_kick_the_loop failed: %s\n",
w32_strerror (-1));
#elif defined(HAVE_PSELECT_NO_EINTR)
write (notify_fd, "", 1);
#else
- ret = kill (main_thread_pid, SIGCONT);
+ int ret = kill (main_thread_pid, SIGCONT);
if (ret < 0)
log_error ("SetEvent for scd_kick_the_loop failed: %s\n",
gpg_strerror (gpg_error_from_syserror ()));
-----------------------------------------------------------------------
Summary of changes:
configure.ac | 3 ++-
scd/apdu.c | 9 +++++++++
scd/scdaemon.c | 6 ++----
3 files changed, 13 insertions(+), 5 deletions(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 05:04:36 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Tue, 13 Mar 2018 05:04:36 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-79-gf29bda8
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via f29bda8d7146b4bc0bf73d6e613131545ff86b73 (commit)
from c27a7a3f994dad0eccee890185582f4350fbf233 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit f29bda8d7146b4bc0bf73d6e613131545ff86b73
Author: Ben McGinnes
Date: Tue Mar 13 15:03:11 2018 +1100
doc: python bindings howto
* Signatures have changed as a result of the recent update from Justus.
* Sample code updated.
* Text to follow later.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 40d2814..5d259a6 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -503,13 +503,13 @@
#+begin_src python
import gpg
- text = """Declaration of ... something.
+ text = b"""Declaration of ... something.
"""
c = gpg.Context()
c.armor = True
- signed = c.sign(text, mode=mode.NORMAL)
+ signed = c.sign(text, mode=0)
afile = open("/path/to/statement.txt.asc", "w")
for i in range(len(signed[0].splitlines())):
@@ -527,8 +527,7 @@
"""
c = gpg.Context()
- c.armor = True
- signed = c.sign(text, mode=mode.CLEAR)
+ signed = c.sign(text, mode=2)
afile = open("/path/to/statement.txt.asc", "w")
for i in range(len(signed[0].splitlines())):
@@ -547,7 +546,7 @@
c = gpg.Context()
c.armor = True
- signed = c.sign(text, mode=mode.DETACH)
+ signed = c.sign(text, mode=1)
afile = open("/path/to/statement.txt.asc", "w")
for i in range(len(signed[0].splitlines())):
@@ -566,7 +565,7 @@
c = gpg.Context()
c.armor = True
- signed = c.sign(text, mode=mode.DETACH)
+ signed = c.sign(text, mode=1)
afile = open("/path/to/statement.txt.sig", "wb")
afile.write(signed[0])
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 09:22:19 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Tue, 13 Mar 2018 09:22:19 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-81-gc92da2c
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via c92da2c7eb148ce9fb06495a8470dd9caf662f9a (commit)
via e489ddd08af29fdad8db8aa0aec0c314daa3678c (commit)
from f29bda8d7146b4bc0bf73d6e613131545ff86b73 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c92da2c7eb148ce9fb06495a8470dd9caf662f9a
Author: Ben McGinnes
Date: Tue Mar 13 19:20:44 2018 +1100
doc: python bindings howto
* Added key selection for specifying signing key or keys.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 5ee3a82..ea1b765 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -532,9 +532,7 @@
:CUSTOM_ID: howto-basic-signing
:END:
- Need to determine whether or not to include clearsigning and
- detached signing here or give them separate sections. Yes, section
- them.
+ X
*** Signing key selection
:PROPERTIES:
@@ -547,6 +545,19 @@
available it may be necessary to specify the key or keys with
which to sign messages and files.
+ #+begin_src python
+ import gpg
+
+ logrus = input("Enter the email address or string to match signing keys to: ")
+ hancock = gpg.Context().keylist(pattern=logrus, secret=True)
+ sig_src = list(hancock)
+ #+end_src
+
+ The signing examples in the following sections include the
+ explicitly designated =signers= parameter in two of the five
+ examples; once where the resulting signature would be ASCII
+ armoured and once where it would not be armoured.
+
*** Normal or default signing messages or files
:PROPERTIES:
:CUSTOM_ID: howto-basic-signing-normal
@@ -559,8 +570,7 @@
"""
- c = gpg.Context()
- c.armor = True
+ c = gpg.Context(armor=True, signers=sig_src)
signed = c.sign(text, mode=0)
afile = open("/path/to/statement.txt.asc", "wb")
@@ -598,8 +608,7 @@
"""
- c = gpg.Context()
- c.armor = True
+ c = gpg.Context(armor=True)
signed = c.sign(text, mode=1)
afile = open("/path/to/statement.txt.asc", "wb")
@@ -617,7 +626,7 @@
text = tfile.read()
tfile.close()
- c = gpg.Context()
+ c = gpg.Context(signers=sig_src)
signed = c.sign(text, mode=1)
afile = open("/path/to/statement.txt.sig", "wb")
commit e489ddd08af29fdad8db8aa0aec0c314daa3678c
Author: Ben McGinnes
Date: Tue Mar 13 18:32:30 2018 +1100
doc: python bindings howto
* During the course of working out the updated signature methods,
determined that key selection (including counting) will beed to be
presented before the basic functions.
* Moved "working with keys" up.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 5d259a6..5ee3a82 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -255,6 +255,41 @@
operation type has one.
+* Working with keys
+ :PROPERTIES:
+ :CUSTOM_ID: howto-keys
+ :END:
+
+** Counting keys
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-verification
+ :END:
+
+ Counting the number of keys in your public keybox (=pubring.kbx=),
+ the format which has superceded the old keyring format
+ (=pubring.gpg= and =secring.gpg=), or the number of secret keys is
+ a very simple task.
+
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+ seckeys = c.keylist(pattern=None, secret=True)
+ pubkeys = c.keylist(pattern=None, secret=False)
+
+ seclist = list(seckeys)
+ secnum = len(seclist)
+
+ publist = list(pubkeys)
+ pubnum = len(publist)
+
+ print("""
+ Number of secret keys: {0}
+ Number of public keys: {1}
+ """.format(secnum, pubnum)
+ #+end_src
+
+
* Basic Functions
:PROPERTIES:
:CUSTOM_ID: howto-the-basics
@@ -492,13 +527,30 @@
signatures of the data in =plaintext[0]=.
-** Signing text
+** Signing text and files
:PROPERTIES:
:CUSTOM_ID: howto-basic-signing
:END:
Need to determine whether or not to include clearsigning and
- detached signing here or give them separate sections.
+ detached signing here or give them separate sections. Yes, section
+ them.
+
+*** Signing key selection
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-signing-signers
+ :END:
+
+ By default GPGME and the Python bindings will use the default key
+ configured for the user invoking the GPGME API. If there is no
+ default key specified and there is more than one secret key
+ available it may be necessary to specify the key or keys with
+ which to sign messages and files.
+
+*** Normal or default signing messages or files
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-signing-normal
+ :END:
#+begin_src python
import gpg
@@ -511,36 +563,38 @@
c.armor = True
signed = c.sign(text, mode=0)
- afile = open("/path/to/statement.txt.asc", "w")
+ afile = open("/path/to/statement.txt.asc", "wb")
for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile.write("{0}\n".format(signed[0].splitlines()[i]))
afile.close()
#+end_src
- Clearsigning:
-
#+begin_src python
import gpg
- text = """Declaration of ... something.
-
- """
+ tfile = open("/path/to/statement.txt", "rb")
+ text = tfile.read()
+ tfile.close()
c = gpg.Context()
- signed = c.sign(text, mode=2)
+ signed = c.sign(text, mode=0)
- afile = open("/path/to/statement.txt.asc", "w")
- for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile = open("/path/to/statement.txt.sig", "wb")
+ afile.write(signed[0])
afile.close()
#+end_src
+*** Detached signing messages and files
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-signing-detached
+ :END:
+
Detached ASCII Armoured signing:
#+begin_src python
import gpg
- text = """Declaration of ... something.
+ text = b"""Declaration of ... something.
"""
@@ -548,9 +602,9 @@
c.armor = True
signed = c.sign(text, mode=1)
- afile = open("/path/to/statement.txt.asc", "w")
+ afile = open("/path/to/statement.txt.asc", "wb")
for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile.write("{0}\n".format(signed[0].splitlines()[i]))
afile.close()
#+end_src
@@ -564,7 +618,6 @@
tfile.close()
c = gpg.Context()
- c.armor = True
signed = c.sign(text, mode=1)
afile = open("/path/to/statement.txt.sig", "wb")
@@ -572,6 +625,27 @@
afile.close()
#+end_src
+*** Clearsigning messages or text
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-signing-clear
+ :END:
+
+ #+begin_src python
+ import gpg
+
+ text = """Declaration of ... something.
+
+ """
+
+ c = gpg.Context()
+ signed = c.sign(text, mode=2)
+
+ afile = open("/path/to/statement.txt.asc", "w")
+ for i in range(len(signed[0].splitlines())):
+ afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
+ afile.close()
+ #+end_src
+
** Signature verification
:PROPERTIES:
@@ -605,41 +679,6 @@
#+end_src
-* Working with keys
- :PROPERTIES:
- :CUSTOM_ID: howto-keys
- :END:
-
-** Counting keys
- :PROPERTIES:
- :CUSTOM_ID: howto-basic-verification
- :END:
-
- Counting the number of keys in your public keybox (=pubring.kbx=),
- the format which has superceded the old keyring format
- (=pubring.gpg= and =secring.gpg=), or the number of secret keys is
- a very simple task.
-
- #+begin_src python
- import gpg
-
- c = gpg.Context()
- seckeys = c.keylist(pattern=None, secret=True)
- pubkeys = c.keylist(pattern=None, secret=False)
-
- seclist = list(seckeys)
- secnum = len(seclist)
-
- publist = list(pubkeys)
- pubnum = len(publist)
-
- print("""
- Number of secret keys: {0}
- Number of public keys: {1}
- """.format(secnum, pubnum)
- #+end_src
-
-
* Miscellaneous work-arounds
:PROPERTIES:
:CUSTOM_ID: cheats-and-hacks
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 164 +++++++++++++++++++++-----------
1 file changed, 106 insertions(+), 58 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 10:04:55 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Tue, 13 Mar 2018 10:04:55 +0100
Subject: [git] GPG-ERROR - branch, master,
updated. libgpg-error-1.27-248-gc0d331c
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Error codes used by GnuPG et al.".
The branch, master has been updated
via c0d331c063842ab4352e616269788b7c71d63e02 (commit)
from 863948ab29d1016a271fd7e6d48af316dad4e939 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c0d331c063842ab4352e616269788b7c71d63e02
Author: Werner Koch
Date: Tue Mar 13 09:57:46 2018 +0100
core: Fix regression due to not exporting the process API.
--
Fixes-commit: 0e503cae75cb1a6aa257228a65941b7630ff35d6
Signed-off-by: Werner Koch
diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in
index e78a6f1..11d4950 100644
--- a/src/gpg-error.h.in
+++ b/src/gpg-error.h.in
@@ -1029,12 +1029,12 @@ void _gpgrt_log_assert (const char *expr, const char *file, int line,
/*
* Spawn functions (Not yet available)
*/
-#if 0
-
#define GPGRT_SPAWN_NONBLOCK 16 /* Set the streams to non-blocking. */
#define GPGRT_SPAWN_RUN_ASFW 64 /* Use AllowSetForegroundWindow on W32. */
#define GPGRT_SPAWN_DETACHED 128 /* Start the process in the background. */
+#if 0
+
/* Function and convenience macros to create pipes. */
gpg_err_code_t gpgrt_make_pipe (int filedes[2], gpgrt_stream_t *r_fp,
int direction, int nonblock);
diff --git a/src/visibility.h b/src/visibility.h
index b33744d..f37555a 100644
--- a/src/visibility.h
+++ b/src/visibility.h
@@ -188,6 +188,7 @@ MARK_VISIBLE (gpgrt_log_clock)
MARK_VISIBLE (gpgrt_log_flush)
MARK_VISIBLE (_gpgrt_log_assert)
+#if 0
MARK_VISIBLE (gpgrt_make_pipe)
MARK_VISIBLE (gpgrt_spawn_process)
MARK_VISIBLE (gpgrt_spawn_process_fd)
@@ -196,7 +197,7 @@ MARK_VISIBLE (gpgrt_wait_process)
MARK_VISIBLE (gpgrt_wait_processes)
MARK_VISIBLE (gpgrt_kill_process)
MARK_VISIBLE (gpgrt_release_process)
-
+#endif
#undef MARK_VISIBLE
-----------------------------------------------------------------------
Summary of changes:
src/gpg-error.h.in | 4 ++--
src/visibility.h | 3 ++-
2 files changed, 4 insertions(+), 3 deletions(-)
hooks/post-receive
--
Error codes used by GnuPG et al.
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 11:52:32 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Tue, 13 Mar 2018 11:52:32 +0100
Subject: [git] GPG-ERROR - branch, master,
updated. libgpg-error-1.27-249-ga27a09e
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Error codes used by GnuPG et al.".
The branch, master has been updated
via a27a09eb62507dcf1fd98d91fd7c5888544c59ed (commit)
from c0d331c063842ab4352e616269788b7c71d63e02 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a27a09eb62507dcf1fd98d91fd7c5888544c59ed
Author: Werner Koch
Date: Tue Mar 13 11:36:17 2018 +0100
build: Update copyright notices and remove gpgscm from the release.
--
Signed-off-by: Werner Koch
diff --git a/AUTHORS b/AUTHORS
index a8e8abe..5d323eb 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -13,6 +13,15 @@ range, inclusive, is a copyrightable year that would otherwise be
listed individually.
+List of Copyright holders
+=========================
+
+ Copyright (C) 2001-2018 g10 Code GmbH
+ Copyright (C) 1995-2017 Free Software Foundation, Inc.
+ Copyright (C) 1998-2006, 2008-2017 Werner Koch
+ Copyright (C) 2014 Jedi Lin
+
+
Authors with a DCO
==================
diff --git a/Makefile.am b/Makefile.am
index 856f44c..56145f7 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -34,11 +34,11 @@ else
lang_subdirs =
endif
-if BUILD_GPGSCM
-doc = gpgscm
-else
-doc =
-endif
+#if BUILD_GPGSCM
+#doc = gpgscm
+#else
+#doc =
+#endif
if BUILD_DOC
doc = doc
@@ -52,7 +52,7 @@ else
tests =
endif
-SUBDIRS = m4 src $(gpgscm) $(doc) $(tests) po $(lang_subdirs)
+SUBDIRS = m4 src $(doc) $(tests) po $(lang_subdirs)
dist-hook: gen-ChangeLog
diff --git a/NEWS b/NEWS
index 687e185..a275f5f 100644
--- a/NEWS
+++ b/NEWS
@@ -4,8 +4,56 @@ Noteworthy changes in version 1.28 (unreleased) [C22/A22/R_]
* The formerly internal yat2m tool is now installed during a native
build.
+ * The new files gpgrt.m4 and gpgrt-config are now installed. They
+ can be used instead of gpg-error.m4 and gpg-error-config.
+
* Interface changes relative to the 1.27 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ gpgrt_get_errorcount New API.
+ gpgrt_inc_errorcount New API.
+ gpgrt_log_set_sink New API.
+ gpgrt_log_set_socket_dir_cb New API.
+ gpgrt_log_set_pid_suffix_cb New API.
+ gpgrt_log_set_prefix New API.
+ gpgrt_log_get_prefix New API.
+ gpgrt_log_test_fd New API.
+ gpgrt_log_get_fd New API.
+ gpgrt_log_get_stream New API.
+ gpgrt_log New API.
+ gpgrt_logv New API.
+ gpgrt_logv_prefix New API.
+ gpgrt_log_string New API.
+ gpgrt_log_info New API.
+ gpgrt_log_error New API.
+ gpgrt_log_fatal New API.
+ gpgrt_log_bug New API.
+ gpgrt_log_debug New API.
+ gpgrt_log_debug_string New API.
+ gpgrt_log_printf New API.
+ gpgrt_log_flush New API.
+ gpgrt_log_printhex New API.
+ gpgrt_log_clock New API.
+ gpgrt_assert New macro.
+ _gpgrt_log_assert New internal API.
+ GPGRT_LOGLVL_BEGIN New const.
+ GPGRT_LOGLVL_CONT New const.
+ GPGRT_LOGLVL_INFO New const.
+ GPGRT_LOGLVL_WARN New const.
+ GPGRT_LOGLVL_ERROR New const.
+ GPGRT_LOGLVL_FATAL New const.
+ GPGRT_LOGLVL_BUG New const.
+ GPGRT_LOGLVL_DEBUG New const.
+ gpgrt_realloc New API.
+ gpgrt_malloc New API.
+ gpgrt_calloc New API.
+ gpgrt_strdup New API.
+ gpgrt_strconcat New API.
+ gpgrt_w32_reg_query_string New API.
+ gpgrt_getenv New API.
+ gpgrt_setenv New API.
+ gpgrt_mkdir New API.
+ gpgrt_chdir New API.
+ gpgrt_getcwd New API.
Noteworthy changes in version 1.27 (2017-02-28) [C22/A22/R0]
diff --git a/README b/README
index fd6e1a8..9cc5de0 100644
--- a/README
+++ b/README
@@ -20,6 +20,8 @@ components are
- A lean gettext and iconv implementation for Windows.
+ - Log functions
+
More components will be added over time. Most functions are prefixed
with "gpgrt" (GnuPG Run Time) instead of "gpg_err" to indicate the
long term plan to rename this library to gpgrt.
diff --git a/configure.ac b/configure.ac
index 992d1bd..04715e9 100644
--- a/configure.ac
+++ b/configure.ac
@@ -543,12 +543,12 @@ fi
# Eventually we will reverse the meaning of that option.
#
build_gpgscm=no
-AC_MSG_CHECKING([whether to build gpgscm])
-AC_ARG_ENABLE(gpgscm,
- AC_HELP_STRING([--enable-gpgscm],
- [build the gpgscm tool]),
- build_gpgscm=$enableval, build_gpgscm=no)
-AC_MSG_RESULT($build_gpgscm)
+#AC_MSG_CHECKING([whether to build gpgscm])
+#AC_ARG_ENABLE(gpgscm,
+# AC_HELP_STRING([--enable-gpgscm],
+# [build the gpgscm tool]),
+# build_gpgscm=$enableval, build_gpgscm=no)
+#AC_MSG_RESULT($build_gpgscm)
AM_CONDITIONAL([BUILD_GPGSCM], [test "x$build_gpgscm" != xno])
@@ -617,7 +617,7 @@ AM_CONDITIONAL([BUILD_TESTS], [test "x$build_tests" != xno])
#
AC_CONFIG_FILES([Makefile])
AC_CONFIG_FILES([doc/Makefile po/Makefile.in m4/Makefile])
-AC_CONFIG_FILES([src/Makefile gpgscm/Makefile tests/Makefile])
+AC_CONFIG_FILES([src/Makefile tests/Makefile])
AC_CONFIG_FILES([lang/Makefile lang/cl/Makefile lang/cl/gpg-error.asd])
AC_CONFIG_FILES([src/versioninfo.rc src/gpg-error.w32-manifest])
AC_CONFIG_FILES([src/gpg-error-config], [chmod +x src/gpg-error-config])
diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in
index 11d4950..f942098 100644
--- a/src/gpg-error.h.in
+++ b/src/gpg-error.h.in
@@ -1,5 +1,5 @@
/* gpg-error.h or gpgrt.h - Public interface to libgpg-error. -*- c -*-
- * Copyright (C) 2003-2004, 2010, 2013-2017 g10 Code GmbH
+ * Copyright (C) 2001-2018 g10 Code GmbH
*
* This file is part of libgpg-error.
*
diff --git a/src/version.c b/src/version.c
index eaeedf8..94b75af 100644
--- a/src/version.c
+++ b/src/version.c
@@ -38,8 +38,8 @@ cright_blurb (void)
{
static const char blurb[] =
"\n\n"
- "This is Libgpg-error " PACKAGE_VERSION " - An error code library\n"
- "Copyright 2003-2004, 2010, 2013-2017 g10 Code GmbH\n"
+ "This is Libgpg-error " PACKAGE_VERSION " - A runtime library\n"
+ "Copyright 2001-2018 g10 Code GmbH\n"
"\n"
"(" BUILD_REVISION " " BUILD_TIMESTAMP ")\n"
"\n\n";
-----------------------------------------------------------------------
Summary of changes:
AUTHORS | 9 +++++++++
Makefile.am | 12 ++++++------
NEWS | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
README | 2 ++
configure.ac | 14 +++++++-------
src/gpg-error.h.in | 2 +-
src/version.c | 4 ++--
7 files changed, 75 insertions(+), 16 deletions(-)
hooks/post-receive
--
Error codes used by GnuPG et al.
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 14:21:03 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Tue, 13 Mar 2018 14:21:03 +0100
Subject: [git] gnupg-doc - branch, master,
updated. 8aaa4d783f38be7ad5d72df0451a8208b0712dbd
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GnuPG website and other docs".
The branch, master has been updated
via 8aaa4d783f38be7ad5d72df0451a8208b0712dbd (commit)
from f9098f2c036f638b1ccb82ee2ba29c91dd1e98ae (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 8aaa4d783f38be7ad5d72df0451a8208b0712dbd
Author: Werner Koch
Date: Tue Mar 13 14:14:46 2018 +0100
swdb: Release libgpg-error 1.28
diff --git a/web/swdb.mac b/web/swdb.mac
index afb3207..1c6bebf 100644
--- a/web/swdb.mac
+++ b/web/swdb.mac
@@ -141,11 +141,11 @@
#
# LIBGPG-ERROR
#
-#+macro: libgpg_error_ver 1.27
-#+macro: libgpg_error_date 2017-02-28
-#+macro: libgpg_error_size 794k
-#+macro: libgpg_error_sha1 a428758999ff573e62d06892e3d2c0b0f335787c
-#+macro: libgpg_error_sha2 4f93aac6fecb7da2b92871bb9ee33032be6a87b174f54abf8ddf0911a22d29d2
+#+macro: libgpg_error_ver 1.28
+#+macro: libgpg_error_date 2018-03-13
+#+macro: libgpg_error_size 842k
+#+macro: libgpg_error_sha1 2b9baae264f3e82ebe00dcd10bae3f2d64232c10
+#+macro: libgpg_error_sha2 3edb957744905412f30de3e25da18682cbe509541e18cd3b8f9df695a075da49
#
-----------------------------------------------------------------------
Summary of changes:
web/swdb.mac | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
hooks/post-receive
--
The GnuPG website and other docs
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 16:24:41 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Tue, 13 Mar 2018 16:24:41 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-83-ga10dcb4
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via a10dcb4f138eb5a21881cdbc4806c25129d4ae4e (commit)
via 952b6042f78017c476452088261af8d352cfa729 (commit)
from c92da2c7eb148ce9fb06495a8470dd9caf662f9a (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a10dcb4f138eb5a21881cdbc4806c25129d4ae4e
Author: Ben McGinnes
Date: Wed Mar 14 02:21:44 2018 +1100
doc: python bindings howto
* Added a section on key selection.
* Included recommendation for using fingerprint when selecting one
specific key.
* Also included the most ironically amusing example of multiple key
selection in a GPG guide. Hey, it's public data ... (heh).
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index ae9e9e7..ea4b111 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -285,9 +285,68 @@
:CUSTOM_ID: howto-keys
:END:
+** Key selection
+ :PROPERTIES:
+ :CUSTOM_ID: howto-keys-selection
+ :END:
+
+ Selecting keys to encrypt to or to sign with will be a common
+ occurrence when working with GPGMe and the means available for
+ doing so are quite simple.
+
+ They do depend on utilising a Context; however once the data is
+ recorded in another variable, that Context does not need to be the
+ same one which subsequent operations are performed.
+
+ The easiest way to select a specific key is by searching for that
+ key's key ID or fingerprint, preferably the full fingerprint
+ without any spaces in it. A long key ID will probably be okay, but
+ is not advised and short key IDs are already a problem with some
+ being generated to match specific patterns. It does not matter
+ whether the pattern is upper or lower case.
+
+ So this is the best method:
+
+ #+begin_src python
+ import gpg
+
+ k = gpg.Context().keylist(pattern="258E88DCBD3CD44D8E7AB43F6ECB6AF0DEADBEEF")
+ keys = list(k)
+ #+end_src
+
+ This is passable and very likely to be common:
+
+ #+begin_src python
+ import gpg
+
+ k = gpg.Context().keylist(pattern="0x6ECB6AF0DEADBEEF")
+ keys = list(k)
+ #+end_src
+
+ And this is a really bad idea:
+
+ #+begin_src python
+ import gpg
+
+ k = gpg.Context().keylist(pattern="0xDEADBEEF")
+ keys = list(k)
+ #+end_src
+
+ Alternatively it may be that the intention is to create a list of
+ keys which all match a particular search string. For instance all
+ the addresses at a particular domain, like this:
+
+ #+begin_src python
+ import gpg
+
+ ncsc = gpg.Context().keylist(pattern="ncsc.mil")
+ nsa = list(ncsc)
+ #+end_src
+
+
** Counting keys
:PROPERTIES:
- :CUSTOM_ID: howto-basic-verification
+ :CUSTOM_ID: howto-keys-counting
:END:
Counting the number of keys in your public keybox (=pubring.kbx=),
commit 952b6042f78017c476452088261af8d352cfa729
Author: Ben McGinnes
Date: Wed Mar 14 01:41:21 2018 +1100
doc: python bindings howto
* Added explanation of the ascendance of Python 3 over Python 2 in the
guide to the intro.
* Expanded key selection description so people know what not to
include regarding key IDs with this key selection method.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index ea1b765..ae9e9e7 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -21,6 +21,31 @@
This document provides basic instruction in how to use the GPGME
Python bindings to programmatically leverage the GPGME library.
+** Python 2 versus Python 3
+ :PROPERTIES:
+ :CUSTOM_ID: py2-vs-py3
+ :END:
+
+ Though the GPGME Python bindings themselves provide support for
+ both Python 2 and 3, the focus is unequivocally on Python 3 and
+ specifically from Python 3.4 and above. As a consequence all the
+ examples and instructions in this guide use Python 3 code.
+
+ Much of it will work with Python 2, but much of it also deals with
+ Python 3 byte literals, particularly when reading and writing data.
+ Developers concentrating on Python 2.7, and possibly even 2.6, will
+ need to make the approprate modifications to support the older
+ string and unicode types as opposted to bytes.
+
+ There are multiple reasons for concentrating on Python 3; some of
+ which relate to the immediate integration of these bindings, some
+ of which relate to longer term plans for both GPGME and the python
+ bindings and some of which relate to the impending EOL period for
+ Python 2.7. Essentially, though, there is little value in tying
+ the bindings to a version of the language which is a dead end and
+ the advantages offered by Python 3 over Python 2 make handling the
+ data types with which GPGME deals considerably easier.
+
* GPGME Concepts
:PROPERTIES:
@@ -59,7 +84,7 @@
=gpgme.h= generated when GPGME is compiled.
This means that a version of the Python bindings is fundamentally
- tied to the exact same version of GPGME used to gemerate that copy
+ tied to the exact same version of GPGME used to generate that copy
of =gpgme.h=.
** Difference between the Python bindings and other GnuPG Python packages
@@ -411,13 +436,13 @@
c = gpg.Context(armor=True)
rpattern = list(c.keylist(pattern="@gnupg.org", secret=False))
- rlogrus = []
+ logrus = []
for i in range(len(rpattern)):
if rpattern[i].can_encrypt == 1:
- rlogrus.append(rpattern[i])
+ logrus.append(rpattern[i])
- cipher = c.encrypt(text, recipients=rlogrus, sign=False, always_trust=True)
+ cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
afile = open("secret_plans.txt.asc", "wb")
afile.write(cipher[0])
@@ -429,7 +454,7 @@
be to change the =c.encrypt= line to this:
#+begin_src python
- cipher = c.encrypt(text, recipients=rlogrus, always_trust=True,
+ cipher = c.encrypt(text, recipients=logrus, always_trust=True,
add_encrypt_to=True)
#+end_src
@@ -452,23 +477,23 @@
c = gpg.Context(armor=True)
rpattern = list(c.keylist(pattern="@gnupg.org", secret=False))
- rlogrus = []
+ logrus = []
for i in range(len(rpattern)):
if rpattern[i].can_encrypt == 1:
- rlogrus.append(rpattern[i])
+ logrus.append(rpattern[i])
try:
- cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
+ cipher = c.encrypt(text, recipients=logrus, add_encrypt_to=True)
except gpg.errors.InvalidRecipients as e:
for i in range(len(e.recipients)):
- for n in range(len(rlogrus)):
- if rlogrus[n].fpr == e.recipients[i].fpr:
- rlogrus.remove(rlogrus[n])
+ for n in range(len(logrus)):
+ if logrus[n].fpr == e.recipients[i].fpr:
+ logrus.remove(logrus[n])
else:
pass
try:
- cipher = c.encrypt(text, recipients=rlogrus, add_encrypt_to=True)
+ cipher = c.encrypt(text, recipients=logrus, add_encrypt_to=True)
except:
pass
@@ -532,7 +557,7 @@
:CUSTOM_ID: howto-basic-signing
:END:
- X
+ The following sections demonstrate how to specify
*** Signing key selection
:PROPERTIES:
@@ -558,6 +583,12 @@
examples; once where the resulting signature would be ASCII
armoured and once where it would not be armoured.
+ While it would be possible to enter a key ID or fingerprint here
+ to match a specific key, it is not possible to enter two
+ fingerprints and match two keys since the patten expects a string,
+ bytes or None and not a list. A string with two fingerprints
+ won't match any single key.
+
*** Normal or default signing messages or files
:PROPERTIES:
:CUSTOM_ID: howto-basic-signing-normal
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 118 ++++++++++++++++++++++++++++----
1 file changed, 104 insertions(+), 14 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 16:43:24 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Tue, 13 Mar 2018 16:43:24 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-84-ga71205d
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via a71205dc3b58970adf591b4e4553824a33f353db (commit)
from a10dcb4f138eb5a21881cdbc4806c25129d4ae4e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit a71205dc3b58970adf591b4e4553824a33f353db
Author: Ben McGinnes
Date: Wed Mar 14 02:40:41 2018 +1100
doc: python binding howto
* Clarified which English dialects this is written in.
* Translating to American can happen *after* it's done.
** The Yank version would probably want to change some of the examples
anyway.
* Began the description for normal/default signing.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index ea4b111..e4e2a74 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -16,7 +16,8 @@
| Version: | 0.0.1-alpha |
| Author: | Ben McGinnes |
| Author GPG Key: | DB4724E6FA4286C92B4E55C4321E4E2373590E5D |
- | Language: | English |
+ | Language: | Australian English, British English |
+ | xml:lang: | en-AU, en-GB, en |
This document provides basic instruction in how to use the GPGME
Python bindings to programmatically leverage the GPGME library.
@@ -653,6 +654,16 @@
:CUSTOM_ID: howto-basic-signing-normal
:END:
+ The normal or default signing process is essentially the same as
+ is most often invoked when also encrypting a message or file. So
+ when the encryption component is not utilised, the result is to
+ produce an encoded and signed output which may or may not be ASCII
+ armoured and which may or may not also be compressed.
+
+ By default compression will be used unless GnuPG detects that the
+ plaintext is already compressed. ASCII armouring will be
+ determined according to the value of =gpg.Context().armor=.
+
#+begin_src python
import gpg
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 13 ++++++++++++-
1 file changed, 12 insertions(+), 1 deletion(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Tue Mar 13 16:49:16 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Tue, 13 Mar 2018 16:49:16 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-88-g2f39fe2
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via 2f39fe219c6810b51a1b428a4618b861e2d427c1 (commit)
via 6754d87330659d0cc47c5340fd17f358977fb3b3 (commit)
from f63db085c5d86839bb5ed8b4203b4c7b5f28975e (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 2f39fe219c6810b51a1b428a4618b861e2d427c1
Author: Andre Heinecke
Date: Tue Mar 13 16:41:45 2018 +0100
Implement forwarding crypto mails with attachments
* src/application-events.cpp (EVENT_SINK_INVOKE): Invalidate last
mail in the next UI Loop.
* src/mail.cpp (Mail::update_body): Safety check for parser. Keep
parser around.
(Mail::invalidate_last_mail): New. Clear cached last mail ptr.
* src/mail.h: Update accordingly.
* src/mailitem-events.cpp (EVENT_SINK_INVOKE): Extend write
event to detect forward of mails with attachments.
* src/oomhelp.cpp (get_inline_body): New.
* src/oomhelp.h: Update accordingly.
* src/windowmessages.cpp, src/windowmessages.h
(INVALIDATE_LAST_MAIL, REVERT_MAIL): New messages.
* src/wks-helper.cpp (WKSHelper::send_mail): Check if last
mail was invalidated.
--
This is a first working draft of forwarding crypto mails
with attachments. As we don't see the forward event before
we get the write event (that we have to cancel usually) we
now have some extra magic to detect the forward based on
an ItemLoad of an empty mail in the same UI loop as the
write event. This is pretty magic but it works.
Once we detect the forward we save the mail and then immediately
revert it and save it again. This has the usual uglyness of
reverting (sync) but works and allows to forward mails.
GnuPG-Bug-Id: T3836
diff --git a/src/application-events.cpp b/src/application-events.cpp
index c000a86..1100934 100644
--- a/src/application-events.cpp
+++ b/src/application-events.cpp
@@ -33,6 +33,7 @@
#include "oomhelp.h"
#include "mail.h"
#include "gpgoladdin.h"
+#include "windowmessages.h"
/* Application Events */
BEGIN_EVENT_SINK(ApplicationEvents, IDispatch)
@@ -91,6 +92,7 @@ EVENT_SINK_INVOKE(ApplicationEvents)
log_debug ("%s:%s: Creating mail object for item: %p",
SRCNAME, __func__, mailItem);
new Mail (mailItem);
+ do_in_ui_thread_async (INVALIDATE_LAST_MAIL, nullptr);
break;
}
case Quit:
diff --git a/src/mail.cpp b/src/mail.cpp
index 13b984d..d4e7e10 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -922,6 +922,12 @@ void find_and_replace(std::string& source, const std::string &find,
void
Mail::update_body()
{
+ if (!m_parser)
+ {
+ TRACEPOINT;
+ return;
+ }
+
const auto error = m_parser->get_formatted_error ();
if (!error.empty())
{
@@ -1076,9 +1082,6 @@ Mail::parsing_done()
SRCNAME, __func__);
}
- /* Invalidate UI to set the correct sig status. */
- m_parser = nullptr;
-
log_debug ("%s:%s: Delayed invalidate to update sigstate.",
SRCNAME, __func__);
CloseHandle(CreateThread (NULL, 0, delayed_invalidate_ui, (LPVOID) this, 0,
@@ -2589,6 +2592,13 @@ Mail::get_last_mail ()
// static
void
+Mail::invalidate_last_mail ()
+{
+ s_last_mail = nullptr;
+}
+
+// static
+void
Mail::locate_all_crypto_recipients()
{
if (!opt.autoresolve)
diff --git a/src/mail.h b/src/mail.h
index f8cdbab..90f042e 100644
--- a/src/mail.h
+++ b/src/mail.h
@@ -92,6 +92,8 @@ public:
*/
static Mail* get_last_mail ();
+ static void invalidate_last_mail ();
+
/** @brief looks for existing Mail objects.
@returns A reference to an existing mailitem or NULL in case none
@@ -446,9 +448,9 @@ public:
/** Get the mime data that should be used when sending. */
std::string get_override_mime_data () const { return m_mime_data; }
+ void update_body ();
private:
void update_categories ();
- void update_body ();
void update_sigstate ();
LPDISPATCH m_mailitem;
diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp
index 2360789..7933826 100644
--- a/src/mailitem-events.cpp
+++ b/src/mailitem-events.cpp
@@ -480,6 +480,45 @@ EVENT_SINK_INVOKE(MailItemEvents)
if (m_mail->is_crypto_mail () && !m_mail->needs_save ())
{
+ Mail *last_mail = Mail::get_last_mail ();
+ if (Mail::is_valid_ptr (last_mail))
+ {
+ /* We want to identify here if there was a mail created that
+ should receive the contents of this mail. For this we check
+ for a write in the same loop as a mail creation.
+ Now when switching from one mail to another this is also what
+ happens. The new mail is loaded and the old mail is written.
+ To distinguish the two we check that the new mail does not have
+ an entryID, a Subject and No Size. Maybe just size or entryID
+ would be enough but better save then sorry.
+
+ Security consideration: Worst case we pass the write here but
+ an unload follows before we get the scheduled revert. This
+ would leak plaintext.
+
+ Similarly if we crash or Outlook is closed before we see this
+ revert. */
+ const std::string lastSubject = last_mail->get_subject ();
+ char *lastEntryID = get_oom_string (last_mail->item (), "EntryID");
+ int lastSize = get_oom_int (last_mail->item (), "Size");
+ std::string lastEntryStr;
+ if (lastEntryID)
+ {
+ lastEntryStr = lastEntryID;
+ xfree (lastEntryID);
+ }
+
+ if (!lastSize && !lastEntryStr.size () && !lastSubject.size ())
+ {
+ log_debug ("%s:%s: Write in the same loop as empty load."
+ " Pass but schedule revert.",
+ SRCNAME, __func__);
+
+ Mail::invalidate_last_mail ();
+ do_in_ui_thread_async (REVERT_MAIL, m_mail);
+ return S_OK;
+ }
+ }
/* We cancel the write event to stop outlook from excessively
syncing our changes.
if smime support is disabled and we still have an smime
diff --git a/src/oomhelp.cpp b/src/oomhelp.cpp
index ba3d89f..51d025b 100644
--- a/src/oomhelp.cpp
+++ b/src/oomhelp.cpp
@@ -2002,3 +2002,35 @@ get_sender_SenderEMailAddress (LPDISPATCH mailitem)
xfree (type);
return nullptr;
}
+
+char *
+get_inline_body ()
+{
+ LPDISPATCH app = GpgolAddin::get_instance ()->get_application ();
+ if (!app)
+ {
+ TRACEPOINT;
+ return nullptr;
+ }
+
+ LPDISPATCH explorer = get_oom_object (app, "ActiveExplorer");
+
+ if (!explorer)
+ {
+ TRACEPOINT;
+ return nullptr;
+ }
+
+ LPDISPATCH inlineResponse = get_oom_object (explorer, "ActiveInlineResponse");
+ gpgol_release (explorer);
+
+ if (!inlineResponse)
+ {
+ return nullptr;
+ }
+
+ char *body = get_oom_string (inlineResponse, "Body");
+ gpgol_release (inlineResponse);
+
+ return body;
+}
diff --git a/src/oomhelp.h b/src/oomhelp.h
index 2af096b..cbc36ca 100644
--- a/src/oomhelp.h
+++ b/src/oomhelp.h
@@ -338,6 +338,9 @@ LPDISPATCH get_account_for_mail (const char *mbox);
char *get_sender_CurrentUser (LPDISPATCH mailitem);
char *get_sender_Sender (LPDISPATCH mailitem);
char *get_sender_SenderEMailAddress (LPDISPATCH mailitem);
+
+/* Get the body of the active inline response */
+char *get_inline_body (void);
#ifdef __cplusplus
char *get_sender_SendUsingAccount (LPDISPATCH mailitem, bool *r_is_GSuite);
}
diff --git a/src/windowmessages.cpp b/src/windowmessages.cpp
index b0e2311..af55d11 100644
--- a/src/windowmessages.cpp
+++ b/src/windowmessages.cpp
@@ -68,6 +68,34 @@ gpgol_window_proc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
mail->locate_keys();
break;
}
+ case (REVERT_MAIL):
+ {
+ auto mail = (Mail*) ctx->data;
+ if (!Mail::is_valid_ptr (mail))
+ {
+ log_debug ("%s:%s: Revert mail for mail which is gone.",
+ SRCNAME, __func__);
+ break;
+ }
+
+ mail->set_needs_save (true);
+ /* Some magic here. Accessing any existing inline body cements
+ it. Otherwise updating the body through the revert also changes
+ the body of a inline mail. */
+ char *inlineBody = get_inline_body ();
+ xfree (inlineBody);
+
+ // Does the revert.
+ log_debug ("%s:%s: Revert mail. Invoking save.",
+ SRCNAME, __func__);
+ invoke_oom_method (mail->item (), "Save", NULL);
+ log_debug ("%s:%s: Revert mail. Save done. Updating body..",
+ SRCNAME, __func__);
+ mail->update_body ();
+ log_debug ("%s:%s: Revert mail done.",
+ SRCNAME, __func__);
+ break;
+ }
case (INVALIDATE_UI):
{
log_debug ("%s:%s: Invalidating UI",
@@ -77,6 +105,13 @@ gpgol_window_proc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
SRCNAME, __func__);
break;
}
+ case (INVALIDATE_LAST_MAIL):
+ {
+ log_debug ("%s:%s: Invalidating last mail",
+ SRCNAME, __func__);
+ Mail::invalidate_last_mail ();
+ break;
+ }
case (CLOSE):
{
auto mail = (Mail*) ctx->data;
@@ -114,6 +149,8 @@ gpgol_window_proc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
}
// Finaly this should pass.
invoke_oom_method (mail->item (), "Send", NULL);
+ log_debug ("%s:%s: Send for %p completed.",
+ SRCNAME, __func__, mail);
// Allow the WKS helper to queue a notification.
WKSHelper::instance()->allow_notify ();
break;
diff --git a/src/windowmessages.h b/src/windowmessages.h
index 979f0b4..56d9db8 100644
--- a/src/windowmessages.h
+++ b/src/windowmessages.h
@@ -50,6 +50,8 @@ typedef enum _gpgol_wmsg_type
CRYPTO_DONE, /* Sign / Encrypt done. */
WKS_NOTIFY, /* Show a WKS Notification. */
BRING_TO_FRONT, /* Bring the active Outlook window to the front. */
+ INVALIDATE_LAST_MAIL,
+ REVERT_MAIL,
} gpgol_wmsg_type;
typedef struct
diff --git a/src/wks-helper.cpp b/src/wks-helper.cpp
index 16d42ba..52c05c1 100644
--- a/src/wks-helper.cpp
+++ b/src/wks-helper.cpp
@@ -623,6 +623,12 @@ WKSHelper::send_mail (const std::string &mimeData) const
a Hack! :-) */
auto last_mail = Mail::get_last_mail ();
+ if (!Mail::is_valid_ptr (last_mail))
+ {
+ log_error ("%s:%s: Invalid last mail %p.",
+ SRCNAME, __func__, last_mail);
+ return -1;
+ }
last_mail->set_override_mime_data (mimeData);
last_mail->set_crypt_state (Mail::NeedsSecondAfterWrite);
commit 6754d87330659d0cc47c5340fd17f358977fb3b3
Author: Andre Heinecke
Date: Tue Mar 13 16:38:54 2018 +0100
Improve error handling on enc/sign errors
* src/cryptcontroller.cpp (CryptController::do_crypto):
Improve error handling.
* src/mail.cpp (do_crypt): Use correct window and hide overlay /
destroy crypter before showing the error. Add better text for
general "Crypto failed" error.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index da23de4..da60c3b 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -517,7 +517,8 @@ CryptController::do_crypto ()
gpgol_message_box (nullptr,
utf8_gettext ("Failure to resolve keys."),
utf8_gettext ("GpgOL"), MB_OK);
- return ret;
+ // Error handled, return as canceled.
+ return -2;
}
if (ret == -2)
{
@@ -539,7 +540,7 @@ CryptController::do_crypto ()
{
log_error ("%s:%s: Failure to create context.",
SRCNAME, __func__);
- gpgol_message_box (nullptr,
+ gpgol_message_box (m_mail->get_window (),
"Failure to create context.",
utf8_gettext ("GpgOL"), MB_OK);
return -1;
diff --git a/src/mail.cpp b/src/mail.cpp
index ba2b501..13b984d 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -748,20 +748,27 @@ do_crypt (LPVOID arg)
return 0;
}
- mail->set_window_enabled (true);
-
if (rc == -1)
{
- gpgol_message_box (nullptr,
- "Crypto failed",
+ mail->reset_crypter ();
+ crypter = nullptr;
+ gpgol_message_box (mail->get_window (),
+ utf8_gettext ("Sign / Encrypt failed.\n\n"
+ "This is usually caused by an error in your system.\n"
+ "Please refer to the Gpg4win compendium how to enable debugging in GpgOL,"
+ "or ask your Administrator for support."),
_("GpgOL"), MB_OK);
}
+
+ mail->set_window_enabled (true);
+
if (rc)
{
log_debug ("%s:%s: crypto failed for: %p with: %i",
SRCNAME, __func__, arg, rc);
mail->set_crypt_state (Mail::NoCryptMail);
mail->reset_crypter ();
+ crypter = nullptr;
gpgrt_lock_unlock (&dtor_lock);
return rc;
}
-----------------------------------------------------------------------
Summary of changes:
src/application-events.cpp | 2 ++
src/cryptcontroller.cpp | 5 +++--
src/mail.cpp | 31 ++++++++++++++++++++++++-------
src/mail.h | 4 +++-
src/mailitem-events.cpp | 39 +++++++++++++++++++++++++++++++++++++++
src/oomhelp.cpp | 32 ++++++++++++++++++++++++++++++++
src/oomhelp.h | 3 +++
src/windowmessages.cpp | 37 +++++++++++++++++++++++++++++++++++++
src/windowmessages.h | 2 ++
src/wks-helper.cpp | 6 ++++++
10 files changed, 151 insertions(+), 10 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 08:01:05 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Wed, 14 Mar 2018 08:01:05 +0100
Subject: [git] GPG-ERROR - branch, master, updated. gpgrt-1.28-1-gc0c5fb5
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Error codes used by GnuPG et al.".
The branch, master has been updated
via c0c5fb51c5e87954af0b60fea7f543352998e1cc (commit)
via e32342397eab85fed5ef709317cc50dc7cbc41a5 (commit)
from a27a09eb62507dcf1fd98d91fd7c5888544c59ed (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c0c5fb51c5e87954af0b60fea7f543352998e1cc
Author: Werner Koch
Date: Tue Mar 13 13:42:17 2018 +0100
Post release updates
--
diff --git a/NEWS b/NEWS
index d30e913..fe66d2c 100644
--- a/NEWS
+++ b/NEWS
@@ -1,3 +1,7 @@
+Noteworthy changes in version 1.29 (unreleased) [C23/A23/R_]
+-----------------------------------------------
+
+
Noteworthy changes in version 1.28 (2018-03-13) [C23/A23/R0]
-----------------------------------------------
diff --git a/configure.ac b/configure.ac
index aca9300..1e648d1 100644
--- a/configure.ac
+++ b/configure.ac
@@ -29,7 +29,7 @@ min_automake_version="1.14"
# See below for the LT versions.
m4_define([mym4_package],[libgpg-error])
m4_define([mym4_major], [1])
-m4_define([mym4_minor], [28])
+m4_define([mym4_minor], [29])
# Below is m4 magic to extract and compute the revision number, the
# decimalized short revision number, a beta version string, and a flag
commit e32342397eab85fed5ef709317cc50dc7cbc41a5
Author: Werner Koch
Date: Tue Mar 13 13:02:58 2018 +0100
Release 1.28
Signed-off-by: Werner Koch
diff --git a/NEWS b/NEWS
index a275f5f..d30e913 100644
--- a/NEWS
+++ b/NEWS
@@ -1,12 +1,16 @@
-Noteworthy changes in version 1.28 (unreleased) [C22/A22/R_]
+Noteworthy changes in version 1.28 (2018-03-13) [C23/A23/R0]
-----------------------------------------------
- * The formerly internal yat2m tool is now installed during a native
+ * The formerly internal yat2m tool is now installed for a native
build.
* The new files gpgrt.m4 and gpgrt-config are now installed. They
can be used instead of gpg-error.m4 and gpg-error-config.
+ * New logging functions similar to those used by GnuPG.
+
+ * New helper functions for platform abstraction.
+
* Interface changes relative to the 1.27 release:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
gpgrt_get_errorcount New API.
diff --git a/configure.ac b/configure.ac
index 04715e9..aca9300 100644
--- a/configure.ac
+++ b/configure.ac
@@ -49,8 +49,8 @@ AC_INIT([mym4_package],[mym4_version], [https://bugs.gnupg.org])
# (Interfaces added: AGE++)
# (Interfaces removed: AGE=0)
# Note that added error codes don't constitute an interface change.
-LIBGPG_ERROR_LT_CURRENT=22
-LIBGPG_ERROR_LT_AGE=22
+LIBGPG_ERROR_LT_CURRENT=23
+LIBGPG_ERROR_LT_AGE=23
LIBGPG_ERROR_LT_REVISION=0
################################################
-----------------------------------------------------------------------
Summary of changes:
NEWS | 12 ++++++++++--
configure.ac | 6 +++---
2 files changed, 13 insertions(+), 5 deletions(-)
hooks/post-receive
--
Error codes used by GnuPG et al.
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 10:14:45 2018
From: cvs at cvs.gnupg.org (by Werner Koch)
Date: Wed, 14 Mar 2018 10:14:45 +0100
Subject: [git] GPG-ERROR - branch, master, updated. gpgrt-1.28-2-gc36a606
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Error codes used by GnuPG et al.".
The branch, master has been updated
via c36a60687976d98b54dac17f699dfca4918a737c (commit)
from c0c5fb51c5e87954af0b60fea7f543352998e1cc (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c36a60687976d98b54dac17f699dfca4918a737c
Author: Werner Koch
Date: Wed Mar 14 10:07:42 2018 +0100
core: Fix building on W64
* src/w32-add.h: Remove hack to define pid_t.
* src/gpg-error.h.in: Eval macro to define pid_t.
* src/mkheader.c (have_sys_types_h, sys_types_h_included): New.
(parse_config_h): Test for sys/types.h.
(write_special): Protect inclusion of sys/types.h. Define new macro
'define:pid_t'.
--
Regression-due-to: 1865c0ba1769b407a3c504f1ab0a4278704a9fc1
Signed-off-by: Werner Koch
diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in
index f942098..cc2e361 100644
--- a/src/gpg-error.h.in
+++ b/src/gpg-error.h.in
@@ -405,6 +405,7 @@ const char *gpgrt_check_version (const char *req_version);
const char *gpg_error_check_version (const char *req_version);
/* System specific type definitions. */
+ at define:pid_t@
@define:gpgrt_ssize_t@
@define:gpgrt_off_t@
diff --git a/src/mkheader.c b/src/mkheader.c
index 997cab5..2fc5fad 100644
--- a/src/mkheader.c
+++ b/src/mkheader.c
@@ -30,6 +30,7 @@ static const char *hdr_version_number;
/* Values take from the supplied config.h. */
static int have_stdint_h;
+static int have_sys_types_h;
static int have_w32_system;
static int have_w64_system;
static char *replacement_for_off_type;
@@ -37,6 +38,7 @@ static int use_posix_threads;
/* Various state flags. */
static int stdint_h_included;
+static int sys_types_h_included;
/* The usual free wrapper. */
@@ -151,6 +153,8 @@ parse_config_h (const char *fname)
continue; /* oops */
if (!strcmp (p1, "HAVE_STDINT_H"))
have_stdint_h = 1;
+ else if (!strcmp (p1, "HAVE_SYS_TYPES_H"))
+ have_sys_types_h = 1;
else if (!strcmp (p1, "HAVE_W32_SYSTEM"))
have_w32_system = 1;
else if (!strcmp (p1, "HAVE_W64_SYSTEM"))
@@ -474,8 +478,12 @@ write_special (const char *fname, int lnr, const char *tag)
}
else
{
- fputs ("#include \n"
- "typedef ssize_t gpgrt_ssize_t;\n", stdout);
+ if (!sys_types_h_included)
+ {
+ fputs ("#include \n", stdout);
+ sys_types_h_included = 1;
+ }
+ fputs ("typedef ssize_t gpgrt_ssize_t;\n", stdout);
}
}
else if (!strcmp (tag, "api_ssize_t"))
@@ -485,6 +493,30 @@ write_special (const char *fname, int lnr, const char *tag)
else
fputs ("ssize_t", stdout);
}
+ else if (!strcmp (tag, "define:pid_t"))
+ {
+ if (have_sys_types_h)
+ {
+ if (!sys_types_h_included)
+ {
+ fputs ("#include \n", stdout);
+ sys_types_h_included = 1;
+ }
+ }
+ else if (have_w64_system)
+ {
+ if (!stdint_h_included && have_stdint_h)
+ {
+ fputs ("#include \n", stdout);
+ stdint_h_included = 1;
+ }
+ fputs ("typedef int64_t pid_t\n", stdout);
+ }
+ else
+ {
+ fputs ("typedef int pid_t\n", stdout);
+ }
+ }
else if (!strcmp (tag, "include:err-sources"))
{
write_sources_or_codes (NULL);
diff --git a/src/w32-add.h b/src/w32-add.h
index 6f9f12a..07e3c7d 100644
--- a/src/w32-add.h
+++ b/src/w32-add.h
@@ -3,10 +3,6 @@
## peculiarity of the script the first used line must not
## start with a hash mark.
-/* Fixme: This is a quick hack. We need to check whether the compiler
- * actually in use already knows that type. */
-typedef int pid_t;
-
/* Decide whether to use the format_arg attribute. */
#if _GPG_ERR_GCC_VERSION > 20800
# define _GPG_ERR_ATTR_FORMAT_ARG(a) __attribute__ ((__format_arg__ (a)))
-----------------------------------------------------------------------
Summary of changes:
src/gpg-error.h.in | 1 +
src/mkheader.c | 36 ++++++++++++++++++++++++++++++++++--
src/w32-add.h | 4 ----
3 files changed, 35 insertions(+), 6 deletions(-)
hooks/post-receive
--
Error codes used by GnuPG et al.
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 10:42:24 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Wed, 14 Mar 2018 10:42:24 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-86-gef27f37
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via ef27f3781a37e264d0eb7d1745eb2c804ec062c4 (commit)
via 423fdcd4653cb01f07f2b0e72cfcf49554930f70 (commit)
from a71205dc3b58970adf591b4e4553824a33f353db (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ef27f3781a37e264d0eb7d1745eb2c804ec062c4
Author: Ben McGinnes
Date: Wed Mar 14 20:40:50 2018 +1100
doc: python bindings todo
* minor phrasing fix.
diff --git a/lang/python/docs/TODO.org b/lang/python/docs/TODO.org
index 21d2216..e85315a 100644
--- a/lang/python/docs/TODO.org
+++ b/lang/python/docs/TODO.org
@@ -83,8 +83,8 @@
:CUSTOM_ID: howto-s-mime
:END:
- Eventually add some of this, but it the OpenPGP details are far
- more important at the moment.
+ Eventually add some of this, but the OpenPGP details are far more
+ important at the moment.
** TODO Documentation SWIG
:PROPERTIES:
commit 423fdcd4653cb01f07f2b0e72cfcf49554930f70
Author: Ben McGinnes
Date: Wed Mar 14 20:36:30 2018 +1100
doc: python bindings howto
* Added recommended method of single encryption with description.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index e4e2a74..360bce9 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -565,6 +565,72 @@
This will attempt to encrypt to all the keys searched for, then
remove invalid recipients if it fails and try again.
+**** Encrypting to one key using the second method
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-encryption-monogamous
+ :END:
+
+ This example re-creates the first encryption example except it
+ uses the same =encrypt= method used in the subsequent examples
+ instead of the =op_encrypt= method. This means that, unlike the
+ =op_encrypt= method, it /must/ use byte literal input data.
+
+ #+begin_src python
+ import gpg
+
+ rkey = "0x12345678DEADBEEF"
+ text = b"""Some text to test with.
+
+ Since the text in this case must be bytes, it is most likely that
+ the input form will be a separate file which is opened with "rb"
+ as this is the simplest method of obtaining the correct data
+ format.
+ """
+
+ c = gpg.Context(armor=True)
+ rpattern = list(c.keylist(pattern=rkey, secret=False))
+ logrus = []
+
+ for i in range(len(rpattern)):
+ if rpattern[i].can_encrypt == 1:
+ logrus.append(rpattern[i])
+
+ cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
+
+ afile = open("secret_plans.txt.asc", "wb")
+ afile.write(cipher[0])
+ afile.close()
+ #+end_src
+
+ With one or two exceptions, this method will probably prove to be
+ easier to implement than the first method and thus it is the
+ recommended encryption method. Though it is even more likely to
+ be used like this:
+
+ #+begin_src python
+ import gpg
+
+ rkey = "0x12345678DEADBEEF"
+
+ afile = open("secret_plans.txt", "rb")
+ text = afile.read()
+ afile.close()
+
+ c = gpg.Context(armor=True)
+ rpattern = list(c.keylist(pattern=rkey, secret=False))
+ logrus = []
+
+ for i in range(len(rpattern)):
+ if rpattern[i].can_encrypt == 1:
+ logrus.append(rpattern[i])
+
+ cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
+
+ afile = open("secret_plans.txt.asc", "wb")
+ afile.write(cipher[0])
+ afile.close()
+ #+end_src
+
** Decryption
:PROPERTIES:
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 66 +++++++++++++++++++++++++++++++++
lang/python/docs/TODO.org | 4 +-
2 files changed, 68 insertions(+), 2 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 12:02:13 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Wed, 14 Mar 2018 12:02:13 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-89-g4662ad2
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via 4662ad2828cbba6f3b4c0825439ebaa3db83f6c9 (commit)
from 2f39fe219c6810b51a1b428a4618b861e2d427c1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 4662ad2828cbba6f3b4c0825439ebaa3db83f6c9
Author: Andre Heinecke
Date: Wed Mar 14 11:16:03 2018 +0100
Further extend debugging around mail dtor
* src/mail.cpp (do_crypt): Note when ui thread is done.
* src/mailitem-events.cpp (EVENT_SINK_INVOKE): Log when deletion
is done in unload.
* src/windowmessages.cpp (gpgol_window_proc): Log when crypto
done handler is complete.
(do_async): Log invocation.
diff --git a/src/mail.cpp b/src/mail.cpp
index d4e7e10..d8a160d 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -779,6 +779,8 @@ do_crypt (LPVOID arg)
gpgrt_lock_unlock (&dtor_lock);
// This deletes the Mail in Outlook 2010
do_in_ui_thread (CRYPTO_DONE, arg);
+ log_debug ("%s:%s: UI thread finished for %p",
+ SRCNAME, __func__, arg);
}
else
{
diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp
index 7933826..de4c274 100644
--- a/src/mailitem-events.cpp
+++ b/src/mailitem-events.cpp
@@ -611,6 +611,8 @@ EVENT_SINK_INVOKE(MailItemEvents)
log_debug ("%s:%s: Removing Mail for message: %p.",
SRCNAME, __func__, m_object);
delete m_mail;
+ log_oom_extra ("%s:%s: deletion done",
+ SRCNAME, __func__);
return S_OK;
}
case Forward:
diff --git a/src/windowmessages.cpp b/src/windowmessages.cpp
index af55d11..9d96956 100644
--- a/src/windowmessages.cpp
+++ b/src/windowmessages.cpp
@@ -153,6 +153,8 @@ gpgol_window_proc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam)
SRCNAME, __func__, mail);
// Allow the WKS helper to queue a notification.
WKSHelper::instance()->allow_notify ();
+ log_debug ("%s:%s: Crypto done handler completed.",
+ SRCNAME, __func__);
break;
}
case (BRING_TO_FRONT):
@@ -251,6 +253,8 @@ static DWORD WINAPI
do_async (LPVOID arg)
{
wm_ctx_t *ctx = (wm_ctx_t*) arg;
+ log_debug ("%s:%s: Do async with type %i",
+ SRCNAME, __func__, ctx ? ctx->wmsg_type : -1);
send_msg_to_ui_thread (ctx);
xfree (ctx);
return 0;
-----------------------------------------------------------------------
Summary of changes:
src/mail.cpp | 2 ++
src/mailitem-events.cpp | 2 ++
src/windowmessages.cpp | 4 ++++
3 files changed, 8 insertions(+)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 15:27:17 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Wed, 14 Mar 2018 15:27:17 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-92-g3917638
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via 39176388f3a1f55cfb05ae24e06851925c1d0032 (commit)
via 35e706fe06e9d0b8148f372fa353c64ddfcf0525 (commit)
via 95ae9cb976a35cfc6f43aaacb01054b132c8eb40 (commit)
from 4662ad2828cbba6f3b4c0825439ebaa3db83f6c9 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 39176388f3a1f55cfb05ae24e06851925c1d0032
Author: Andre Heinecke
Date: Wed Mar 14 15:24:45 2018 +0100
Disable async crypto for now
* src/mail.cpp (Mail::is_inline_response): Treat every mail
as inline response exept when DO_ASYNC_CRYPTO is defined.
--
So sad :'-(
I really hope I find a way in the future to make it work.
GnuPG-Bug-Id: T3838
diff --git a/src/mail.cpp b/src/mail.cpp
index d8a160d..b3c375c 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -2538,6 +2538,10 @@ Mail::set_window_enabled (bool value)
bool
Mail::check_inline_response ()
{
+/* Async sending might lead to crashes when the send invocation is done.
+ * For now we treat every mail as an inline response to disable async
+ * encryption. :-( For more details see: T3838 */
+#ifdef DO_ASYNC_CRYPTO
m_is_inline_response = false;
LPDISPATCH app = GpgolAddin::get_instance ()->get_application ();
if (!app)
@@ -2577,6 +2581,9 @@ Mail::check_inline_response ()
m_is_inline_response = true;
}
xfree (inlineSubject);
+#else
+ m_is_inline_response = true;
+#endif
return m_is_inline_response;
}
commit 35e706fe06e9d0b8148f372fa353c64ddfcf0525
Author: Andre Heinecke
Date: Wed Mar 14 14:11:18 2018 +0100
Remove error handling for failure to resolve
* src/cryptcontroller.cpp (CryptController::do_crypto):
Remove an error handling.
--
This should never happen except when a bug occurs. And
handling it here would result in the overlay not beeing
properly destroyed.
diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp
index da60c3b..dc07146 100644
--- a/src/cryptcontroller.cpp
+++ b/src/cryptcontroller.cpp
@@ -514,11 +514,7 @@ CryptController::do_crypto ()
//error
log_debug ("%s:%s: Failure to resolve keys.",
SRCNAME, __func__);
- gpgol_message_box (nullptr,
- utf8_gettext ("Failure to resolve keys."),
- utf8_gettext ("GpgOL"), MB_OK);
- // Error handled, return as canceled.
- return -2;
+ return -1;
}
if (ret == -2)
{
commit 95ae9cb976a35cfc6f43aaacb01054b132c8eb40
Author: Andre Heinecke
Date: Wed Mar 14 14:09:34 2018 +0100
Add small safety check in ribbon callback
* src/ribbon-callbacks.cpp (get_is_details_enabled): Add
safety check.
--
I doubt that it is necessary but I've seen logs where this
function is the last before a crash. So just be sure.
diff --git a/src/ribbon-callbacks.cpp b/src/ribbon-callbacks.cpp
index 4f7d0a9..07b5ba7 100644
--- a/src/ribbon-callbacks.cpp
+++ b/src/ribbon-callbacks.cpp
@@ -1605,6 +1605,12 @@ HRESULT get_is_details_enabled (LPDISPATCH ctrl, VARIANT *result)
{
MY_MAIL_GETTER
+ if (!result)
+ {
+ TRACEPOINT;
+ return S_OK;
+ }
+
result->vt = VT_BOOL | VT_BYREF;
result->pboolVal = (VARIANT_BOOL*) xmalloc (sizeof (VARIANT_BOOL));
*(result->pboolVal) = none_selected ? VARIANT_FALSE : VARIANT_TRUE;
-----------------------------------------------------------------------
Summary of changes:
src/cryptcontroller.cpp | 6 +-----
src/mail.cpp | 7 +++++++
src/ribbon-callbacks.cpp | 6 ++++++
3 files changed, 14 insertions(+), 5 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 17:54:05 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Wed, 14 Mar 2018 17:54:05 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-87-gada059b
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via ada059b07178147821b1598c935aa70ae45e3e6c (commit)
from ef27f3781a37e264d0eb7d1745eb2c804ec062c4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ada059b07178147821b1598c935aa70ae45e3e6c
Author: Ben McGinnes
Date: Thu Mar 15 03:51:51 2018 +1100
doc: python bindings howto
* Fixed multiple sample code examples of writing output to a file.
* Added the description of detached signatures.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 360bce9..71ddbcf 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -730,22 +730,34 @@
plaintext is already compressed. ASCII armouring will be
determined according to the value of =gpg.Context().armor=.
+ The compression algorithm is selected in much the same way as the
+ symmetric encryption algorithm or the hash digest algorithm is
+ when multiple keys are involved; from the preferences saved into
+ the key itself or by comparison with the preferences with all
+ other keys involved.
+
#+begin_src python
import gpg
- text = b"""Declaration of ... something.
+ text0 = """Declaration of ... something.
"""
+ text = text0.encode("utf-8")
c = gpg.Context(armor=True, signers=sig_src)
signed = c.sign(text, mode=0)
- afile = open("/path/to/statement.txt.asc", "wb")
- for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i]))
+ afile = open("/path/to/statement.txt.asc", "w")
+ for line in signed[0]:
+ afile.write("{0}\n".format(line.decode("utf-8")))
afile.close()
#+end_src
+ Though everything in this example is accurate, it is more likely
+ that reading the input data from another file and writing the
+ result to a new file will be perfprmed more like the way it is done
+ in the next example. Even if the output format is ASCII armoured.
+
#+begin_src python
import gpg
@@ -766,40 +778,45 @@
:CUSTOM_ID: howto-basic-signing-detached
:END:
- Detached ASCII Armoured signing:
+ Detached signatures will often be needed in programmatic uses of
+ GPGME, either for signing files (e.g. tarballs of code releases)
+ or as a component of message signing (e.g. PGP/MIME encoded
+ email).
- #+begin_src python
- import gpg
+ #+begin_src python
+ import gpg
- text = b"""Declaration of ... something.
+ text0 = """Declaration of ... something.
- """
+ """
+ text = text0.encode("utf-8")
- c = gpg.Context(armor=True)
- signed = c.sign(text, mode=1)
+ c = gpg.Context(armor=True)
+ signed = c.sign(text, mode=1)
- afile = open("/path/to/statement.txt.asc", "wb")
- for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i]))
- afile.close()
- #+end_src
+ afile = open("/path/to/statement.txt.asc", "w")
+ for line in signed[0].splitlines()L
+ afile.write("{0}\n".format(line.decode("utf-8")))
+ afile.close()
+ #+end_src
- Detached binary signing of a file.
+ As with normal signatures, detached signatures are best handled as
+ byte literals, even when the output is ASCII armoured.
- #+begin_src python
- import gpg
+ #+begin_src python
+ import gpg
- tfile = open("/path/to/statement.txt", "rb")
- text = tfile.read()
- tfile.close()
+ tfile = open("/path/to/statement.txt", "rb")
+ text = tfile.read()
+ tfile.close()
- c = gpg.Context(signers=sig_src)
- signed = c.sign(text, mode=1)
+ c = gpg.Context(signers=sig_src)
+ signed = c.sign(text, mode=1)
- afile = open("/path/to/statement.txt.sig", "wb")
- afile.write(signed[0])
- afile.close()
- #+end_src
+ afile = open("/path/to/statement.txt.sig", "wb")
+ afile.write(signed[0])
+ afile.close()
+ #+end_src
*** Clearsigning messages or text
:PROPERTIES:
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 73 ++++++++++++++++++++-------------
1 file changed, 45 insertions(+), 28 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Wed Mar 14 21:22:08 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Wed, 14 Mar 2018 21:22:08 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-89-g6bc12a0
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 6bc12a0eeb20409770cb8b923d08c18c2b730cb8 (commit)
via e5c85fba25de1187949697e2dae0e89345b71e89 (commit)
from ada059b07178147821b1598c935aa70ae45e3e6c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 6bc12a0eeb20409770cb8b923d08c18c2b730cb8
Author: Ben McGinnes
Date: Thu Mar 15 07:20:31 2018 +1100
doc: python bindings howto
* Added 4 signature verification methods and partial text for them.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index b3f787a..7e7265f 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -825,7 +825,7 @@
Though PGP/in-line messages are no longer encouraged in favour of
PGP/MIME, there is still sometimes value in utilising in-line
- signatures. This is where clearsigned messages or text is of
+ signatures. This is where clear-signed messages or text is of
value.
#+begin_src python
@@ -845,7 +845,7 @@
afile.close()
#+end_src
- In spite of the appearance of a clearsigned message, the data
+ In spite of the appearance of a clear-signed message, the data
handled by GPGME in signing it must still be byte literals.
#+begin_src python
@@ -869,30 +869,127 @@
:CUSTOM_ID: howto-basic-verification
:END:
- Verify a signed file, both detached and not:
+ Essentially there are two principal methods of verification of a
+ signature. The first of these is for use with the normal or
+ default signing method and for clear-signed messages. The second is
+ for use with files and data with detached signatures.
+
+ The following example is intended for use with the default signing
+ method where the file was not ASCII armoured:
#+begin_src python
import gpg
- import sys
import time
+ filename = "statement.txt"
+ gpg_file = "statement.txt.gpg"
+
c = gpg.Context()
- data, result = c.verify(open(filename),
- open(detached_sig_filename)
- if detached_sig_filename else None)
-
- for index, sign in enumerate(result.signatures):
- print("signature", index, ":")
- print(" summary: %#0x" % (sign.summary))
- print(" status: %#0x" % (sign.status))
- print(" timestamp: ", sign.timestamp)
- print(" timestamp: ", time.ctime(sign.timestamp))
- print(" fingerprint:", sign.fpr)
- print(" uid: ", c.get_key(sign.fpr).uids[0].uid)
-
- if data:
- sys.stdout.buffer.write(data)
+ try:
+ verified = c.verify(open(gpg_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass(e)
+ #+end_src
+
+ Whereas this next example, which is almost identical would work
+ with normal ASCII armoured files and with clear-signed files:
+
+ #+begin_src python
+ import gpg
+ import time
+
+ filename = "statement.txt"
+ asc_file = "statement.txt.asc"
+
+ c = gpg.Context()
+
+ try:
+ verified = c.verify(open(asc_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass
+ #+end_src
+
+ #+begin_src python
+ import gpg
+ import time
+
+ filename = "statement.txt"
+ sig_file = "statement.txt.sig"
+
+ c = gpg.Context()
+
+ try:
+ verified = c.verify(open(filename), open(sig_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass
+ #+end_src
+
+ #+begin_src python
+ import gpg
+ import time
+
+ filename = "statement.txt"
+ asc_file = "statement.txt.asc"
+
+ c = gpg.Context()
+
+ try:
+ verified = c.verify(open(filename), open(asc_file))
+ except gpg.errors.BadSignatures as e:
+ verified = None
+ print(e)
+
+ if verified is not None:
+ for i in range(len(verified[1].signatures)):
+ sign = verified[1].signatures[i]
+ print("""Good signature from:
+ {0}
+ with key {1}
+ made at {2}
+ """.format(c.get_key(sign.fpr).uids[0].uid,
+ sign.fpr, time.ctime(sign.timestamp)))
+ else:
+ pass
#+end_src
commit e5c85fba25de1187949697e2dae0e89345b71e89
Author: Ben McGinnes
Date: Thu Mar 15 04:07:57 2018 +1100
doc: python bindings howto
* Added description for detached signatures.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 71ddbcf..b3f787a 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -823,21 +823,45 @@
:CUSTOM_ID: howto-basic-signing-clear
:END:
- #+begin_src python
- import gpg
+ Though PGP/in-line messages are no longer encouraged in favour of
+ PGP/MIME, there is still sometimes value in utilising in-line
+ signatures. This is where clearsigned messages or text is of
+ value.
- text = """Declaration of ... something.
+ #+begin_src python
+ import gpg
- """
+ text0 = """Declaration of ... something.
- c = gpg.Context()
- signed = c.sign(text, mode=2)
+ """
+ text = text0.encode("utf-8")
- afile = open("/path/to/statement.txt.asc", "w")
- for i in range(len(signed[0].splitlines())):
- afile.write("{0}\n".format(signed[0].splitlines()[i].decode('utf-8')))
- afile.close()
- #+end_src
+ c = gpg.Context()
+ signed = c.sign(text, mode=2)
+
+ afile = open("/path/to/statement.txt.asc", "w")
+ for line in signed[0].splitlines():
+ afile.write("{0}\n".format(line.decode("utf-8")))
+ afile.close()
+ #+end_src
+
+ In spite of the appearance of a clearsigned message, the data
+ handled by GPGME in signing it must still be byte literals.
+
+ #+begin_src python
+ import gpg
+
+ tfile = open("/path/to/statement.txt", "rb")
+ text = tfile.read()
+ tfile.close()
+
+ c = gpg.Context()
+ signed = c.sign(text, mode=2)
+
+ afile = open("/path/to/statement.txt.asc", "wb")
+ afile.write(signed[0])
+ afile.close()
+ #+end_src
** Signature verification
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 177 +++++++++++++++++++++++++++-----
1 file changed, 149 insertions(+), 28 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 01:19:24 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 01:19:24 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-90-gb35aaef
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via b35aaef7a3b793b8f6f5b42596c0a6a51e87f78c (commit)
from 6bc12a0eeb20409770cb8b923d08c18c2b730cb8 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b35aaef7a3b793b8f6f5b42596c0a6a51e87f78c
Author: Ben McGinnes
Date: Thu Mar 15 11:18:02 2018 +1100
doc: python bindings howto
* Added text for verifying signatures.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 7e7265f..dca6999 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -936,6 +936,27 @@
pass
#+end_src
+ In both of the previous examples it is also possible to compare the
+ original data that was signed against the signed data in
+ =verified[0]= to see if it matches with something like this:
+
+ #+begin_src python
+ afile = open(filename, "rb")
+ text = afile.read()
+ afile.close()
+
+ if text == verified[0]:
+ print("Good signature.")
+ else:
+ pass
+ #+end_src
+
+ The following two examples, however, deal with detached signatures.
+ With his method of verification the data that was signed does not
+ get returned since it is already being explicitly referenced in the
+ first argument of =c.verify=. So =verified[0]= is None and only
+ the data in =verified[1]= is available.
+
#+begin_src python
import gpg
import time
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 21 +++++++++++++++++++++
1 file changed, 21 insertions(+)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 02:15:39 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 02:15:39 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-91-g1d05e6a
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 1d05e6aa4ea467c8c5926b827cfcfba357d03312 (commit)
from b35aaef7a3b793b8f6f5b42596c0a6a51e87f78c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 1d05e6aa4ea467c8c5926b827cfcfba357d03312
Author: Ben McGinnes
Date: Thu Mar 15 12:14:29 2018 +1100
doc: python bindings howto
* Added c.get_key instructions and examples.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index dca6999..8f57adb 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -345,35 +345,78 @@
#+end_src
-** Counting keys
+*** Counting keys
+ :PROPERTIES:
+ :CUSTOM_ID: howto-keys-counting
+ :END:
+
+ Counting the number of keys in your public keybox (=pubring.kbx=),
+ the format which has superceded the old keyring format
+ (=pubring.gpg= and =secring.gpg=), or the number of secret keys is
+ a very simple task.
+
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+ seckeys = c.keylist(pattern=None, secret=True)
+ pubkeys = c.keylist(pattern=None, secret=False)
+
+ seclist = list(seckeys)
+ secnum = len(seclist)
+
+ publist = list(pubkeys)
+ pubnum = len(publist)
+
+ print("""
+ Number of secret keys: {0}
+ Number of public keys: {1}
+ """.format(secnum, pubnum)
+ #+end_src
+
+
+** Get key
:PROPERTIES:
- :CUSTOM_ID: howto-keys-counting
+ :CUSTOM_ID: howto-get-key
:END:
- Counting the number of keys in your public keybox (=pubring.kbx=),
- the format which has superceded the old keyring format
- (=pubring.gpg= and =secring.gpg=), or the number of secret keys is
- a very simple task.
+ An alternative method of getting a single key via its fingerprint
+ is available directly within a Context with =Context().get_key=.
+ This is the preferred method of selecting a key in order to modify
+ it, sign or certify it and for obtaining relevant data about a
+ single key as a part of other functions; when verifying a signature
+ made by that key, for instance.
+
+ By default this method will select public keys, but it can select
+ secret keys as well.
+
+ This first example demonstrates selecting the current key of Werner
+ Koch, which is due to expire at the end of 2018:
#+begin_src python
import gpg
- c = gpg.Context()
- seckeys = c.keylist(pattern=None, secret=True)
- pubkeys = c.keylist(pattern=None, secret=False)
+ fingerprint = "80615870F5BAD690333686D0F2AD85AC1E42B367"
+ key = gpg.Context().get_key(fingerprint)
+ #+end_src
- seclist = list(seckeys)
- secnum = len(seclist)
+ Whereas this example demonstrates selecting the author's current
+ key with the =secret= key word argument set to =True=:
- publist = list(pubkeys)
- pubnum = len(publist)
+ #+begin_src python
+ import gpg
- print("""
- Number of secret keys: {0}
- Number of public keys: {1}
- """.format(secnum, pubnum)
+ fingerprint = "DB4724E6FA4286C92B4E55C4321E4E2373590E5D"
+ key = gpg.Context().get_key(fingerprint, secret=True)
#+end_src
+ It is, of course, quite possible to select expired, disabled and
+ revoked keys with this function, but only to effectively display
+ information about those keys.
+
+ It is also possible to use both unicode or string literals and byte
+ literals with the fingerprint when getting a key in this way.
+
* Basic Functions
:PROPERTIES:
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 77 +++++++++++++++++++++++++--------
1 file changed, 60 insertions(+), 17 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 04:02:50 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 04:02:50 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-93-g5432e5f
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 5432e5f9d1dfc02812d0b181f8d88cdf4a2bfbfb (commit)
via 5d1dd2abe5cf787875d12afe46c78c75385d7b31 (commit)
from 1d05e6aa4ea467c8c5926b827cfcfba357d03312 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 5432e5f9d1dfc02812d0b181f8d88cdf4a2bfbfb
Author: Ben McGinnes
Date: Thu Mar 15 14:01:30 2018 +1100
doc: python bindings howto
* generated a new primary key for Danger Mouse in an alternative homedir.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index af5a18c..909d949 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -1068,12 +1068,105 @@
disabling them, sometimes deleting them and doing the same for user
IDs.
+ In the following examples a key will be created for the world's
+ greatest secret agent, Danger Mouse. Since Danger Mouse is a secret
+ agent he needs to be able to protect information to =SECRET= level
+ clearance, so his keys will be 3072-bit keys.
+
** Primary key
:PROPERTIES:
:CUSTOM_ID: keygen-primary
:END:
+ Generating a primary key uses the =create_key= method in a Context.
+ It contains multiple arguments and keyword arguments, including:
+ =userid=, =algorithm=, =expires_in=, =expires=, =sign=, =encrypt=,
+ =certify=, =authenticate=, =passphrase= and =force=. The defaults
+ for all of those except =userid=, =algorithm=, =expires_in=,
+ =expires= and =passphrase= is =False=. The defaults for
+ =algorithm= and =passphrase= is =None=. The default for
+ =expires_in= is =0=. The default for =expires= is =True=. There
+ is no default for =userid=.
+
+ If =passphrase= is left as =None= then the key will not be
+ generated with a passphrase, if =passphrase= is set to a string
+ then that will be the passphrase and if =passphrase= is set to
+ =True= then gpg-agent will launch pinentry to prompt for a
+ passphrase. For the sake of convenience, these examples will keep
+ =passphrase= set to =None=.
+
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+
+ c.home_dir = "/tmp/dmgpg"
+ userid = "Danger Mouse "
+
+ dmkey = c.create_key(userid, algorithm = "rsa3072", expires_in = 31536000,
+ sign = True, certify = True)
+ #+end_src
+
+ One thing to note here is the use of setting the =c.home_dir=
+ parameter. This enables generating the key or keys in a different
+ location. In this case to keep the new key data created for this
+ example in a separate location rather than adding it to existing
+ and active key store data.
+
+ The successful generation of the key can be confirmed via the
+ returned =GenkeyResult= object, which includes the following data:
+
+ #+begin_src python
+ print("""
+ Fingerprint: {0}
+ Primary Key: {1}
+ Public Key: {2}
+ Secret Key: {3}
+ Sub Key: {4}
+ User IDs: {5}
+ """.format(dmkey.fpr, dmkey.primary, dmkey.pubkey, dmkey.seckey, dmkey.sub,
+ dmkey.uid))
+ #+end_src
+
+ Alternatively the information can be confirmed using the command
+ line program:
+
+ #+begin_src shell
+ bash-4.4$ gpg --homedir /tmp/dmgpg -K
+ /tmp/dmgpg/pubring.kbx
+ ----------------------
+ sec rsa3072 2018-03-15 [SC] [expires: 2019-03-15]
+ 177B7C25DB99745EE2EE13ED026D2F19E99E63AA
+ uid [ultimate] Danger Mouse
+
+ bash-4.4$
+ #+end_src
+
+ As with generating keys manually, to preconfigure expanded
+ preferences for the cipher, digest and compression algorithms, the
+ =gpg.conf= file must contain those details in the home directory in
+ which the new key is being generated. I used a cut down version of
+ my own =gpg.conf= file in order to be able to generate this:
+
+ #+begin_src shell
+ bash-4.4$ gpg --homedir /tmp/dmgpg --edit-key 177B7C25DB99745EE2EE13ED026D2F19E99E63AA showpref quit
+ Secret key is available.
+
+ sec rsa3072/026D2F19E99E63AA
+ created: 2018-03-15 expires: 2019-03-15 usage: SC
+ trust: ultimate validity: ultimate
+ [ultimate] (1). Danger Mouse
+
+ [ultimate] (1). Danger Mouse
+ Cipher: TWOFISH, CAMELLIA256, AES256, CAMELLIA192, AES192, CAMELLIA128, AES, BLOWFISH, IDEA, CAST5, 3DES
+ Digest: SHA512, SHA384, SHA256, SHA224, RIPEMD160, SHA1
+ Compression: ZLIB, BZIP2, ZIP, Uncompressed
+ Features: MDC, Keyserver no-modify
+
+ bash-4.4$
+ #+end_src
+
** Subkeys
:PROPERTIES:
commit 5d1dd2abe5cf787875d12afe46c78c75385d7b31
Author: Ben McGinnes
Date: Thu Mar 15 12:27:45 2018 +1100
doc: python bindings howto
* Added sections for key generation and key editing.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 8f57adb..af5a18c 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -1057,6 +1057,48 @@
#+end_src
+* Creating keys and subkeys
+ :PROPERTIES:
+ :CUSTOM_ID: key-generation
+ :END:
+
+ The one thing, aside from GnuPG itself, that GPGME depends on, of
+ course, is the keys themselves. So it is necessary to be able to
+ generate them and modify them by adding subkeys, revoking or
+ disabling them, sometimes deleting them and doing the same for user
+ IDs.
+
+
+** Primary key
+ :PROPERTIES:
+ :CUSTOM_ID: keygen-primary
+ :END:
+
+
+** Subkeys
+ :PROPERTIES:
+ :CUSTOM_ID: keygen-subkeys
+ :END:
+
+
+** User IDs
+ :PROPERTIES:
+ :CUSTOM_ID: keygen-uids
+ :END:
+
+
+** Key preferences
+ :PROPERTIES:
+ :CUSTOM_ID: keygen-prefs
+ :END:
+
+
+** Key certification
+ :PROPERTIES:
+ :CUSTOM_ID: keygen-certify
+ :END:
+
+
* Miscellaneous work-arounds
:PROPERTIES:
:CUSTOM_ID: cheats-and-hacks
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 135 ++++++++++++++++++++++++++++++++
1 file changed, 135 insertions(+)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 04:45:14 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 04:45:14 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-94-gb02d9d0
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via b02d9d0a7b96b186eb3063d94bde369339181461 (commit)
from 5432e5f9d1dfc02812d0b181f8d88cdf4a2bfbfb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit b02d9d0a7b96b186eb3063d94bde369339181461
Author: Ben McGinnes
Date: Thu Mar 15 14:43:44 2018 +1100
doc: python bindings howto
* Added an encryption subkey to Danger Mouse's primary key.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 909d949..0e61746 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -1073,6 +1073,28 @@
agent he needs to be able to protect information to =SECRET= level
clearance, so his keys will be 3072-bit keys.
+ The pre-configured =gpg.conf= file which sets cipher, digest and
+ other preferences contains the following configuration parameters:
+
+ #+begin_src conf
+ expert
+ allow-freeform-uid
+ allow-secret-key-import
+ trust-model tofu+pgp
+ tofu-default-policy unknown
+ # no-auto-check-trustdb
+ enable-large-rsa
+ enable-dsa2
+ # no-emit-version
+ # no-comments
+ # cert-digest-algo SHA256
+ cert-digest-algo SHA512
+ default-preference-list TWOFISH CAMELLIA256 AES256 CAMELLIA192 AES192 CAMELLIA128 AES BLOWFISH IDEA CAST5 3DES SHA512 SHA384 SHA256 SHA224 RIPEMD160 SHA1 ZLIB BZIP2 ZIP Uncompressed
+ personal-cipher-preferences TWOFISH CAMELLIA256 AES256 CAMELLIA192 AES192 CAMELLIA128 AES BLOWFISH IDEA CAST5 3DES
+ personal-digest-preferences SHA512 SHA384 SHA256 SHA224 RIPEMD160 SHA1
+ personal-compress-preferences ZLIB BZIP2 ZIP Uncompressed
+ #+end_src
+
** Primary key
:PROPERTIES:
@@ -1173,6 +1195,56 @@
:CUSTOM_ID: keygen-subkeys
:END:
+ Adding subkeys to a primary key is fairly similar to creating the
+ primary key with the =create_subkey= method. Most of the arguments
+ are the same, but not quite all. Instead of the =userid= argument
+ there is now a =key= argument for selecting which primary key to
+ add the subkey to.
+
+ In the following example an encryption subkey will be added to the
+ primary key. Since Danger Mouse is a security conscious secret
+ agent, this subkey will only be valid for about six months, half
+ the length of the primary key.
+
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+ c.home_dir = "/tmp/dmgpg"
+
+ key = c.get_key(dmkey.fpr, secret = True)
+ dmsub = c.create_subkey(key, algorithm = "rsa3072", expires_in = 15768000,
+ encrypt = True)
+ #+end_src
+
+ As with the primary key, the results here can be checked with:
+
+ #+begin_src python
+ print("""
+ Fingerprint: {0}
+ Primary Key: {1}
+ Public Key: {2}
+ Secret Key: {3}
+ Sub Key: {4}
+ User IDs: {5}
+ """.format(dmsub.fpr, dmsub.primary, dmsub.pubkey, dmsub.seckey, dmsub.sub,
+ dmsub.uid))
+ #+end_src
+
+ As well as on the command line with:
+
+ #+begin_src shell
+ bash-4.4$ gpg --homedir /tmp/dmgpg -K
+ /tmp/dmgpg/pubring.kbx
+ ----------------------
+ sec rsa3072 2018-03-15 [SC] [expires: 2019-03-15]
+ 177B7C25DB99745EE2EE13ED026D2F19E99E63AA
+ uid [ultimate] Danger Mouse
+ ssb rsa3072 2018-03-15 [E] [expires: 2018-09-13]
+
+ bash-4.4$
+ #+end_src
+
** User IDs
:PROPERTIES:
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 72 +++++++++++++++++++++++++++++++++
1 file changed, 72 insertions(+)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 05:52:01 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 05:52:01 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-97-g961aea2
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 961aea212ef48914ecbfa169addf951b0854b0b4 (commit)
via 7ac65b10837740caf68cdade791b8c5ce4eb1b03 (commit)
via 9e3e4a835c64f5d06de821b1fd648af37827ff26 (commit)
from b02d9d0a7b96b186eb3063d94bde369339181461 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 961aea212ef48914ecbfa169addf951b0854b0b4
Author: Ben McGinnes
Date: Thu Mar 15 15:51:01 2018 +1100
doc: python bindings howto
* Added key signing.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index d22efbe..582a28f 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -1290,6 +1290,38 @@
:CUSTOM_ID: key-sign
:END:
+ Since key certification is more frequently referred to as key
+ signing, the method used to perform this function is =key_sign=.
+
+ The =key_sign= method takes four arguments: =key=, =uids=,
+ =expires_in= and =local=. The default value of =uids= is =None=
+ and which results in all user IDs being selected. The default
+ values of =expires_in= snd =local= is =False=; which result in the
+ signature never expiring and being able to be exported.
+
+ The =key= is the key being signed rather than the key doing the
+ signing. To change the key doing the signing refer to the signing
+ key selection above for signing messages and files.
+
+ If the =uids= value is not =None= then it must either be a string
+ to match a single user ID or a list of strings to match multiple
+ user IDs. In this case the matching of those strings must be
+ precise and it is case sensitive.
+
+ To sign Danger Mouse's key for just the initial user ID with a
+ signature which will last a little over a month, do this:
+
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+ uid = "Danger Mouse "
+
+ dmfpr = "177B7C25DB99745EE2EE13ED026D2F19E99E63AA"
+ key = c.get_key(dmfpr, secret = True)
+ c.key_sign(key, uids = uid, expires_in = 2764800)
+ #+end_src
+
* Miscellaneous work-arounds
:PROPERTIES:
commit 7ac65b10837740caf68cdade791b8c5ce4eb1b03
Author: Ben McGinnes
Date: Thu Mar 15 15:16:23 2018 +1100
doc: python bindings howto
* Added a new user ID for Danger Mouse.
* Removed the empty entry for key preferences since that is handled
through gpg.conf and/or editing the key directly.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 37318fc..d22efbe 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -1251,16 +1251,43 @@
:CUSTOM_ID: keygen-uids
:END:
+ By comparison to creating primary keys and subkeys, adding a new
+ user ID to an existing key is much simpler. The method used to do
+ this is =key_add_uid= and the only arguments it takes are for the
+ =key= and the new =uid=.
-** Key preferences
- :PROPERTIES:
- :CUSTOM_ID: keygen-prefs
- :END:
+ #+begin_src python
+ import gpg
+
+ c = gpg.Context()
+ c.home_dir = "/tmp/dmgpg"
+
+ dmfpr = "177B7C25DB99745EE2EE13ED026D2F19E99E63AA"
+ key = c.get_key(dmfpr, secret = True)
+ uid = "Danger Mouse "
+
+ c.key_add_uid(key, uid)
+ #+end_src
+
+ Unsurprisingly the result of this is:
+
+ #+begin_src shell
+ bash-4.4$ gpg --homedir /tmp/dmgpg -K
+ /tmp/dmgpg/pubring.kbx
+ ----------------------
+ sec rsa3072 2018-03-15 [SC] [expires: 2019-03-15]
+ 177B7C25DB99745EE2EE13ED026D2F19E99E63AA
+ uid [ultimate] Danger Mouse
+ uid [ultimate] Danger Mouse
+ ssb rsa3072 2018-03-15 [E] [expires: 2018-09-13]
+
+ bash-4.4$
+ #+end_src
** Key certification
:PROPERTIES:
- :CUSTOM_ID: keygen-certify
+ :CUSTOM_ID: key-sign
:END:
commit 9e3e4a835c64f5d06de821b1fd648af37827ff26
Author: Ben McGinnes
Date: Thu Mar 15 14:59:36 2018 +1100
doc: python bindings howto
* Spell checking and fixing the few errors.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 0e61746..37318fc 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -35,8 +35,8 @@
Much of it will work with Python 2, but much of it also deals with
Python 3 byte literals, particularly when reading and writing data.
Developers concentrating on Python 2.7, and possibly even 2.6, will
- need to make the approprate modifications to support the older
- string and unicode types as opposted to bytes.
+ need to make the appropriate modifications to support the older
+ string and unicode types as opposed to bytes.
There are multiple reasons for concentrating on Python 3; some of
which relate to the immediate integration of these bindings, some
@@ -61,7 +61,7 @@
Unlike many modern APIs with which programmers will be more
familiar with these days, the GPGME API is a C API. The API is
intended for use by C coders who would be able to access its
- features by including the =gpgme.h= header file eith their own C
+ features by including the =gpgme.h= header file with their own C
source code and then access its functions just as they would any
other C headers.
@@ -208,7 +208,7 @@
By default GPGME will attempt to install the bindings for the most
recent or highest version number of Python 2 and Python 3 it
detects in =$PATH=. It specifically checks for the =python= and
- =python3= executabled first and then checks for specific version
+ =python3= executables first and then checks for specific version
numbers.
For Python 2 it checks for these executables in this order:
@@ -275,7 +275,7 @@
result of one operation has a direct bearing on the outcome of
subsequent operations. Not merely by generating an error either.
- When dealing with this type of persistant state on the web, full of
+ When dealing with this type of persistent state on the web, full of
both the RESTful and REST-like, it's most commonly referred to as a
session. In GPGME, however, it is called a context and every
operation type has one.
@@ -351,7 +351,7 @@
:END:
Counting the number of keys in your public keybox (=pubring.kbx=),
- the format which has superceded the old keyring format
+ the format which has superseded the old keyring format
(=pubring.gpg= and =secring.gpg=), or the number of secret keys is
a very simple task.
@@ -424,7 +424,7 @@
:END:
The most frequently called features of any cryptographic library
- will be the most fundamental tasks for enxryption software. In this
+ will be the most fundamental tasks for encryption software. In this
section we will look at how to programmatically encrypt data,
decrypt it, sign it and verify signatures.
@@ -461,7 +461,7 @@
the key was not found.
The encryption operation is invoked within the Context with the
- =c.op_encrypt= function, loading the recipien (=r=), the message
+ =c.op_encrypt= function, loading the recipients (=r=), the message
(=plain=) and the =cipher=. The =cipher.seek= uses =os.SEEK_SET=
to set the data to the correct byte format for GPGME to use it.
@@ -798,7 +798,7 @@
Though everything in this example is accurate, it is more likely
that reading the input data from another file and writing the
- result to a new file will be perfprmed more like the way it is done
+ result to a new file will be performed more like the way it is done
in the next example. Even if the output format is ASCII armoured.
#+begin_src python
@@ -838,7 +838,7 @@
signed = c.sign(text, mode=1)
afile = open("/path/to/statement.txt.asc", "w")
- for line in signed[0].splitlines()L
+ for line in signed[0].splitlines():
afile.write("{0}\n".format(line.decode("utf-8")))
afile.close()
#+end_src
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 89 +++++++++++++++++++++++++++------
1 file changed, 74 insertions(+), 15 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 06:20:14 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 06:20:14 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-98-g3d0c7a2
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 3d0c7a2202c8e9bd4f284fd00069d34b8d3d3d4c (commit)
from 961aea212ef48914ecbfa169addf951b0854b0b4 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 3d0c7a2202c8e9bd4f284fd00069d34b8d3d3d4c
Author: Ben McGinnes
Date: Thu Mar 15 16:13:34 2018 +1100
doc: python bindings howto
* Fixed a minor typographic error.
* Bumped version number in preparation for merge with master.
* While there are probably a few more things worthy of being added
(mainly how to revoke things), this document is essentially ready
for publication now.
Signed-off-by: Ben McGinnes
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 582a28f..71e738a 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -13,7 +13,7 @@
:CUSTOM_ID: intro
:END:
- | Version: | 0.0.1-alpha |
+ | Version: | 0.1.0 |
| Author: | Ben McGinnes |
| Author GPG Key: | DB4724E6FA4286C92B4E55C4321E4E2373590E5D |
| Language: | Australian English, British English |
@@ -513,7 +513,7 @@
Encrypting to multiple keys, in addition to a default key or a key
configured to always encrypt to, is a little different and uses a
- slightly different call to the =op_encrypt call= demonstrated in the
+ slightly different call to the =op_encrypt= call demonstrated in the
previous section.
The following example encrypts a message (=text=) to everyone with
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 09:30:43 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Thu, 15 Mar 2018 09:30:43 +0100
Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-94-gbf9098d
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG extension for MS Outlook".
The branch, master has been updated
via bf9098d2d63de6feaf8fe9486299b7cae924022f (commit)
via 7ba9dc3962fb3fb854c2b1cd9338618ffafbc5b4 (commit)
from 39176388f3a1f55cfb05ae24e06851925c1d0032 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit bf9098d2d63de6feaf8fe9486299b7cae924022f
Author: Andre Heinecke
Date: Thu Mar 15 09:27:24 2018 +0100
Fix unencrypted forward of crypto mail
* src/mail.cpp (Mail::Mail): Add new marker for forwarded
crypto mails.
(Mail::remove_our_attachments): New. Removes gpgol attachments.
(Mail::set_is_forwarded_crypto_mail, Mail::is_forwarded_crypto_mail):
New accessors to marker.
* src/mailitem-events.cpp (EVENT_SINK_INVOKE): Set marker on
forward. Handle marker on write.
--
GnuPG-Bug-Id: T3836
diff --git a/src/mail.cpp b/src/mail.cpp
index b3c375c..7e8360f 100644
--- a/src/mail.cpp
+++ b/src/mail.cpp
@@ -92,7 +92,8 @@ Mail::Mail (LPDISPATCH mailitem) :
m_is_gsuite(false),
m_crypt_state(NoCryptMail),
m_window(nullptr),
- m_is_inline_response(false)
+ m_is_inline_response(false),
+ m_is_forwarded_crypto_mail(false)
{
if (get_mail_for_item (mailitem))
{
@@ -2624,3 +2625,63 @@ Mail::locate_all_crypto_recipients()
}
}
}
+
+int
+Mail::remove_our_attachments ()
+{
+ LPDISPATCH attachments = get_oom_object (m_mailitem, "Attachments");
+ if (!attachments)
+ {
+ TRACEPOINT;
+ return 0;
+ }
+ int count = get_oom_int (attachments, "Count");
+ LPDISPATCH to_delete[count];
+ int del_cnt = 0;
+ for (int i = 1; i <= count; i++)
+ {
+ auto item_str = std::string("Item(") + std::to_string (i) + ")";
+ LPDISPATCH attachment = get_oom_object (attachments, item_str.c_str());
+ if (!attachment)
+ {
+ TRACEPOINT;
+ continue;
+ }
+
+ attachtype_t att_type;
+ if (get_pa_int (attachment, GPGOL_ATTACHTYPE_DASL, (int*) &att_type))
+ {
+ /* Not our attachment. */
+ gpgol_release (attachment);
+ continue;
+ }
+
+ if (att_type == ATTACHTYPE_PGPBODY || att_type == ATTACHTYPE_MOSS ||
+ att_type == ATTACHTYPE_MOSSTEMPL)
+ {
+ /* One of ours to delete. */
+ to_delete[del_cnt++] = attachment;
+ /* Dont' release yet */
+ continue;
+ }
+ gpgol_release (attachment);
+ }
+ gpgol_release (attachments);
+
+ int ret = 0;
+
+ for (int i = 0; i < del_cnt; i++)
+ {
+ LPDISPATCH attachment = to_delete[i];
+
+ /* Delete the attachments that are marked to delete */
+ if (invoke_oom_method (attachment, "Delete", NULL))
+ {
+ log_error ("%s:%s: Error: deleting attachment %i",
+ SRCNAME, __func__, i);
+ ret = -1;
+ }
+ gpgol_release (attachment);
+ }
+ return ret;
+}
diff --git a/src/mail.h b/src/mail.h
index 90f042e..7410f61 100644
--- a/src/mail.h
+++ b/src/mail.h
@@ -448,6 +448,15 @@ public:
/** Get the mime data that should be used when sending. */
std::string get_override_mime_data () const { return m_mime_data; }
+ /** Set if this is a forward of a crypto mail. */
+ void set_is_forwarded_crypto_mail (bool value) { m_is_forwarded_crypto_mail = value; }
+ bool is_forwarded_crypto_mail () { return m_is_forwarded_crypto_mail; }
+
+ /** Remove the hidden GpgOL attachments. This is needed when forwarding
+ without encryption so that our attachments are not included in the forward.
+ Returns 0 on success. Works in OOM. */
+ int remove_our_attachments ();
+
void update_body ();
private:
void update_categories ();
@@ -488,5 +497,6 @@ private:
HWND m_window;
bool m_is_inline_response;
std::string m_mime_data;
+ bool m_is_forwarded_crypto_mail; /* Is this a forward of a crypto mail */
};
#endif // MAIL_H
diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp
index de4c274..273c842 100644
--- a/src/mailitem-events.cpp
+++ b/src/mailitem-events.cpp
@@ -494,10 +494,11 @@ EVENT_SINK_INVOKE(MailItemEvents)
Security consideration: Worst case we pass the write here but
an unload follows before we get the scheduled revert. This
- would leak plaintext.
+ would leak plaintext. But does not happen in our tests.
Similarly if we crash or Outlook is closed before we see this
- revert. */
+ revert. But as we immediately revert after the write this should
+ also not happen. */
const std::string lastSubject = last_mail->get_subject ();
char *lastEntryID = get_oom_string (last_mail->item (), "EntryID");
int lastSize = get_oom_int (last_mail->item (), "Size");
@@ -542,6 +543,27 @@ EVENT_SINK_INVOKE(MailItemEvents)
*(parms->rgvarg[0].pboolVal) = VARIANT_TRUE;
}
+ if (!m_mail->is_crypto_mail () && m_mail->is_forwarded_crypto_mail () &&
+ !m_mail->needs_crypto () && m_mail->crypt_state () == Mail::NoCryptMail)
+ {
+ /* We are sure now that while this is a forward of an encrypted
+ * mail that the forward should not be signed or encrypted. So
+ * it's not constructed by us. We need to remove our attachments
+ * though so that they are not included in the forward. */
+ log_debug ("%s:%s: Writing unencrypted forward of crypt mail. "
+ "Removing attachments. mail: %p item: %p",
+ SRCNAME, __func__, m_mail, m_object);
+ if (m_mail->remove_our_attachments ())
+ {
+ // Worst case we forward some encrypted data here not
+ // a security problem, so let it pass.
+ log_error ("%s:%s: Failed to remove our attachments.",
+ SRCNAME, __func__);
+ }
+ /* Remove marker because we did this now. */
+ m_mail->set_is_forwarded_crypto_mail (false);
+ }
+
log_debug ("%s:%s: Passing write event.",
SRCNAME, __func__);
m_mail->set_needs_save (false);
@@ -616,6 +638,41 @@ EVENT_SINK_INVOKE(MailItemEvents)
return S_OK;
}
case Forward:
+ {
+ log_oom_extra ("%s:%s: Forward: %p",
+ SRCNAME, __func__, m_mail);
+ if (!m_mail->is_crypto_mail ())
+ {
+ /* Non crypto mails do not interest us.*/
+ break;
+ }
+ Mail *last_mail = Mail::get_last_mail ();
+ if (Mail::is_valid_ptr (last_mail))
+ {
+ /* We want to identify here if there was a mail created that
+ should receive the contents of this mail. For this we check
+ for a forward in the same loop as a mail creation.
+ */
+ char *lastEntryID = get_oom_string (last_mail->item (), "EntryID");
+ int lastSize = get_oom_int (last_mail->item (), "Size");
+ std::string lastEntryStr;
+ if (lastEntryID)
+ {
+ lastEntryStr = lastEntryID;
+ xfree (lastEntryID);
+ }
+
+ if (!lastSize && !lastEntryStr.size ())
+ {
+ log_debug ("%s:%s: Forward in the same loop as empty load."
+ " Marking %p (item %p) as forwarded.",
+ SRCNAME, __func__, last_mail, last_mail->item ());
+
+ last_mail->set_is_forwarded_crypto_mail (true);
+ }
+ }
+ }
+ /* Fallthrough */
case Reply:
case ReplyAll:
{
commit 7ba9dc3962fb3fb854c2b1cd9338618ffafbc5b4
Author: Andre Heinecke
Date: Thu Mar 15 08:26:46 2018 +0100
Avoid double gpgme_data_identify
* src/parsecontroller.cpp (ParseController::parse): Store first
identify value and reuse it.
diff --git a/src/parsecontroller.cpp b/src/parsecontroller.cpp
index 860c215..484afc2 100644
--- a/src/parsecontroller.cpp
+++ b/src/parsecontroller.cpp
@@ -234,7 +234,9 @@ ParseController::parse()
Data input (m_inputprovider);
- if (input.type () == Data::Type::PGPSigned)
+ auto inputType = input.type ();
+
+ if (inputType == Data::Type::PGPSigned)
{
verify = true;
decrypt = false;
@@ -289,7 +291,7 @@ ParseController::parse()
decrypt, verify,
protocol == OpenPGP ? "OpenPGP" :
protocol == CMS ? "CMS" : "Unknown",
- m_sender.empty() ? "none" : m_sender.c_str(), input.type ());
+ m_sender.empty() ? "none" : m_sender.c_str(), inputType);
if (decrypt)
{
input.seek (0, SEEK_SET);
-----------------------------------------------------------------------
Summary of changes:
src/mail.cpp | 63 ++++++++++++++++++++++++++++++++++++++++++++++++-
src/mail.h | 10 ++++++++
src/mailitem-events.cpp | 61 +++++++++++++++++++++++++++++++++++++++++++++--
src/parsecontroller.cpp | 6 +++--
4 files changed, 135 insertions(+), 5 deletions(-)
hooks/post-receive
--
GnuPG extension for MS Outlook
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 15:51:25 2018
From: cvs at cvs.gnupg.org (by Ben McGinnes)
Date: Thu, 15 Mar 2018 15:51:25 +0100
Subject: [git] GPGME - branch, ben/docs/2018-03,
updated. gpgme-1.10.0-100-g22e2445
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, ben/docs/2018-03 has been updated
via 22e2445beee46ed1e527a98e635153c7cf03786f (commit)
via 94a95ac12364989db7f4be333107f3c023551857 (commit)
from 3d0c7a2202c8e9bd4f284fd00069d34b8d3d3d4c (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 22e2445beee46ed1e527a98e635153c7cf03786f
Author: Ben McGinnes
Date: Fri Mar 16 01:48:56 2018 +1100
doc: python bindings howto
* fixed custom_id for decryption so the XHTML validates.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 30e1018..4aa4398 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -677,7 +677,7 @@
** Decryption
:PROPERTIES:
- :CUSTOM_ID: howto-basic-encryption
+ :CUSTOM_ID: howto-basic-decryption
:END:
Decrypting something encrypted to a key in one's secret keyring is
commit 94a95ac12364989db7f4be333107f3c023551857
Author: Ben McGinnes
Date: Fri Mar 16 01:34:22 2018 +1100
doc: python bindings howto
* Promoted final encryption example so that it will appear as heading
6.1.3 when exported to HTML or PDF.
diff --git a/lang/python/docs/GPGMEpythonHOWTOen.org b/lang/python/docs/GPGMEpythonHOWTOen.org
index 71e738a..30e1018 100644
--- a/lang/python/docs/GPGMEpythonHOWTOen.org
+++ b/lang/python/docs/GPGMEpythonHOWTOen.org
@@ -608,71 +608,71 @@
This will attempt to encrypt to all the keys searched for, then
remove invalid recipients if it fails and try again.
-**** Encrypting to one key using the second method
- :PROPERTIES:
- :CUSTOM_ID: howto-basic-encryption-monogamous
- :END:
+*** Encrypting to one key using the second method
+ :PROPERTIES:
+ :CUSTOM_ID: howto-basic-encryption-monogamous
+ :END:
- This example re-creates the first encryption example except it
- uses the same =encrypt= method used in the subsequent examples
- instead of the =op_encrypt= method. This means that, unlike the
- =op_encrypt= method, it /must/ use byte literal input data.
+ This example re-creates the first encryption example except it
+ uses the same =encrypt= method used in the subsequent examples
+ instead of the =op_encrypt= method. This means that, unlike the
+ =op_encrypt= method, it /must/ use byte literal input data.
- #+begin_src python
- import gpg
+ #+begin_src python
+ import gpg
- rkey = "0x12345678DEADBEEF"
- text = b"""Some text to test with.
+ rkey = "0x12345678DEADBEEF"
+ text = b"""Some text to test with.
- Since the text in this case must be bytes, it is most likely that
- the input form will be a separate file which is opened with "rb"
- as this is the simplest method of obtaining the correct data
- format.
- """
+ Since the text in this case must be bytes, it is most likely that
+ the input form will be a separate file which is opened with "rb"
+ as this is the simplest method of obtaining the correct data
+ format.
+ """
- c = gpg.Context(armor=True)
- rpattern = list(c.keylist(pattern=rkey, secret=False))
- logrus = []
+ c = gpg.Context(armor=True)
+ rpattern = list(c.keylist(pattern=rkey, secret=False))
+ logrus = []
- for i in range(len(rpattern)):
- if rpattern[i].can_encrypt == 1:
- logrus.append(rpattern[i])
+ for i in range(len(rpattern)):
+ if rpattern[i].can_encrypt == 1:
+ logrus.append(rpattern[i])
- cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
+ cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
- afile = open("secret_plans.txt.asc", "wb")
- afile.write(cipher[0])
- afile.close()
- #+end_src
+ afile = open("secret_plans.txt.asc", "wb")
+ afile.write(cipher[0])
+ afile.close()
+ #+end_src
- With one or two exceptions, this method will probably prove to be
- easier to implement than the first method and thus it is the
- recommended encryption method. Though it is even more likely to
- be used like this:
+ With one or two exceptions, this method will probably prove to be
+ easier to implement than the first method and thus it is the
+ recommended encryption method. Though it is even more likely to
+ be used like this:
- #+begin_src python
- import gpg
+ #+begin_src python
+ import gpg
- rkey = "0x12345678DEADBEEF"
+ rkey = "0x12345678DEADBEEF"
- afile = open("secret_plans.txt", "rb")
- text = afile.read()
- afile.close()
+ afile = open("secret_plans.txt", "rb")
+ text = afile.read()
+ afile.close()
- c = gpg.Context(armor=True)
- rpattern = list(c.keylist(pattern=rkey, secret=False))
- logrus = []
+ c = gpg.Context(armor=True)
+ rpattern = list(c.keylist(pattern=rkey, secret=False))
+ logrus = []
- for i in range(len(rpattern)):
- if rpattern[i].can_encrypt == 1:
- logrus.append(rpattern[i])
+ for i in range(len(rpattern)):
+ if rpattern[i].can_encrypt == 1:
+ logrus.append(rpattern[i])
- cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
+ cipher = c.encrypt(text, recipients=logrus, sign=False, always_trust=True)
- afile = open("secret_plans.txt.asc", "wb")
- afile.write(cipher[0])
- afile.close()
- #+end_src
+ afile = open("secret_plans.txt.asc", "wb")
+ afile.write(cipher[0])
+ afile.close()
+ #+end_src
** Decryption
-----------------------------------------------------------------------
Summary of changes:
lang/python/docs/GPGMEpythonHOWTOen.org | 100 ++++++++++++++++----------------
1 file changed, 50 insertions(+), 50 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 16:03:31 2018
From: cvs at cvs.gnupg.org (by NIIBE Yutaka)
Date: Thu, 15 Mar 2018 16:03:31 +0100
Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2,
updated. gnupg-2.2.5-15-gfd23a05
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "The GNU Privacy Guard".
The branch, STABLE-BRANCH-2-2 has been updated
via fd23a0524d8060ed12d87c679b7823686614aaee (commit)
from c84bae69e9e02923f7180e09d161cb0b13257436 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit fd23a0524d8060ed12d87c679b7823686614aaee
Author: NIIBE Yutaka
Date: Thu Mar 15 23:59:22 2018 +0900
scd: Fix suspend/resume handling for CCID driver.
* scd/ccid-driver.c (intr_cb): Try submitting INTERRUPT urb
to see if it's suspend/resume.
--
Upon suspend/resume, LIBUSB_TRANSFER_NO_DEVICE is returned, since all
URBs are cancelled. We need to see if it's real NODEV error or its by
suspend/resume. We can distinguish by sending URB again.
Signed-off-by: NIIBE Yutaka
diff --git a/scd/ccid-driver.c b/scd/ccid-driver.c
index 5046da5..f33a36c 100644
--- a/scd/ccid-driver.c
+++ b/scd/ccid-driver.c
@@ -1467,7 +1467,8 @@ intr_cb (struct libusb_transfer *transfer)
DEBUGOUT_1 ("CCID: interrupt callback %d\n", transfer->status);
- if (transfer->status == LIBUSB_TRANSFER_TIMED_OUT)
+ if (transfer->status == LIBUSB_TRANSFER_TIMED_OUT
+ || transfer->status == LIBUSB_TRANSFER_NO_DEVICE)
{
int err;
-----------------------------------------------------------------------
Summary of changes:
scd/ccid-driver.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
hooks/post-receive
--
The GNU Privacy Guard
http://git.gnupg.org
From cvs at cvs.gnupg.org Thu Mar 15 16:23:22 2018
From: cvs at cvs.gnupg.org (by Andre Heinecke)
Date: Thu, 15 Mar 2018 16:23:22 +0100
Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-52-gad95288
Message-ID:
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via ad95288d3b3efc38998841add4fe658c84701f98 (commit)
via a630a1e3e74c926163864b013cb164b4cd1866fc (commit)
from e846c3daeeb4e7092169cdb7bf4f55e0b105aac3 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit ad95288d3b3efc38998841add4fe658c84701f98
Author: Andre Heinecke
Date: Thu Mar 15 16:21:00 2018 +0100
cpp: Expose skipped_v3_keys
* lang/cpp/src/importresult.cpp,
lang/cpp/src/importresult.h (ImportResult::numV3KeysSkipped): New.
--
GnuPG-Bug-Id: T3776
diff --git a/NEWS b/NEWS
index c172697..7b6fdd9 100644
--- a/NEWS
+++ b/NEWS
@@ -6,6 +6,7 @@ Noteworthy changes in version 1.10.1 (unreleased)
gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys'
cpp: Key::locate NEW.
cpp: Data::toString NEW.
+ cpp: ImportResult::numV3KeysSkipped NEW.
Noteworthy changes in version 1.10.0 (2017-12-12)
-------------------------------------------------
diff --git a/lang/cpp/src/importresult.cpp b/lang/cpp/src/importresult.cpp
index 8c35f9c..dbb31d0 100644
--- a/lang/cpp/src/importresult.cpp
+++ b/lang/cpp/src/importresult.cpp
@@ -154,6 +154,11 @@ int GpgME::ImportResult::notImported() const
return d ? d->res.not_imported : 0 ;
}
+int GpgME::ImportResult::numV3KeysSkipped() const
+{
+ return d ? d->res.skipped_v3_keys : 0 ;
+}
+
GpgME::Import GpgME::ImportResult::import(unsigned int idx) const
{
return Import(d, idx);
diff --git a/lang/cpp/src/importresult.h b/lang/cpp/src/importresult.h
index 2f0e7f2..0547679 100644
--- a/lang/cpp/src/importresult.h
+++ b/lang/cpp/src/importresult.h
@@ -78,6 +78,7 @@ public:
int numSecretKeysUnchanged() const;
int notImported() const;
+ int numV3KeysSkipped() const;
Import import(unsigned int idx) const;
std::vector imports() const;
commit a630a1e3e74c926163864b013cb164b4cd1866fc
Author: Andre Heinecke