From cvs at cvs.gnupg.org Mon Apr 2 10:45:06 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Mon, 02 Apr 2018 10:45:06 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-41-ga17d2d1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via a17d2d1f690ebe5d005b4589a5fe378b6487c657 (commit) from 6705ee42a4bd89eea3f959f75d3c14a69c1249a3 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a17d2d1f690ebe5d005b4589a5fe378b6487c657 Author: NIIBE Yutaka Date: Mon Apr 2 17:41:50 2018 +0900 g10: Fix filtering by PK->REQ_USAGE. * g10/getkey.c (get_pubkey_byfprint): Filter by PK->REQ_USAGE. -- GnuPG-bug-id: 3844 Signed-off-by: NIIBE Yutaka diff --git a/g10/getkey.c b/g10/getkey.c index dabd052..0405d1d 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -1810,6 +1810,8 @@ get_pubkey_byfprint (ctrl_t ctrl, PKT_public_key *pk, kbnode_t *r_keyblock, ctx.items[0].mode = fprint_len == 16 ? KEYDB_SEARCH_MODE_FPR16 : KEYDB_SEARCH_MODE_FPR20; memcpy (ctx.items[0].u.fpr, fprint, fprint_len); + if (pk) + ctx.req_usage = pk->req_usage; rc = lookup (ctrl, &ctx, 0, &kb, &found_key); if (!rc && pk) pk_from_block (pk, kb, found_key); ----------------------------------------------------------------------- Summary of changes: g10/getkey.c | 2 ++ 1 file changed, 2 insertions(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 3 13:31:22 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 03 Apr 2018 13:31:22 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-42-gcb1731c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via cb1731c23cddfa524d3f51cfd82029bff853a073 (commit) from a17d2d1f690ebe5d005b4589a5fe378b6487c657 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cb1731c23cddfa524d3f51cfd82029bff853a073 Author: NIIBE Yutaka Date: Tue Apr 3 20:30:29 2018 +0900 scd: Writing KDF resets auth state. * scd/app-openpgp.c (do_setattr): Clear auth state. Signed-off-by: NIIBE Yutaka diff --git a/scd/app-openpgp.c b/scd/app-openpgp.c index ab57d90..9fcfa19 100644 --- a/scd/app-openpgp.c +++ b/scd/app-openpgp.c @@ -2459,7 +2459,7 @@ do_setattr (app_t app, const char *name, { "SM-KEY-MAC", 0x00D2, 3, 0, 1 }, { "KEY-ATTR", 0, 0, 3, 1 }, { "AESKEY", 0x00D5, 3, 0, 1 }, - { "KDF", 0x00F9, 3, 0, 1 }, + { "KDF", 0x00F9, 3, 4, 1 }, { NULL, 0 } }; int exmode; @@ -2507,6 +2507,12 @@ do_setattr (app_t app, const char *name, app->force_chv1 = (valuelen && *value == 0); else if (table[idx].special == 2) parse_login_data (app); + else if (table[idx].special == 4) + { + app->did_chv1 = 0; + app->did_chv2 = 0; + app->did_chv3 = 0; + } return rc; } ----------------------------------------------------------------------- Summary of changes: scd/app-openpgp.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 4 11:23:27 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 04 Apr 2018 11:23:27 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-183-g5eb261d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 5eb261d6028ab2c0ddd9af8e3e1f82e479c6109c (commit) from fed024eff1091056647296ac589a0c88c2be41bb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5eb261d6028ab2c0ddd9af8e3e1f82e479c6109c Author: Andre Heinecke Date: Wed Apr 4 11:21:53 2018 +0200 qt: Add test for resetting config value * lang/qt/tests/t-config.cpp (CryptoConfigTest::testDefault): New. -- There is a bug around here somewhere. This test does not show it :-( diff --git a/lang/qt/tests/t-config.cpp b/lang/qt/tests/t-config.cpp index e04a6bb..afbb4d1 100644 --- a/lang/qt/tests/t-config.cpp +++ b/lang/qt/tests/t-config.cpp @@ -39,6 +39,8 @@ #include "t-support.h" #include "protocol.h" #include "cryptoconfig.h" +#include "engineinfo.h" + #include using namespace QGpgME; @@ -51,7 +53,7 @@ private Q_SLOTS: void testKeyserver() { // Repeatedly set a config value and clear it - // this war broken at some point so it gets a + // this was broken at some point so it gets a // unit test. for (int i = 0; i < 10; i++) { auto conf = cryptoConfig(); @@ -78,6 +80,36 @@ private Q_SLOTS: } } + void testDefault() + { + if (GpgME::engineInfo(GpgME::GpgEngine).engineVersion() < "2.2.0") { + // We are using compliance here and other options might also + // be unsupported in older versions. + return; + } + // First set compliance to de-vs + auto conf = cryptoConfig(); + QVERIFY(conf); + auto entry = conf->entry(QStringLiteral("gpg"), + QStringLiteral("Configuration"), + QStringLiteral("compliance")); + QVERIFY(entry); + entry->setStringValue("de-vs"); + conf->sync(true); + conf->clear(); + entry = conf->entry(QStringLiteral("gpg"), + QStringLiteral("Configuration"), + QStringLiteral("compliance")); + QCOMPARE(entry->stringValue(), QStringLiteral("de-vs")); + entry->resetToDefault(); + conf->sync(true); + conf->clear(); + entry = conf->entry(QStringLiteral("gpg"), + QStringLiteral("Configuration"), + QStringLiteral("compliance")); + QCOMPARE(entry->stringValue(), QStringLiteral("gnupg")); + } + void initTestCase() { QGpgMETest::initTestCase(); ----------------------------------------------------------------------- Summary of changes: lang/qt/tests/t-config.cpp | 34 +++++++++++++++++++++++++++++++++- 1 file changed, 33 insertions(+), 1 deletion(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 4 13:37:40 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 04 Apr 2018 13:37:40 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-43-g83529e1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 83529e1bd14a6d39f2a8ecab9fb6aa4c1f344c73 (commit) from cb1731c23cddfa524d3f51cfd82029bff853a073 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 83529e1bd14a6d39f2a8ecab9fb6aa4c1f344c73 Author: NIIBE Yutaka Date: Wed Apr 4 20:27:08 2018 +0900 tests: Fix no gpg-agent upon removal of GNUPGHOME. * tests/gpgscm/gnupg.scm (with-ephemeral-home-directory): Add teadown-fn. * tests/gpgsm/export.scm: Use -no-atexit version and stop-agent. * tests/openpgp/decrypt-session-key.scm: Likewise. * tests/openpgp/decrypt-unwrap-verify.scm: Likewise. * tests/openpgp/defs.scm (have-opt-always-trust): Likewise. (setup-environment-no-atexit): New. (start-agent): Support no use of atexit. * tests/gpgsm/gpgsm-defs.scm (setup-gpgsm-environment-no-atexit): New. * tests/migrations/common.scm (untar-armored): Follow the change of with-ephemeral-home-directory. -- When gpg-agent detects homedir removal, it will automatically exit. Then, call of 'gpgconf --kill all' will fail. So, stop-agent should be called before the removal of homedir. Signed-off-by: NIIBE Yutaka diff --git a/tests/gpgscm/gnupg.scm b/tests/gpgscm/gnupg.scm index 5fcf9fd..77bf479 100644 --- a/tests/gpgscm/gnupg.scm +++ b/tests/gpgscm/gnupg.scm @@ -28,17 +28,22 @@ ;; Evaluate a sequence of expressions with an ephemeral home ;; directory. -(define-macro (with-ephemeral-home-directory setup-fn . expressions) +(define-macro (with-ephemeral-home-directory setup-fn teardown-fn . expressions) (let ((original-home-directory (gensym)) (ephemeral-home-directory (gensym)) - (setup (gensym))) + (setup (gensym)) + (teardown (gensym))) `(let ((,original-home-directory (getenv "GNUPGHOME")) (,ephemeral-home-directory (mkdtemp)) - (,setup (delay (,setup-fn)))) + (,setup (delay (,setup-fn))) + (,teardown (delay (,teardown-fn)))) (finally (unlink-recursively ,ephemeral-home-directory) (dynamic-wind (lambda () (setenv "GNUPGHOME" ,ephemeral-home-directory #t) (with-working-directory ,ephemeral-home-directory (force ,setup))) (lambda () , at expressions) - (lambda () (setenv "GNUPGHOME" ,original-home-directory #t))))))) + (lambda () + (setenv "GNUPGHOME" ,ephemeral-home-directory #t) + (with-working-directory ,ephemeral-home-directory (force ,teardown)) + (setenv "GNUPGHOME" ,original-home-directory #t))))))) diff --git a/tests/gpgsm/export.scm b/tests/gpgsm/export.scm index d29b6cc..4a8108b 100644 --- a/tests/gpgsm/export.scm +++ b/tests/gpgsm/export.scm @@ -25,7 +25,7 @@ (lambda (cert) (lettmp (exported) (call-check `(, at gpgsm --output ,exported --export ,cert::uid::CN)) - (with-ephemeral-home-directory setup-gpgsm-environment + (with-ephemeral-home-directory setup-gpgsm-environment-no-atexit stop-agent (call-check `(, at gpgsm --import ,exported)) (assert (sm-have-public-key? cert))))) (lambda (cert) cert::uid::CN) diff --git a/tests/gpgsm/gpgsm-defs.scm b/tests/gpgsm/gpgsm-defs.scm index c78a127..f118642 100644 --- a/tests/gpgsm/gpgsm-defs.scm +++ b/tests/gpgsm/gpgsm-defs.scm @@ -99,3 +99,9 @@ (call-check `(,(tool 'gpgtar) --extract --directory=. ,(cadr *args*))) (create-gpgsm-gpghome)) (start-agent)) + +(define (setup-gpgsm-environment-no-atexit) + (if (member "--unpack-tarball" *args*) + (call-check `(,(tool 'gpgtar) --extract --directory=. ,(cadr *args*))) + (create-gpgsm-gpghome)) + (start-agent #t)) diff --git a/tests/migrations/common.scm b/tests/migrations/common.scm index 54d33b9..cabfdff 100644 --- a/tests/migrations/common.scm +++ b/tests/migrations/common.scm @@ -39,7 +39,7 @@ (define GPGTAR (path-join (getenv "objdir") "tools" (qualify "gpgtar"))) (define (untar-armored source-name) - (with-ephemeral-home-directory (lambda ()) + (with-ephemeral-home-directory (lambda ()) (lambda ()) (pipe:do (pipe:open source-name (logior O_RDONLY O_BINARY)) (pipe:spawn `(, at GPG --dearmor)) diff --git a/tests/openpgp/decrypt-session-key.scm b/tests/openpgp/decrypt-session-key.scm index 35aa7f3..c3294e0 100755 --- a/tests/openpgp/decrypt-session-key.scm +++ b/tests/openpgp/decrypt-session-key.scm @@ -37,7 +37,7 @@ (lambda (name) (let* ((source (in-srcdir "tests" "openpgp" (string-append name ".asc"))) (key (get-session-key source))) - (with-ephemeral-home-directory setup-environment + (with-ephemeral-home-directory setup-environment-no-atexit stop-agent (tr:do (tr:open source) (tr:gpg "" `(--yes --decrypt --override-session-key ,key)) diff --git a/tests/openpgp/decrypt-unwrap-verify.scm b/tests/openpgp/decrypt-unwrap-verify.scm index bf7d14d..addc2da 100755 --- a/tests/openpgp/decrypt-unwrap-verify.scm +++ b/tests/openpgp/decrypt-unwrap-verify.scm @@ -35,7 +35,7 @@ ;; Then, verify the signature with a clean working directory ;; containing only Steve's public key. - (with-ephemeral-home-directory setup-environment + (with-ephemeral-home-directory setup-environment-no-atexit stop-agent (call-check `(, at gpg --import ,steve's-key)) (call-check `(, at gpg --verify ,unwrapped))))) '("encsig-2-keys-3" "encsig-2-keys-4"))) diff --git a/tests/openpgp/defs.scm b/tests/openpgp/defs.scm index a6347fe..9537652 100644 --- a/tests/openpgp/defs.scm +++ b/tests/openpgp/defs.scm @@ -201,7 +201,7 @@ (define have-opt-always-trust (catch #f - (with-ephemeral-home-directory (lambda ()) + (with-ephemeral-home-directory (lambda ()) (lambda ()) (call-check `(,(tool 'gpg) --gpgconf-test --always-trust))) #t)) @@ -365,6 +365,10 @@ (create-gpghome) (start-agent)) +(define (setup-environment-no-atexit) + (create-gpghome) + (start-agent #t)) + (define (create-sample-files) (log "Creating sample data files") (for-each @@ -448,12 +452,12 @@ (preset-passphrases)) ;; Create the socket dir and start the agent. -(define (start-agent) +(define (start-agent . args) (log "Starting gpg-agent...") (let ((gnupghome (getenv "GNUPGHOME"))) - (atexit (lambda () - (with-home-directory gnupghome - (stop-agent))))) + (if (null? args) + (atexit (lambda () + (with-home-directory gnupghome (stop-agent)))))) (catch (log "Warning: Creating socket directory failed:" (car *error*)) (gpg-conf '--create-socketdir)) (call-check `(,(tool 'gpg-connect-agent) --verbose ----------------------------------------------------------------------- Summary of changes: tests/gpgscm/gnupg.scm | 13 +++++++++---- tests/gpgsm/export.scm | 2 +- tests/gpgsm/gpgsm-defs.scm | 6 ++++++ tests/migrations/common.scm | 2 +- tests/openpgp/decrypt-session-key.scm | 2 +- tests/openpgp/decrypt-unwrap-verify.scm | 2 +- tests/openpgp/defs.scm | 14 +++++++++----- 7 files changed, 28 insertions(+), 13 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 5 03:39:25 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Thu, 05 Apr 2018 03:39:25 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-44-g870527d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 870527df0dd704c994928348c8c2910030776680 (commit) from 83529e1bd14a6d39f2a8ecab9fb6aa4c1f344c73 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 870527df0dd704c994928348c8c2910030776680 Author: NIIBE Yutaka Date: Thu Apr 5 10:37:23 2018 +0900 g10: Let card-edit/key-attr show message when change. * g10/card-util.c (ask_card_rsa_keysize): Don't show message here. (ask_card_keyattr): Show message when change, also for ECC. Signed-off-by: NIIBE Yutaka diff --git a/g10/card-util.c b/g10/card-util.c index e33a417..896ead0 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -1389,12 +1389,7 @@ ask_card_rsa_keysize (unsigned int nbits) "RSA", min_nbits, max_nbits); } else - { - tty_printf (_("The card will now be re-configured" - " to generate a key of %u bits\n"), req_nbits); - show_keysize_warning (); - return req_nbits; - } + return req_nbits; } } @@ -1501,8 +1496,19 @@ ask_card_keyattr (int keyno, const struct key_attr *current) } leave: - if (!key_attr) - tty_printf (_("No change.")); + if (key_attr) + { + if (key_attr->algo == PUBKEY_ALGO_RSA) + tty_printf (_("The card will now be re-configured" + " to generate a key of %u bits\n"), key_attr->nbits); + else if (key_attr->algo == PUBKEY_ALGO_ECDH + || key_attr->algo == PUBKEY_ALGO_ECDSA + || key_attr->algo == PUBKEY_ALGO_EDDSA) + tty_printf (_("The card will now be re-configured" + " to generate a key of type: %s\n"), key_attr->curve), + + show_keysize_warning (); + } return key_attr; } ----------------------------------------------------------------------- Summary of changes: g10/card-util.c | 22 ++++++++++++++-------- 1 file changed, 14 insertions(+), 8 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 5 11:00:30 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 05 Apr 2018 11:00:30 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-117-g0aac05e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 0aac05ee0cfbe8101e9df59f0cd0716fbf84c596 (commit) via cc78a181785c0a2fe363c749d26d5ade959ccca3 (commit) via 0aada62ad6d7faa14917860179829cdc5329702d (commit) via bf273a7a67d8571030a57a087365de1d9b494e56 (commit) via 5bf8ceeae7d6e76e432218dfa9751168fd2f09c0 (commit) from f79f3379aba5949941c320b6cd2d9a1e95785ca1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0aac05ee0cfbe8101e9df59f0cd0716fbf84c596 Author: Andre Heinecke Date: Thu Apr 5 10:57:39 2018 +0200 Disable oom body check for MIME mails * src/mailitem-events.cpp (EVENT_SINK_INVOKE): Disable safety checks. -- The safety check added for T3863 triggered too often. Even if a Body is found in OOM when we send MIME that should not be a problem as the MIME conversion will wkill the body. GnuPG-Bug-Id: T3863 GnuPG-Bug-Id: T3875 diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index bc40cc8..ec6d6cc 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -429,6 +429,19 @@ EVENT_SINK_INVOKE(MailItemEvents) { if (!m_mail->has_crypted_or_empty_body()) { +/* The safety checks here trigger too often. Somehow for some + users the body is not empty after the encryption but when + it is sent it is still sent with the crypto content because + the encrypted MIME Structure is used because it is + correct in MAPI land. + + For safety reasons enabling the checks might be better but + until we figure out why for some users the body replacement + does not work we have to disable them. Otherwise GpgOL + is unusuable for such users. GnuPG-Bug-Id: T3875 +*/ +#define DISABLE_SAFTEY_CHECKS +#ifndef DISABLE_SAFTEY_CHECKS gpgol_bug (m_mail->get_window (), ERR_WANTS_SEND_MIME_BODY); log_debug ("%s:%s: Message %p mail %p cancelling send mime - " @@ -437,6 +450,11 @@ EVENT_SINK_INVOKE(MailItemEvents) m_mail->set_crypt_state (Mail::NoCryptMail); *(parms->rgvarg[0].pboolVal) = VARIANT_TRUE; break; +#else + log_debug ("%s:%s: Message %p mail %p - " + "not encrypted or not empty body detected - MIME.", + SRCNAME, __func__, m_object, m_mail); +#endif } /* Now we adress T3656 if Outlooks internal S/MIME is somehow * mixed in (even if it is enabled and then disabled) it might commit cc78a181785c0a2fe363c749d26d5ade959ccca3 Author: Andre Heinecke Date: Thu Apr 5 10:56:29 2018 +0200 Log body if body was found after crypto * src/mail.cpp (has_crypt_or_empty_body_oom): Log body in very verbose logging mode. -- Might help to figure out what goes wrong in: GnuPG-Bug-Id: T3875 diff --git a/src/mail.cpp b/src/mail.cpp index e6b2f1e..bd28cc3 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -2569,6 +2569,11 @@ has_crypt_or_empty_body_oom (Mail *mail) { ret.second = true; } + else + { + log_mime_parser ("%s:%s: Body found in %p : \"%s\"", + SRCNAME, __func__, mail, body.c_str ()); + } return ret; } commit 0aada62ad6d7faa14917860179829cdc5329702d Author: Andre Heinecke Date: Thu Apr 5 10:55:43 2018 +0200 Also clear plain body in wipe * src/mail.cpp (Mail::wipe): Clear body even if clearing the HTML Body succeeds. -- Might help with: GnuPG-Bug-Id: T3875 diff --git a/src/mail.cpp b/src/mail.cpp index 9d96bb6..e6b2f1e 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -1280,6 +1280,10 @@ Mail::wipe (bool force) } return -1; } + else + { + put_oom_string (m_mailitem, "Body", ""); + } m_needs_wipe = false; return 0; } commit bf273a7a67d8571030a57a087365de1d9b494e56 Author: Andre Heinecke Date: Thu Apr 5 08:44:44 2018 +0200 Properly handle crypt cancel for inline mails * src/mailitem-events.cpp (EVENT_SINK_INVOKE): Handle error or canceled crypt for inline mails. -- Canceling recipients would otherwise show a bug message. GnuPG-Bug-Id: T3864 diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index 2a96166..bc40cc8 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -375,6 +375,15 @@ EVENT_SINK_INVOKE(MailItemEvents) } else { + if (m_mail->crypt_state () == Mail::NoCryptMail) + { + // Crypto failed or was canceled + log_debug ("%s:%s: Message %p mail %p cancelling send - " + "Crypto failed or canceled.", + SRCNAME, __func__, m_object, m_mail); + *(parms->rgvarg[0].pboolVal) = VARIANT_TRUE; + break; + } // For inline response we can't trigger send programatically // so we do the encryption in sync. if (m_mail->crypt_state () == Mail::NeedsUpdateInOOM) commit 5bf8ceeae7d6e76e432218dfa9751168fd2f09c0 Author: Andre Heinecke Date: Thu Apr 5 08:39:40 2018 +0200 Don't access listed key on error * src/parsecontroller.cpp (ParseController::get_ultimate_keys): Don't access key data member on error. -- A bit cleaner in case key is somehow invalid. diff --git a/src/parsecontroller.cpp b/src/parsecontroller.cpp index 484afc2..a4debf5 100644 --- a/src/parsecontroller.cpp +++ b/src/parsecontroller.cpp @@ -486,7 +486,7 @@ ParseController::get_ultimate_keys() while (!err) { const auto key = ctx->nextKey(err); - if (key.isNull() || err) + if (err || key.isNull()) { break; } ----------------------------------------------------------------------- Summary of changes: src/mail.cpp | 9 +++++++++ src/mailitem-events.cpp | 27 +++++++++++++++++++++++++++ src/parsecontroller.cpp | 2 +- 3 files changed, 37 insertions(+), 1 deletion(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 5 12:05:32 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 05 Apr 2018 12:05:32 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-119-gc9343fa Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via c9343fa680d37927341292c48ef3be2001e1a6cc (commit) via 857afbf1a2e594b1ca10a84842d372c1edb87507 (commit) from 0aac05ee0cfbe8101e9df59f0cd0716fbf84c596 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c9343fa680d37927341292c48ef3be2001e1a6cc Author: Andre Heinecke Date: Thu Apr 5 12:01:18 2018 +0200 Revert "Jump the event queue" This reverts commit a6bf8ef284d98f87a9e64ce326e2a0a55633213c. -- Did not work as intended diff --git a/src/olflange.h b/src/olflange.h index 31aea7a..7601eb6 100644 --- a/src/olflange.h +++ b/src/olflange.h @@ -37,7 +37,7 @@ DEFINE_GUID(CLSID_GPGOL, 0x42d30988, 0x1a3a, 0x11da, */ /* The ProgID used by us */ -#define GPGOL_PROGID "Z.GNU.GpgOL" +#define GPGOL_PROGID "GNU.GpgOL" /* User friendly add in name */ #define GPGOL_PRETTY "GpgOL - The GnuPG Outlook Plugin" /* Short description of the addin */ commit 857afbf1a2e594b1ca10a84842d372c1edb87507 Author: Andre Heinecke Date: Thu Apr 5 11:29:02 2018 +0200 More saveguards and logging in get_ultimate_keys * src/parsecontroller.cpp (ParseController::get_ultimate_keys): Add more debug output and saveguards. -- From the logs in a bugreport it looks very much like we crash somewhere in between starting the keylisting and finishing it. Checking for invalid key or if a uid has an id makes sense, but might not be the crash. GnuPG-Bug-Id: T3857 diff --git a/src/parsecontroller.cpp b/src/parsecontroller.cpp index a4debf5..454ac4c 100644 --- a/src/parsecontroller.cpp +++ b/src/parsecontroller.cpp @@ -475,6 +475,7 @@ ParseController::get_ultimate_keys() } ctx->setKeyListMode (KeyListMode::Local); Error err; + TRACEPOINT; if ((err = ctx->startKeyListing ())) { log_error ("%s:%s: Failed to start keylisting err: %i: %s", @@ -483,23 +484,36 @@ ParseController::get_ultimate_keys() gpgrt_lock_unlock (&keylist_lock); return s_ultimate_keys; } + TRACEPOINT; while (!err) { const auto key = ctx->nextKey(err); if (err || key.isNull()) { + TRACEPOINT; break; } + if (key.isInvalid ()) + { + log_debug ("%s:%s: skipping invalid key.", + SRCNAME, __func__); + continue; + } for (const auto uid: key.userIDs()) { - if (uid.validity() == UserID::Validity::Ultimate) + if (uid.validity() == UserID::Validity::Ultimate && + uid.id()) { s_ultimate_keys.push_back (key); - log_debug ("adding ultimate uid: %s", uid.id()); + log_debug ("%s:%s: Adding ultimate uid.", + SRCNAME, __func__); + log_mime_parser ("%s:%s: Added uid %s.", + SRCNAME, __func__, uid.id()); break; } } } + TRACEPOINT; delete ctx; log_debug ("%s:%s: keylisting done.", SRCNAME, __func__); ----------------------------------------------------------------------- Summary of changes: src/olflange.h | 2 +- src/parsecontroller.cpp | 18 ++++++++++++++++-- 2 files changed, 17 insertions(+), 3 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 5 14:06:30 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 05 Apr 2018 14:06:30 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-121-g1441f67 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 1441f6710db976c76b5cb64073be05b318df84ce (commit) via 21893fa30aec87dc3ec25153490c41e00f1641b0 (commit) from c9343fa680d37927341292c48ef3be2001e1a6cc (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1441f6710db976c76b5cb64073be05b318df84ce Author: Andre Heinecke Date: Thu Apr 5 14:05:13 2018 +0200 Fix encrypt to self if keycache is used * src/cryptcontroller.cpp (CryptController::resolve_keys_cached): Add sender to recipients if encrypt is selected. * src/keycache.cpp, src/keycache.h (KeyCache::getEncryptionKeys): Use a vector of strings instead of carray. -- Oooops. diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp index eddc9f7..1065f6e 100644 --- a/src/cryptcontroller.cpp +++ b/src/cryptcontroller.cpp @@ -309,12 +309,16 @@ CryptController::resolve_keys_cached() if (m_encrypt) { - m_recipients = cache->getEncryptionKeys((const char **)m_recipient_addrs, GpgME::OpenPGP); + const auto cached_sender = m_mail->get_cached_sender (); + auto recps = cArray_to_vector ((const char**) m_recipient_addrs); + recps.push_back (cached_sender); + + m_recipients = cache->getEncryptionKeys(recps, GpgME::OpenPGP); m_proto = GpgME::OpenPGP; if (m_recipients.empty() && opt.enable_smime) { - m_recipients = cache->getEncryptionKeys((const char **)m_recipient_addrs, GpgME::CMS); + m_recipients = cache->getEncryptionKeys(recps, GpgME::CMS); fallbackToSMIME = true; m_proto = GpgME::CMS; } diff --git a/src/keycache.cpp b/src/keycache.cpp index 73011aa..29382d5 100644 --- a/src/keycache.cpp +++ b/src/keycache.cpp @@ -219,22 +219,22 @@ public: return key; } - std::vector getEncryptionKeys (const char **recipients, + std::vector getEncryptionKeys (const std::vector &recipients, GpgME::Protocol proto) { std::vector ret; - if (!recipients) + if (recipients.empty ()) { TRACEPOINT; return ret; } - for (int i = 0; recipients[i]; i++) + for (const auto &recip: recipients) { - const auto key = getKey (recipients[i], proto); + const auto key = getKey (recip.c_str (), proto); if (key.isNull()) { log_mime_parser ("%s:%s: No key for %s. no internal encryption", - SRCNAME, __func__, recipients[i]); + SRCNAME, __func__, recip.c_str ()); return std::vector(); } @@ -242,20 +242,20 @@ public: key.isExpired() || key.isDisabled() || key.isInvalid()) { log_mime_parser ("%s:%s: Invalid key for %s. no internal encryption", - SRCNAME, __func__, recipients[i]); + SRCNAME, __func__, recip.c_str ()); return std::vector(); } if (in_de_vs_mode () && key.isDeVs ()) { log_mime_parser ("%s:%s: key for %s is not deVS", - SRCNAME, __func__, recipients[i]); + SRCNAME, __func__, recip.c_str ()); return std::vector(); } bool validEnough = false; /* Here we do the check if the key is valid for this recipient */ - const auto addrSpec = GpgME::UserID::addrSpecFromString (recipients[i]); + const auto addrSpec = GpgME::UserID::addrSpecFromString (recip.c_str ()); for (const auto &uid: key.userIDs ()) { if (addrSpec != uid.addrSpec()) @@ -272,7 +272,7 @@ public: if (!validEnough) { log_mime_parser ("%s:%s: UID for %s does not have at least marginal trust", - SRCNAME, __func__, recipients[i]); + SRCNAME, __func__, recip.c_str ()); return std::vector(); } // Accepting key @@ -309,7 +309,7 @@ KeyCache::getSigningKey (const char *addr, GpgME::Protocol proto) const } std::vector -KeyCache::getEncryptionKeys (const char **recipients, GpgME::Protocol proto) const +KeyCache::getEncryptionKeys (const std::vector &recipients, GpgME::Protocol proto) const { return d->getEncryptionKeys (recipients, proto); } diff --git a/src/keycache.h b/src/keycache.h index 9a3aded..41e7255 100644 --- a/src/keycache.h +++ b/src/keycache.h @@ -53,7 +53,7 @@ public: are taken from the internal cache. If one recipient can't be resolved an empty list is returned. */ - std::vector getEncryptionKeys (const char **recipients, + std::vector getEncryptionKeys (const std::vector &recipients, GpgME::Protocol proto) const; /* Start a key location in a background thread filling commit 21893fa30aec87dc3ec25153490c41e00f1641b0 Author: Andre Heinecke Date: Thu Apr 5 14:04:38 2018 +0200 Add helper to convert carray to vector * src/cpphelp.cpp, src/cpphelp.h (cArray_to_vector): New. diff --git a/src/cpphelp.cpp b/src/cpphelp.cpp index 122703e..c09b16d 100644 --- a/src/cpphelp.cpp +++ b/src/cpphelp.cpp @@ -82,6 +82,23 @@ vector_to_cArray(const std::vector &vec) return ret; } +std::vector +cArray_to_vector(const char **cArray) +{ + std::vector ret; + + if (!cArray) + { + return ret; + } + + for (int i = 0; cArray[i]; i++) + { + ret.push_back (std::string (cArray[i])); + } + return ret; +} + bool in_de_vs_mode() { diff --git a/src/cpphelp.h b/src/cpphelp.h index c2f2983..953f861 100644 --- a/src/cpphelp.h +++ b/src/cpphelp.h @@ -38,6 +38,7 @@ void trim (std::string &s); /* Convert a string vector to a null terminated char array */ char **vector_to_cArray (const std::vector &vec); +std::vector cArray_to_vector (const char **cArray); /* Check if we are in de_vs mode. */ bool in_de_vs_mode (); ----------------------------------------------------------------------- Summary of changes: src/cpphelp.cpp | 17 +++++++++++++++++ src/cpphelp.h | 1 + src/cryptcontroller.cpp | 8 ++++++-- src/keycache.cpp | 20 ++++++++++---------- src/keycache.h | 2 +- 5 files changed, 35 insertions(+), 13 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 5 15:32:03 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 05 Apr 2018 15:32:03 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-45-gd27417d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via d27417d3a571739329a86d9f25212f2da0c8ff72 (commit) from 870527df0dd704c994928348c8c2910030776680 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d27417d3a571739329a86d9f25212f2da0c8ff72 Author: Werner Koch Date: Thu Apr 5 15:25:13 2018 +0200 gpg: Add new OpenPGP card vendor. -- Signed-off-by: Werner Koch diff --git a/g10/card-util.c b/g10/card-util.c index 896ead0..1a249fb 100644 --- a/g10/card-util.c +++ b/g10/card-util.c @@ -216,6 +216,7 @@ get_manufacturer (unsigned int no) case 0x1337: return "Warsaw Hackerspace"; case 0x2342: return "warpzone"; /* hackerspace Muenster. */ + case 0x63AF: return "Trustica"; case 0xBD0E: return "Paranoidlabs"; case 0xF517: return "FSIJ"; ----------------------------------------------------------------------- Summary of changes: g10/card-util.c | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 6 08:07:51 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 06 Apr 2018 08:07:51 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-46-g80b775b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 80b775bdbb852aa4a80292c9357e5b1876110c00 (commit) from d27417d3a571739329a86d9f25212f2da0c8ff72 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 80b775bdbb852aa4a80292c9357e5b1876110c00 Author: NIIBE Yutaka Date: Fri Apr 6 14:58:14 2018 +0900 agent: Support SSH signature flags. * agent/command-ssh.c (SSH_AGENT_RSA_SHA2_256): New. (SSH_AGENT_RSA_SHA2_512): New. (ssh_handler_sign_request): Override SPEC when FLAGS is specified. -- GnuPG-bug-id: 3880 Reported-by: Daniel Kahn Gillmor Signed-off-by: NIIBE Yutaka diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 517231a..d1158e7 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -83,6 +83,8 @@ /* Other constants. */ #define SSH_DSA_SIGNATURE_PADDING 20 #define SSH_DSA_SIGNATURE_ELEMS 2 +#define SSH_AGENT_RSA_SHA2_256 0x02 +#define SSH_AGENT_RSA_SHA2_512 0x04 #define SPEC_FLAG_USE_PKCS1V2 (1 << 0) #define SPEC_FLAG_IS_ECDSA (1 << 1) #define SPEC_FLAG_IS_EdDSA (1 << 2) /*(lowercase 'd' on purpose.)*/ @@ -2880,11 +2882,24 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) if (err) goto out; - /* FIXME? */ err = stream_read_uint32 (request, &flags); if (err) goto out; + if (spec.algo == GCRY_PK_RSA) + { + if ((flags & SSH_AGENT_RSA_SHA2_256)) + { + spec.ssh_identifier = "rsa-sha2-256"; + spec.hash_algo = GCRY_MD_SHA256; + } + else if ((flags & SSH_AGENT_RSA_SHA2_512)) + { + spec.ssh_identifier = "rsa-sha2-512"; + spec.hash_algo = GCRY_MD_SHA512; + } + } + hash_algo = spec.hash_algo; if (!hash_algo) hash_algo = GCRY_MD_SHA1; /* Use the default. */ ----------------------------------------------------------------------- Summary of changes: agent/command-ssh.c | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 6 10:25:45 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 06 Apr 2018 10:25:45 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-47-g5ba74a1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 5ba74a134db431530884f03eea5410a68dbfe0f5 (commit) from 80b775bdbb852aa4a80292c9357e5b1876110c00 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5ba74a134db431530884f03eea5410a68dbfe0f5 Author: Werner Koch Date: Fri Apr 6 10:18:53 2018 +0200 gpg: Re-indent sig-check.c and use signature class macros. * g10/keydb.h (IS_BACK_SIG): New. * g10/sig-check.c: Re-indent and use macros. -- This makes the code easier to understand. Signed-off-by: Werner Koch diff --git a/g10/keydb.h b/g10/keydb.h index 7393768..627564c 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -33,6 +33,7 @@ #define IS_KEY_SIG(s) ((s)->sig_class == 0x1f) #define IS_UID_SIG(s) (((s)->sig_class & ~3) == 0x10) #define IS_SUBKEY_SIG(s) ((s)->sig_class == 0x18) +#define IS_BACK_SIG(s) ((s)->sig_class == 0x19) #define IS_KEY_REV(s) ((s)->sig_class == 0x20) #define IS_UID_REV(s) ((s)->sig_class == 0x30) #define IS_SUBKEY_REV(s) ((s)->sig_class == 0x28) diff --git a/g10/sig-check.c b/g10/sig-check.c index 23af12b..1a90fd3 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -115,174 +115,177 @@ check_signature2 (ctrl_t ctrl, PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, int *r_expired, int *r_revoked, PKT_public_key **r_pk) { - int rc=0; - PKT_public_key *pk; - - if (r_expiredate) - *r_expiredate = 0; - if (r_expired) - *r_expired = 0; - if (r_revoked) - *r_revoked = 0; - if (r_pk) - *r_pk = NULL; - - pk = xtrycalloc (1, sizeof *pk); - if (!pk) - return gpg_error_from_syserror (); - - if ( (rc=openpgp_md_test_algo(sig->digest_algo)) ) - ; /* We don't have this digest. */ - else if (! gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo)) - { - /* Compliance failure. */ - log_info (_("digest algorithm '%s' may not be used in %s mode\n"), - gcry_md_algo_name (sig->digest_algo), - gnupg_compliance_option_string (opt.compliance)); - rc = gpg_error (GPG_ERR_DIGEST_ALGO); - } - else if ((rc=openpgp_pk_test_algo(sig->pubkey_algo))) - ; /* We don't have this pubkey algo. */ - else if (!gcry_md_is_enabled (digest,sig->digest_algo)) - { - /* Sanity check that the md has a context for the hash that the - sig is expecting. This can happen if a onepass sig header does - not match the actual sig, and also if the clearsign "Hash:" - header is missing or does not match the actual sig. */ + int rc=0; + PKT_public_key *pk; - log_info(_("WARNING: signature digest conflict in message\n")); - rc = gpg_error (GPG_ERR_GENERAL); - } - else if( get_pubkey (ctrl, pk, sig->keyid ) ) - rc = gpg_error (GPG_ERR_NO_PUBKEY); - else if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION, - pk->pubkey_algo, pk->pkey, - nbits_from_pk (pk), - NULL)) - { - /* Compliance failure. */ - log_error (_("key %s may not be used for signing in %s mode\n"), - keystr_from_pk (pk), - gnupg_compliance_option_string (opt.compliance)); - rc = gpg_error (GPG_ERR_PUBKEY_ALGO); - } - else if(!pk->flags.valid) - { - /* You cannot have a good sig from an invalid key. */ - rc = gpg_error (GPG_ERR_BAD_PUBKEY); - } - else - { - if(r_expiredate) - *r_expiredate = pk->expiredate; - - rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL); - - /* Check the backsig. This is a 0x19 signature from the - subkey on the primary key. The idea here is that it should - not be possible for someone to "steal" subkeys and claim - them as their own. The attacker couldn't actually use the - subkey, but they could try and claim ownership of any - signatures issued by it. */ - if (!rc && !pk->flags.primary && pk->flags.backsig < 2) - { - if (!pk->flags.backsig) - { - log_info(_("WARNING: signing subkey %s is not" - " cross-certified\n"),keystr_from_pk(pk)); - log_info(_("please see %s for more information\n"), - "https://gnupg.org/faq/subkey-cross-certify.html"); - /* --require-cross-certification makes this warning an - error. TODO: change the default to require this - after more keys have backsigs. */ - if(opt.flags.require_cross_cert) - rc = gpg_error (GPG_ERR_GENERAL); - } - else if(pk->flags.backsig == 1) - { - log_info(_("WARNING: signing subkey %s has an invalid" - " cross-certification\n"),keystr_from_pk(pk)); - rc = gpg_error (GPG_ERR_GENERAL); - } - } + if (r_expiredate) + *r_expiredate = 0; + if (r_expired) + *r_expired = 0; + if (r_revoked) + *r_revoked = 0; + if (r_pk) + *r_pk = NULL; - } + pk = xtrycalloc (1, sizeof *pk); + if (!pk) + return gpg_error_from_syserror (); - if( !rc && sig->sig_class < 2 && is_status_enabled() ) { - /* This signature id works best with DLP algorithms because - * they use a random parameter for every signature. Instead of - * this sig-id we could have also used the hash of the document - * and the timestamp, but the drawback of this is, that it is - * not possible to sign more than one identical document within - * one second. Some remote batch processing applications might - * like this feature here. - * - * Note that before 2.0.10, we used RIPE-MD160 for the hash - * and accidentally didn't include the timestamp and algorithm - * information in the hash. Given that this feature is not - * commonly used and that a replay attacks detection should - * not solely be based on this feature (because it does not - * work with RSA), we take the freedom and switch to SHA-1 - * with 2.0.10 to take advantage of hardware supported SHA-1 - * implementations. We also include the missing information - * in the hash. Note also the SIG_ID as computed by gpg 1.x - * and gpg 2.x didn't matched either because 2.x used to print - * MPIs not in PGP format. */ - u32 a = sig->timestamp; - int nsig = pubkey_get_nsig( sig->pubkey_algo ); - unsigned char *p, *buffer; - size_t n, nbytes; - int i; - char hashbuf[20]; - - nbytes = 6; - for (i=0; i < nsig; i++ ) - { - if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i])) - BUG(); - nbytes += n; - } + if ((rc=openpgp_md_test_algo(sig->digest_algo))) + { + /* We don't have this digest. */ + } + else if (!gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo)) + { + /* Compliance failure. */ + log_info (_("digest algorithm '%s' may not be used in %s mode\n"), + gcry_md_algo_name (sig->digest_algo), + gnupg_compliance_option_string (opt.compliance)); + rc = gpg_error (GPG_ERR_DIGEST_ALGO); + } + else if ((rc=openpgp_pk_test_algo(sig->pubkey_algo))) + { + /* We don't have this pubkey algo. */ + } + else if (!gcry_md_is_enabled (digest,sig->digest_algo)) + { + /* Sanity check that the md has a context for the hash that the + * sig is expecting. This can happen if a onepass sig header + * does not match the actual sig, and also if the clearsign + * "Hash:" header is missing or does not match the actual sig. */ + log_info(_("WARNING: signature digest conflict in message\n")); + rc = gpg_error (GPG_ERR_GENERAL); + } + else if (get_pubkey (ctrl, pk, sig->keyid)) + rc = gpg_error (GPG_ERR_NO_PUBKEY); + else if (!gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION, + pk->pubkey_algo, pk->pkey, + nbits_from_pk (pk), + NULL)) + { + /* Compliance failure. */ + log_error (_("key %s may not be used for signing in %s mode\n"), + keystr_from_pk (pk), + gnupg_compliance_option_string (opt.compliance)); + rc = gpg_error (GPG_ERR_PUBKEY_ALGO); + } + else if (!pk->flags.valid) + { + /* You cannot have a good sig from an invalid key. */ + rc = gpg_error (GPG_ERR_BAD_PUBKEY); + } + else + { + if (r_expiredate) + *r_expiredate = pk->expiredate; + + rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL); + + /* Check the backsig. This is a back signature (0x19) from + * the subkey on the primary key. The idea here is that it + * should not be possible for someone to "steal" subkeys and + * claim them as their own. The attacker couldn't actually + * use the subkey, but they could try and claim ownership of + * any signatures issued by it. */ + if (!rc && !pk->flags.primary && pk->flags.backsig < 2) + { + if (!pk->flags.backsig) + { + log_info (_("WARNING: signing subkey %s is not" + " cross-certified\n"),keystr_from_pk(pk)); + log_info (_("please see %s for more information\n"), + "https://gnupg.org/faq/subkey-cross-certify.html"); + /* The default option --require-cross-certification + * makes this warning an error. */ + if (opt.flags.require_cross_cert) + rc = gpg_error (GPG_ERR_GENERAL); + } + else if(pk->flags.backsig == 1) + { + log_info (_("WARNING: signing subkey %s has an invalid" + " cross-certification\n"), keystr_from_pk(pk)); + rc = gpg_error (GPG_ERR_GENERAL); + } + } - /* Make buffer large enough to be later used as output buffer. */ - if (nbytes < 100) - nbytes = 100; - nbytes += 10; /* Safety margin. */ - - /* Fill and hash buffer. */ - buffer = p = xmalloc (nbytes); - *p++ = sig->pubkey_algo; - *p++ = sig->digest_algo; - *p++ = (a >> 24) & 0xff; - *p++ = (a >> 16) & 0xff; - *p++ = (a >> 8) & 0xff; - *p++ = a & 0xff; - nbytes -= 6; - for (i=0; i < nsig; i++ ) - { - if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i])) - BUG(); - p += n; - nbytes -= n; - } - gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer); - - p = make_radix64_string (hashbuf, 20); - sprintf (buffer, "%s %s %lu", - p, strtimestamp (sig->timestamp), (ulong)sig->timestamp); - xfree (p); - write_status_text (STATUS_SIG_ID, buffer); - xfree (buffer); } - if (r_pk) - *r_pk = pk; - else - { - release_public_key_parts (pk); - xfree (pk); - } + if (!rc && sig->sig_class < 2 && is_status_enabled ()) + { + /* This signature id works best with DLP algorithms because + * they use a random parameter for every signature. Instead of + * this sig-id we could have also used the hash of the document + * and the timestamp, but the drawback of this is, that it is + * not possible to sign more than one identical document within + * one second. Some remote batch processing applications might + * like this feature here. + * + * Note that before 2.0.10, we used RIPE-MD160 for the hash + * and accidentally didn't include the timestamp and algorithm + * information in the hash. Given that this feature is not + * commonly used and that a replay attacks detection should + * not solely be based on this feature (because it does not + * work with RSA), we take the freedom and switch to SHA-1 + * with 2.0.10 to take advantage of hardware supported SHA-1 + * implementations. We also include the missing information + * in the hash. Note also the SIG_ID as computed by gpg 1.x + * and gpg 2.x didn't matched either because 2.x used to print + * MPIs not in PGP format. */ + u32 a = sig->timestamp; + int nsig = pubkey_get_nsig (sig->pubkey_algo); + unsigned char *p, *buffer; + size_t n, nbytes; + int i; + char hashbuf[20]; + + nbytes = 6; + for (i=0; i < nsig; i++ ) + { + if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i])) + BUG(); + nbytes += n; + } - return rc; + /* Make buffer large enough to be later used as output buffer. */ + if (nbytes < 100) + nbytes = 100; + nbytes += 10; /* Safety margin. */ + + /* Fill and hash buffer. */ + buffer = p = xmalloc (nbytes); + *p++ = sig->pubkey_algo; + *p++ = sig->digest_algo; + *p++ = (a >> 24) & 0xff; + *p++ = (a >> 16) & 0xff; + *p++ = (a >> 8) & 0xff; + *p++ = a & 0xff; + nbytes -= 6; + for (i=0; i < nsig; i++ ) + { + if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i])) + BUG(); + p += n; + nbytes -= n; + } + gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer); + + p = make_radix64_string (hashbuf, 20); + sprintf (buffer, "%s %s %lu", + p, strtimestamp (sig->timestamp), (ulong)sig->timestamp); + xfree (p); + write_status_text (STATUS_SIG_ID, buffer); + xfree (buffer); + } + + if (r_pk) + *r_pk = pk; + else + { + release_public_key_parts (pk); + xfree (pk); + } + + return rc; } @@ -307,87 +310,86 @@ static int check_signature_metadata_validity (PKT_public_key *pk, PKT_signature *sig, int *r_expired, int *r_revoked) { - u32 cur_time; + u32 cur_time; - if(r_expired) - *r_expired = 0; - if(r_revoked) - *r_revoked = 0; + if (r_expired) + *r_expired = 0; + if (r_revoked) + *r_revoked = 0; - if( pk->timestamp > sig->timestamp ) - { - ulong d = pk->timestamp - sig->timestamp; - if ( d < 86400 ) - { - log_info - (ngettext - ("public key %s is %lu second newer than the signature\n", - "public key %s is %lu seconds newer than the signature\n", - d), keystr_from_pk (pk), d); - } - else - { - d /= 86400; - log_info - (ngettext - ("public key %s is %lu day newer than the signature\n", - "public key %s is %lu days newer than the signature\n", - d), keystr_from_pk (pk), d); - } - if (!opt.ignore_time_conflict) - return GPG_ERR_TIME_CONFLICT; /* pubkey newer than signature. */ - } + if (pk->timestamp > sig->timestamp ) + { + ulong d = pk->timestamp - sig->timestamp; + if ( d < 86400 ) + { + log_info (ngettext + ("public key %s is %lu second newer than the signature\n", + "public key %s is %lu seconds newer than the signature\n", + d), keystr_from_pk (pk), d); + } + else + { + d /= 86400; + log_info (ngettext + ("public key %s is %lu day newer than the signature\n", + "public key %s is %lu days newer than the signature\n", + d), keystr_from_pk (pk), d); + } + if (!opt.ignore_time_conflict) + return GPG_ERR_TIME_CONFLICT; /* pubkey newer than signature. */ + } - cur_time = make_timestamp(); - if( pk->timestamp > cur_time ) - { - ulong d = pk->timestamp - cur_time; - if (d < 86400) - { - log_info (ngettext("key %s was created %lu second" - " in the future (time warp or clock problem)\n", - "key %s was created %lu seconds" - " in the future (time warp or clock problem)\n", - d), keystr_from_pk (pk), d); - } - else - { - d /= 86400; - log_info (ngettext("key %s was created %lu day" - " in the future (time warp or clock problem)\n", - "key %s was created %lu days" - " in the future (time warp or clock problem)\n", - d), keystr_from_pk (pk), d); - } - if (!opt.ignore_time_conflict) - return GPG_ERR_TIME_CONFLICT; - } + cur_time = make_timestamp (); + if (pk->timestamp > cur_time) + { + ulong d = pk->timestamp - cur_time; + if (d < 86400) + { + log_info (ngettext("key %s was created %lu second" + " in the future (time warp or clock problem)\n", + "key %s was created %lu seconds" + " in the future (time warp or clock problem)\n", + d), keystr_from_pk (pk), d); + } + else + { + d /= 86400; + log_info (ngettext("key %s was created %lu day" + " in the future (time warp or clock problem)\n", + "key %s was created %lu days" + " in the future (time warp or clock problem)\n", + d), keystr_from_pk (pk), d); + } + if (!opt.ignore_time_conflict) + return GPG_ERR_TIME_CONFLICT; + } - /* Check whether the key has expired. We check the has_expired - flag which is set after a full evaluation of the key (getkey.c) - as well as a simple compare to the current time in case the - merge has for whatever reasons not been done. */ - if( pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) { - char buf[11]; - if (opt.verbose) - log_info(_("Note: signature key %s expired %s\n"), - keystr_from_pk(pk), asctimestamp( pk->expiredate ) ); - sprintf(buf,"%lu",(ulong)pk->expiredate); - write_status_text(STATUS_KEYEXPIRED,buf); - if(r_expired) - *r_expired = 1; + /* Check whether the key has expired. We check the has_expired + * flag which is set after a full evaluation of the key (getkey.c) + * as well as a simple compare to the current time in case the + * merge has for whatever reasons not been done. */ + if (pk->has_expired || (pk->expiredate && pk->expiredate < cur_time)) + { + char buf[11]; + if (opt.verbose) + log_info (_("Note: signature key %s expired %s\n"), + keystr_from_pk(pk), asctimestamp( pk->expiredate ) ); + snprintf (buf, sizeof buf, "%lu",(ulong)pk->expiredate); + write_status_text (STATUS_KEYEXPIRED, buf); + if (r_expired) + *r_expired = 1; } - if (pk->flags.revoked) - { - if (opt.verbose) - log_info (_("Note: signature key %s has been revoked\n"), - keystr_from_pk(pk)); - if (r_revoked) - *r_revoked=1; - } + if (pk->flags.revoked) + { + if (opt.verbose) + log_info (_("Note: signature key %s has been revoked\n"), + keystr_from_pk(pk)); + if (r_revoked) + *r_revoked=1; + } - return 0; + return 0; } @@ -425,150 +427,165 @@ check_signature_end (PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest, int *r_expired, int *r_revoked, PKT_public_key *ret_pk) { - int rc = 0; + int rc = 0; - if ((rc = check_signature_metadata_validity (pk, sig, - r_expired, r_revoked))) - return rc; + if ((rc = check_signature_metadata_validity (pk, sig, + r_expired, r_revoked))) + return rc; - if ((rc = check_signature_end_simple (pk, sig, digest))) - return rc; + if ((rc = check_signature_end_simple (pk, sig, digest))) + return rc; - if(!rc && ret_pk) - copy_public_key(ret_pk,pk); + if (!rc && ret_pk) + copy_public_key(ret_pk,pk); - return rc; + return rc; } + /* This function is similar to check_signature_end, but it only checks - whether the signature was generated by PK. It does not check - expiration, revocation, etc. */ + * whether the signature was generated by PK. It does not check + * expiration, revocation, etc. */ static int check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig, gcry_md_hd_t digest) { - gcry_mpi_t result = NULL; - int rc = 0; - const struct weakhash *weak; + gcry_mpi_t result = NULL; + int rc = 0; + const struct weakhash *weak; - if (!opt.flags.allow_weak_digest_algos) + if (!opt.flags.allow_weak_digest_algos) + { for (weak = opt.weak_digests; weak; weak = weak->next) if (sig->digest_algo == weak->algo) { print_digest_rejected_note(sig->digest_algo); return GPG_ERR_DIGEST_ALGO; } + } + + /* Make sure the digest algo is enabled (in case of a detached + * signature). */ + gcry_md_enable (digest, sig->digest_algo); + + /* Complete the digest. */ + if (sig->version >= 4) + gcry_md_putc (digest, sig->version); - /* Make sure the digest algo is enabled (in case of a detached - signature). */ - gcry_md_enable (digest, sig->digest_algo); - - /* Complete the digest. */ - if( sig->version >= 4 ) - gcry_md_putc( digest, sig->version ); - gcry_md_putc( digest, sig->sig_class ); - if( sig->version < 4 ) { - u32 a = sig->timestamp; - gcry_md_putc( digest, (a >> 24) & 0xff ); - gcry_md_putc( digest, (a >> 16) & 0xff ); - gcry_md_putc( digest, (a >> 8) & 0xff ); - gcry_md_putc( digest, a & 0xff ); + gcry_md_putc( digest, sig->sig_class ); + if (sig->version < 4) + { + u32 a = sig->timestamp; + gcry_md_putc (digest, ((a >> 24) & 0xff)); + gcry_md_putc (digest, ((a >> 16) & 0xff)); + gcry_md_putc (digest, ((a >> 8) & 0xff)); + gcry_md_putc (digest, ( a & 0xff)); } - else { - byte buf[6]; - size_t n; - gcry_md_putc( digest, sig->pubkey_algo ); - gcry_md_putc( digest, sig->digest_algo ); - if( sig->hashed ) { - n = sig->hashed->len; - gcry_md_putc (digest, (n >> 8) ); - gcry_md_putc (digest, n ); - gcry_md_write (digest, sig->hashed->data, n); - n += 6; + else + { + byte buf[6]; + size_t n; + gcry_md_putc (digest, sig->pubkey_algo); + gcry_md_putc (digest, sig->digest_algo); + if (sig->hashed) + { + n = sig->hashed->len; + gcry_md_putc (digest, (n >> 8) ); + gcry_md_putc (digest, n ); + gcry_md_write (digest, sig->hashed->data, n); + n += 6; } - else { + else + { /* Two octets for the (empty) length of the hashed - section. */ + * section. */ gcry_md_putc (digest, 0); gcry_md_putc (digest, 0); n = 6; } - /* add some magic per Section 5.2.4 of RFC 4880. */ - buf[0] = sig->version; - buf[1] = 0xff; - buf[2] = n >> 24; - buf[3] = n >> 16; - buf[4] = n >> 8; - buf[5] = n; - gcry_md_write( digest, buf, 6 ); + /* Add some magic per Section 5.2.4 of RFC 4880. */ + buf[0] = sig->version; + buf[1] = 0xff; + buf[2] = n >> 24; + buf[3] = n >> 16; + buf[4] = n >> 8; + buf[5] = n; + gcry_md_write( digest, buf, 6 ); } - gcry_md_final( digest ); + gcry_md_final( digest ); - /* Convert the digest to an MPI. */ - result = encode_md_value (pk, digest, sig->digest_algo ); - if (!result) - return GPG_ERR_GENERAL; + /* Convert the digest to an MPI. */ + result = encode_md_value (pk, digest, sig->digest_algo ); + if (!result) + return GPG_ERR_GENERAL; - /* Verify the signature. */ - rc = pk_verify( pk->pubkey_algo, result, sig->data, pk->pkey ); - gcry_mpi_release (result); + /* Verify the signature. */ + rc = pk_verify (pk->pubkey_algo, result, sig->data, pk->pkey); + gcry_mpi_release (result); - if( !rc && sig->flags.unknown_critical ) - { - log_info(_("assuming bad signature from key %s" - " due to an unknown critical bit\n"),keystr_from_pk(pk)); - rc = GPG_ERR_BAD_SIGNATURE; - } + if (!rc && sig->flags.unknown_critical) + { + log_info(_("assuming bad signature from key %s" + " due to an unknown critical bit\n"),keystr_from_pk(pk)); + rc = GPG_ERR_BAD_SIGNATURE; + } - return rc; + return rc; } /* Add a uid node to a hash context. See section 5.2.4, paragraph 4 - of RFC 4880. */ + * of RFC 4880. */ static void hash_uid_packet (PKT_user_id *uid, gcry_md_hd_t md, PKT_signature *sig ) { - if( uid->attrib_data ) { - if( sig->version >=4 ) { - byte buf[5]; - buf[0] = 0xd1; /* packet of type 17 */ - buf[1] = uid->attrib_len >> 24; /* always use 4 length bytes */ - buf[2] = uid->attrib_len >> 16; - buf[3] = uid->attrib_len >> 8; - buf[4] = uid->attrib_len; - gcry_md_write( md, buf, 5 ); + if (uid->attrib_data) + { + if (sig->version >=4) + { + byte buf[5]; + buf[0] = 0xd1; /* packet of type 17 */ + buf[1] = uid->attrib_len >> 24; /* always use 4 length bytes */ + buf[2] = uid->attrib_len >> 16; + buf[3] = uid->attrib_len >> 8; + buf[4] = uid->attrib_len; + gcry_md_write( md, buf, 5 ); } - gcry_md_write( md, uid->attrib_data, uid->attrib_len ); + gcry_md_write( md, uid->attrib_data, uid->attrib_len ); } - else { - if( sig->version >=4 ) { - byte buf[5]; - buf[0] = 0xb4; /* indicates a userid packet */ - buf[1] = uid->len >> 24; /* always use 4 length bytes */ - buf[2] = uid->len >> 16; - buf[3] = uid->len >> 8; - buf[4] = uid->len; - gcry_md_write( md, buf, 5 ); + else + { + if (sig->version >=4) + { + byte buf[5]; + buf[0] = 0xb4; /* indicates a userid packet */ + buf[1] = uid->len >> 24; /* always use 4 length bytes */ + buf[2] = uid->len >> 16; + buf[3] = uid->len >> 8; + buf[4] = uid->len; + gcry_md_write( md, buf, 5 ); } - gcry_md_write( md, uid->name, uid->len ); + gcry_md_write( md, uid->name, uid->len ); } } static void cache_sig_result ( PKT_signature *sig, int result ) { - if ( !result ) { - sig->flags.checked = 1; - sig->flags.valid = 1; + if (!result) + { + sig->flags.checked = 1; + sig->flags.valid = 1; } - else if ( gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE ) { - sig->flags.checked = 1; - sig->flags.valid = 0; + else if (gpg_err_code (result) == GPG_ERR_BAD_SIGNATURE) + { + sig->flags.checked = 1; + sig->flags.valid = 0; } - else { - sig->flags.checked = 0; - sig->flags.valid = 0; + else + { + sig->flags.checked = 0; + sig->flags.valid = 0; } } @@ -686,14 +703,14 @@ check_revocation_keys (ctrl_t ctrl, PKT_public_key *pk, PKT_signature *sig) } /* Check that the backsig BACKSIG from the subkey SUB_PK to its - primary key MAIN_PK is valid. - - Backsigs (0x19) have the same format as binding sigs (0x18), but - this function is simpler than check_key_signature in a few ways. - For example, there is no support for expiring backsigs since it is - questionable what such a thing actually means. Note also that the - sig cache check here, unlike other sig caches in GnuPG, is not - persistent. */ + * primary key MAIN_PK is valid. + * + * Backsigs (0x19) have the same format as binding sigs (0x18), but + * this function is simpler than check_key_signature in a few ways. + * For example, there is no support for expiring backsigs since it is + * questionable what such a thing actually means. Note also that the + * sig cache check here, unlike other sig caches in GnuPG, is not + * persistent. */ int check_backsig (PKT_public_key *main_pk,PKT_public_key *sub_pk, PKT_signature *backsig) @@ -789,32 +806,18 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, /* A signature's class indicates the type of packet that it signs. */ - if (/* Primary key binding (made by a subkey). */ - sig->sig_class == 0x19 - /* Direct key signature. */ - || sig->sig_class == 0x1f - /* Primary key revocation. */ - || sig->sig_class == 0x20) + if (IS_BACK_SIG (sig) || IS_KEY_SIG (sig) || IS_KEY_REV (sig)) { /* Key revocations can only be over primary keys. */ if (packet->pkttype != PKT_PUBLIC_KEY) return gpg_error (GPG_ERR_SIG_CLASS); } - else if (/* Subkey binding. */ - sig->sig_class == 0x18 - /* Subkey revocation. */ - || sig->sig_class == 0x28) + else if (IS_SUBKEY_SIG (sig) || IS_SUBKEY_REV (sig)) { if (packet->pkttype != PKT_PUBLIC_SUBKEY) return gpg_error (GPG_ERR_SIG_CLASS); } - else if (/* Certification. */ - sig->sig_class == 0x10 - || sig->sig_class == 0x11 - || sig->sig_class == 0x12 - || sig->sig_class == 0x13 - /* Certification revocation. */ - || sig->sig_class == 0x30) + else if (IS_UID_SIG (sig) || IS_UID_REV (sig)) { if (packet->pkttype != PKT_USER_ID) return gpg_error (GPG_ERR_SIG_CLASS); @@ -849,7 +852,7 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, else { /* See if one of the subkeys was the signer (although this - is extremely unlikely). */ + * is extremely unlikely). */ kbnode_t ctx = NULL; kbnode_t n; @@ -909,40 +912,27 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, /* Hash the relevant data. */ - if (/* Direct key signature. */ - sig->sig_class == 0x1f - /* Primary key revocation. */ - || sig->sig_class == 0x20) + if (IS_KEY_SIG (sig) || IS_KEY_REV (sig)) { log_assert (packet->pkttype == PKT_PUBLIC_KEY); hash_public_key (md, packet->pkt.public_key); rc = check_signature_end_simple (signer, sig, md); } - else if (/* Primary key binding (made by a subkey). */ - sig->sig_class == 0x19) + else if (IS_BACK_SIG (sig)) { log_assert (packet->pkttype == PKT_PUBLIC_KEY); hash_public_key (md, packet->pkt.public_key); hash_public_key (md, signer); rc = check_signature_end_simple (signer, sig, md); } - else if (/* Subkey binding. */ - sig->sig_class == 0x18 - /* Subkey revocation. */ - || sig->sig_class == 0x28) + else if (IS_SUBKEY_SIG (sig) || IS_SUBKEY_REV (sig)) { log_assert (packet->pkttype == PKT_PUBLIC_SUBKEY); hash_public_key (md, pripk); hash_public_key (md, packet->pkt.public_key); rc = check_signature_end_simple (signer, sig, md); } - else if (/* Certification. */ - sig->sig_class == 0x10 - || sig->sig_class == 0x11 - || sig->sig_class == 0x12 - || sig->sig_class == 0x13 - /* Certification revocation. */ - || sig->sig_class == 0x30) + else if (IS_UID_SIG (sig) || IS_UID_REV (sig)) { log_assert (packet->pkttype == PKT_USER_ID); hash_public_key (md, pripk); @@ -1073,7 +1063,7 @@ check_key_signature2 (ctrl_t ctrl, if (rc) return rc; - if (sig->sig_class == 0x20) /* key revocation */ + if (IS_KEY_REV (sig)) { u32 keyid[2]; keyid_from_pk( pk, keyid ); @@ -1091,8 +1081,7 @@ check_key_signature2 (ctrl_t ctrl, is_selfsig, ret_pk); } } - else if (sig->sig_class == 0x28 /* subkey revocation */ - || sig->sig_class == 0x18) /* key binding */ + else if (IS_SUBKEY_REV (sig) || IS_SUBKEY_SIG (sig)) { kbnode_t snode = find_prev_kbnode (root, node, PKT_PUBLIC_SUBKEY); @@ -1102,9 +1091,10 @@ check_key_signature2 (ctrl_t ctrl, r_expired, NULL); if (! rc) { - /* 0x28 must be a self-sig, but 0x18 needn't be. */ + /* A subkey revocation (0x28) must be a self-sig, but a + * subkey signature (0x18) needn't be. */ rc = check_signature_over_key_or_uid (ctrl, - sig->sig_class == 0x18 + IS_SUBKEY_SIG (sig) ? NULL : pk, sig, root, snode->pkt, is_selfsig, ret_pk); @@ -1114,7 +1104,7 @@ check_key_signature2 (ctrl_t ctrl, { if (opt.verbose) { - if (sig->sig_class == 0x28) + if (IS_SUBKEY_REV (sig)) log_info (_("key %s: no subkey for subkey" " revocation signature\n"), keystr_from_pk(pk)); else if (sig->sig_class == 0x18) @@ -1124,7 +1114,7 @@ check_key_signature2 (ctrl_t ctrl, rc = GPG_ERR_SIG_CLASS; } } - else if (sig->sig_class == 0x1f) /* direct key signature */ + else if (IS_KEY_SIG (sig)) /* direct key signature */ { rc = check_signature_metadata_validity (pk, sig, r_expired, NULL); @@ -1132,13 +1122,7 @@ check_key_signature2 (ctrl_t ctrl, rc = check_signature_over_key_or_uid (ctrl, pk, sig, root, root->pkt, is_selfsig, ret_pk); } - else if (/* Certification. */ - sig->sig_class == 0x10 - || sig->sig_class == 0x11 - || sig->sig_class == 0x12 - || sig->sig_class == 0x13 - /* Certification revocation. */ - || sig->sig_class == 0x30) + else if (IS_UID_SIG (sig) || IS_UID_REV (sig)) { kbnode_t unode = find_prev_kbnode (root, node, PKT_USER_ID); ----------------------------------------------------------------------- Summary of changes: g10/keydb.h | 1 + g10/sig-check.c | 758 +++++++++++++++++++++++++++----------------------------- 2 files changed, 372 insertions(+), 387 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 6 11:08:38 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 06 Apr 2018 11:08:38 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-48-gcfd0779 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via cfd07798087f671c134eef056229bb30e08cc77c (commit) from 5ba74a134db431530884f03eea5410a68dbfe0f5 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit cfd07798087f671c134eef056229bb30e08cc77c Author: Werner Koch Date: Fri Apr 6 11:01:46 2018 +0200 doc: Add a code comment about back signatures. -- diff --git a/g10/keydb.h b/g10/keydb.h index 627564c..cc99241 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -26,7 +26,9 @@ #include "../common/util.h" #include "packet.h" -/* What qualifies as a certification (rather than a signature?) */ +/* What qualifies as a certification (key-signature in contrast to a + * data signature)? Note that a back signature is special and can be + * made by key and data signatures capable subkeys.) */ #define IS_CERT(s) (IS_KEY_SIG(s) || IS_UID_SIG(s) || IS_SUBKEY_SIG(s) \ || IS_KEY_REV(s) || IS_UID_REV(s) || IS_SUBKEY_REV(s)) #define IS_SIG(s) (!IS_CERT(s)) ----------------------------------------------------------------------- Summary of changes: g10/keydb.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 6 17:41:50 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 06 Apr 2018 17:41:50 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-49-g0336e5d Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 0336e5d1a7b9d46e06c838e6a98aecfcc9542882 (commit) from cfd07798087f671c134eef056229bb30e08cc77c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0336e5d1a7b9d46e06c838e6a98aecfcc9542882 Author: Werner Koch Date: Fri Apr 6 17:32:08 2018 +0200 gpg: Emit FAILURE stati now in almost all cases. * g10/cpr.c (write_status_failure): Make it print only once. * g10/gpg.c (wrong_args): Bump error counter. (g10_exit): Print a FAILURE status if we ever did a log_error etc. (main): Use log_error instead of log_fatal at one place. Print a FAILURE status for a bad option. Ditto for certain exit points so that we can see different error locations. -- This makes it easier to detect errors by tools which have no way to get the exit code (e.g. due to double forking). GnuPG-bug-id: 3872 Signed-off-by: Werner Koch diff --git a/g10/cpr.c b/g10/cpr.c index a7fd1aa..4354426 100644 --- a/g10/cpr.c +++ b/g10/cpr.c @@ -245,9 +245,13 @@ write_status_errcode (const char *where, int errcode) void write_status_failure (const char *where, gpg_error_t err) { + static int any_failure_printed; + if (!statusfp || !status_currently_allowed (STATUS_FAILURE)) return; /* Not enabled or allowed. */ - + if (any_failure_printed) + return; + any_failure_printed = 1; es_fprintf (statusfp, "[GNUPG:] %s %s %u\n", get_status_string (STATUS_FAILURE), where, err); if (es_fflush (statusfp) && opt.exit_on_status_write_error) diff --git a/g10/gpg.c b/g10/gpg.c index bfff7a5..2c93a83 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -1166,6 +1166,7 @@ static void wrong_args( const char *text) { es_fprintf (es_stderr, _("usage: %s [options] %s\n"), GPG_NAME, text); + log_inc_errorcount (); g10_exit(2); } @@ -3107,7 +3108,7 @@ main (int argc, char **argv) case oCommandFD: opt.command_fd = translate_sys2libc_fd_int (pargs.r.ret_int, 0); if (! gnupg_fd_valid (opt.command_fd)) - log_fatal ("command-fd is invalid: %s\n", strerror (errno)); + log_error ("command-fd is invalid: %s\n", strerror (errno)); break; case oCommandFile: opt.command_fd = open_info_file (pargs.r.ret_str, 0, 1); @@ -3563,7 +3564,16 @@ main (int argc, char **argv) case oNoop: break; default: - pargs.err = configfp? ARGPARSE_PRINT_WARNING:ARGPARSE_PRINT_ERROR; + if (configfp) + pargs.err = ARGPARSE_PRINT_WARNING; + else + { + pargs.err = ARGPARSE_PRINT_ERROR; + /* The argparse fucntion calls a plain exit and thus + * we need to print a status here. */ + write_status_failure ("option-parser", + gpg_error(GPG_ERR_GENERAL)); + } break; } } @@ -3582,7 +3592,10 @@ main (int argc, char **argv) } xfree(configname); configname = NULL; if (log_get_errorcount (0)) - g10_exit(2); + { + write_status_failure ("option-parser", gpg_error(GPG_ERR_GENERAL)); + g10_exit(2); + } /* The command --gpgconf-list is pretty simple and may be called directly after the option parsing. */ @@ -3603,7 +3616,10 @@ main (int argc, char **argv) "--print-pks-records", "--export-options export-pka"); if (log_get_errorcount (0)) - g10_exit(2); + { + write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); + g10_exit(2); + } if( nogreeting ) @@ -3704,6 +3720,7 @@ main (int argc, char **argv) { log_info(_("will not run with insecure memory due to %s\n"), "--require-secmem"); + write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); g10_exit(2); } @@ -3844,7 +3861,11 @@ main (int argc, char **argv) } if( log_get_errorcount(0) ) - g10_exit(2); + { + write_status_failure ("option-postprocessing", + gpg_error(GPG_ERR_GENERAL)); + g10_exit (2); + } if(opt.compress_level==0) opt.compress_algo=COMPRESS_ALGO_NONE; @@ -3945,7 +3966,10 @@ main (int argc, char **argv) /* Fail hard. */ if (log_get_errorcount (0)) + { + write_status_failure ("option-checking", gpg_error(GPG_ERR_GENERAL)); g10_exit (2); + } /* Set the random seed file. */ if( use_random_seed ) { @@ -4929,7 +4953,10 @@ main (int argc, char **argv) hd = keydb_new (); if (! hd) - g10_exit (1); + { + write_status_failure ("tofu-driver", gpg_error(GPG_ERR_GENERAL)); + g10_exit (1); + } tofu_begin_batch_update (ctrl); @@ -4943,6 +4970,7 @@ main (int argc, char **argv) { log_error (_("error parsing key specification '%s': %s\n"), argv[i], gpg_strerror (rc)); + write_status_failure ("tofu-driver", rc); g10_exit (1); } @@ -4956,6 +4984,8 @@ main (int argc, char **argv) log_error (_("'%s' does not appear to be a valid" " key ID, fingerprint or keygrip\n"), argv[i]); + write_status_failure ("tofu-driver", + gpg_error(GPG_ERR_GENERAL)); g10_exit (1); } @@ -4966,6 +4996,7 @@ main (int argc, char **argv) the string. */ log_error ("keydb_search_reset failed: %s\n", gpg_strerror (rc)); + write_status_failure ("tofu-driver", rc); g10_exit (1); } @@ -4974,6 +5005,7 @@ main (int argc, char **argv) { log_error (_("key \"%s\" not found: %s\n"), argv[i], gpg_strerror (rc)); + write_status_failure ("tofu-driver", rc); g10_exit (1); } @@ -4982,12 +5014,16 @@ main (int argc, char **argv) { log_error (_("error reading keyblock: %s\n"), gpg_strerror (rc)); + write_status_failure ("tofu-driver", rc); g10_exit (1); } merge_keys_and_selfsig (ctrl, kb); if (tofu_set_policy (ctrl, kb, policy)) - g10_exit (1); + { + write_status_failure ("tofu-driver", rc); + g10_exit (1); + } release_kbnode (kb); } @@ -5069,6 +5105,12 @@ emergency_cleanup (void) void g10_exit( int rc ) { + /* If we had an error but not printed an error message, do it now. + * Note that write_status_failure will never print a second failure + * status line. */ + if (log_get_errorcount (0)) + write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL)); + gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); if (DBG_CLOCK) log_clock ("stop"); diff --git a/sm/gpgsm.c b/sm/gpgsm.c index b81e3b6..da1783d 100644 --- a/sm/gpgsm.c +++ b/sm/gpgsm.c @@ -1464,7 +1464,7 @@ main ( int argc, char **argv) DIM (compliance_options), opt.quiet); if (compliance < 0) - gpgsm_exit (1); + log_inc_errorcount (); /* Force later termination. */ opt.compliance = compliance; } break; @@ -1493,7 +1493,11 @@ main ( int argc, char **argv) NULL); if (log_get_errorcount(0)) - gpgsm_exit(2); + { + gpgsm_status_with_error (&ctrl, STATUS_FAILURE, + "option-parser", gpg_error (GPG_ERR_GENERAL)); + gpgsm_exit(2); + } if (pwfd != -1) /* Read the passphrase now. */ read_passphrase_from_fd (pwfd); @@ -1660,7 +1664,11 @@ main ( int argc, char **argv) gnupg_compliance_option_string (opt.compliance)); if (log_get_errorcount(0)) - gpgsm_exit(2); + { + gpgsm_status_with_error (&ctrl, STATUS_FAILURE, "option-postprocessing", + gpg_error (GPG_ERR_GENERAL)); + gpgsm_exit (2); + } /* Set the random seed file. */ if (use_random_seed) ----------------------------------------------------------------------- Summary of changes: g10/cpr.c | 6 +++++- g10/gpg.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++++------- sm/gpgsm.c | 14 +++++++++++--- 3 files changed, 65 insertions(+), 11 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 9 10:28:36 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 09 Apr 2018 10:28:36 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-50-g1a5d95e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 1a5d95e7319e7e6f0dd11064a26cbbc371b05214 (commit) from 0336e5d1a7b9d46e06c838e6a98aecfcc9542882 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1a5d95e7319e7e6f0dd11064a26cbbc371b05214 Author: Werner Koch Date: Fri Apr 6 11:04:04 2018 +0200 gpg: Check that a key may do certifications. * g10/sig-check.c (check_signature_end_simple): Check key usage for certifications. (check_signature_over_key_or_uid): Request usage certification. -- GnuPG-bug-id: 3844 Signed-off-by: Werner Koch diff --git a/g10/sig-check.c b/g10/sig-check.c index 1a90fd3..e5de025 100644 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@ -464,6 +464,24 @@ check_signature_end_simple (PKT_public_key *pk, PKT_signature *sig, } } + /* For key signatures check that the key has a cert usage. We may + * do this only for subkeys because the primary may always issue key + * signature. The latter may not be reflected in the pubkey_usage + * field because we need to check the key signatures to extract the + * key usage. */ + if (!pk->flags.primary + && IS_CERT (sig) && !(pk->pubkey_usage & PUBKEY_USAGE_CERT)) + { + rc = gpg_error (GPG_ERR_WRONG_KEY_USAGE); + if (!opt.quiet) + log_info (_("bad key signature from key %s: %s (0x%02x, 0x%x)\n"), + keystr_from_pk (pk), gpg_strerror (rc), + sig->sig_class, pk->pubkey_usage); + return rc; + } + /* Fixme: Should we also check the signing capability here for data + * signature? */ + /* Make sure the digest algo is enabled (in case of a detached * signature). */ gcry_md_enable (digest, sig->digest_algo); @@ -893,6 +911,9 @@ check_signature_over_key_or_uid (ctrl_t ctrl, PKT_public_key *signer, signer_alloced = 2; } + if (IS_CERT (sig)) + signer->req_usage = PUBKEY_USAGE_CERT; + rc = get_pubkey (ctrl, signer, sig->keyid); if (rc) { ----------------------------------------------------------------------- Summary of changes: g10/sig-check.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 9 10:58:39 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 09 Apr 2018 10:58:39 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-52-g519e456 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 519e4560e821e4c41432626b241bca7d37143e01 (commit) via a4e26f2ee852003707857ab0635b783acb89a2f8 (commit) from 1a5d95e7319e7e6f0dd11064a26cbbc371b05214 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 519e4560e821e4c41432626b241bca7d37143e01 Author: Werner Koch Date: Mon Apr 9 10:44:44 2018 +0200 doc: Add an example for --default-new-key-algo -- diff --git a/doc/examples/vsnfd.prf b/doc/examples/vsnfd.prf index 1dc21e0..061e069 100644 --- a/doc/examples/vsnfd.prf +++ b/doc/examples/vsnfd.prf @@ -1,12 +1,16 @@ # vsnfd.prf - Configure options for the VS-NfD mode -*- conf -*- +# +# The options for each tool are configured in a section ("[TOOL]"); +# see the respective man page for a description of these options and +# the gpgconf manpage for a description of this file's syntax. [gpg] compliance de-vs default-new-key-algo rsa3072/cert,sign+rsa3072/encr [gpgsm] -enable-crl-checks compliance de-vs +enable-crl-checks [gpg-agent] enable-extended-key-format diff --git a/doc/gpg.texi b/doc/gpg.texi index 3c505c9..6537acd 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1014,7 +1014,7 @@ signing. Encrypt) are set during key creation. Sometimes it is useful to have the opportunity to change them (for example to add Authenticate) after they have been created. Please take care when - doing this, the possible usage flags depend on the key algorithm. + doing this; the allowed usage flags depend on the key algorithm. @item cross-certify @opindex keyedit:cross-certify @@ -3338,9 +3338,14 @@ absolute date in the form YYYY-MM-DD. Defaults to "0". @item --default-new-key-algo @var{string} @opindex default-new-key-algo @var{string} This option can be used to change the default algorithms for key -generation. Note that the advanced key generation commands can always -be used to specify a key algorithm directly. Please consult the -source code to learn the syntax of @var{string}. +generation. The @var{string} is similar to the arguments required for +the command @option{--quick-add-key} but slighly different. For +example the current default of @code{"rsa2048/cert,sign+rsa2048/encr"} +(or @code{"rsa3072"}) can be changed to the value of what we currently +call future default, which is @code{"ed25519/cert,sign+cv25519/encr"}. +You need to consult the source code to learn the details. Note that +the advanced key generation commands can always be used to specify a +key algorithm directly. @item --allow-secret-key-import @opindex allow-secret-key-import commit a4e26f2ee852003707857ab0635b783acb89a2f8 Author: Werner Koch Date: Mon Apr 9 10:36:02 2018 +0200 doc: Document --key-edit:change-usage * g10/keyedit.c (menu_changeusage): Make strings translatable. -- GnuPG-bug-id: 3816 Signed-off-by: Werner Koch diff --git a/doc/gpg.texi b/doc/gpg.texi index d840b85..3c505c9 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -1007,6 +1007,15 @@ signing. Make the key as small as possible. This removes all signatures from each user ID except for the most recent self-signature. + @item change-usage + @opindex keyedit:change-usage + Change the usage flags (capabilities) of the primary key or of + subkeys. These usage flags (e.g. Certify, Sign, Authenticate, + Encrypt) are set during key creation. Sometimes it is useful to + have the opportunity to change them (for example to add + Authenticate) after they have been created. Please take care when + doing this, the possible usage flags depend on the key algorithm. + @item cross-certify @opindex keyedit:cross-certify Add cross-certification signatures to signing subkeys that may not diff --git a/g10/keyedit.c b/g10/keyedit.c index 4ade5cd..7cd883d 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -4535,10 +4535,10 @@ menu_changeusage (ctrl_t ctrl, kbnode_t keyblock) return 0; } else if (n1) - tty_printf ("Changing usage of a subkey.\n"); + tty_printf (_("Changing usage of a subkey.\n")); else { - tty_printf ("Changing usage of the primary key.\n"); + tty_printf (_("Changing usage of the primary key.\n")); mainkey = 1; } @@ -4578,6 +4578,8 @@ menu_changeusage (ctrl_t ctrl, kbnode_t keyblock) if ((mainkey && main_pk->version < 4) || (!mainkey && sub_pk->version < 4)) { + /* Note: This won't happen because we don't support + * v3 keys anymore. */ log_info ("You can't change the capabilities of a v3 key\n"); return 0; } @@ -4602,7 +4604,7 @@ menu_changeusage (ctrl_t ctrl, kbnode_t keyblock) if (rc) { log_error ("make_keysig_packet failed: %s\n", - gpg_strerror (rc)); + gpg_strerror (rc)); return 0; } ----------------------------------------------------------------------- Summary of changes: doc/examples/vsnfd.prf | 6 +++++- doc/gpg.texi | 20 +++++++++++++++++--- g10/keyedit.c | 8 +++++--- 3 files changed, 27 insertions(+), 7 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 9 14:55:13 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 09 Apr 2018 14:55:13 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-53-g6da7aa1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 6da7aa1e7c80d214bd9dccb21744919ae191f2c8 (commit) from 519e4560e821e4c41432626b241bca7d37143e01 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 6da7aa1e7c80d214bd9dccb21744919ae191f2c8 Author: Werner Koch Date: Mon Apr 9 14:44:21 2018 +0200 gpg,w32: Fix empty homedir when only a drive letter is used. * common/homedir.c (copy_dir_with_fixup): New. (default_homedir): Use here. (gnupg_set_homedir): And here . -- This actually fixes a couple of cases for Windows. Both --home-dir and GNUPGHOME. The interpretation of "c:" -> "c:/" might not be the correct one but because we need an absolute dir anyway it is the less surprising one. Note that this does not include a full syntax check and fixup and thus it is very well possible that the result is not an absolute directory. GnuPG-bug-id: 3720 Signed-off-by: Werner Koch diff --git a/common/homedir.c b/common/homedir.c index 65cf50f..e9e75d0 100644 --- a/common/homedir.c +++ b/common/homedir.c @@ -171,6 +171,62 @@ is_gnupg_default_homedir (const char *dir) } +/* Helper to remove trailing slashes from NEWDIR. Return a new + * allocated string if that has been done or NULL if there are no + * slashes to remove. Also inserts a missing slash after a Windows + * drive letter. */ +static char * +copy_dir_with_fixup (const char *newdir) +{ + char *result = NULL; + char *p; + + if (!*newdir) + return NULL; + +#ifdef HAVE_W32_SYSTEM + if (newdir[0] && newdir[1] == ':' + && !(newdir[2] == '/' || newdir[2] == '\\')) + { + /* Drive letter with missing leading slash. */ + p = result = xmalloc (strlen (newdir) + 1 + 1); + *p++ = newdir[0]; + *p++ = newdir[1]; + *p++ = '\\'; + strcpy (p, newdir+2); + + /* Remove trailing slashes. */ + p = result + strlen (result) - 1; + while (p > result+2 && (*p == '/' || *p == '\\')) + *p-- = 0; + } + else if (newdir[strlen (newdir)-1] == '/' + || newdir[strlen (newdir)-1] == '\\' ) + { + result = xstrdup (newdir); + p = result + strlen (result) - 1; + while (p > result + && (*p == '/' || *p == '\\') + && (p-1 > result && p[-1] != ':')) /* We keep "c:/". */ + *p-- = 0; + } + +#else /*!HAVE_W32_SYSTEM*/ + + if (newdir[strlen (newdir)-1] == '/') + { + result = xstrdup (newdir); + p = result + strlen (result) - 1; + while (p > result && *p == '/') + *p-- = 0; + } + +#endif /*!HAVE_W32_SYSTEM*/ + + return result; +} + + /* Get the standard home directory. In general this function should not be used as it does not consider a registry value (under W32) or the GNUPGHOME environment variable. It is better to use @@ -278,18 +334,11 @@ default_homedir (void) dir = GNUPG_DEFAULT_HOMEDIR; else { - /* Strip trailing slashes if any. */ - if (dir[strlen (dir)-1] == '/') - { - char *tmp, *p; - - tmp = xstrdup (dir); - p = tmp + strlen (tmp) - 1; - while (p > tmp && *p == '/') - *p-- = 0; + char *p; - dir = tmp; - } + p = copy_dir_with_fixup (dir); + if (p) + dir = p; if (!is_gnupg_default_homedir (dir)) non_default_homedir = 1; @@ -432,28 +481,10 @@ gnupg_set_homedir (const char *newdir) newdir = default_homedir (); else { - /* Remove trailing slashes from NEWSDIR. */ - if (newdir[strlen (newdir)-1] == '/' -#ifdef HAVE_W32_SYSTEM - || newdir[strlen (newdir)-1] == '\\' -#endif - ) - { - char *p; + tmp = copy_dir_with_fixup (newdir); + if (tmp) + newdir = tmp; - tmp = xstrdup (newdir); - p = tmp + strlen (tmp) - 1; - while (p > tmp - && (*p == '/' -#ifdef HAVE_W32_SYSTEM - || *p == '\\' -#endif - ) - ) - *p-- = 0; - - newdir = tmp; - } if (!is_gnupg_default_homedir (newdir)) non_default_homedir = 1; } ----------------------------------------------------------------------- Summary of changes: common/homedir.c | 95 +++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 63 insertions(+), 32 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 9 19:55:18 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 09 Apr 2018 19:55:18 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.5-54-g7fa6f14 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 7fa6f1481454ab8b4d166ac2d055abdba5f8baab (commit) from 6da7aa1e7c80d214bd9dccb21744919ae191f2c8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7fa6f1481454ab8b4d166ac2d055abdba5f8baab Author: Werner Koch Date: Mon Apr 9 19:46:54 2018 +0200 doc: Typo fix in gpg.texi -- Reported-by: Cody Brownstein diff --git a/doc/gpg.texi b/doc/gpg.texi index 6537acd..086b4fc 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -306,7 +306,7 @@ List the specified secret keys. If no keys are specified, then all known secret keys are listed. A @code{#} after the initial tags @code{sec} or @code{ssb} means that the secret key or subkey is currently not usable. We also say that this key has been taken -offline (for example, a primary key can be taken offline by exported +offline (for example, a primary key can be taken offline by exporting the key using the command @option{--export-secret-subkeys}). A @code{>} after these tags indicate that the key is stored on a smartcard. See also @option{--list-keys}. ----------------------------------------------------------------------- Summary of changes: doc/gpg.texi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 9 22:39:26 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 09 Apr 2018 22:39:26 +0200 Subject: [git] gnupg-doc - branch, master, updated. 2094fc1631aca2659732e0b28e03012e2dc67127 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 2094fc1631aca2659732e0b28e03012e2dc67127 (commit) from 377a56b4db99d4c3efa9df4ffc615640f3d76532 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 2094fc1631aca2659732e0b28e03012e2dc67127 Author: Werner Koch Date: Mon Apr 9 22:32:31 2018 +0200 swdb: Release GnuPG 2.2.6 Also removes the temporary used gnupg21_ tags. diff --git a/web/swdb.mac b/web/swdb.mac index 1c6bebf..5dc612a 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -10,32 +10,17 @@ # # GnuPG-2.2 # -#+macro: gnupg22_ver 2.2.5 -#+macro: gnupg22_date 2018-02-22 -#+macro: gnupg22_size 6430k -#+macro: gnupg22_sha1 9dec110397e460b3950943e18f5873a4f277f216 -#+macro: gnupg22_sha2 3fa189a32d4fb62147874eb1389047c267d9ba088f57ab521cb0df46f08aef57 +#+macro: gnupg22_ver 2.2.6 +#+macro: gnupg22_date 2018-04-09 +#+macro: gnupg22_size 6450k +#+macro: gnupg22_sha1 295298debcc2c12f02a2f2fdf04aecb6d6aae396 +#+macro: gnupg22_sha2 e64d8c5fa2d05938a5080cb784a98ac21be0812f2a26f844b18f0d6a0e711984 #+macro: gnupg22_branch STABLE-BRANCH-2-2 -#+macro: gnupg22_w32_ver 2.2.5_20180222 -#+macro: gnupg22_w32_date 2018-02-22 -#+macro: gnupg22_w32_size 3819k -#+macro: gnupg22_w32_sha1 080f801e833c7a9e0441d55cd19d4bdb5bb261f9 -#+macro: gnupg22_w32_sha2 9fea4add738a373b3c1a304f74eec2d24a8f5fe7ccdf1d8ee090d99de8f51257 - - -# temporary keep it as "gnupg21". In the future we will use the name of -# the stable branch even for the development versions. -#+macro: gnupg21_ver 2.2.5 -#+macro: gnupg21_date 2018-02-22 -#+macro: gnupg21_size 6430k -#+macro: gnupg21_sha1 9dec110397e460b3950943e18f5873a4f277f216 -#+macro: gnupg21_sha2 3fa189a32d4fb62147874eb1389047c267d9ba088f57ab521cb0df46f08aef57 -#+macro: gnupg21_branch STABLE-BRANCH-2-2 -#+macro: gnupg21_w32_ver 2.2.5_20180222 -#+macro: gnupg21_w32_date 2018-02-22 -#+macro: gnupg21_w32_size 3819k -#+macro: gnupg21_w32_sha1 080f801e833c7a9e0441d55cd19d4bdb5bb261f9 -#+macro: gnupg21_w32_sha2 9fea4add738a373b3c1a304f74eec2d24a8f5fe7ccdf1d8ee090d99de8f51257 +#+macro: gnupg22_w32_ver 2.2.6_20180409 +#+macro: gnupg22_w32_date 2018-04-09 +#+macro: gnupg22_w32_size 3837k +#+macro: gnupg22_w32_sha1 c9fe66788ea40bc57a189aa13e7c83add9baec40 +#+macro: gnupg22_w32_sha2 5d426b19d9cc3d7d3c0db0dfb58af1b6a36f4ea1cfd55901bb6864e865fcccc6 # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 35 ++++++++++------------------------- 1 file changed, 10 insertions(+), 25 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 00:12:13 2018 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Tue, 10 Apr 2018 00:12:13 +0200 Subject: [git] GnuPG - branch, T3880, created. gnupg-2.2.6-3-g381c468 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, T3880 has been created at 381c46818ffa4605d0ca39818fe317de445eb6de (commit) - Log ----------------------------------------------------------------- commit 381c46818ffa4605d0ca39818fe317de445eb6de Author: Daniel Kahn Gillmor Date: Mon Apr 9 18:06:38 2018 -0400 agent: unknown flags on ssh signing requests cause an error. * agent/command-ssh.c (ssh_handler_sign_request): if a flag is passed during an signature request that we do not know how to apply, return GPG_ERR_UNKNOWN_OPTION. -- https://tools.ietf.org/html/draft-miller-ssh-agent-02#section-4.5 says: If the agent does not support the requested flags, or is otherwise unable or unwilling to generate the signature (e.g. because it doesn't have the specified key, or the user refused confirmation of a constrained key), it must reply with a SSH_AGENT_FAILURE message. Signed-off-by: Daniel Kahn Gillmor GnuPG-bug-id: 3880 diff --git a/agent/command-ssh.c b/agent/command-ssh.c index 5317df5..ac67dd0 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -2864,7 +2864,7 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) unsigned char *sig = NULL; size_t sig_n; u32 data_size; - u32 flags; + u32 flags, known_flags = 0; gpg_error_t err; gpg_error_t ret_err; int hash_algo; @@ -2890,6 +2890,7 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) if (spec.algo == GCRY_PK_RSA) { + known_flags = SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512; if ((flags & SSH_AGENT_RSA_SHA2_256)) { spec.ssh_identifier = "rsa-sha2-256"; @@ -2902,6 +2903,13 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) } } + /* some flag is present that we do not know about. */ + if (flags & ~known_flags) + { + err = gpg_error (GPG_ERR_UNKNOWN_OPTION); + goto out; + } + hash_algo = spec.hash_algo; if (!hash_algo) hash_algo = GCRY_MD_SHA1; /* Use the default. */ commit 55435cdd4fe4fbfbcba1098bb715ecd6171ba2d8 Author: Daniel Kahn Gillmor Date: Thu Apr 5 11:49:44 2018 -0400 agent: change documentation reference for ssh-agent protocol. * agent/command-ssh.c: repoint documentation reference. -- Damien Miller is now documenting the ssh-agent protocol via the IETF. Signed-off-by: Daniel Kahn Gillmor diff --git a/agent/command-ssh.c b/agent/command-ssh.c index d1158e7..5317df5 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -27,8 +27,10 @@ RFC-4253 - Transport Layer Protocol RFC-5656 - ECC support - The protocol for the agent is defined in OpenSSH's PROTOCL.agent - file. + The protocol for the agent is defined in: + + https://tools.ietf.org/html/draft-miller-ssh-agent + */ #include ----------------------------------------------------------------------- hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 00:13:07 2018 From: cvs at cvs.gnupg.org (by Daniel Kahn Gillmor) Date: Tue, 10 Apr 2018 00:13:07 +0200 Subject: [git] GnuPG - branch, T3880-fix, created. gnupg-2.2.6-3-g381c468 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, T3880-fix has been created at 381c46818ffa4605d0ca39818fe317de445eb6de (commit) - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 04:03:49 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Tue, 10 Apr 2018 04:03:49 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.1-60-g0de2a22 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 0de2a22fcf6607d0aecb550feefa414cee3731b2 (commit) from 9b58e4a03ba3aeff7bae3f40da706977870c9649 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0de2a22fcf6607d0aecb550feefa414cee3731b2 Author: NIIBE Yutaka Date: Tue Apr 10 11:01:57 2018 +0900 random: Protect another use of jent_rng_collector. * random/rndjent.c (_gcry_rndjent_get_version): Lock the access. Signed-off-by: NIIBE Yutaka diff --git a/random/rndjent.c b/random/rndjent.c index 6e56c8a..0c5a820 100644 --- a/random/rndjent.c +++ b/random/rndjent.c @@ -334,11 +334,13 @@ _gcry_rndjent_get_version (int *r_active) { if (r_active) { + lock_rng (); /* Make sure the RNG is initialized. */ _gcry_rndjent_poll (NULL, 0, 0); /* To ease debugging we store 2 for a clock_gettime based * implementation and 1 for a rdtsc based code. */ *r_active = jent_rng_collector? is_rng_available () : 0; + unlock_rng (); } return jent_version (); } ----------------------------------------------------------------------- Summary of changes: random/rndjent.c | 2 ++ 1 file changed, 2 insertions(+) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 08:07:00 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 10 Apr 2018 08:07:00 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-4-g9f69dbe Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 9f69dbeb902ac447adbc92937cd451c4e909f234 (commit) via 381c46818ffa4605d0ca39818fe317de445eb6de (commit) via 55435cdd4fe4fbfbcba1098bb715ecd6171ba2d8 (commit) from 30081d2851e06944a892a66b8f2d983a495a5686 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9f69dbeb902ac447adbc92937cd451c4e909f234 Author: Werner Koch Date: Tue Apr 10 07:59:52 2018 +0200 agent: Improve the unknown ssh flag detection. * agent/command-ssh.c (ssh_handler_sign_request): Simplify detection of flags. -- Signed-off-by: Werner Koch diff --git a/agent/command-ssh.c b/agent/command-ssh.c index ac67dd0..20dc3fe 100644 --- a/agent/command-ssh.c +++ b/agent/command-ssh.c @@ -2864,7 +2864,6 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) unsigned char *sig = NULL; size_t sig_n; u32 data_size; - u32 flags, known_flags = 0; gpg_error_t err; gpg_error_t ret_err; int hash_algo; @@ -2884,31 +2883,39 @@ ssh_handler_sign_request (ctrl_t ctrl, estream_t request, estream_t response) if (err) goto out; - err = stream_read_uint32 (request, &flags); - if (err) - goto out; - - if (spec.algo == GCRY_PK_RSA) - { - known_flags = SSH_AGENT_RSA_SHA2_256 | SSH_AGENT_RSA_SHA2_512; - if ((flags & SSH_AGENT_RSA_SHA2_256)) - { - spec.ssh_identifier = "rsa-sha2-256"; - spec.hash_algo = GCRY_MD_SHA256; - } - else if ((flags & SSH_AGENT_RSA_SHA2_512)) - { - spec.ssh_identifier = "rsa-sha2-512"; - spec.hash_algo = GCRY_MD_SHA512; - } - } + /* Flag processing. */ + { + u32 flags; - /* some flag is present that we do not know about. */ - if (flags & ~known_flags) - { - err = gpg_error (GPG_ERR_UNKNOWN_OPTION); + err = stream_read_uint32 (request, &flags); + if (err) goto out; - } + + if (spec.algo == GCRY_PK_RSA) + { + if ((flags & SSH_AGENT_RSA_SHA2_512)) + { + flags &= ~SSH_AGENT_RSA_SHA2_512; + spec.ssh_identifier = "rsa-sha2-512"; + spec.hash_algo = GCRY_MD_SHA512; + } + if ((flags & SSH_AGENT_RSA_SHA2_256)) + { + /* Note: We prefer SHA256 over SHA512. */ + flags &= ~SSH_AGENT_RSA_SHA2_256; + spec.ssh_identifier = "rsa-sha2-256"; + spec.hash_algo = GCRY_MD_SHA256; + } + } + + /* Some flag is present that we do not know about. Note that + * processed or known flags have been cleared at this point. */ + if (flags) + { + err = gpg_error (GPG_ERR_UNKNOWN_OPTION); + goto out; + } + } hash_algo = spec.hash_algo; if (!hash_algo) ----------------------------------------------------------------------- Summary of changes: agent/command-ssh.c | 55 +++++++++++++++++++++++++++++++++++------------------ 1 file changed, 36 insertions(+), 19 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 09:37:53 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Tue, 10 Apr 2018 09:37:53 +0200 Subject: [git] GpgEX - branch, master, updated. gpgex-1.0.5-4-g5baafc2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnupG extension for the Windows Explorer". The branch, master has been updated via 5baafc20c8900d515fd73cc94a33f5c156251c09 (commit) from 4fbbd134b865b1203b1914eb1623fa65aab8cb75 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5baafc20c8900d515fd73cc94a33f5c156251c09 Author: Andre Heinecke Date: Tue Apr 10 09:28:48 2018 +0200 Update NEWS for todays release diff --git a/NEWS b/NEWS index 2f61ffc..abb5e42 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,10 @@ -Noteworthy changes for version 1.0.6 (unreleased) +Noteworthy changes for version 1.0.6 (2018-04-11) ------------------------------------------------- +* Updated portugese translation. + +* Nicer PNG based Icon. + Noteworthy changes for version 1.0.5 (2017-09-12) ------------------------------------------------- ----------------------------------------------------------------------- Summary of changes: NEWS | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) hooks/post-receive -- GnupG extension for the Windows Explorer http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 09:41:11 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Tue, 10 Apr 2018 09:41:11 +0200 Subject: [git] GpgEX - branch, master, updated. gpgex-1.0.6-1-g9cd9389 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnupG extension for the Windows Explorer". The branch, master has been updated via 9cd9389fc4bdfdd111c9894a7fc7e30817befa4b (commit) from 5baafc20c8900d515fd73cc94a33f5c156251c09 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9cd9389fc4bdfdd111c9894a7fc7e30817befa4b Author: Andre Heinecke Date: Tue Apr 10 09:41:01 2018 +0200 Post release version bump -- diff --git a/NEWS b/NEWS index abb5e42..ca95112 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes for version 1.0.7 (unreleased) +------------------------------------------------- + + Noteworthy changes for version 1.0.6 (2018-04-11) ------------------------------------------------- diff --git a/configure.ac b/configure.ac index a9f3157..3c11099 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ min_automake_version="1.10" # (git tag -s gnupg-2.n.m) and run "./autogen.sh --force". Please # bump the version number immediately *after* the release and do # another commit and push so that the git magic is able to work. -m4_define([mym4_version], [1.0.6]) +m4_define([mym4_version], [1.0.7]) # Below is m4 magic to extract and compute the git revision number, # the decimalized short revision number, a beta version string and a ----------------------------------------------------------------------- Summary of changes: NEWS | 4 ++++ configure.ac | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) hooks/post-receive -- GnupG extension for the Windows Explorer http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 09:43:53 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Tue, 10 Apr 2018 09:43:53 +0200 Subject: [git] gnupg-doc - branch, master, updated. dc9ddd844590d9ad4986203c56fcb6449088bca0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via dc9ddd844590d9ad4986203c56fcb6449088bca0 (commit) from 2094fc1631aca2659732e0b28e03012e2dc67127 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dc9ddd844590d9ad4986203c56fcb6449088bca0 Author: Andre Heinecke Date: Tue Apr 10 09:43:05 2018 +0200 swdb: Release GpgEX 1.0.6 -- diff --git a/web/swdb.mac b/web/swdb.mac index 5dc612a..12bc401 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -166,11 +166,12 @@ # # GpgEX # -#+macro: gpgex_ver 1.0.4 -#+macro: gpgex_date 2016-03-30 -#+macro: gpgex_size 286k -#+macro: gpgex_sha1 a1521fd86b6a1c5d5865d864e5700e98f4e99dcb -#+macro: gpgex_sha2 aea2232d026219072491f1bf5b2f189a15552f66377ff4dd3b11c0f069379206 +#+macro: gpgex_ver 1.0.6 +#+macro: gpgex_date 2018-04-10 +#+macro: gpgex_size 297k +#+macro: gpgex_sha1 9994f89b466cb2098099aedbda259479a1484485 +#+macro: gpgex_sha2 8cb429bfcf1e938fa4ef8953e0eb2eff88848d883afcf66fdf5fa67ef01ed424 + # # GpgOL ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 10:38:21 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 10 Apr 2018 10:38:21 +0200 Subject: [git] GnuPG - branch, master, updated. gnupg-2.2.6-122-g1793f2c Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, master has been updated via 1793f2c46a1ae8befb4d2046c9f3da6e2c685e43 (commit) via 36373798c0955241288fb4aec103830106dd7e1f (commit) via 9f69dbeb902ac447adbc92937cd451c4e909f234 (commit) via 381c46818ffa4605d0ca39818fe317de445eb6de (commit) via 55435cdd4fe4fbfbcba1098bb715ecd6171ba2d8 (commit) via 30081d2851e06944a892a66b8f2d983a495a5686 (commit) via 6fbe2ddbaf5123ae444c95fdf8da67840f794c76 (commit) via f1f072c501cd6124f9193e00f0debc4685ff0851 (commit) via b46b14392540aec7726c8882c424e6d466c51c97 (commit) via 7fa6f1481454ab8b4d166ac2d055abdba5f8baab (commit) via 6da7aa1e7c80d214bd9dccb21744919ae191f2c8 (commit) via 519e4560e821e4c41432626b241bca7d37143e01 (commit) via a4e26f2ee852003707857ab0635b783acb89a2f8 (commit) via 1a5d95e7319e7e6f0dd11064a26cbbc371b05214 (commit) via 0336e5d1a7b9d46e06c838e6a98aecfcc9542882 (commit) via cfd07798087f671c134eef056229bb30e08cc77c (commit) via 5ba74a134db431530884f03eea5410a68dbfe0f5 (commit) via 80b775bdbb852aa4a80292c9357e5b1876110c00 (commit) via d27417d3a571739329a86d9f25212f2da0c8ff72 (commit) via 870527df0dd704c994928348c8c2910030776680 (commit) via 83529e1bd14a6d39f2a8ecab9fb6aa4c1f344c73 (commit) via cb1731c23cddfa524d3f51cfd82029bff853a073 (commit) via a17d2d1f690ebe5d005b4589a5fe378b6487c657 (commit) via 6705ee42a4bd89eea3f959f75d3c14a69c1249a3 (commit) via 130ad98240c066383fa0a99bcf5e0ec72bc0dff9 (commit) via 0c097575a9cd923f648fb5bb695893d46400c3ad (commit) via 820380335a20391e0998fb1ba32ebfb9accedc5b (commit) via 29692718768c28c524be6306081ab1852e75fe07 (commit) via a1515b3bbc10a210040dda3b482bcdb933fa8d7c (commit) via 02d7bb819ff44cc90212568dd6ce24ae1dc5d17f (commit) via e610d51f0de11154050915b951bcc5c53c940f5e (commit) via 96918346beeca7a46de9f03f19502373994c21bc (commit) from d4dc4245bf0221d2db4118718fc2528ecf43b97b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 1793f2c46a1ae8befb4d2046c9f3da6e2c685e43 Author: Werner Koch Date: Tue Apr 10 08:37:27 2018 +0200 doc: Include release info from 2.2.6 -- diff --git a/NEWS b/NEWS index 6f5137d..d10d52b 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,51 @@ Noteworthy changes in version 2.3.0 (unreleased) ------------------------------------------------ + Changes also found in 2.2.6: + + * gpg,gpgsm: New option --request-origin to pretend requests coming + from a browser or a remote site. + + * gpg: Fix race condition on trustdb.gpg updates due to too early + released lock. [#3839] + + * gpg: Emit FAILURE status lines in almost all cases. [#3872] + + * gpg: Implement --dry-run for --passwd to make checking a key's + passphrase straightforward. + + * gpg: Make sure to only accept a certification capable key for key + signatures. [#3844] + + * gpg: Better user interaction in --card-edit for the factory-reset + sub-command. + + * gpg: Improve changing key attributes in --card-edit by adding an + explicit "key-attr" sub-command. [#3781] + + * gpg: Print the keygrips in the --card-status. + + * scd: Support KDF DO setup. [#3823] + + * scd: Fix some issues with PC/SC on Windows. [#3825] + + * scd: Fix suspend/resume handling in the CCID driver. + + * agent: Evict cached passphrases also via a timer. [#3829] + + * agent: Use separate passphrase caches depending on the request + origin. [#3858] + + * ssh: Support signature flags. [#3880] + + * dirmngr: Handle failures related to missing IPv6 support + gracefully. [#3331] + + * Fix corner cases related to specified home directory with + drive letter on Windows. [#3720] + + * Allow the use of UNC directory names as homedir. [#3818] + Changes also found in 2.2.5: * gpg: Allow the use of the "cv25519" and "ed25519" short names in @@ -162,6 +207,8 @@ Noteworthy changes in version 2.3.0 (unreleased) Version 2.2.2 (2017-11-07) Version 2.2.3 (2017-11-20) Version 2.2.4 (2017-12-20) + Version 2.2.5 (2018-02-22) + Version 2.2.6 (2018-04-09) Noteworthy changes in version 2.2.0 (2017-08-28) commit 36373798c0955241288fb4aec103830106dd7e1f Merge: d4dc424 9f69dbe Author: Werner Koch Date: Tue Apr 10 10:14:30 2018 +0200 Merge branch 'STABLE-BRANCH-2-2' into master -- Fixed conflicts: NEWS - keep master configure.ac - merge g10/card-util.c - mostly 2.2 g10/sig-check.c - 2.2 diff --cc configure.ac index 3096aee,7b373a4..540dffc --- a/configure.ac +++ b/configure.ac @@@ -614,8 -602,9 +614,9 @@@ AC_PROG_RANLI AC_CHECK_TOOL(AR, ar, :) AC_PATH_PROG(PERL,"perl") AC_CHECK_TOOL(WINDRES, windres, :) -AC_PATH_PROG(YAT2M, "yat2m") +AC_PATH_PROG(YAT2M, "yat2m", "./yat2m" ) AC_ARG_VAR(YAT2M, [tool to convert texi to man pages]) + AM_CONDITIONAL(HAVE_YAT2M, test -n "$ac_cv_path_YAT2M") AC_ISC_POSIX AC_SYS_LARGEFILE GNUPG_CHECK_USTAR diff --cc g10/sig-check.c index f8e366b,e5de025..fc69839 --- a/g10/sig-check.c +++ b/g10/sig-check.c @@@ -115,174 -115,177 +115,176 @@@ check_signature2 (ctrl_t ctrl PKT_signature *sig, gcry_md_hd_t digest, u32 *r_expiredate, int *r_expired, int *r_revoked, PKT_public_key **r_pk) { - int rc=0; - PKT_public_key *pk; - - if (r_expiredate) - *r_expiredate = 0; - if (r_expired) - *r_expired = 0; - if (r_revoked) - *r_revoked = 0; - if (r_pk) - *r_pk = NULL; - - pk = xtrycalloc (1, sizeof *pk); - if (!pk) - return gpg_error_from_syserror (); - - if ( (rc=openpgp_md_test_algo(sig->digest_algo)) ) - ; /* We don't have this digest. */ - else if (! gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo)) - { - /* Compliance failure. */ - log_info (_("digest algorithm '%s' may not be used in %s mode\n"), - gcry_md_algo_name (sig->digest_algo), - gnupg_compliance_option_string (opt.compliance)); - rc = gpg_error (GPG_ERR_DIGEST_ALGO); - } - else if ((rc=openpgp_pk_test_algo(sig->pubkey_algo))) - ; /* We don't have this pubkey algo. */ - else if (!gcry_md_is_enabled (digest,sig->digest_algo)) - { - /* Sanity check that the md has a context for the hash that the - sig is expecting. This can happen if a onepass sig header does - not match the actual sig, and also if the clearsign "Hash:" - header is missing or does not match the actual sig. */ + int rc=0; + PKT_public_key *pk; - log_info(_("WARNING: signature digest conflict in message\n")); - rc = gpg_error (GPG_ERR_GENERAL); - } - else if( get_pubkey (ctrl, pk, sig->keyid ) ) - rc = gpg_error (GPG_ERR_NO_PUBKEY); - else if (! gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION, - pk->pubkey_algo, pk->pkey, - nbits_from_pk (pk), - NULL)) - { - /* Compliance failure. */ - log_error (_("key %s may not be used for signing in %s mode\n"), - keystr_from_pk (pk), - gnupg_compliance_option_string (opt.compliance)); - rc = gpg_error (GPG_ERR_PUBKEY_ALGO); - } - else if(!pk->flags.valid) - { - /* You cannot have a good sig from an invalid key. */ - rc = gpg_error (GPG_ERR_BAD_PUBKEY); - } - else - { - if(r_expiredate) - *r_expiredate = pk->expiredate; - - rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL); - - /* Check the backsig. This is a 0x19 signature from the - subkey on the primary key. The idea here is that it should - not be possible for someone to "steal" subkeys and claim - them as their own. The attacker couldn't actually use the - subkey, but they could try and claim ownership of any - signatures issued by it. */ - if (!rc && !pk->flags.primary && pk->flags.backsig < 2) - { - if (!pk->flags.backsig) - { - log_info(_("WARNING: signing subkey %s is not" - " cross-certified\n"),keystr_from_pk(pk)); - log_info(_("please see %s for more information\n"), - "https://gnupg.org/faq/subkey-cross-certify.html"); - /* --require-cross-certification makes this warning an - error. TODO: change the default to require this - after more keys have backsigs. */ - if(opt.flags.require_cross_cert) - rc = gpg_error (GPG_ERR_GENERAL); - } - else if(pk->flags.backsig == 1) - { - log_info(_("WARNING: signing subkey %s has an invalid" - " cross-certification\n"),keystr_from_pk(pk)); - rc = gpg_error (GPG_ERR_GENERAL); - } - } + if (r_expiredate) + *r_expiredate = 0; + if (r_expired) + *r_expired = 0; + if (r_revoked) + *r_revoked = 0; + if (r_pk) + *r_pk = NULL; - } + pk = xtrycalloc (1, sizeof *pk); + if (!pk) + return gpg_error_from_syserror (); + + if ((rc=openpgp_md_test_algo(sig->digest_algo))) + { + /* We don't have this digest. */ + } + else if (!gnupg_digest_is_allowed (opt.compliance, 0, sig->digest_algo)) + { + /* Compliance failure. */ + log_info (_("digest algorithm '%s' may not be used in %s mode\n"), + gcry_md_algo_name (sig->digest_algo), + gnupg_compliance_option_string (opt.compliance)); + rc = gpg_error (GPG_ERR_DIGEST_ALGO); + } + else if ((rc=openpgp_pk_test_algo(sig->pubkey_algo))) + { + /* We don't have this pubkey algo. */ + } + else if (!gcry_md_is_enabled (digest,sig->digest_algo)) + { + /* Sanity check that the md has a context for the hash that the + * sig is expecting. This can happen if a onepass sig header + * does not match the actual sig, and also if the clearsign + * "Hash:" header is missing or does not match the actual sig. */ + log_info(_("WARNING: signature digest conflict in message\n")); + rc = gpg_error (GPG_ERR_GENERAL); + } + else if (get_pubkey (ctrl, pk, sig->keyid)) + rc = gpg_error (GPG_ERR_NO_PUBKEY); + else if (!gnupg_pk_is_allowed (opt.compliance, PK_USE_VERIFICATION, + pk->pubkey_algo, pk->pkey, + nbits_from_pk (pk), + NULL)) + { + /* Compliance failure. */ + log_error (_("key %s may not be used for signing in %s mode\n"), + keystr_from_pk (pk), + gnupg_compliance_option_string (opt.compliance)); + rc = gpg_error (GPG_ERR_PUBKEY_ALGO); + } + else if (!pk->flags.valid) + { + /* You cannot have a good sig from an invalid key. */ + rc = gpg_error (GPG_ERR_BAD_PUBKEY); + } + else + { + if (r_expiredate) + *r_expiredate = pk->expiredate; + + rc = check_signature_end (pk, sig, digest, r_expired, r_revoked, NULL); + + /* Check the backsig. This is a back signature (0x19) from + * the subkey on the primary key. The idea here is that it + * should not be possible for someone to "steal" subkeys and + * claim them as their own. The attacker couldn't actually + * use the subkey, but they could try and claim ownership of + * any signatures issued by it. */ + if (!rc && !pk->flags.primary && pk->flags.backsig < 2) + { + if (!pk->flags.backsig) + { + log_info (_("WARNING: signing subkey %s is not" + " cross-certified\n"),keystr_from_pk(pk)); + log_info (_("please see %s for more information\n"), + "https://gnupg.org/faq/subkey-cross-certify.html"); + /* The default option --require-cross-certification + * makes this warning an error. */ + if (opt.flags.require_cross_cert) + rc = gpg_error (GPG_ERR_GENERAL); + } + else if(pk->flags.backsig == 1) + { + log_info (_("WARNING: signing subkey %s has an invalid" + " cross-certification\n"), keystr_from_pk(pk)); + rc = gpg_error (GPG_ERR_GENERAL); + } + } + + } - if (!rc && sig->sig_class < 2 && is_status_enabled ()) - { - /* This signature id works best with DLP algorithms because - * they use a random parameter for every signature. Instead of - * this sig-id we could have also used the hash of the document - * and the timestamp, but the drawback of this is, that it is - * not possible to sign more than one identical document within - * one second. Some remote batch processing applications might - * like this feature here. - * - * Note that before 2.0.10, we used RIPE-MD160 for the hash - * and accidentally didn't include the timestamp and algorithm - * information in the hash. Given that this feature is not - * commonly used and that a replay attacks detection should - * not solely be based on this feature (because it does not - * work with RSA), we take the freedom and switch to SHA-1 - * with 2.0.10 to take advantage of hardware supported SHA-1 - * implementations. We also include the missing information - * in the hash. Note also the SIG_ID as computed by gpg 1.x - * and gpg 2.x didn't matched either because 2.x used to print - * MPIs not in PGP format. */ - u32 a = sig->timestamp; - int nsig = pubkey_get_nsig (sig->pubkey_algo); - unsigned char *p, *buffer; - size_t n, nbytes; - int i; - char hashbuf[20]; + if( !rc && sig->sig_class < 2 && is_status_enabled() ) { + /* This signature id works best with DLP algorithms because + * they use a random parameter for every signature. Instead of + * this sig-id we could have also used the hash of the document + * and the timestamp, but the drawback of this is, that it is + * not possible to sign more than one identical document within + * one second. Some remote batch processing applications might + * like this feature here. + * + * Note that before 2.0.10, we used RIPE-MD160 for the hash + * and accidentally didn't include the timestamp and algorithm + * information in the hash. Given that this feature is not + * commonly used and that a replay attacks detection should + * not solely be based on this feature (because it does not + * work with RSA), we take the freedom and switch to SHA-1 + * with 2.0.10 to take advantage of hardware supported SHA-1 + * implementations. We also include the missing information + * in the hash. Note also the SIG_ID as computed by gpg 1.x + * and gpg 2.x didn't matched either because 2.x used to print + * MPIs not in PGP format. */ + u32 a = sig->timestamp; + int nsig = pubkey_get_nsig( sig->pubkey_algo ); + unsigned char *p, *buffer; + size_t n, nbytes; + int i; + char hashbuf[20]; /* We use SHA-1 here. */ - nbytes = 6; - for (i=0; i < nsig; i++ ) - { - if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i])) - BUG(); - nbytes += n; - } + nbytes = 6; + for (i=0; i < nsig; i++ ) + { + if (gcry_mpi_print (GCRYMPI_FMT_USG, NULL, 0, &n, sig->data[i])) + BUG(); + nbytes += n; + } - /* Make buffer large enough to be later used as output buffer. */ - if (nbytes < 100) - nbytes = 100; - nbytes += 10; /* Safety margin. */ - - /* Fill and hash buffer. */ - buffer = p = xmalloc (nbytes); - *p++ = sig->pubkey_algo; - *p++ = sig->digest_algo; - *p++ = (a >> 24) & 0xff; - *p++ = (a >> 16) & 0xff; - *p++ = (a >> 8) & 0xff; - *p++ = a & 0xff; - nbytes -= 6; - for (i=0; i < nsig; i++ ) - { - if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i])) - BUG(); - p += n; - nbytes -= n; - } - gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer); - - p = make_radix64_string (hashbuf, 20); - sprintf (buffer, "%s %s %lu", - p, strtimestamp (sig->timestamp), (ulong)sig->timestamp); - xfree (p); - write_status_text (STATUS_SIG_ID, buffer); - xfree (buffer); + /* Make buffer large enough to be later used as output buffer. */ + if (nbytes < 100) + nbytes = 100; + nbytes += 10; /* Safety margin. */ + + /* Fill and hash buffer. */ + buffer = p = xmalloc (nbytes); + *p++ = sig->pubkey_algo; + *p++ = sig->digest_algo; + *p++ = (a >> 24) & 0xff; + *p++ = (a >> 16) & 0xff; + *p++ = (a >> 8) & 0xff; + *p++ = a & 0xff; + nbytes -= 6; + for (i=0; i < nsig; i++ ) + { + if (gcry_mpi_print (GCRYMPI_FMT_PGP, p, nbytes, &n, sig->data[i])) + BUG(); + p += n; + nbytes -= n; + } + gcry_md_hash_buffer (GCRY_MD_SHA1, hashbuf, buffer, p-buffer); + + p = make_radix64_string (hashbuf, 20); + sprintf (buffer, "%s %s %lu", + p, strtimestamp (sig->timestamp), (ulong)sig->timestamp); + xfree (p); + write_status_text (STATUS_SIG_ID, buffer); + xfree (buffer); } - if (r_pk) - *r_pk = pk; - else - { - release_public_key_parts (pk); - xfree (pk); - } + if (r_pk) + *r_pk = pk; + else + { + release_public_key_parts (pk); + xfree (pk); + } - return rc; + return rc; } @@@ -493,38 -521,34 +520,38 @@@ check_signature_end_simple (PKT_public_ gcry_md_putc (digest, 0); n = 6; } - /* Add some magic per Section 5.2.4 of RFC 4880. */ - buf[0] = sig->version; - buf[1] = 0xff; - buf[2] = n >> 24; - buf[3] = n >> 16; - buf[4] = n >> 8; - buf[5] = n; - gcry_md_write( digest, buf, 6 ); + /* add some magic per Section 5.2.4 of RFC 4880. */ + buf[0] = sig->version; + buf[1] = 0xff; + buf[2] = n >> 24; + buf[3] = n >> 16; + buf[4] = n >> 8; + buf[5] = n; + gcry_md_write( digest, buf, 6 ); } - gcry_md_final( digest ); - - /* Convert the digest to an MPI. */ - result = encode_md_value (pk, digest, sig->digest_algo ); - if (!result) - return GPG_ERR_GENERAL; - - /* Verify the signature. */ - rc = pk_verify (pk->pubkey_algo, result, sig->data, pk->pkey); - gcry_mpi_release (result); + gcry_md_final( digest ); + + /* Convert the digest to an MPI. */ + result = encode_md_value (pk, digest, sig->digest_algo ); + if (!result) + return GPG_ERR_GENERAL; + + /* Verify the signature. */ + if (DBG_CLOCK && sig->sig_class <= 0x01) + log_clock ("enter pk_verify"); + rc = pk_verify( pk->pubkey_algo, result, sig->data, pk->pkey ); + if (DBG_CLOCK && sig->sig_class <= 0x01) + log_clock ("leave pk_verify"); + gcry_mpi_release (result); - if( !rc && sig->flags.unknown_critical ) - { - log_info(_("assuming bad signature from key %s" - " due to an unknown critical bit\n"),keystr_from_pk(pk)); - rc = GPG_ERR_BAD_SIGNATURE; - } + if (!rc && sig->flags.unknown_critical) + { + log_info(_("assuming bad signature from key %s" + " due to an unknown critical bit\n"),keystr_from_pk(pk)); + rc = GPG_ERR_BAD_SIGNATURE; + } - return rc; + return rc; } ----------------------------------------------------------------------- Summary of changes: NEWS | 47 +++ agent/call-scd.c | 4 +- agent/command-ssh.c | 46 ++- common/homedir.c | 95 +++-- configure.ac | 1 + doc/examples/vsnfd.prf | 6 +- doc/gpg.texi | 22 +- g10/call-agent.h | 15 +- g10/card-util.c | 370 +++++++++++------ g10/cpr.c | 6 +- g10/getkey.c | 2 + g10/gpg.c | 56 ++- g10/keydb.h | 5 +- g10/keyedit.c | 8 +- g10/keygen.c | 53 ++- g10/main.h | 1 + g10/sig-check.c | 690 ++++++++++++++++---------------- po/ca.po | 124 ++++-- po/cs.po | 135 +++++-- po/da.po | 137 +++++-- po/de.po | 123 ++++-- po/el.po | 124 ++++-- po/eo.po | 124 ++++-- po/es.po | 139 +++++-- po/et.po | 124 ++++-- po/fi.po | 124 ++++-- po/fr.po | 145 +++++-- po/gl.po | 124 ++++-- po/hu.po | 124 ++++-- po/id.po | 124 ++++-- po/it.po | 124 ++++-- po/ja.po | 125 ++++-- po/nb.po | 135 +++++-- po/pl.po | 137 +++++-- po/pt.po | 124 ++++-- po/ro.po | 134 +++++-- po/ru.po | 131 ++++-- po/sk.po | 124 ++++-- po/sv.po | 143 +++++-- po/tr.po | 134 +++++-- po/uk.po | 135 +++++-- po/zh_CN.po | 132 ++++-- po/zh_TW.po | 139 +++++-- scd/app-openpgp.c | 61 ++- scd/command.c | 16 +- sm/gpgsm.c | 14 +- tests/gpgscm/gnupg.scm | 13 +- tests/gpgsm/export.scm | 2 +- tests/gpgsm/gpgsm-defs.scm | 6 + tests/migrations/common.scm | 2 +- tests/openpgp/decrypt-session-key.scm | 2 +- tests/openpgp/decrypt-unwrap-verify.scm | 2 +- tests/openpgp/defs.scm | 14 +- 53 files changed, 3382 insertions(+), 1565 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 15:54:03 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Tue, 10 Apr 2018 15:54:03 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-125-g7cb3fea Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 7cb3feaf64d3098a5bc56cad62576bb67e5d74bf (commit) via 11ed13c4ee60b5f2b6ed8c46591f60ce92125f0b (commit) via be8a7af4db06f5f8c479b550a84f96145e239030 (commit) via 6219c5bb703e680eaff2b15e1f1cb262117b4927 (commit) from 1441f6710db976c76b5cb64073be05b318df84ce (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 7cb3feaf64d3098a5bc56cad62576bb67e5d74bf Author: Andre Heinecke Date: Tue Apr 10 15:49:21 2018 +0200 Make S/MIME compatible with Exchange 2016 patched * src/oomhelp.h (PR_PIDNameContentType_DASL): New. * src/mimemaker.cpp (create_top_encryption_header): We no longer create the header ourself. * src/mail.cpp (Mail::update_crypt_oom): Here we set the header values now. * src/cryptcontroller.h (CryptController::get_protocol) (CryptController::is_encrypter): New accessors. * src/cryptcontroller.cpp (create_encrypt_attach): Write binary data for S/MIME. Outlook will do the base64 conversion. -- This fixes a lot of interop issues. Otherwise we would either have weirdly structured mails or mails without smime-type header or mails where the pkcs7-mime part was doubly base64 encoded with the inner encoding containing the headers. Hope this works with older Exchanges and Outlooks. GnuPG-Bug-Id: T3884 diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp index 1065f6e..5aa1022 100644 --- a/src/cryptcontroller.cpp +++ b/src/cryptcontroller.cpp @@ -838,15 +838,8 @@ create_encrypt_attach (sink_t sink, protocol_t protocol, return rc; } - if (protocol == PROTOCOL_OPENPGP) - { - rc = write_data (sink, encryptedData); - } - else - { - const auto encStr = encryptedData.toString(); - rc = write_b64 (sink, encStr.c_str(), encStr.size()); - } + rc = write_data (sink, encryptedData); + if (rc) { log_error ("%s:%s: Failed to create top header.", diff --git a/src/cryptcontroller.h b/src/cryptcontroller.h index 67b67c4..8bcf1d4 100644 --- a/src/cryptcontroller.h +++ b/src/cryptcontroller.h @@ -64,6 +64,12 @@ public: /** @brief Get an inline body as std::string. */ std::string get_inline_data (); + /** @brief Get the protocol. Valid after do_crypto. */ + GpgME::Protocol get_protocol () const { return m_proto; } + + /** @brief check weather something was encrypted. */ + bool is_encrypter () const { return m_encrypt; } + private: int resolve_keys (); int resolve_keys_cached (); diff --git a/src/mail.cpp b/src/mail.cpp index df7d0f2..ea2f65a 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -2613,6 +2613,21 @@ Mail::update_crypt_oom() return; } } + + if (m_crypter->get_protocol () == GpgME::CMS && m_crypter->is_encrypter ()) + { + /* We put the PIDNameContentType headers here for exchange + because this is the only way we found to inject the + smime-type. */ + if (put_pa_string (m_mailitem, + PR_PIDNameContentType_DASL, + "application/pkcs7-mime;smime-type=\"enveloped-data\";name=smime.p7m")) + { + log_debug ("%s:%s: Failed to put PIDNameContentType for %p.", + SRCNAME, __func__, this); + } + } + /** When doing async update_crypt_mapi follows and needs the crypter. */ if (async_crypt_disabled ()) diff --git a/src/mimemaker.cpp b/src/mimemaker.cpp index a7e9959..ed961f7 100644 --- a/src/mimemaker.cpp +++ b/src/mimemaker.cpp @@ -1915,6 +1915,16 @@ create_top_encryption_header (sink_t sink, protocol_t protocol, char *boundary, else if (protocol == PROTOCOL_SMIME) { *boundary = 0; + rc = 0; + /* + For S/MIME encrypted mails we do not use the S/MIME conversion + code anymore. With Exchange 2016 this no longer works. Instead + we set an override mime tag, the extended headers in OOM in + Mail::update_crypt_oom and let outlook convert the attachment + to base64. + + A bit more details can be found in T3853 / T3884 + rc = write_multistring (sink, "Content-Type: application/pkcs7-mime; " "smime-type=enveloped-data;\r\n" @@ -1924,6 +1934,7 @@ create_top_encryption_header (sink_t sink, protocol_t protocol, char *boundary, "MIME-Version: 1.0\r\n" "\r\n", NULL); + */ } else { diff --git a/src/oomhelp.h b/src/oomhelp.h index cbc36ca..3bf86a6 100644 --- a/src/oomhelp.h +++ b/src/oomhelp.h @@ -117,6 +117,8 @@ DEFINE_OLEGUID(IID_IOleWindow, 0x00000114, 0, 0); "http://schemas.microsoft.com/mapi/proptag/0x5D01001F" #define PR_TAG_RECEIVED_REPRESENTING_SMTP_ADDRESS \ "http://schemas.microsoft.com/mapi/proptag/0x5D08001F" +#define PR_PIDNameContentType_DASL \ + "http://schemas.microsoft.com/mapi/string/{00020386-0000-0000-C000-000000000046}/content-type/0x0000001F" #ifdef __cplusplus extern "C" { commit 11ed13c4ee60b5f2b6ed8c46591f60ce92125f0b Author: Andre Heinecke Date: Tue Apr 10 15:48:08 2018 +0200 Improve acceptance of the parser * src/mimedataprovider.cpp (MimeDataProvider::collect_data): Relax. If a message starts with Content-Type it's probably a mime structure. diff --git a/src/mimedataprovider.cpp b/src/mimedataprovider.cpp index ff6538c..6b761b1 100644 --- a/src/mimedataprovider.cpp +++ b/src/mimedataprovider.cpp @@ -804,6 +804,19 @@ MimeDataProvider::collect_data(LPSTREAM stream) SRCNAME, __func__); } + else if (bRead > 12 && !strncmp ("Content-Type:", buf, 13)) + { + /* Similar as above but we messed with the order of the headers + for some s/mime mails. So also check for content type. + + Want some cheese with that hack? + */ + m_collect_everything = false; + log_debug ("%s:%s: Found Content-Type header." + "Expecting headers even if type suggested not to.", + SRCNAME, __func__); + + } /* check for the PGP MESSAGE marker to see if we have it. */ if (bRead && m_collect_everything) { commit be8a7af4db06f5f8c479b550a84f96145e239030 Author: Andre Heinecke Date: Tue Apr 10 13:14:42 2018 +0200 Handle error in mapi update * src/mail.cpp (do_crypt): Handle error in mapi update. diff --git a/src/mail.cpp b/src/mail.cpp index bd28cc3..df7d0f2 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -854,7 +854,19 @@ do_crypt (LPVOID arg) { mail->set_crypt_state (Mail::NeedsUpdateInMAPI); mail->update_crypt_mapi (); - mail->set_crypt_state (Mail::NeedsUpdateInOOM); + if (mail->crypt_state () == Mail::WantsSendMIME) + { + // For sync crypto we need to switch this. + mail->set_crypt_state (Mail::NeedsUpdateInOOM); + } + else + { + // A bug! + log_debug ("%s:%s: Resetting crypter because of state mismatch. %p", + SRCNAME, __func__, arg); + crypter = nullptr; + mail->reset_crypter (); + } gpgrt_lock_unlock (&dtor_lock); } /* This works around a bug in pinentry that it might commit 6219c5bb703e680eaff2b15e1f1cb262117b4927 Author: Andre Heinecke Date: Tue Apr 10 13:12:35 2018 +0200 Sleep a bit before bringing window to front * src/common.c (bring_to_front): log when done. * src/windowmessages.cpp (gpgol_window_proc): Sleep a bit before bring to front. -- This might resolve an observed deadlock where setforegroundwindow would block the UI thread as it tried to bring the disabled mail window to front. Might also help with: GnuPG-Bug-Id: T3889 diff --git a/src/common.c b/src/common.c index 6f1ac56..a9ac04b 100644 --- a/src/common.c +++ b/src/common.c @@ -260,6 +260,7 @@ bring_to_front (HWND wid) } } } + log_debug ("%s:%s: done", SRCNAME, __func__); } void diff --git a/src/windowmessages.cpp b/src/windowmessages.cpp index 9d96956..73292d1 100644 --- a/src/windowmessages.cpp +++ b/src/windowmessages.cpp @@ -159,6 +159,9 @@ gpgol_window_proc (HWND hWnd, UINT message, WPARAM wParam, LPARAM lParam) } case (BRING_TO_FRONT): { + // We want to avoid a race where the mail window + // was still the active window. + Sleep (250); HWND wnd = get_active_hwnd (); if (wnd) { ----------------------------------------------------------------------- Summary of changes: src/common.c | 1 + src/cryptcontroller.cpp | 11 ++--------- src/cryptcontroller.h | 6 ++++++ src/mail.cpp | 29 ++++++++++++++++++++++++++++- src/mimedataprovider.cpp | 13 +++++++++++++ src/mimemaker.cpp | 11 +++++++++++ src/oomhelp.h | 2 ++ src/windowmessages.cpp | 3 +++ 8 files changed, 66 insertions(+), 10 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 16:54:59 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 10 Apr 2018 16:54:59 +0200 Subject: [git] gnupg-doc - branch, master, updated. da16bd25fc9461cda562504de4e80cfcf75ecf37 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via da16bd25fc9461cda562504de4e80cfcf75ecf37 (commit) from dc9ddd844590d9ad4986203c56fcb6449088bca0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit da16bd25fc9461cda562504de4e80cfcf75ecf37 Author: Werner Koch Date: Tue Apr 10 16:44:55 2018 +0200 web: Remove one mirror. According to a mail from James Miller (jmiller@) the mirror will be shutdown in a week. diff --git a/web/mirrors.org b/web/mirrors.org index 99d7727..b3f9df6 100644 --- a/web/mirrors.org +++ b/web/mirrors.org @@ -18,7 +18,6 @@ are seeking mirrors for source or binary packages, please consult the |----------------+-----------------------+-----------+--------| | Canada | [[http://www.gnupg.ca/][GnuPG.ca]] | [[http://www.gnupg.ca/][http]] | 2/day | | | [[http://www.raffsoftware.com/][RaffSoftware]] | [[http://gnupg.raffsoftware.com/][http]] | daily | - | | [[http://www.parentinginformed.com/][parentinginformed]] | [[http://gnupg.parentinginformed.com/][http]] | 2/day | | | | | | |----------------+-----------------------+-----------+--------| | Asia | | | | ----------------------------------------------------------------------- Summary of changes: web/mirrors.org | 1 - 1 file changed, 1 deletion(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 18:55:33 2018 From: cvs at cvs.gnupg.org (by raimund.renkert@intevation.de) Date: Tue, 10 Apr 2018 18:55:33 +0200 Subject: [git] GPGME - branch, javascript-binding, updated. gpgme-1.10.0-184-geef3a50 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, javascript-binding has been updated via eef3a509fa5744e5f09ec8084985e6070b78226b (commit) via 5eb261d6028ab2c0ddd9af8e3e1f82e479c6109c (commit) via fed024eff1091056647296ac589a0c88c2be41bb (commit) via 60d7a1e8f625ea0db455bff989534dd52f0650c7 (commit) via 75a1a1c33efe952986bba56494b81e2f4835b8c4 (commit) via 3b91f6af378ccc37dcf8924cbc157894c35b5192 (commit) via d65864989c0560b5f51cb8d05d9ea9f1957b453e (commit) via 56bbfd39acea90eb87a28b11a515b0314cdda54c (commit) via 5a553f5a317e5ad5ab0274d58854df1ecf390e0d (commit) via 2f507b045909d32bf29d23da04db02b078e5fb9d (commit) via 5cd419341807d8ae23fec7bd9bb7025a8a2dcb3c (commit) via 3345a17dda2222e3c1592235e8a1cd9493192777 (commit) via 4b2fa657d195382d14ac99be40b66327e0fc855c (commit) via 7c220e387d511b0cf66f99370759c36b729cc444 (commit) via a2eedef630891397f8eccb5bb426a0728588bf41 (commit) via f9159b1d75d3209b1c22bbb0ed4472800b60a522 (commit) via 1b5da37a47ceef41545e0b2474738613f36be949 (commit) via 5b32efbaf37920b2e99d4bb87cb383b2809b1688 (commit) via 40a9dea5d56506400b67b0c11f6e55a1629dc6fe (commit) via 3b724aae423f2de01812165d54df2a7b524c82f6 (commit) via dde1aae312958776fab475d6c0cdfa19cc255863 (commit) via 22247f658ce2f8e527c26746358cfc2643c4832f (commit) via d0bb4ec4ecdfae4dfd9dd84aef905afb490013d5 (commit) via e6180f2b36cc8a6c6154e5f3d702324af573132a (commit) via 4763974ef6932c503e35c3d14fe47a66a5323f48 (commit) via e5abf4827aead50437bbdff8cfdd5e9fdc6ed72d (commit) via b9000bc293164ff62efa7e91e5cf6d5fc19d482f (commit) via eee68c1b13fbe21c123f469712817e0c81f16383 (commit) via c7bb12da5297a7e188766d9759f700dd771faff8 (commit) via 65ed4ac82598734551b87fc89deab3cee010bd37 (commit) via 5722148bacab5862b40a027861d64683a0f214ea (commit) via 76055dd5c7d755c6f8a242b701aeadba621fbc0f (commit) via 05e59933056ee8ef8ba7579351a58ed25dd7f754 (commit) via 61a988036bd3f0d43f7d55bfa43f5f05bec978c4 (commit) via 7ddff71908a85111c8e0da41312197b3b1a77da6 (commit) via c6a0395f0a3a57071f0c943f7815f58a02f9d2f3 (commit) via 0a0d57fd41380cd797d29e11cec8a77c7404e960 (commit) via 0ccc57c9512246d82d46e7732bfb0f95c18ca9d3 (commit) via 8b401bfc76eac762553f76faab53c2f4cd117a8d (commit) via 6c6af9a7b0ae4e7182d669bec282c6edaaa7eaa1 (commit) via a4e3f827652c59d850b4e5506a92c1ecd190c1bb (commit) via ad6cb4f9b8b97a2bc501c17fc542a84b725dedea (commit) via ae2767eb27b6a76284ee4403e575869afe2e80a8 (commit) via e57388a69f61d14e3df3c842d227fb450c96c807 (commit) via ac6a552c37147a000de74f49d1bff34dad52252e (commit) via af6cbba18ba5e2bbecce5f8268c146282cd12367 (commit) via 6fa2a344282e369e6aca8155bc77dd2c12a29414 (commit) via 1fdd1f306d45f6aeee91c7f016f7c37286ee3b3b (commit) via 1d2746433c9632fc0c7bc10b59280fca15895545 (commit) via 0390ede18696520be9cc1a42f628e23159b7c2eb (commit) via 52e262991f1fdf7da93882c3b22c05537376cf49 (commit) via 96d0395bccbbff91f73c06cb7bd6c131f04b8a9a (commit) via 51258975d763c9471859d635e6080c2ec02e8647 (commit) via 29e918171f352c71a90a16c04d4a3dcafa5db682 (commit) via 7221bb67642eb01a07957d66d0cbcd4ef8aadbf8 (commit) via f3fe47e8fd2e7bc748016befcae494421223368c (commit) via f0790f224d7af9521efe96e69a8f719fb89a5af2 (commit) via 7ab42e79ade89f28507ea42d51148a40b4bfc736 (commit) via cfbdcb7fb3fa438cafba82e4fb8f327df596f98e (commit) via b30ebf89725641018b3b08f77876530f9b983fa2 (commit) via 8f7672ad1b267f122f647bb5f984734d0ff66a5c (commit) via 6950a63e63d60685ddb6f4cbff7b826b8acb5b13 (commit) via 3e0f68fdff1998dae9cb6f8510a3e945a268d1f6 (commit) via d5f6dec048d3d4d94f1fcdb3f4249cf6e71c4b92 (commit) via 0fb8a5d45c1c77a5928d6e356271da055aa55994 (commit) via bf67cf433fe82924ed40e79785e95403c07cc068 (commit) via 1779d7b9d6769b2e47f1e90260290e25c8c3aa02 (commit) via 64c5886132aceefc9d9600a3a6dbbbf404b95b81 (commit) via 4811ff7b6c8ef97c7d4858ce235e9bf8227f4917 (commit) via 82c5af225f2bdf3acc6fc652a96ee61c9b057395 (commit) via b549f69d0520bb74957b95cec9ea918dba2374f6 (commit) via 431897a4c48fe1bc9d37f655097aabaf5b685d11 (commit) via 22e2445beee46ed1e527a98e635153c7cf03786f (commit) via 94a95ac12364989db7f4be333107f3c023551857 (commit) via 3d0c7a2202c8e9bd4f284fd00069d34b8d3d3d4c (commit) via 961aea212ef48914ecbfa169addf951b0854b0b4 (commit) via 7ac65b10837740caf68cdade791b8c5ce4eb1b03 (commit) via 9e3e4a835c64f5d06de821b1fd648af37827ff26 (commit) via b02d9d0a7b96b186eb3063d94bde369339181461 (commit) via 5432e5f9d1dfc02812d0b181f8d88cdf4a2bfbfb (commit) via 5d1dd2abe5cf787875d12afe46c78c75385d7b31 (commit) via 1d05e6aa4ea467c8c5926b827cfcfba357d03312 (commit) via b35aaef7a3b793b8f6f5b42596c0a6a51e87f78c (commit) via 6bc12a0eeb20409770cb8b923d08c18c2b730cb8 (commit) via e5c85fba25de1187949697e2dae0e89345b71e89 (commit) via ada059b07178147821b1598c935aa70ae45e3e6c (commit) via ef27f3781a37e264d0eb7d1745eb2c804ec062c4 (commit) via 423fdcd4653cb01f07f2b0e72cfcf49554930f70 (commit) via a71205dc3b58970adf591b4e4553824a33f353db (commit) via a10dcb4f138eb5a21881cdbc4806c25129d4ae4e (commit) via 952b6042f78017c476452088261af8d352cfa729 (commit) via c92da2c7eb148ce9fb06495a8470dd9caf662f9a (commit) via e489ddd08af29fdad8db8aa0aec0c314daa3678c (commit) via f29bda8d7146b4bc0bf73d6e613131545ff86b73 (commit) via c27a7a3f994dad0eccee890185582f4350fbf233 (commit) via f81adeba992a9fd3b5a199e9a2e242a0f53cf639 (commit) via 36dfbdffea60c529a6d1e1ff3e507be016b6a0f6 (commit) via 484e9a6229ac9c80c6be4df638bce711f08a74c6 (commit) via a8f48b6f577d562c25fd0191c0cc2cc8e96078c1 (commit) via 83b1336ceebb86e13a55bbf220df2d750f6b3ec6 (commit) via 0e1300ce777dd0c87f31ac8bc49846b9df242df9 (commit) via 7ebc5a357057d01b7ef965521ab68b7cb7e20a8f (commit) via 172baaf4d3e4ed03a4d3437be9efa3dfe6a847bc (commit) via f2c1e8d8d54068a7f072efa178fc30460821eff3 (commit) via 01686463948ac6096dd8579a110c478d3a1f9a83 (commit) via 93252df9dc4c9932467814745655350a8cab900e (commit) via ab81c2d868bba79fdb8f8d7f576b6bd88c6bdf3c (commit) via f685cda281c6148072e8a6cd139c990cb041ea3d (commit) via fa4927146b68dd045903285f1c45fb64deb2e361 (commit) via c767a4a3590bd8a224d0268746df443942cb28c2 (commit) via 75463d589522cba427f9e5a3a408192ffad8bb21 (commit) via a98f2c556fe6e33a9cd38279e64e4b09f05cc675 (commit) via e8adab68f8c0cd865ff220f06dfaff7fe183e8a1 (commit) via 47d401d159852ea08e90af21d91bb4b93be9000d (commit) via 8a76deb11efd7dadfde6e8e7e69fbcd92577982f (commit) via 5215d58ae2521d81c3db0b45dfbdce01a679acab (commit) via 8f2c0f4534ea2a07f071f360a63e877f60dc52f2 (commit) via d4778bb23d0817ee6fbcbe4f0ff0ff0429bf3669 (commit) via 3a746d5d46ffd7d332dc24fd6a4d24efc5fc1230 (commit) via 13d2164cd9f313b409b2210d9e63465681cccc99 (commit) via 1516c56ee4da28eb720bbacb026892393d10b24a (commit) via f61d4f585f27c13fabf7a23ad295bdc8bea7c838 (commit) from d83482a1d768fc5afd3aa4836f2fefe5c549d02e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit eef3a509fa5744e5f09ec8084985e6070b78226b Author: raimund.renkert at intevation.de Date: Tue Apr 10 11:33:14 2018 +0200 js: Initial commit for JavaScript Native Messaging API -- Note this code misses all the legal boilerplate; please add this as soon as possible and provide a DCO so we can merge it into master. I also removed the dist/ directory because that was not source code. diff --git a/lang/README b/lang/README index ee99f0f..afd7b08 100644 --- a/lang/README +++ b/lang/README @@ -13,4 +13,4 @@ cl Common Lisp cpp C++ qt Qt-Framework API python Python 2 and 3 (module name: gpg) -javascript Native messaging client for the gpgme-json server. +js Native messaging client for the gpgme-json server. diff --git a/lang/js/CHECKLIST b/lang/js/CHECKLIST new file mode 100644 index 0000000..79a35cb --- /dev/null +++ b/lang/js/CHECKLIST @@ -0,0 +1,30 @@ +NativeConnection: + + [X] nativeConnection: successfully sending an encrypt request, +receiving an answer + [X] nativeConnection successfull on Chromium, chrome and firefox + [ ] nativeConnection successfull on Windows, macOS, Linux + [ ] nativeConnection with delayed, multipart (> 1MB) answer + +replicating Openpgpjs API: + + [*] Message handling (encrypt, verify, sign) + [ ] Key handling (import/export, modifying, status queries) + [ ] Configuration handling + [ ] check for completeness + [ ] handling of differences to openpgpjs + +Communication with other implementations + + [ ] option to export SECRET Key into localstore used by e.g. mailvelope + +Management: + [*] Define the gpgme interface + [ ] check Permissions (e.g. csp) for the different envs + [ ] agree on license + [ ] tests + + +Problems: + [X] gpgme-json: interactive mode vs. bytelength; filename + [X] nativeApp chokes on arrays. We will get rid of that bnativeapp anyhow diff --git a/lang/js/CHECKLIST_build b/lang/js/CHECKLIST_build new file mode 100644 index 0000000..fa162a1 --- /dev/null +++ b/lang/js/CHECKLIST_build @@ -0,0 +1,9 @@ +- Checklist for build/install: + +browsers' manifests (see README) need allowedextension added, and the path set + +manifest.json/ csp needs adaption + +/dist contains a current build which is used by example app. +We may either want to update it on every commit, or never at all, but not +inconsistently. diff --git a/lang/js/README b/lang/js/README new file mode 100644 index 0000000..3ca0743 --- /dev/null +++ b/lang/js/README @@ -0,0 +1,52 @@ +This is an example app for gpgme-json. +As of now, it only encrypts a given text. + +Installation +------------- + +gpgmejs uses webpack, the builds can be found in dist/ +(the testapplication uses that script at that location). To create a new +package, the command is npx webpack --config webpack.conf.js. +If you want a more debuggable (i.e. not minified) build, just change the mode +in webpack.conf.js. + +Demo WebExtension: +As soon as a bundled webpack is in dist/ (TODO: .gitignore or not?), +the gpgmejs folder can just be included in the extensions tab of the browser in +questions (extension debug mode needs to be active). For chrome, selecting the +folder is sufficient, for firefox, the manifest.json needs to be selected. + +In the browsers' nativeMessaging configuration folder a file 'gpgmejs.json' +is needed, with the following content: + +(The path to the native app gpgme-json may need adaption) + +Chromium: +~/.config/chromium/NativeMessagingHosts/gpgmejson.json + +{ + "name": "gpgmejson", + "description": "This is a test application for gpgmejs", + "path": "/usr/bin/gpgme-json", + "type": "stdio", + "allowed_origins": ["chrome-extension://ExtensionIdentifier/"] +} +The ExtensionIdentifier can be seen on the chrome://extensions page, and +changes on each reinstallation. Note the slashes in allowed_origins. + + +Firefox: +~/.mozilla/native-messaging-hosts/gpgmejson.json +{ + "name": "gpgmejson", + "description": "This is a test application for gpgmejs", + "path": "/usr/bin/gpgme-json", + "type": "stdio", + "allowed_extensions": ["ExtensionIdentifier at temporary-addon"] +} +The ExtensionIdentifier can be seen as Extension ID on the about:addons page if +addon-debugging is active. In firefox, the temporary addon is removed once +firefox exits, and the identifier will need to be changed more often. + +For testing purposes, it could be a good idea to change the keyID in the +ui.html, to not having to type it every time. diff --git a/lang/js/manifest.json b/lang/js/manifest.json new file mode 100644 index 0000000..8bb5c58 --- /dev/null +++ b/lang/js/manifest.json @@ -0,0 +1,18 @@ +{ + "manifest_version": 2, + + "name": "gpgme-json with native Messaging", + "description": "This should be able to encrypt a text using gpgme-json", + "version": "0.1", + "content_security_policy": "default-src 'self' 'unsafe-eval' filesystem", + "browser_action": { + "default_icon": "testicon.png", + "default_title": "gpgme.js", + "default_popup": "ui.html" + }, + "permissions": ["nativeMessaging", "activeTab"], + + "background": { + "scripts": [ "dist/gpgmejs.bundle.js"] + } +} diff --git a/lang/js/package.json b/lang/js/package.json new file mode 100644 index 0000000..46b60fd --- /dev/null +++ b/lang/js/package.json @@ -0,0 +1,17 @@ +{ + "name": "gpgmejs", + "version": "0.0.1", + "description": "javascript part of a nativeMessaging gnupg integration", + "main": "src/gpgmejs.js", + "private": true, + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "keywords": [], + "author": "", + "license": "", + "devDependencies": { + "webpack": "^4.3.0", + "webpack-cli": "^2.0.13" + } +} diff --git a/lang/js/src/Connection.js b/lang/js/src/Connection.js new file mode 100644 index 0000000..e8fea54 --- /dev/null +++ b/lang/js/src/Connection.js @@ -0,0 +1,76 @@ +/** + * A connection port will be opened for each communication between gpgmejs and + * gnupg. It should be alive as long as there are additional messages to be + * expected. + */ + +export function Connection(){ + if (!this.connection){ + this.connection = connect(); + this._msg = { + 'always-trust': true, + // 'no-encrypt-to': false, + // 'no-compress': true, + // 'throw-keyids': false, + // 'wrap': false, + 'armor': true, + 'base64': false + }; + }; + + this.disconnect = function () { + if (this.connection){ + this.connection.disconnect(); + } + }; + + /** + * Sends a message and resolves with the answer. + * @param {*} operation The interaction requested from gpgme + * @param {*} message A json-capable object to pass the operation details. + * TODO: _msg should contain configurable parameters + */ + this.post = function(operation, message){ + let timeout = 5000; + let me = this; + if (!message || !operation){ + return Promise.reject('no message'); // TBD + } + + let keys = Object.keys(message); + for (let i=0; i < keys.length; i++){ + let property = keys[i]; + me._msg[property] = message[property]; + } + me._msg['op'] = operation; + // TODO fancier checks if what we want is consistent with submitted content + return new Promise(function(resolve, reject){ + me.connection.onMessage.addListener(function(msg) { + if (!msg){ + reject('empty answer.'); + } + if (msg.type === "error"){ + reject(msg.msg); + } + resolve(msg); + }); + + me.connection.postMessage(me._msg); + setTimeout( + function(){ + me.disconnect(); + reject('Timeout'); + }, timeout); + }); + }; +}; + + +function connect(){ + let connection = chrome.runtime.connectNative('gpgmejson'); + if (!connection){ + let msg = chrome.runtime.lastError || 'no message'; //TBD + throw(msg); + } + return connection; +}; diff --git a/lang/js/src/gpgmejs.js b/lang/js/src/gpgmejs.js new file mode 100644 index 0000000..dedbf80 --- /dev/null +++ b/lang/js/src/gpgmejs.js @@ -0,0 +1,187 @@ +import {Connection} from "./Connection" + +export function encrypt(data, publicKeys, privateKeys, passwords=null, + sessionKey, filename, compression, armor=true, detached=false, + signature=null, returnSessionKey=false, wildcard=false, date=new Date()){ + // gpgme_op_encrypt ( <-gpgme doc on this operation + // gpgme_ctx_t ctx, + // gpgme_key_t recp[], + // gpgme_encrypt_flags_t flags, + // gpgme_data_t plain, + // gpgme_data_t cipher) + // flags: + // GPGME_ENCRYPT_ALWAYS_TRUST + // GPGME_ENCRYPT_NO_ENCRYPT_TO + // GPGME_ENCRYPT_NO_COMPRESS + // GPGME_ENCRYPT_PREPARE + // GPGME_ENCRYPT_EXPECT_SIGN + // GPGME_ENCRYPT_SYMMETRIC + // GPGME_ENCRYPT_THROW_KEYIDS + // GPGME_ENCRYPT_WRAP + if (passwords !== null){ + throw('Password!'); // TBD + } + + let pubkeys = toKeyIdArray(publicKeys); + let privkeys = toKeyIdArray(privateKeys); + + // TODO filename: data is supposed to be empty, file is provided + // TODO config compression detached signature + // TODO signature to add to the encrypted message (?) || privateKeys: signature is desired + // gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher) + + // TODO sign date overwriting implemented in gnupg? + + let conn = new Connection(); + if (wildcard){ + // Connection.set('throw-keyids', true); TODO Connection.set not yet existant + } + return conn.post('encrypt', { + 'data': data, + 'keys': publicKeys, + 'armor': armor}); +}; + +export function decrypt(message, privateKeys, passwords, sessionKeys, publicKeys, + format='utf8', signature=null, date=new Date()) { + if (passwords !== null){ + throw('Password!'); // TBD + } + if (format === 'binary'){ + // Connection.set('base64', true); + } + if (publicKeys || signature){ + // Connection.set('signature', signature); + // request verification, too + } + //privateKeys optionally if keyId was thrown? + // gpgme_op_decrypt (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain) + // response is gpgme_op_decrypt_result (gpgme_ctx_t ctx) (next available?) + return conn.post('decrypt', { + 'data': message + }); +} + +// BIG TODO. +export function generateKey({userIds=[], passphrase, numBits=2048, unlocked=false, keyExpirationTime=0, curve="", date=new Date()}){ + throw('not implemented here'); + // gpgme_op_createkey (gpgme_ctx_t ctx, const char *userid, const char *algo, unsigned long reserved, unsigned long expires, gpgme_key_t extrakey, unsigned int flags); + return false; +} + +export function sign({ data, privateKeys, armor=true, detached=false, date=new Date() }) { + //TODO detached GPGME_SIG_MODE_DETACH | GPGME_SIG_MODE_NORMAL + // gpgme_op_sign (gpgme_ctx_t ctx, gpgme_data_t plain, gpgme_data_t sig, gpgme_sig_mode_t mode) + // TODO date not supported + + let conn = new Connection(); + let privkeys = toKeyIdArray(privateKeys); + return conn.post('sign', { + 'data': data, + 'keys': privkeys, + 'armor': armor}); +}; + +export function verify({ message, publicKeys, signature=null, date=new Date() }) { + //TODO extra signature: sig, signed_text, plain: null + // inline sig: signed_text:null, plain as writable (?) + // date not supported + //gpgme_op_verify (gpgme_ctx_t ctx, gpgme_data_t sig, gpgme_data_t signed_text, gpgme_data_t plain) + let conn = new Connection(); + let privkeys = toKeyIdArray(privateKeys); + return conn.post('sign', { + 'data': data, + 'keys': privkeys, + 'armor': armor}); +} + + +export function reformatKey(privateKey, userIds=[], passphrase="", unlocked=false, keyExpirationTime=0){ + let privKey = toKeyIdArray(privateKey); + if (privKey.length !== 1){ + return false; //TODO some error handling. There is not exactly ONE key we are editing + } + let conn = new Connection(); + // TODO key management needs to be changed somewhat + return conn.post('TODO', { + 'key': privKey[0], + 'keyExpirationTime': keyExpirationTime, //TODO check if this is 0 or a positive and plausible number + 'userIds': userIds //TODO check if empty or plausible strings + }); + // unlocked will be ignored +} + +export function decryptKey({ privateKey, passphrase }) { + throw('not implemented here'); + return false; +}; + +export function encryptKey({ privateKey, passphrase }) { + throw('not implemented here'); + return false; +}; + +export function encryptSessionKey({data, algorithm, publicKeys, passwords, wildcard=false }) { + //openpgpjs: + // Encrypt a symmetric session key with public keys, passwords, or both at + // once. At least either public keys or passwords must be specified. + throw('not implemented here'); + return false; +}; + +export function decryptSessionKeys({ message, privateKeys, passwords }) { + throw('not implemented here'); + return false; +}; + +// //TODO worker handling + +// //TODO key representation +// //TODO: keyring handling + + +/** + * Helper functions and checks + */ + +/** + * Checks if the submitted value is a keyID. + * TODO: should accept all strings that are accepted as keyID by gnupg + * TODO: See if Key becomes an object later on + * @param {*} key input value. Is expected to be a string of 8,16 or 40 chars + * representing hex values. Will return false if that expectation is not met + */ +function isKeyId(key){ + if (!key || typeof(key) !== "string"){ + return false; + } + if ([8,16,40].indexOf(key.length) < 0){ + return false; + } + let regexp= /^[0-9a-fA-F]*$/i; + return regexp.test(key); +}; + +/** + * Tries to return an array of keyID values, either from a string or an array. + * Filters out those that do not meet the criteria. (TODO: silently for now) + * @param {*} array Input value. + */ +function toKeyIdArray(array){ + let result = []; + if (!array){ + return result; + } + if (!Array.isArray(array)){ + if (isKeyId(array) === true){ + return [keyId]; + } + return result; + } + for (let i=0; i < array.length; i++){ + if (isKeyId(array[i]) === true){ + result.push(array[i]); + } + } + return result; +}; diff --git a/lang/js/src/index.js b/lang/js/src/index.js new file mode 100644 index 0000000..02dc919 --- /dev/null +++ b/lang/js/src/index.js @@ -0,0 +1,14 @@ +import * as gpgmejs from'./gpgmejs' +export default gpgmejs; + +/** + * Export each high level api function separately. + * Usage: + * + * import { encryptMessage } from 'gpgme.js' + * encryptMessage(keys, text) + */ +export { + encrypt, decrypt, sign, verify, + generateKey, reformatKey + } from './gpgmejs'; diff --git a/lang/js/testapplication.js b/lang/js/testapplication.js new file mode 100644 index 0000000..d01aca9 --- /dev/null +++ b/lang/js/testapplication.js @@ -0,0 +1,21 @@ +/** +* Testing nativeMessaging. This is a temporary plugin using the gpgmejs + implemetation as contained in src/ +*/ +function buttonclicked(event){ + let data = document.getElementById("text0").value; + let keyId = document.getElementById("key").value; + let enc = Gpgmejs.encrypt(data, [keyId]).then(function(answer){ + console.log(answer); + console.log(answer.type); + console.log(answer.data); + alert(answer.data); + }, function(errormsg){ + alert('Error: '+ errormsg); + }); +}; + +document.addEventListener('DOMContentLoaded', function() { + document.getElementById("button0").addEventListener("click", + buttonclicked); + }); diff --git a/lang/js/testicon.png b/lang/js/testicon.png new file mode 100644 index 0000000..12c3f5d Binary files /dev/null and b/lang/js/testicon.png differ diff --git a/lang/js/ui.css b/lang/js/ui.css new file mode 100644 index 0000000..9c88698 --- /dev/null +++ b/lang/js/ui.css @@ -0,0 +1,10 @@ +ul { + list-style-type: none; + padding-left: 0px; +} + +ul li span { + float: left; + width: 120px; + margin-top: 6px; +} diff --git a/lang/js/ui.html b/lang/js/ui.html new file mode 100644 index 0000000..9c56c2e --- /dev/null +++ b/lang/js/ui.html @@ -0,0 +1,24 @@ + + + + + + + + + + +

+ Text: + +
+ Public key ID: + +

+
+

+ + diff --git a/lang/js/webpack.conf.js b/lang/js/webpack.conf.js new file mode 100644 index 0000000..71b7116 --- /dev/null +++ b/lang/js/webpack.conf.js @@ -0,0 +1,13 @@ +const path = require('path'); + +module.exports = { + entry: './src/index.js', + // mode: 'development', + mode: 'production', + output: { + path: path.resolve(__dirname, 'dist'), + filename: 'gpgmejs.bundle.js', + libraryTarget: 'var', + library: 'Gpgmejs' + } +}; ----------------------------------------------------------------------- Summary of changes: .gitignore | 1 - TODO | 157 ++- doc/gpgme.texi | 5 + lang/README | 2 +- lang/js/CHECKLIST | 30 + lang/js/CHECKLIST_build | 9 + lang/js/README | 52 + lang/js/manifest.json | 18 + lang/js/package.json | 17 + lang/js/src/Connection.js | 76 ++ lang/js/src/gpgmejs.js | 187 +++ lang/js/src/index.js | 14 + lang/js/testapplication.js | 21 + lang/js/testicon.png | Bin 0 -> 16192 bytes lang/js/ui.css | 10 + lang/js/ui.html | 24 + lang/js/webpack.conf.js | 13 + lang/python/docs/GPGMEpythonHOWTOen.org | 1406 ++++++++++++++++++++ lang/python/docs/TODO.org | 77 +- lang/python/examples/howto/README.org | 58 + lang/python/examples/howto/add-userid.py | 62 + lang/python/examples/howto/clear-sign-file.py | 56 + lang/python/examples/howto/create-key.py | 95 ++ lang/python/examples/howto/decrypt-file.py | 44 + lang/python/examples/howto/detach-sign-file.py | 64 + lang/python/examples/howto/encrypt-file.py | 71 + lang/python/examples/howto/encrypt-sign-file.py | 70 + lang/python/examples/howto/groups.py | 50 + lang/python/examples/howto/keycount.py | 42 + lang/python/examples/howto/revoke-userid.py | 62 + lang/python/examples/howto/sign-file.py | 64 + lang/python/examples/howto/sign-key.py | 63 + lang/python/examples/howto/temp-homedir-config.py | 126 ++ lang/python/examples/howto/verify-signatures.py | 64 + lang/python/examples/howto/verify-signed-file.py | 61 + ...crypt-to-all.py => low_level-encrypt_to_all.py} | 0 lang/qt/tests/t-config.cpp | 34 +- src/context.h | 3 + src/engine-assuan.c | 35 + src/engine-backend.h | 1 + src/engine-g13.c | 1 + src/engine-gpg.c | 36 +- src/engine-gpgconf.c | 1 + src/engine-gpgsm.c | 35 + src/engine-spawn.c | 1 + src/engine-uiserver.c | 1 + src/engine.c | 20 + src/engine.h | 1 + src/gpgme-json.c | 61 +- src/gpgme-tool.c | 2 +- src/gpgme.c | 21 +- src/keylist.c | 2 + src/op-support.c | 2 + tests/run-decrypt.c | 23 +- 54 files changed, 3392 insertions(+), 59 deletions(-) create mode 100644 lang/js/CHECKLIST create mode 100644 lang/js/CHECKLIST_build create mode 100644 lang/js/README create mode 100644 lang/js/manifest.json create mode 100644 lang/js/package.json create mode 100644 lang/js/src/Connection.js create mode 100644 lang/js/src/gpgmejs.js create mode 100644 lang/js/src/index.js create mode 100644 lang/js/testapplication.js create mode 100644 lang/js/testicon.png create mode 100644 lang/js/ui.css create mode 100644 lang/js/ui.html create mode 100644 lang/js/webpack.conf.js create mode 100644 lang/python/docs/GPGMEpythonHOWTOen.org create mode 100644 lang/python/examples/howto/README.org create mode 100755 lang/python/examples/howto/add-userid.py create mode 100755 lang/python/examples/howto/clear-sign-file.py create mode 100755 lang/python/examples/howto/create-key.py create mode 100755 lang/python/examples/howto/decrypt-file.py create mode 100755 lang/python/examples/howto/detach-sign-file.py create mode 100755 lang/python/examples/howto/encrypt-file.py create mode 100755 lang/python/examples/howto/encrypt-sign-file.py create mode 100644 lang/python/examples/howto/groups.py create mode 100755 lang/python/examples/howto/keycount.py create mode 100755 lang/python/examples/howto/revoke-userid.py create mode 100755 lang/python/examples/howto/sign-file.py create mode 100755 lang/python/examples/howto/sign-key.py create mode 100755 lang/python/examples/howto/temp-homedir-config.py create mode 100755 lang/python/examples/howto/verify-signatures.py create mode 100755 lang/python/examples/howto/verify-signed-file.py rename lang/python/examples/{encrypt-to-all.py => low_level-encrypt_to_all.py} (100%) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 10 21:15:29 2018 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Tue, 10 Apr 2018 21:15:29 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.1-64-g5e01705 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 5e01705ca90830c27a4cbd8bad41243915f4538a (commit) via 634a85412a4073aa1890589ce5e97eac7b0f3ca3 (commit) via 35b59d0ea52e8a1c30c43554dc4dbca97da4bf87 (commit) via 52e52eb0e3e5541cfc86e04c5047500db5d538b7 (commit) from 0de2a22fcf6607d0aecb550feefa414cee3731b2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 5e01705ca90830c27a4cbd8bad41243915f4538a Author: Jussi Kivilinna Date: Tue Apr 10 22:14:39 2018 +0300 basic_all_hwfeature_combinations.sh: use $njobs to limit parallel tasks * tests/basic_all_hwfeature_combinations.sh: Use $njobs to limit parallel tasks instead of fixed number "8". -- Signed-off-by: Jussi Kivilinna diff --git a/tests/basic_all_hwfeature_combinations.sh b/tests/basic_all_hwfeature_combinations.sh index 8ec97bf..1387190 100755 --- a/tests/basic_all_hwfeature_combinations.sh +++ b/tests/basic_all_hwfeature_combinations.sh @@ -68,7 +68,7 @@ done | sort | ( while read opts; do currn=$nbasic curr_jobs=($(jobs -p)) - while [ "${#curr_jobs[@]}" -ge "8" ]; do + while [ "${#curr_jobs[@]}" -ge "$njobs" ]; do # Wait for one job to complete wait ${retcodes[$nwait]} retval=$? commit 634a85412a4073aa1890589ce5e97eac7b0f3ca3 Author: Jussi Kivilinna Date: Tue Apr 10 22:03:49 2018 +0300 Faster look-up for spec by algo for digests, ciphers and MAC * cipher/cipher.c (cipher_list_algo0, cipher_list_algo301): New cipher spec lists with same order and spacing as 'gcry_cipher_algos' enumeration. (spec_from_algo): Use new spec lists for faster look-up. * cipher/mac.c (mac_list_algo101, mac_list_algo201, mac_list_algo401) (mac_list_algo501): New MAC spec lists with same order and spacing as 'gcry_mac_algos' enumeration. (spec_from_algo): Use new spec lists for faster look-up. * cipher/md.c (digest_list_algo0, digest_list_algo301): New digest spec lists with same order and spacing as 'gcry_md_algos' enumeration. (spec_from_algo): Use new spec lists for faster look-up. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/cipher.c b/cipher/cipher.c index 1bef766..d6cd0b4 100644 --- a/cipher/cipher.c +++ b/cipher/cipher.c @@ -90,6 +90,114 @@ static gcry_cipher_spec_t * const cipher_list[] = NULL }; +/* Cipher implementations starting with index 0 (enum gcry_cipher_algos) */ +static gcry_cipher_spec_t * const cipher_list_algo0[] = + { + NULL, /* GCRY_CIPHER_NONE */ +#ifdef USE_IDEA + &_gcry_cipher_spec_idea, +#else + NULL, +#endif +#if USE_DES + &_gcry_cipher_spec_tripledes, +#else + NULL, +#endif +#if USE_CAST5 + &_gcry_cipher_spec_cast5, +#else + NULL, +#endif +#if USE_BLOWFISH + &_gcry_cipher_spec_blowfish, +#else + NULL, +#endif + NULL, /* GCRY_CIPHER_SAFER_SK128 */ + NULL, /* GCRY_CIPHER_DES_SK */ +#if USE_AES + &_gcry_cipher_spec_aes, + &_gcry_cipher_spec_aes192, + &_gcry_cipher_spec_aes256, +#else + NULL, + NULL, + NULL, +#endif +#if USE_TWOFISH + &_gcry_cipher_spec_twofish +#else + NULL +#endif + }; + +/* Cipher implementations starting with index 301 (enum gcry_cipher_algos) */ +static gcry_cipher_spec_t * const cipher_list_algo301[] = + { +#if USE_ARCFOUR + &_gcry_cipher_spec_arcfour, +#else + NULL, +#endif +#if USE_DES + &_gcry_cipher_spec_des, +#else + NULL, +#endif +#if USE_TWOFISH + &_gcry_cipher_spec_twofish128, +#else + NULL, +#endif +#if USE_SERPENT + &_gcry_cipher_spec_serpent128, + &_gcry_cipher_spec_serpent192, + &_gcry_cipher_spec_serpent256, +#else + NULL, + NULL, + NULL, +#endif +#if USE_RFC2268 + &_gcry_cipher_spec_rfc2268_40, + &_gcry_cipher_spec_rfc2268_128, +#else + NULL, + NULL, +#endif +#if USE_SEED + &_gcry_cipher_spec_seed, +#else + NULL, +#endif +#if USE_CAMELLIA + &_gcry_cipher_spec_camellia128, + &_gcry_cipher_spec_camellia192, + &_gcry_cipher_spec_camellia256, +#else + NULL, + NULL, + NULL, +#endif +#if USE_SALSA20 + &_gcry_cipher_spec_salsa20, + &_gcry_cipher_spec_salsa20r12, +#else + NULL, + NULL, +#endif +#if USE_GOST28147 + &_gcry_cipher_spec_gost28147, +#else + NULL, +#endif +#if USE_CHACHA20 + &_gcry_cipher_spec_chacha20 +#else + NULL, +#endif + }; @@ -105,15 +213,19 @@ map_algo (int algo) static gcry_cipher_spec_t * spec_from_algo (int algo) { - int idx; - gcry_cipher_spec_t *spec; + gcry_cipher_spec_t *spec = NULL; algo = map_algo (algo); - for (idx = 0; (spec = cipher_list[idx]); idx++) - if (algo == spec->algo) - return spec; - return NULL; + if (algo >= 0 && algo < DIM(cipher_list_algo0)) + spec = cipher_list_algo0[algo]; + else if (algo >= 301 && algo < 301 + DIM(cipher_list_algo301)) + spec = cipher_list_algo301[algo - 301]; + + if (spec) + gcry_assert (spec->algo == algo); + + return spec; } diff --git a/cipher/mac.c b/cipher/mac.c index e8e7ceb..1b79bf3 100644 --- a/cipher/mac.c +++ b/cipher/mac.c @@ -130,6 +130,236 @@ static gcry_mac_spec_t * const mac_list[] = { NULL, }; +/* HMAC implementations start with index 101 (enum gcry_mac_algos) */ +static gcry_mac_spec_t * const mac_list_algo101[] = + { +#if USE_SHA256 + &_gcry_mac_type_spec_hmac_sha256, + &_gcry_mac_type_spec_hmac_sha224, +#else + NULL, + NULL, +#endif +#if USE_SHA512 + &_gcry_mac_type_spec_hmac_sha512, + &_gcry_mac_type_spec_hmac_sha384, +#else + NULL, + NULL, +#endif +#if USE_SHA1 + &_gcry_mac_type_spec_hmac_sha1, +#else + NULL, +#endif +#if USE_MD5 + &_gcry_mac_type_spec_hmac_md5, +#else + NULL, +#endif +#if USE_MD4 + &_gcry_mac_type_spec_hmac_md4, +#else + NULL, +#endif +#if USE_RMD160 + &_gcry_mac_type_spec_hmac_rmd160, +#else + NULL, +#endif +#if USE_TIGER + &_gcry_mac_type_spec_hmac_tiger1, +#else + NULL, +#endif +#if USE_WHIRLPOOL + &_gcry_mac_type_spec_hmac_whirlpool, +#else + NULL, +#endif +#ifdef USE_GOST_R_3411_94 + &_gcry_mac_type_spec_hmac_gost3411_94, +#else + NULL, +#endif +#ifdef USE_GOST_R_3411_12 + &_gcry_mac_type_spec_hmac_stribog256, + &_gcry_mac_type_spec_hmac_stribog512, +#else + NULL, + NULL, +#endif +#if USE_MD2 + &_gcry_mac_type_spec_hmac_md2, +#else + NULL, +#endif +#if USE_SHA3 + &_gcry_mac_type_spec_hmac_sha3_224, + &_gcry_mac_type_spec_hmac_sha3_256, + &_gcry_mac_type_spec_hmac_sha3_384, + &_gcry_mac_type_spec_hmac_sha3_512, +#else + NULL, + NULL, + NULL, + NULL, +#endif +#ifdef USE_GOST_R_3411_94 + &_gcry_mac_type_spec_hmac_gost3411_cp, +#else + NULL, +#endif +#if USE_BLAKE2 + &_gcry_mac_type_spec_hmac_blake2b_512, + &_gcry_mac_type_spec_hmac_blake2b_384, + &_gcry_mac_type_spec_hmac_blake2b_256, + &_gcry_mac_type_spec_hmac_blake2b_160, + &_gcry_mac_type_spec_hmac_blake2s_256, + &_gcry_mac_type_spec_hmac_blake2s_224, + &_gcry_mac_type_spec_hmac_blake2s_160, + &_gcry_mac_type_spec_hmac_blake2s_128, +#else + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, +#endif +#if USE_SM3 + &_gcry_mac_type_spec_hmac_sm3 +#else + NULL +#endif + }; + +/* CMAC implementations start with index 201 (enum gcry_mac_algos) */ +static gcry_mac_spec_t * const mac_list_algo201[] = + { +#if USE_AES + &_gcry_mac_type_spec_cmac_aes, +#else + NULL, +#endif +#if USE_DES + &_gcry_mac_type_spec_cmac_tripledes, +#else + NULL, +#endif +#if USE_CAMELLIA + &_gcry_mac_type_spec_cmac_camellia, +#else + NULL, +#endif +#if USE_CAST5 + &_gcry_mac_type_spec_cmac_cast5, +#else + NULL, +#endif +#if USE_BLOWFISH + &_gcry_mac_type_spec_cmac_blowfish, +#else + NULL, +#endif +#if USE_TWOFISH + &_gcry_mac_type_spec_cmac_twofish, +#else + NULL, +#endif +#if USE_SERPENT + &_gcry_mac_type_spec_cmac_serpent, +#else + NULL, +#endif +#if USE_SEED + &_gcry_mac_type_spec_cmac_seed, +#else + NULL, +#endif +#if USE_RFC2268 + &_gcry_mac_type_spec_cmac_rfc2268, +#else + NULL, +#endif +#ifdef USE_IDEA + &_gcry_mac_type_spec_cmac_idea, +#else + NULL, +#endif +#if USE_GOST28147 + &_gcry_mac_type_spec_cmac_gost28147 +#else + NULL +#endif + }; + +/* GMAC implementations start with index 401 (enum gcry_mac_algos) */ +static gcry_mac_spec_t * const mac_list_algo401[] = + { +#if USE_AES + &_gcry_mac_type_spec_gmac_aes, +#else + NULL, +#endif +#if USE_CAMELLIA + &_gcry_mac_type_spec_gmac_camellia, +#else + NULL, +#endif +#if USE_TWOFISH + &_gcry_mac_type_spec_gmac_twofish, +#else + NULL, +#endif +#if USE_SERPENT + &_gcry_mac_type_spec_gmac_serpent, +#else + NULL, +#endif +#if USE_SEED + &_gcry_mac_type_spec_gmac_seed +#else + NULL +#endif + }; + +/* Poly1305-MAC implementations start with index 501 (enum gcry_mac_algos) */ +static gcry_mac_spec_t * const mac_list_algo501[] = + { + &_gcry_mac_type_spec_poly1305mac, +#if USE_AES + &_gcry_mac_type_spec_poly1305mac_aes, +#else + NULL, +#endif +#if USE_CAMELLIA + &_gcry_mac_type_spec_poly1305mac_camellia, +#else + NULL, +#endif +#if USE_TWOFISH + &_gcry_mac_type_spec_poly1305mac_twofish, +#else + NULL, +#endif +#if USE_SERPENT + &_gcry_mac_type_spec_poly1305mac_serpent, +#else + NULL, +#endif +#if USE_SEED + &_gcry_mac_type_spec_poly1305mac_seed +#else + NULL +#endif + }; + + + + /* Explicitly initialize this module. */ gcry_err_code_t _gcry_mac_init (void) @@ -154,13 +384,21 @@ _gcry_mac_init (void) static gcry_mac_spec_t * spec_from_algo (int algo) { - gcry_mac_spec_t *spec; - int idx; + gcry_mac_spec_t *spec = NULL; - for (idx = 0; (spec = mac_list[idx]); idx++) - if (algo == spec->algo) - return spec; - return NULL; + if (algo >= 101 && algo < 101 + DIM(mac_list_algo101)) + spec = mac_list_algo101[algo - 101]; + else if (algo >= 201 && algo < 201 + DIM(mac_list_algo201)) + spec = mac_list_algo201[algo - 201]; + else if (algo >= 401 && algo < 401 + DIM(mac_list_algo401)) + spec = mac_list_algo401[algo - 401]; + else if (algo >= 501 && algo < 501 + DIM(mac_list_algo501)) + spec = mac_list_algo501[algo - 501]; + + if (spec) + gcry_assert (spec->algo == algo); + + return spec; } diff --git a/cipher/md.c b/cipher/md.c index f6c1954..47c8cec 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -101,6 +101,143 @@ static gcry_md_spec_t * const digest_list[] = NULL }; +/* Digest implementations starting with index 0 (enum gcry_md_algos) */ +static gcry_md_spec_t * const digest_list_algo0[] = + { + NULL, /* GCRY_MD_NONE */ +#if USE_MD5 + &_gcry_digest_spec_md5, +#else + NULL, +#endif +#if USE_SHA1 + &_gcry_digest_spec_sha1, +#else + NULL, +#endif +#if USE_RMD160 + &_gcry_digest_spec_rmd160, +#else + NULL, +#endif + NULL, /* Unused index 4 */ +#if USE_MD2 + &_gcry_digest_spec_md2, +#else + NULL, +#endif +#if USE_TIGER + &_gcry_digest_spec_tiger, +#else + NULL, +#endif + NULL, /* GCRY_MD_HAVAL */ +#if USE_SHA256 + &_gcry_digest_spec_sha256, +#else + NULL, +#endif +#if USE_SHA512 + &_gcry_digest_spec_sha384, + &_gcry_digest_spec_sha512, +#else + NULL, + NULL, +#endif +#if USE_SHA256 + &_gcry_digest_spec_sha224 +#else + NULL +#endif + }; + +/* Digest implementations starting with index 301 (enum gcry_md_algos) */ +static gcry_md_spec_t * const digest_list_algo301[] = + { +#if USE_MD4 + &_gcry_digest_spec_md4, +#else + NULL, +#endif +#if USE_CRC + &_gcry_digest_spec_crc32, + &_gcry_digest_spec_crc32_rfc1510, + &_gcry_digest_spec_crc24_rfc2440, +#else + NULL, + NULL, + NULL, +#endif +#if USE_WHIRLPOOL + &_gcry_digest_spec_whirlpool, +#else + NULL, +#endif +#if USE_TIGER + &_gcry_digest_spec_tiger1, + &_gcry_digest_spec_tiger2, +#else + NULL, + NULL, +#endif +#if USE_GOST_R_3411_94 + &_gcry_digest_spec_gost3411_94, +#else + NULL, +#endif +#if USE_GOST_R_3411_12 + &_gcry_digest_spec_stribog_256, + &_gcry_digest_spec_stribog_512, +#else + NULL, + NULL, +#endif +#if USE_GOST_R_3411_94 + &_gcry_digest_spec_gost3411_cp, +#else + NULL, +#endif +#if USE_SHA3 + &_gcry_digest_spec_sha3_224, + &_gcry_digest_spec_sha3_256, + &_gcry_digest_spec_sha3_384, + &_gcry_digest_spec_sha3_512, + &_gcry_digest_spec_shake128, + &_gcry_digest_spec_shake256, +#else + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, +#endif +#if USE_BLAKE2 + &_gcry_digest_spec_blake2b_512, + &_gcry_digest_spec_blake2b_384, + &_gcry_digest_spec_blake2b_256, + &_gcry_digest_spec_blake2b_160, + &_gcry_digest_spec_blake2s_256, + &_gcry_digest_spec_blake2s_224, + &_gcry_digest_spec_blake2s_160, + &_gcry_digest_spec_blake2s_128, +#else + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, + NULL, +#endif +#if USE_SM3 + &_gcry_digest_spec_sm3 +#else + NULL +#endif + }; + typedef struct gcry_md_list { @@ -118,7 +255,7 @@ struct gcry_md_context size_t actual_handle_size; /* Allocated size of this handle. */ FILE *debug; struct { - unsigned int secure: 1; + unsigned int secure:1; unsigned int finalized:1; unsigned int bugemu1:1; unsigned int hmac:1; @@ -153,15 +290,19 @@ map_algo (int algo) static gcry_md_spec_t * spec_from_algo (int algo) { - int idx; - gcry_md_spec_t *spec; + gcry_md_spec_t *spec = NULL; algo = map_algo (algo); - for (idx = 0; (spec = digest_list[idx]); idx++) - if (algo == spec->algo) - return spec; - return NULL; + if (algo >= 0 && algo < DIM(digest_list_algo0)) + spec = digest_list_algo0[algo]; + else if (algo >= 301 && algo < 301 + DIM(digest_list_algo301)) + spec = digest_list_algo301[algo - 301]; + + if (spec) + gcry_assert (spec->algo == algo); + + return spec; } commit 35b59d0ea52e8a1c30c43554dc4dbca97da4bf87 Author: Jussi Kivilinna Date: Tue Apr 10 22:03:49 2018 +0300 Fix building with BLAKE2 disabled * cipher/md.c (md_setkey): Enclose Blake2 part with USE_BLAKE2. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/md.c b/cipher/md.c index efbffe1..f6c1954 100644 --- a/cipher/md.c +++ b/cipher/md.c @@ -703,6 +703,7 @@ md_setkey (gcry_md_hd_t h, const unsigned char *key, size_t keylen) { switch (r->spec->algo) { +#if USE_BLAKE2 /* TODO? add spec->init_with_key? */ case GCRY_MD_BLAKE2B_512: case GCRY_MD_BLAKE2B_384: @@ -719,6 +720,7 @@ md_setkey (gcry_md_hd_t h, const unsigned char *key, size_t keylen) ? GCRY_MD_FLAG_BUGEMU1:0, key, keylen, r->spec->algo); break; +#endif default: rc = GPG_ERR_DIGEST_ALGO; break; commit 52e52eb0e3e5541cfc86e04c5047500db5d538b7 Author: Jussi Kivilinna Date: Tue Apr 10 22:03:49 2018 +0300 Add missing BLAKE2, SM3 and GOSTR3411_CP to MAC-HMAC interface * cipher/mac-hmac.c (map_mac_algo_to_md): Add GOSTR3411_CP, BLAKE2 and SM3. (_gcry_mac_type_spec_hmac_gost3411_cp) (_gcry_mac_type_spec_hmac_blake2b_512) (_gcry_mac_type_spec_hmac_blake2b_384) (_gcry_mac_type_spec_hmac_blake2b_256) (_gcry_mac_type_spec_hmac_blake2b_160) (_gcry_mac_type_spec_hmac_blake2s_256) (_gcry_mac_type_spec_hmac_blake2s_224) (_gcry_mac_type_spec_hmac_blake2s_160) (_gcry_mac_type_spec_hmac_blake2s_128) (_gcry_mac_type_spec_hmac_sm3): New. * cipher/mac-internal.h (_gcry_mac_type_spec_hmac_gost3411_cp) (_gcry_mac_type_spec_hmac_blake2b_512) (_gcry_mac_type_spec_hmac_blake2b_384) (_gcry_mac_type_spec_hmac_blake2b_256) (_gcry_mac_type_spec_hmac_blake2b_160) (_gcry_mac_type_spec_hmac_blake2s_256) (_gcry_mac_type_spec_hmac_blake2s_224) (_gcry_mac_type_spec_hmac_blake2s_160) (_gcry_mac_type_spec_hmac_blake2s_128) (_gcry_mac_type_spec_hmac_sm3): New. * cipher/mac.c (mac_list): Add GOSTR3411_CP, BLAKE2 and SM3. * src/gcrypt.h.in (GCRY_MAC_HMAC_GOSTR3411_CP) (GCRY_MAC_HMAC_BLAKE2B_512, GCRY_MAC_HMAC_BLAKE2B_384) (GCRY_MAC_HMAC_BLAKE2B_256, GCRY_MAC_HMAC_BLAKE2B_160) (GCRY_MAC_HMAC_BLAKE2S_256, GCRY_MAC_HMAC_BLAKE2S_224) (GCRY_MAC_HMAC_BLAKE2S_160, GCRY_MAC_HMAC_BLAKE2S_128) (GCRY_MAC_HMAC_SM3): New. -- Signed-off-by: Jussi Kivilinna diff --git a/cipher/mac-hmac.c b/cipher/mac-hmac.c index 9379f4b..86281ac 100644 --- a/cipher/mac-hmac.c +++ b/cipher/mac-hmac.c @@ -67,10 +67,30 @@ map_mac_algo_to_md (int mac_algo) return GCRY_MD_WHIRLPOOL; case GCRY_MAC_HMAC_GOSTR3411_94: return GCRY_MD_GOSTR3411_94; + case GCRY_MAC_HMAC_GOSTR3411_CP: + return GCRY_MD_GOSTR3411_CP; case GCRY_MAC_HMAC_STRIBOG256: return GCRY_MD_STRIBOG256; case GCRY_MAC_HMAC_STRIBOG512: return GCRY_MD_STRIBOG512; + case GCRY_MAC_HMAC_BLAKE2B_512: + return GCRY_MD_BLAKE2B_512; + case GCRY_MAC_HMAC_BLAKE2B_384: + return GCRY_MD_BLAKE2B_384; + case GCRY_MAC_HMAC_BLAKE2B_256: + return GCRY_MD_BLAKE2B_256; + case GCRY_MAC_HMAC_BLAKE2B_160: + return GCRY_MD_BLAKE2B_160; + case GCRY_MAC_HMAC_BLAKE2S_256: + return GCRY_MD_BLAKE2S_256; + case GCRY_MAC_HMAC_BLAKE2S_224: + return GCRY_MD_BLAKE2S_224; + case GCRY_MAC_HMAC_BLAKE2S_160: + return GCRY_MD_BLAKE2S_160; + case GCRY_MAC_HMAC_BLAKE2S_128: + return GCRY_MD_BLAKE2S_128; + case GCRY_MAC_HMAC_SM3: + return GCRY_MD_SM3; } } @@ -267,6 +287,10 @@ gcry_mac_spec_t _gcry_mac_type_spec_hmac_gost3411_94 = { GCRY_MAC_HMAC_GOSTR3411_94, {0, 0}, "HMAC_GOSTR3411_94", &hmac_ops }; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_gost3411_cp = { + GCRY_MAC_HMAC_GOSTR3411_CP, {0, 0}, "HMAC_GOSTR3411_CP", + &hmac_ops +}; #endif #ifdef USE_GOST_R_3411_12 gcry_mac_spec_t _gcry_mac_type_spec_hmac_stribog256 = { @@ -315,3 +339,43 @@ gcry_mac_spec_t _gcry_mac_type_spec_hmac_md2 = { &hmac_ops }; #endif +#if USE_BLAKE2 +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_512 = { + GCRY_MAC_HMAC_BLAKE2B_512, {0, 0}, "HMAC_BLAKE2B_512", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_384 = { + GCRY_MAC_HMAC_BLAKE2B_384, {0, 0}, "HMAC_BLAKE2B_384", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_256 = { + GCRY_MAC_HMAC_BLAKE2B_256, {0, 0}, "HMAC_BLAKE2B_256", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_160 = { + GCRY_MAC_HMAC_BLAKE2B_160, {0, 0}, "HMAC_BLAKE2B_160", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_256 = { + GCRY_MAC_HMAC_BLAKE2S_256, {0, 0}, "HMAC_BLAKE2S_256", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_224 = { + GCRY_MAC_HMAC_BLAKE2S_224, {0, 0}, "HMAC_BLAKE2S_224", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_160 = { + GCRY_MAC_HMAC_BLAKE2S_160, {0, 0}, "HMAC_BLAKE2S_160", + &hmac_ops +}; +gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_128 = { + GCRY_MAC_HMAC_BLAKE2S_128, {0, 0}, "HMAC_BLAKE2S_128", + &hmac_ops +}; +#endif +#if USE_SM3 +gcry_mac_spec_t _gcry_mac_type_spec_hmac_sm3 = { + GCRY_MAC_HMAC_SM3, {0, 0}, "HMAC_SM3", + &hmac_ops +}; +#endif diff --git a/cipher/mac-internal.h b/cipher/mac-internal.h index 2beb284..eb54673 100644 --- a/cipher/mac-internal.h +++ b/cipher/mac-internal.h @@ -142,6 +142,7 @@ extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_sha3_512; #endif #ifdef USE_GOST_R_3411_94 extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_gost3411_94; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_gost3411_cp; #endif #ifdef USE_GOST_R_3411_12 extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_stribog256; @@ -162,6 +163,19 @@ extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_md5; #if USE_MD4 extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_md4; #endif +#if USE_BLAKE2 +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_512; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_384; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_256; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2b_160; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_256; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_224; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_160; +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_blake2s_128; +#endif +#if USE_SM3 +extern gcry_mac_spec_t _gcry_mac_type_spec_hmac_sm3; +#endif /* * The CMAC algorithm specifications (mac-cmac.c). diff --git a/cipher/mac.c b/cipher/mac.c index 4a7a47d..e8e7ceb 100644 --- a/cipher/mac.c +++ b/cipher/mac.c @@ -49,6 +49,7 @@ static gcry_mac_spec_t * const mac_list[] = { #endif #ifdef USE_GOST_R_3411_94 &_gcry_mac_type_spec_hmac_gost3411_94, + &_gcry_mac_type_spec_hmac_gost3411_cp, #endif #ifdef USE_GOST_R_3411_12 &_gcry_mac_type_spec_hmac_stribog256, @@ -69,6 +70,19 @@ static gcry_mac_spec_t * const mac_list[] = { #if USE_MD4 &_gcry_mac_type_spec_hmac_md4, #endif +#if USE_BLAKE2 + &_gcry_mac_type_spec_hmac_blake2b_512, + &_gcry_mac_type_spec_hmac_blake2b_384, + &_gcry_mac_type_spec_hmac_blake2b_256, + &_gcry_mac_type_spec_hmac_blake2b_160, + &_gcry_mac_type_spec_hmac_blake2s_256, + &_gcry_mac_type_spec_hmac_blake2s_224, + &_gcry_mac_type_spec_hmac_blake2s_160, + &_gcry_mac_type_spec_hmac_blake2s_128, +#endif +#if USE_SM3 + &_gcry_mac_type_spec_hmac_sm3, +#endif #if USE_BLOWFISH &_gcry_mac_type_spec_cmac_blowfish, #endif diff --git a/src/gcrypt.h.in b/src/gcrypt.h.in index 83f94b6..a1cb15a 100644 --- a/src/gcrypt.h.in +++ b/src/gcrypt.h.in @@ -1433,6 +1433,16 @@ enum gcry_mac_algos GCRY_MAC_HMAC_SHA3_256 = 116, GCRY_MAC_HMAC_SHA3_384 = 117, GCRY_MAC_HMAC_SHA3_512 = 118, + GCRY_MAC_HMAC_GOSTR3411_CP = 119, + GCRY_MAC_HMAC_BLAKE2B_512 = 120, + GCRY_MAC_HMAC_BLAKE2B_384 = 121, + GCRY_MAC_HMAC_BLAKE2B_256 = 122, + GCRY_MAC_HMAC_BLAKE2B_160 = 123, + GCRY_MAC_HMAC_BLAKE2S_256 = 124, + GCRY_MAC_HMAC_BLAKE2S_224 = 125, + GCRY_MAC_HMAC_BLAKE2S_160 = 126, + GCRY_MAC_HMAC_BLAKE2S_128 = 127, + GCRY_MAC_HMAC_SM3 = 128, GCRY_MAC_CMAC_AES = 201, GCRY_MAC_CMAC_3DES = 202, ----------------------------------------------------------------------- Summary of changes: cipher/cipher.c | 124 +++++++++++++- cipher/mac-hmac.c | 64 ++++++++ cipher/mac-internal.h | 14 ++ cipher/mac.c | 264 +++++++++++++++++++++++++++++- cipher/md.c | 157 +++++++++++++++++- src/gcrypt.h.in | 10 ++ tests/basic_all_hwfeature_combinations.sh | 2 +- 7 files changed, 615 insertions(+), 20 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 01:52:18 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Wed, 11 Apr 2018 01:52:18 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.1-65-g3e3b520 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via 3e3b520fb32a37c5c23762531a7b3168e112ac36 (commit) from 5e01705ca90830c27a4cbd8bad41243915f4538a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3e3b520fb32a37c5c23762531a7b3168e112ac36 Author: NIIBE Yutaka Date: Wed Apr 11 08:45:22 2018 +0900 hmac: Use xtrymalloc. * src/hmac256.c (_gcry_hmac256_new): Use xtrymalloc. (_gcry_hmac256_file): Likewise. -- Don't require config.h but stdint.h for STANDALONE. Drop STANDALONE support for WindowsCE. GnuPG-bug-id: 3877 Signed-off-by: NIIBE Yutaka diff --git a/src/hmac256.c b/src/hmac256.c index ca1eb75..2d66079 100644 --- a/src/hmac256.c +++ b/src/hmac256.c @@ -24,8 +24,7 @@ internal consistency checks. It should not be used for sensitive data because no mechanisms to clear the stack etc are used. - This module may be used standalone and requires only a few - standard definitions to be provided in a config.h file. + This module may be used standalone. Types: @@ -46,7 +45,19 @@ for testing this included module. */ +#ifdef STANDALONE +#include +#define HAVE_U32_TYPEDEF 1 +typedef uint32_t u32; +#define VERSION "standalone" +/* For GCC, we can detect endianness. If not GCC, please define manually. */ +#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ +#define WORDS_BIGENDIAN 1 +#endif +#else #include +#endif + #include #include #include @@ -56,13 +67,11 @@ # include /* We need setmode(). */ #endif -/* For a native WindowsCE binary we need to include gpg-error.h to - provide a replacement for strerror. In other cases we need a - replacement macro for gpg_err_set_errno. */ -#ifdef __MINGW32CE__ -# include +#ifdef STANDALONE +#define xtrymalloc(a) malloc((a)) +#define gpg_err_set_errno(a) (errno = (a)) #else -# define gpg_err_set_errno(a) (errno = (a)) +#include "g10lib.h" #endif #include "hmac256.h" @@ -296,7 +305,7 @@ _gcry_hmac256_new (const void *key, size_t keylen) { hmac256_context_t hd; - hd = malloc (sizeof *hd); + hd = xtrymalloc (sizeof *hd); if (!hd) return NULL; @@ -469,7 +478,7 @@ _gcry_hmac256_file (void *result, size_t resultsize, const char *filename, } buffer_size = 32768; - buffer = malloc (buffer_size); + buffer = xtrymalloc (buffer_size); if (!buffer) { fclose (fp); ----------------------------------------------------------------------- Summary of changes: src/hmac256.c | 29 +++++++++++++++++++---------- 1 file changed, 19 insertions(+), 10 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 09:47:37 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 11 Apr 2018 09:47:37 +0200 Subject: [git] GPG-ERROR - branch, master, updated. gpgrt-1.28-29-g253ca17 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 253ca177055e23617b14e0934b09ef50253f29eb (commit) via c3825327da826e434ada9abde34e6bbd7ef61737 (commit) via f4c4592a15f9ec997c82c3d3d25656e0c2982d97 (commit) via e901c9fb04f5a96ba2bd49225b396ce7857a3782 (commit) from 99e976be723ebbf7fe5c73671dd916bd4a067727 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 253ca177055e23617b14e0934b09ef50253f29eb Author: Werner Koch Date: Wed Apr 11 09:40:17 2018 +0200 Post release updates -- diff --git a/NEWS b/NEWS index 7b024f7..9c1459f 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.30 (unreleased) [C24/A24/R_] +----------------------------------------------- + + Noteworthy changes in version 1.29 (2018-04-11) [C24/A24/R0] ----------------------------------------------- diff --git a/configure.ac b/configure.ac index 5328af4..e1f8858 100644 --- a/configure.ac +++ b/configure.ac @@ -29,7 +29,7 @@ min_automake_version="1.14" # See below for the LT versions. m4_define([mym4_package],[libgpg-error]) m4_define([mym4_major], [1]) -m4_define([mym4_minor], [29]) +m4_define([mym4_minor], [30]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit c3825327da826e434ada9abde34e6bbd7ef61737 Author: Werner Koch Date: Wed Apr 11 09:24:03 2018 +0200 Release 1.29 * configure.ac: Bump LT version to C24/A24/R0. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 44da9ee..7b024f7 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Noteworthy changes in version 1.29 (unreleased) [C23/A23/R_] +Noteworthy changes in version 1.29 (2018-04-11) [C24/A24/R0] ----------------------------------------------- * The yat2m tool is during cross-compile now also installed on the diff --git a/README b/README index 9cc5de0..bab9c95 100644 --- a/README +++ b/README @@ -22,6 +22,10 @@ components are - Log functions + - Option parser + + - BAse-64 encoder and decoder. + More components will be added over time. Most functions are prefixed with "gpgrt" (GnuPG Run Time) instead of "gpg_err" to indicate the long term plan to rename this library to gpgrt. @@ -106,13 +110,8 @@ To build for Windows you you may use the convenience command: ./autogen.sh --build-w32 -which runs configure with suitable options. For WindowsCE the command -is: - - ./autogen.sh --build-w32ce - -There is also _experimental_ support for building a 64 bit Windows -version: +which runs configure with suitable options. There is also basic +support for building a 64 bit Windows version: ./autogen.sh --build-w64 diff --git a/configure.ac b/configure.ac index 0214fb6..5328af4 100644 --- a/configure.ac +++ b/configure.ac @@ -49,8 +49,8 @@ AC_INIT([mym4_package],[mym4_version], [https://bugs.gnupg.org]) # (Interfaces added: AGE++) # (Interfaces removed: AGE=0) # Note that added error codes don't constitute an interface change. -LIBGPG_ERROR_LT_CURRENT=23 -LIBGPG_ERROR_LT_AGE=23 +LIBGPG_ERROR_LT_CURRENT=24 +LIBGPG_ERROR_LT_AGE=24 LIBGPG_ERROR_LT_REVISION=0 ################################################ commit f4c4592a15f9ec997c82c3d3d25656e0c2982d97 Author: Werner Koch Date: Wed Apr 11 09:12:39 2018 +0200 doc: Beautify comments in gpg-error.h. -- Signed-off-by: Werner Koch diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index f585808..ce7d278 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -1,7 +1,7 @@ -/* gpg-error.h or gpgrt.h - Public interface to libgpg-error. -*- c -*- +/* gpg-error.h or gpgrt.h - Common code for GnuPG and others. -*- c -*- * Copyright (C) 2001-2018 g10 Code GmbH * - * This file is part of libgpg-error. + * This file is part of libgpg-error (aka libgpgrt). * * libgpg-error is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public License @@ -20,6 +20,41 @@ * @configure_input@ */ +/* The GnuPG project consists of many components. Error codes are + * exchanged between all components. The common error codes and their + * user-presentable descriptions are kept into a shared library to + * allow adding new error codes and components without recompiling any + * of the other components. In addition to error codes this library + * also features several other groups of functions which are common to + * all GnuPG components. They may be used by independet project as + * well. The interfaces will not change in a backward incompatible way. + * + * An error code together with an error source build up an error + * value. As the error value is been passed from one component to + * another, it preserves the information about the source and nature + * of the error. + * + * A component of the GnuPG project can define the following macros to + * tune the behaviour of the library: + * + * GPG_ERR_SOURCE_DEFAULT: Define to an error source of type + * gpg_err_source_t to make that source the default for gpg_error(). + * Otherwise GPG_ERR_SOURCE_UNKNOWN is used as default. + * + * GPG_ERR_ENABLE_GETTEXT_MACROS: Define to provide macros to map the + * internal gettext API to standard names. This has only an effect on + * Windows platforms. + * + * GPGRT_ENABLE_ES_MACROS: Define to provide "es_" macros for the + * estream functions. + * + * GPGRT_ENABLE_LOG_MACROS: Define to provide short versions of the + * log functions. + * + * GPGRT_ENABLE_ARGPARSE_MACROS: Needs to be defined to provide the + * mandatory macros of the argparse interface. + */ + #ifndef GPG_ERROR_H #define GPG_ERROR_H 1 #ifndef GPGRT_H @@ -57,50 +92,17 @@ extern "C" { #endif #endif /* __cplusplus */ -/* The GnuPG project consists of many components. Error codes are - exchanged between all components. The common error codes and their - user-presentable descriptions are kept into a shared library to - allow adding new error codes and components without recompiling any - of the other components. The interface will not change in a - backward incompatible way. - - An error code together with an error source build up an error - value. As the error value is been passed from one component to - another, it preserver the information about the source and nature - of the error. - - A component of the GnuPG project can define the following macros to - tune the behaviour of the library: - - GPG_ERR_SOURCE_DEFAULT: Define to an error source of type - gpg_err_source_t to make that source the default for gpg_error(). - Otherwise GPG_ERR_SOURCE_UNKNOWN is used as default. - - GPG_ERR_ENABLE_GETTEXT_MACROS: Define to provide macros to map the - internal gettext API to standard names. This has only an effect on - Windows platforms. - - GPGRT_ENABLE_ES_MACROS: Define to provide "es_" macros for the - estream functions. - - GPGRT_ENABLE_LOG_MACROS: Define to provide short versions of the - log functions. - - GPGRT_ENABLE_ARGPARSE_MACROS: Needs to be defined to provide the - mandatory macros of the argparse interface. - - In addition to the error codes, Libgpg-error also provides a set of - functions used by most GnuPG components. */ /* The error source type gpg_err_source_t. - - Where as the Poo out of a welle small - Taketh his firste springing and his sours. - --Chaucer. */ + * + * Where as the Poo out of a welle small + * Taketh his firste springing and his sours. + * --Chaucer. + */ /* Only use free slots, never change or reorder the existing - entries. */ + * entries. */ typedef enum { @include:err-sources@ @@ -112,7 +114,7 @@ typedef enum /* The error code type gpg_err_code_t. */ /* Only use free slots, never change or reorder the existing - entries. */ + * entries. */ typedef enum { @include:err-codes@ @@ -127,13 +129,13 @@ typedef enum /* The error value type gpg_error_t. */ /* We would really like to use bit-fields in a struct, but using - structs as return values can cause binary compatibility issues, in - particular if you want to do it efficiently (also see - -freg-struct-return option to GCC). */ + * structs as return values can cause binary compatibility issues, in + * particular if you want to do it efficiently (also see + * -freg-struct-return option to GCC). */ typedef unsigned int gpg_error_t; /* We use the lowest 16 bits of gpg_error_t for error codes. The 16th - bit indicates system errors. */ + * bit indicates system errors. */ #define GPG_ERR_CODE_MASK (GPG_ERR_CODE_DIM - 1) /* Bits 17 to 24 are reserved. */ @@ -143,11 +145,13 @@ typedef unsigned int gpg_error_t; #define GPG_ERR_SOURCE_SHIFT 24 /* The highest bit is reserved. It shouldn't be used to prevent - potential negative numbers when transmitting error values as - text. */ + * potential negative numbers when transmitting error values as + * text. */ -/* GCC feature test. */ +/* + * GCC feature test. + */ #if __GNUC__ # define _GPG_ERR_GCC_VERSION (__GNUC__ * 10000 \ + __GNUC_MINOR__ * 100 \ @@ -208,9 +212,9 @@ typedef unsigned int gpg_error_t; #endif /* The used and unused attributes. - I am not sure since when the unused attribute is really supported. - In any case it it only needed for gcc versions which print a - warning. Thus let us require gcc >= 3.5. */ + * I am not sure since when the unused attribute is really supported. + * In any case it it only needed for gcc versions which print a + * warning. Thus let us require gcc >= 3.5. */ #if _GPG_ERR_GCC_VERSION >= 40000 # define GPGRT_ATTR_USED __attribute__ ((used)) #else @@ -290,7 +294,9 @@ gpgrt_annotate_leaked_object (const void *p) } -/* Initialization function. */ +/* + * Initialization function. + */ /* Initialize the library. This function should be run early. */ gpg_error_t gpg_err_init (void) _GPG_ERR_CONSTRUCTOR; @@ -320,10 +326,12 @@ void gpgrt_set_alloc_func (void *(*f)(void *a, size_t n)); -/* Constructor and accessor functions. */ +/* + * Constructor and accessor functions. + */ /* Construct an error value from an error code and source. Within a - subsystem, use gpg_error. */ + * subsystem, use gpg_error. */ static GPG_ERR_INLINE gpg_error_t gpg_err_make (gpg_err_source_t source, gpg_err_code_t code) { @@ -334,7 +342,7 @@ gpg_err_make (gpg_err_source_t source, gpg_err_code_t code) /* The user should define GPG_ERR_SOURCE_DEFAULT before including this - file to specify a default source for gpg_error. */ + * file to specify a default source for gpg_error. */ #ifndef GPG_ERR_SOURCE_DEFAULT #define GPG_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_UNKNOWN #endif @@ -366,44 +374,44 @@ gpg_err_source (gpg_error_t err) /* String functions. */ /* Return a pointer to a string containing a description of the error - code in the error value ERR. This function is not thread-safe. */ + * code in the error value ERR. This function is not thread-safe. */ const char *gpg_strerror (gpg_error_t err); /* Return the error string for ERR in the user-supplied buffer BUF of - size BUFLEN. This function is, in contrast to gpg_strerror, - thread-safe if a thread-safe strerror_r() function is provided by - the system. If the function succeeds, 0 is returned and BUF - contains the string describing the error. If the buffer was not - large enough, ERANGE is returned and BUF contains as much of the - beginning of the error string as fits into the buffer. */ + * size BUFLEN. This function is, in contrast to gpg_strerror, + * thread-safe if a thread-safe strerror_r() function is provided by + * the system. If the function succeeds, 0 is returned and BUF + * contains the string describing the error. If the buffer was not + * large enough, ERANGE is returned and BUF contains as much of the + * beginning of the error string as fits into the buffer. */ int gpg_strerror_r (gpg_error_t err, char *buf, size_t buflen); /* Return a pointer to a string containing a description of the error - source in the error value ERR. */ + * source in the error value ERR. */ const char *gpg_strsource (gpg_error_t err); -/* Mapping of system errors (errno). */ +/* + * Mapping of system errors (errno). + */ /* Retrieve the error code for the system error ERR. This returns - GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report - this). */ + * GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report + * this). */ gpg_err_code_t gpg_err_code_from_errno (int err); - /* Retrieve the system error for the error code CODE. This returns 0 - if CODE is not a system error code. */ + * if CODE is not a system error code. */ int gpg_err_code_to_errno (gpg_err_code_t code); - /* Retrieve the error code directly from the ERRNO variable. This - returns GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped - (report this) and GPG_ERR_MISSING_ERRNO if ERRNO has the value 0. */ + * returns GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped + * (report this) and GPG_ERR_MISSING_ERRNO if ERRNO has the value 0. */ gpg_err_code_t gpg_err_code_from_syserror (void); /* Set the ERRNO variable. This function is the preferred way to set - ERRNO due to peculiarities on WindowsCE. */ + * ERRNO due to peculiarities on WindowsCE. */ void gpg_err_set_errno (int err); /* Return or check the version. Both functions are identical. */ @@ -1252,7 +1260,9 @@ typedef struct #endif /* GPGRT_ENABLE_ARGPARSE_MACROS */ - +/* Take care: gpgrt_argparse keeps state in ARG and requires that + * either ARGPARSE_FLAG_RESET is used after OPTS has been changed or + * gpgrt_argparse (NULL, ARG, NULL) is called first. */ int gpgrt_argparse (gpgrt_stream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts); void gpgrt_usage (int level); commit e901c9fb04f5a96ba2bd49225b396ce7857a3782 Author: Werner Koch Date: Wed Apr 11 09:10:14 2018 +0200 core: Finalize the API for argparse. * src/gpg-error.h.in (ARGPARSE_end): Simplify. * src/argparse.c (_gpgrt_argparse_internal_s): Add field opts. (deinitialize): Release new field. (initialize): Add arg opts and create a copy of the option list. Add the internal options. (_gpgrt_argparse): Rename arg opts to opts_orig and set new local var opts. Adjust all references to opts. (find_long_option): Adjust for chnaged type of OPTS. Re-indent. (arg_parse): Remove internal option assignment. Rename arg opts to opts_orig and set new local var opts. Adjust all references to opts. (show_help): Adjust all references to opts. -- The old ARGPARSE_end maro was a bit cumbersome and does not allow to chnage the number of internal options. Thus this somewhat larger chnage to keep the internal options out of the API. Note that with this change the internal options now also work in a option file and not just on the command line; that does not make much sense but is probably less surprising. Signed-off-by: Werner Koch diff --git a/src/argparse.c b/src/argparse.c index 00ba68c..2dab2ca 100644 --- a/src/argparse.c +++ b/src/argparse.c @@ -55,6 +55,7 @@ struct _gpgrt_argparse_internal_s void *aliases; const void *cur_alias; void *iio_list; + gpgrt_opt_t **opts; /* Malloced array of pointer to user provided opts. */ }; @@ -83,9 +84,9 @@ static int (*custom_outfnc) (int, const char *); /* Optional handler to map strings. See _gpgrt_set_fixed_string_mapper. */ static const char *(*fixed_string_mapper)(const char*); -static int set_opt_arg(gpgrt_argparse_t *arg, unsigned flags, char *s); -static void show_help(gpgrt_opt_t *opts, unsigned flags); -static void show_version(void); +static int set_opt_arg (gpgrt_argparse_t *arg, unsigned int flags, char *s); +static void show_help (gpgrt_opt_t **opts, unsigned int flags); +static void show_version (void); static int writestrings (int is_error, const char *string, ...) GPGRT_ATTR_SENTINEL(0); static int arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts); @@ -186,8 +187,12 @@ flushstrings (int is_error) static void deinitialize (gpgrt_argparse_t *arg) { - xfree (arg->internal); - arg->internal = NULL; + if (arg->internal) + { + xfree (arg->internal->opts); + xfree (arg->internal); + arg->internal = NULL; + } arg->lineno = 0; arg->err = 0; @@ -203,7 +208,7 @@ my_exit (gpgrt_argparse_t *arg, int code) static gpg_err_code_t -initialize (gpgrt_argparse_t *arg, estream_t fp) +initialize (gpgrt_argparse_t *arg, gpgrt_opt_t *opts, estream_t fp) { if (!arg->internal || (arg->flags & ARGPARSE_FLAG_RESET)) { @@ -214,6 +219,9 @@ initialize (gpgrt_argparse_t *arg, estream_t fp) if (!arg->internal) return _gpg_err_code_from_syserror (); } + else if (arg->internal->opts) + xfree (arg->internal->opts); + arg->internal->opts = NULL; /* Initialize this instance. */ arg->internal->idx = 0; @@ -224,6 +232,7 @@ initialize (gpgrt_argparse_t *arg, estream_t fp) arg->internal->cur_alias = NULL; arg->internal->iio_list = NULL; + /* Clear the copy of the option list. */ /* Clear the error indicator. */ arg->err = 0; @@ -243,6 +252,60 @@ initialize (gpgrt_argparse_t *arg, estream_t fp) } + /* Create an array with pointers to the provided list of options. + * Keeping a copy is useful to sort that array and thus do a binary + * search and to allow for extra space at the end to insert the + * hidden options. An ARGPARSE_FLAG_RESET can be used to reinit + * this array. */ + if (!arg->internal->opts) + { + static gpgrt_opt_t help_opt + = ARGPARSE_s_n (ARGPARSE_SHORTOPT_HELP, "help", "@"); + static gpgrt_opt_t version_opt + = ARGPARSE_s_n (ARGPARSE_SHORTOPT_VERSION, "version", "@"); + static gpgrt_opt_t warranty_opt + = ARGPARSE_s_n (ARGPARSE_SHORTOPT_WARRANTY, "warranty", "@"); + static gpgrt_opt_t dump_options_opt + = ARGPARSE_s_n(ARGPARSE_SHORTOPT_DUMP_OPTIONS, "dump-options", "@"); + static gpgrt_opt_t end_marker + = ARGPARSE_end (); + int seen_help = 0; + int seen_version = 0; + int seen_warranty = 0; + int seen_dump_options = 0; + int i; + + for (i=0; opts[i].short_opt; i++) + { + if (opts[i].long_opt) + { + if (!strcmp(opts[i].long_opt, help_opt.long_opt)) + seen_help = 1; + else if (!strcmp(opts[i].long_opt, version_opt.long_opt)) + seen_version = 1; + else if (!strcmp(opts[i].long_opt, warranty_opt.long_opt)) + seen_warranty = 1; + else if (!strcmp(opts[i].long_opt, dump_options_opt.long_opt)) + seen_dump_options = 1; + } + } + i += 4; /* The number of the above internal options. */ + i++; /* End of list marker. */ + arg->internal->opts = xtrycalloc (i, sizeof *arg->internal->opts); + if (!arg->internal->opts) + return _gpg_err_code_from_syserror (); + for(i=0; opts[i].short_opt; i++) + arg->internal->opts[i] = opts + i; + if (!seen_help) + arg->internal->opts[i++] = &help_opt; + if (!seen_version) + arg->internal->opts[i++] = &version_opt; + if (!seen_warranty) + arg->internal->opts[i++] = &warranty_opt; + if (!seen_dump_options) + arg->internal->opts[i++] = &dump_options_opt; + arg->internal->opts[i] = &end_marker; + } if (arg->err) { @@ -453,10 +516,11 @@ ignore_invalid_option_clear (gpgrt_argparse_t *arg) * Note: Abbreviation of options is here not allowed. */ int -_gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) +_gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts_orig) { + gpgrt_opt_t **opts; int state, i, c; - int idx=0; + int idx = 0; char keyword[100]; char *buffer = NULL; size_t buflen = 0; @@ -464,18 +528,19 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) int unread_buf[3]; /* We use an int so that we can store EOF. */ int unread_buf_count = 0; - if (arg && !opts) + if (arg && !opts_orig) { deinitialize (arg); return 0; } if (!fp) /* Divert to arg_parse() in this case. */ - return arg_parse (arg, opts); + return arg_parse (arg, opts_orig); - if (initialize (arg, fp)) + if (initialize (arg, opts_orig, fp)) return (arg->r_opt = ARGPARSE_OUT_OF_CORE); + opts = arg->internal->opts; /* If the LINENO is zero we assume that we are at the start of a * file and we skip over a possible Byte Order Mark. */ @@ -507,19 +572,19 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) else if (state == 2) { keyword[i] = 0; - for (i=0; opts[i].short_opt; i++ ) + for (i=0; opts[i]->short_opt; i++ ) { - if (opts[i].long_opt && !strcmp (opts[i].long_opt, keyword)) + if (opts[i]->long_opt && !strcmp (opts[i]->long_opt, keyword)) break; } idx = i; - arg->r_opt = opts[idx].short_opt; - if ((opts[idx].flags & ARGPARSE_OPT_IGNORE)) + arg->r_opt = opts[idx]->short_opt; + if ((opts[idx]->flags & ARGPARSE_OPT_IGNORE)) { state = i = 0; continue; } - else if (!opts[idx].short_opt ) + else if (!opts[idx]->short_opt ) { if (!strcmp (keyword, "ignore-invalid-option")) { @@ -533,13 +598,13 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) state = i = 0; continue; } - arg->r_opt = ((opts[idx].flags & ARGPARSE_OPT_COMMAND) + arg->r_opt = ((opts[idx]->flags & ARGPARSE_OPT_COMMAND) ? ARGPARSE_INVALID_COMMAND : ARGPARSE_INVALID_OPTION); } - else if (!(opts[idx].flags & ARGPARSE_TYPE_MASK)) + else if (!(opts[idx]->flags & ARGPARSE_TYPE_MASK)) arg->r_type = 0; /* Does not take an arg. */ - else if ((opts[idx].flags & ARGPARSE_OPT_OPTIONAL) ) + else if ((opts[idx]->flags & ARGPARSE_OPT_OPTIONAL) ) arg->r_type = 0; /* Arg is optional. */ else arg->r_opt = ARGPARSE_MISSING_ARG; @@ -551,9 +616,9 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) /* No argument found. */ if (in_alias) arg->r_opt = ARGPARSE_MISSING_ARG; - else if (!(opts[idx].flags & ARGPARSE_TYPE_MASK)) + else if (!(opts[idx]->flags & ARGPARSE_TYPE_MASK)) arg->r_type = 0; /* Does not take an arg. */ - else if ((opts[idx].flags & ARGPARSE_OPT_OPTIONAL)) + else if ((opts[idx]->flags & ARGPARSE_OPT_OPTIONAL)) arg->r_type = 0; /* No optional argument. */ else arg->r_opt = ARGPARSE_MISSING_ARG; @@ -589,7 +654,7 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) } } } - else if (!(opts[idx].flags & ARGPARSE_TYPE_MASK)) + else if (!(opts[idx]->flags & ARGPARSE_TYPE_MASK)) arg->r_opt = ARGPARSE_UNEXPECTED_ARG; else { @@ -616,7 +681,7 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) if (*p && p[strlen(p)-1] == '\"' ) p[strlen(p)-1] = 0; } - if (!set_opt_arg (arg, opts[idx].flags, p)) + if (!set_opt_arg (arg, opts[idx]->flags, p)) xfree (buffer); else gpgrt_annotate_leaked_object (buffer); @@ -648,16 +713,16 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) { /* Check keyword. */ keyword[i] = 0; - for (i=0; opts[i].short_opt; i++ ) - if (opts[i].long_opt && !strcmp (opts[i].long_opt, keyword)) + for (i=0; opts[i]->short_opt; i++ ) + if (opts[i]->long_opt && !strcmp (opts[i]->long_opt, keyword)) break; idx = i; - arg->r_opt = opts[idx].short_opt; - if ((opts[idx].flags & ARGPARSE_OPT_IGNORE)) + arg->r_opt = opts[idx]->short_opt; + if ((opts[idx]->flags & ARGPARSE_OPT_IGNORE)) { state = 1; /* Process like a comment. */ } - else if (!opts[idx].short_opt) + else if (!opts[idx]->short_opt) { if (!strcmp (keyword, "alias")) { @@ -678,7 +743,7 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) state = 1; /* Process like a comment. */ else { - arg->r_opt = ((opts[idx].flags & ARGPARSE_OPT_COMMAND) + arg->r_opt = ((opts[idx]->flags & ARGPARSE_OPT_COMMAND) ? ARGPARSE_INVALID_COMMAND : ARGPARSE_INVALID_OPTION); state = -1; /* Skip rest of line and leave. */ @@ -759,109 +824,80 @@ _gpgrt_argparse (estream_t fp, gpgrt_argparse_t *arg, gpgrt_opt_t *opts) } - +/* Given the list of options OPTS and a keyword, return the index of + * the long option macthing KEYWORD. On error -1 is retruned for not + * found or -2 for ambigious keyword. */ static int -find_long_option (gpgrt_argparse_t *arg, gpgrt_opt_t *opts, const char *keyword) +find_long_option (gpgrt_argparse_t *arg, gpgrt_opt_t **opts, + const char *keyword) { - int i; - size_t n; - - (void)arg; - - /* Would be better if we can do a binary search, but it is not - possible to reorder our option table because we would mess - up our help strings - What we can do is: Build a nice option - lookup table when this function is first invoked */ - if( !*keyword ) - return -1; - for(i=0; opts[i].short_opt; i++ ) - if( opts[i].long_opt && !strcmp( opts[i].long_opt, keyword) ) - return i; + int i; + size_t n; + + (void)arg; /* Not yet required. */ + + /* Would be better if we can do a binary search, but it is not + * possible to reorder our option table because we would mess up our + * help strings. What we can do is: Build an option lookup table + * when this function is first invoked. */ + if (!*keyword) + return -1; + for (i=0; opts[i]->short_opt; i++ ) + if (opts[i]->long_opt && !strcmp (opts[i]->long_opt, keyword)) + return i; #if 0 - { - ALIAS_DEF a; - /* see whether it is an alias */ - for( a = args->internal->aliases; a; a = a->next ) { - if( !strcmp( a->name, keyword) ) { - /* todo: must parse the alias here */ - args->internal->cur_alias = a; - return -3; /* alias available */ - } - } - } + { + ALIAS_DEF a; + /* see whether it is an alias */ + for (a = args->internal->aliases; a; a = a->next) + { + if (!strcmp( a->name, keyword)) + { + /* todo: must parse the alias here */ + args->internal->cur_alias = a; + return -3; /* alias available */ + } + } + } #endif - /* not found, see whether it is an abbreviation */ - /* aliases may not be abbreviated */ - n = strlen( keyword ); - for(i=0; opts[i].short_opt; i++ ) { - if( opts[i].long_opt && !strncmp( opts[i].long_opt, keyword, n ) ) { - int j; - for(j=i+1; opts[j].short_opt; j++ ) { - if( opts[j].long_opt - && !strncmp( opts[j].long_opt, keyword, n ) - && !(opts[j].short_opt == opts[i].short_opt - && opts[j].flags == opts[i].flags ) ) - return -2; /* abbreviation is ambiguous */ + /* Not found. See whether it is an abbreviation. Aliases may not + * be abbreviated, though. */ + n = strlen (keyword); + for (i=0; opts[i]->short_opt; i++) + { + if (opts[i]->long_opt && !strncmp (opts[i]->long_opt, keyword, n)) + { + int j; + for (j=i+1; opts[j]->short_opt; j++) + { + if (opts[j]->long_opt + && !strncmp (opts[j]->long_opt, keyword, n) + && !(opts[j]->short_opt == opts[i]->short_opt + && opts[j]->flags == opts[i]->flags ) ) + return -2; /* Abbreviation is ambiguous. */ } - return i; + return i; } } - return -1; /* Not found. */ + return -1; /* Not found. */ } +/* The option parser for command line options. */ static int -arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) +arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts_orig) { int idx; + gpgrt_opt_t **opts; int argc; char **argv; char *s, *s2; int i; - /* Fill in missing standard options: help, version, warranty and - * dump-options. */ - gpgrt_opt_t help_opt - = ARGPARSE_s_n (ARGPARSE_SHORTOPT_HELP, "help", "@"); - gpgrt_opt_t version_opt - = ARGPARSE_s_n (ARGPARSE_SHORTOPT_VERSION, "version", "@"); - gpgrt_opt_t warranty_opt - = ARGPARSE_s_n (ARGPARSE_SHORTOPT_WARRANTY, "warranty", "@"); - gpgrt_opt_t dump_options_opt - = ARGPARSE_s_n(ARGPARSE_SHORTOPT_DUMP_OPTIONS, "dump-options", "@"); - int seen_help = 0; - int seen_version = 0; - int seen_warranty = 0; - int seen_dump_options = 0; - - i = 0; - while (opts[i].short_opt) - { - if (opts[i].long_opt) - { - if (!strcmp(opts[i].long_opt, help_opt.long_opt)) - seen_help = 1; - else if (!strcmp(opts[i].long_opt, version_opt.long_opt)) - seen_version = 1; - else if (!strcmp(opts[i].long_opt, warranty_opt.long_opt)) - seen_warranty = 1; - else if (!strcmp(opts[i].long_opt, dump_options_opt.long_opt)) - seen_dump_options = 1; - } - i++; - } - if (! seen_help) - opts[i++] = help_opt; - if (! seen_version) - opts[i++] = version_opt; - if (! seen_warranty) - opts[i++] = warranty_opt; - if (! seen_dump_options) - opts[i++] = dump_options_opt; - - if (initialize( arg, NULL)) + if (initialize (arg, opts_orig, NULL)) return (arg->r_opt = ARGPARSE_OUT_OF_CORE); + opts = arg->internal->opts; argc = *arg->argc; argv = *arg->argv; idx = arg->internal->idx; @@ -917,9 +953,9 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) if ( argpos ) *argpos = '='; - if (i > 0 && opts[i].short_opt == ARGPARSE_SHORTOPT_HELP) + if (i > 0 && opts[i]->short_opt == ARGPARSE_SHORTOPT_HELP) show_help (opts, arg->flags); - else if (i > 0 && opts[i].short_opt == ARGPARSE_SHORTOPT_VERSION) + else if (i > 0 && opts[i]->short_opt == ARGPARSE_SHORTOPT_VERSION) { if (!(arg->flags & ARGPARSE_FLAG_NOVERSION)) { @@ -927,17 +963,17 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) my_exit (arg, 0); } } - else if (i > 0 && opts[i].short_opt == ARGPARSE_SHORTOPT_WARRANTY) + else if (i > 0 && opts[i]->short_opt == ARGPARSE_SHORTOPT_WARRANTY) { writestrings (0, _gpgrt_strusage (16), "\n", NULL); my_exit (arg, 0); } - else if (i > 0 && opts[i].short_opt == ARGPARSE_SHORTOPT_DUMP_OPTIONS) + else if (i > 0 && opts[i]->short_opt == ARGPARSE_SHORTOPT_DUMP_OPTIONS) { - for (i=0; opts[i].short_opt; i++ ) + for (i=0; opts[i]->short_opt; i++ ) { - if (opts[i].long_opt && !(opts[i].flags & ARGPARSE_OPT_IGNORE)) - writestrings (0, "--", opts[i].long_opt, "\n", NULL); + if (opts[i]->long_opt && !(opts[i]->flags & ARGPARSE_OPT_IGNORE)) + writestrings (0, "--", opts[i]->long_opt, "\n", NULL); } my_exit (arg, 0); } @@ -950,10 +986,10 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) arg->r.ret_str = s+2; } else - arg->r_opt = opts[i].short_opt; + arg->r_opt = opts[i]->short_opt; if ( i < 0 ) ; - else if ( (opts[i].flags & ARGPARSE_TYPE_MASK) ) + else if ( (opts[i]->flags & ARGPARSE_TYPE_MASK) ) { if ( argpos ) { @@ -963,7 +999,7 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) } else s2 = argv[1]; - if ( !s2 && (opts[i].flags & ARGPARSE_OPT_OPTIONAL) ) + if ( !s2 && (opts[i]->flags & ARGPARSE_OPT_OPTIONAL) ) { arg->r_type = ARGPARSE_TYPE_NONE; /* Argument is optional. */ } @@ -972,7 +1008,7 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) arg->r_opt = ARGPARSE_MISSING_ARG; } else if ( !argpos && *s2 == '-' - && (opts[i].flags & ARGPARSE_OPT_OPTIONAL) ) + && (opts[i]->flags & ARGPARSE_OPT_OPTIONAL) ) { /* The argument is optional and the next seems to be an option. We do not check this possible option but @@ -981,7 +1017,7 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) } else { - set_opt_arg (arg, opts[i].flags, s2); + set_opt_arg (arg, opts[i]->flags, s2); if ( !argpos ) { argc--; argv++; idx++; /* Skip one. */ @@ -1009,8 +1045,8 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) arg->internal->inarg++; if ( (arg->flags & ARGPARSE_FLAG_ONEDASH) ) { - for (i=0; opts[i].short_opt; i++ ) - if ( opts[i].long_opt && !strcmp (opts[i].long_opt, s+1)) + for (i=0; opts[i]->short_opt; i++ ) + if ( opts[i]->long_opt && !strcmp (opts[i]->long_opt, s+1)) { dash_kludge = 1; break; @@ -1021,33 +1057,33 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) if (!dash_kludge ) { - for (i=0; opts[i].short_opt; i++ ) - if ( opts[i].short_opt == *s ) + for (i=0; opts[i]->short_opt; i++ ) + if ( opts[i]->short_opt == *s ) break; } - if ( !opts[i].short_opt && ( *s == 'h' || *s == '?' ) ) + if ( !opts[i]->short_opt && ( *s == 'h' || *s == '?' ) ) show_help (opts, arg->flags); - arg->r_opt = opts[i].short_opt; - if (!opts[i].short_opt ) + arg->r_opt = opts[i]->short_opt; + if (!opts[i]->short_opt ) { - arg->r_opt = (opts[i].flags & ARGPARSE_OPT_COMMAND)? + arg->r_opt = (opts[i]->flags & ARGPARSE_OPT_COMMAND)? ARGPARSE_INVALID_COMMAND:ARGPARSE_INVALID_OPTION; arg->internal->inarg++; /* Point to the next arg. */ arg->r.ret_str = s; } - else if ( (opts[i].flags & ARGPARSE_TYPE_MASK) ) + else if ( (opts[i]->flags & ARGPARSE_TYPE_MASK) ) { if ( s[1] && !dash_kludge ) { s2 = s+1; - set_opt_arg (arg, opts[i].flags, s2); + set_opt_arg (arg, opts[i]->flags, s2); } else { s2 = argv[1]; - if ( !s2 && (opts[i].flags & ARGPARSE_OPT_OPTIONAL) ) + if ( !s2 && (opts[i]->flags & ARGPARSE_OPT_OPTIONAL) ) { arg->r_type = ARGPARSE_TYPE_NONE; } @@ -1056,7 +1092,7 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) arg->r_opt = ARGPARSE_MISSING_ARG; } else if ( *s2 == '-' && s2[1] - && (opts[i].flags & ARGPARSE_OPT_OPTIONAL) ) + && (opts[i]->flags & ARGPARSE_OPT_OPTIONAL) ) { /* The argument is optional and the next seems to be an option. We do not check this possible @@ -1065,7 +1101,7 @@ arg_parse (gpgrt_argparse_t *arg, gpgrt_opt_t *opts) } else { - set_opt_arg (arg, opts[i].flags, s2); + set_opt_arg (arg, opts[i]->flags, s2); argc--; argv++; idx++; /* Skip one. */ } } @@ -1161,8 +1197,10 @@ set_opt_arg (gpgrt_argparse_t *arg, unsigned flags, char *s) } +/* Return the length of the option O. This needs to consider the + * description as weel as the option name. */ static size_t -long_opt_strlen( gpgrt_opt_t *o ) +long_opt_strlen (gpgrt_opt_t *o) { size_t n = strlen (o->long_opt); @@ -1175,8 +1213,8 @@ long_opt_strlen( gpgrt_opt_t *o ) if ( *s != '=' ) n++; /* For a (mostly) correct length calculation we exclude - continuation bytes (10xxxxxx) if we are on a native utf8 - terminal. */ + * continuation bytes (10xxxxxx) if we are on a native utf8 + * terminal. */ for (; *s && *s != '|'; s++ ) if ( is_utf8 && (*s&0xc0) != 0x80 ) n++; @@ -1197,7 +1235,7 @@ long_opt_strlen( gpgrt_opt_t *o ) * bar and the next one as arguments of the long option. */ static void -show_help (gpgrt_opt_t *opts, unsigned int flags) +show_help (gpgrt_opt_t **opts, unsigned int flags) { const char *s; char tmp[2]; @@ -1214,27 +1252,27 @@ show_help (gpgrt_opt_t *opts, unsigned int flags) } s = _gpgrt_strusage(41); writestrings (0, s, "\n", NULL); - if ( opts[0].description ) + if ( opts[0]->description ) { /* Auto format the option description. */ int i,j, indent; /* Get max. length of long options. */ - for (i=indent=0; opts[i].short_opt; i++ ) + for (i=indent=0; opts[i]->short_opt; i++ ) { - if ( opts[i].long_opt ) - if ( !opts[i].description || *opts[i].description != '@' ) - if ( (j=long_opt_strlen(opts+i)) > indent && j < 35 ) + if ( opts[i]->long_opt ) + if ( !opts[i]->description || *opts[i]->description != '@' ) + if ( (j=long_opt_strlen(opts[i])) > indent && j < 35 ) indent = j; } /* Example: " -v, --verbose Viele Sachen ausgeben" */ indent += 10; - if ( *opts[0].description != '@' ) + if ( *opts[0]->description != '@' ) writestrings (0, "Options:", "\n", NULL); - for (i=0; opts[i].short_opt; i++ ) + for (i=0; opts[i]->short_opt; i++ ) { - s = map_fixed_string (_( opts[i].description )); + s = map_fixed_string (_( opts[i]->description )); if ( s && *s== '@' && !s[1] ) /* Hide this line. */ continue; if ( s && *s == '@' ) /* Unindented comment only line. */ @@ -1258,12 +1296,12 @@ show_help (gpgrt_opt_t *opts, unsigned int flags) } j = 3; - if ( opts[i].short_opt < 256 ) + if ( opts[i]->short_opt < 256 ) { - tmp[0] = opts[i].short_opt; + tmp[0] = opts[i]->short_opt; tmp[1] = 0; writestrings (0, " -", tmp, NULL ); - if ( !opts[i].long_opt ) + if ( !opts[i]->long_opt ) { if (s && *s == '|' ) { @@ -1281,11 +1319,11 @@ show_help (gpgrt_opt_t *opts, unsigned int flags) } else writestrings (0, " ", NULL); - if ( opts[i].long_opt ) + if ( opts[i]->long_opt ) { - tmp[0] = opts[i].short_opt < 256?',':' '; + tmp[0] = opts[i]->short_opt < 256?',':' '; tmp[1] = 0; - j += writestrings (0, tmp, " --", opts[i].long_opt, NULL); + j += writestrings (0, tmp, " --", opts[i]->long_opt, NULL); if (s && *s == '|' ) { if ( *++s != '=' ) diff --git a/src/gpg-error.h.in b/src/gpg-error.h.in index a36e8b1..f585808 100644 --- a/src/gpg-error.h.in +++ b/src/gpg-error.h.in @@ -1246,14 +1246,10 @@ typedef struct #define ARGPARSE_group(s,d) \ { (s), NULL, 0, (d) } -/* Placeholder options for help, version, warranty and dump-options. - * See arg_parse(). FIXME: We need to hide this from the API. */ +/* Mark the end of the list (mandatory). */ #define ARGPARSE_end() \ - { 0, NULL, 0, NULL }, \ - { 0, NULL, 0, NULL }, \ - { 0, NULL, 0, NULL }, \ - { 0, NULL, 0, NULL }, \ { 0, NULL, 0, NULL } + #endif /* GPGRT_ENABLE_ARGPARSE_MACROS */ ----------------------------------------------------------------------- Summary of changes: NEWS | 6 +- README | 13 +- configure.ac | 6 +- src/argparse.c | 348 +++++++++++++++++++++++++++++------------------------ src/gpg-error.h.in | 166 +++++++++++++------------ 5 files changed, 293 insertions(+), 246 deletions(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 09:52:05 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 11 Apr 2018 09:52:05 +0200 Subject: [git] gnupg-doc - branch, master, updated. 824d1bba2627a14b3e8fe284c4c3fb642a41e329 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 824d1bba2627a14b3e8fe284c4c3fb642a41e329 (commit) from da16bd25fc9461cda562504de4e80cfcf75ecf37 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 824d1bba2627a14b3e8fe284c4c3fb642a41e329 Author: Werner Koch Date: Wed Apr 11 09:45:10 2018 +0200 swdb: Release libgpg-error 1.29 diff --git a/web/swdb.mac b/web/swdb.mac index 12bc401..4617b87 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -126,11 +126,16 @@ # # LIBGPG-ERROR # -#+macro: libgpg_error_ver 1.28 -#+macro: libgpg_error_date 2018-03-13 -#+macro: libgpg_error_size 842k -#+macro: libgpg_error_sha1 2b9baae264f3e82ebe00dcd10bae3f2d64232c10 -#+macro: libgpg_error_sha2 3edb957744905412f30de3e25da18682cbe509541e18cd3b8f9df695a075da49 +#+macro: libgpg_error_ver 1.29 +#+macro: libgpg_error_date 2018-04-11 +#+macro: libgpg_error_size 873k +#+macro: libgpg_error_sha1 a56241d60bb7d810fdb478463b1732b134a52a19 +#+macro: libgpg_error_sha2 ece926fa5719d17a7ad8da618712cfa2f8a796ab2f2af9d544c5bb093383b1ea +#+macro: gpgrt_ver 1.29 +#+macro: gpgrt_date 2018-04-11 +#+macro: gpgrt_size 873k +#+macro: gpgrt_sha1 a56241d60bb7d810fdb478463b1732b134a52a19 +#+macro: gpgrt_sha2 ece926fa5719d17a7ad8da618712cfa2f8a796ab2f2af9d544c5bb093383b1ea # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 15 ++++++++++----- 1 file changed, 10 insertions(+), 5 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 09:55:31 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 11 Apr 2018 09:55:31 +0200 Subject: [git] gnupg-doc - branch, master, updated. a739fddfe19ab96e9681dd11353bffc52082d9ad Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via a739fddfe19ab96e9681dd11353bffc52082d9ad (commit) from 824d1bba2627a14b3e8fe284c4c3fb642a41e329 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a739fddfe19ab96e9681dd11353bffc52082d9ad Author: Werner Koch Date: Wed Apr 11 09:48:36 2018 +0200 web: 2.2.6 release announcement diff --git a/web/index.org b/web/index.org index 695c3ab..ed07c39 100644 --- a/web/index.org +++ b/web/index.org @@ -65,6 +65,11 @@ The latest release news:\\ # GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttps://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just # point or paste the [[news.en.rss][RSS file]] into your aggregator. +** GnuPG 2.2.5 released (2018-04-09) + +We are pleased to announce the availability of GnuPG version 2.2.6. +This is a maintenance release fixing a few problems. {[[https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000421.html][more]]} + ** GnuPG 2.2.5 released (2018-02-22) We are pleased to announce the availability of GnuPG version 2.2.5. ----------------------------------------------------------------------- Summary of changes: web/index.org | 5 +++++ 1 file changed, 5 insertions(+) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 10:33:20 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 11 Apr 2018 10:33:20 +0200 Subject: [git] gnupg-doc - branch, master, updated. e033305a5b7c3cc79d35af8f4baff9c1346bb48f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via e033305a5b7c3cc79d35af8f4baff9c1346bb48f (commit) from a739fddfe19ab96e9681dd11353bffc52082d9ad (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e033305a5b7c3cc79d35af8f4baff9c1346bb48f Author: Werner Koch Date: Wed Apr 11 10:25:56 2018 +0200 ox-gpgweb: Implement virtual headlines and HTML_CLASS property. This also chnanges how HTML_CONTAINER_CLASS is used. That is not a problem here becuase we are cot yet using that property. With these changes the following markup is possible (example): * Top header :PROPERTIES: :HTML_CLASS: centered :END: **

:html:virtual: ** Foo :PROPERTIES: :HTML_CONTAINER_CLASS: pure-u-1 pure-u-lg-1-3 :END: Foo is about bar. **

:html:virtual: The HTML_CLASS property puts a class="centered" into the tag. The HTML_CONTAINER_CLASS property encloses its section with another div:

Foo

Foo is about bar.

The "html" tag (the "virtual" is right now only informational) inserts the given HTML directly at this place into the output. Note that this can't be done with #+HTML: because that would distrub the sectioning. diff --git a/web/share/ox-gpgweb.el b/web/share/ox-gpgweb.el index a48985c..7d84d1a 100644 --- a/web/share/ox-gpgweb.el +++ b/web/share/ox-gpgweb.el @@ -1222,6 +1222,9 @@ holding contextual information." todo todo-type priority text tags info)) (contents (or contents ""))) (cond + ;; Case 0: virtual headline: Just print the raw value. + ((member "html" (org-export-get-tags headline info)) + (format "%s\n" (org-element-property :raw-value headline))) ;; Case 1: This is a footnote section: ignore it. ((org-element-property :footnote-section-p headline) nil) ;; Case 2: This is a deep sub-tree: export it as a list item. @@ -1247,11 +1250,16 @@ holding contextual information." (org-element-property :ID headline)))) (preferred-id (car ids)) (extra-ids (cdr ids)) - (extra-class (org-element-property :HTML_CONTAINER_CLASS headline)) + (outer-class (org-element-property :HTML_CONTAINER_CLASS headline)) + (header-class (org-element-property :HTML_CLASS headline)) (first-content (car (org-element-contents headline)))) - (format "%s%s\n%s\n" + (format "%s%s%s\n%s%s\n" + ; div class? + (if outer-class (concat "

\n") "") ; h? level + ; header-class? + (if header-class (concat " class=\"" header-class "\"") "") ; id=? preferred-id ; insert anchors @@ -1273,7 +1281,9 @@ holding contextual information." ; /h? level ; the content of the section - contents)))))) + contents + (if outer-class "

" "") + )))))) (defun org-gpgweb-format-headline-function (todo todo-type priority text tags info) ----------------------------------------------------------------------- Summary of changes: web/share/ox-gpgweb.el | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 13:19:00 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 11 Apr 2018 13:19:00 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-127-g88a3204 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 88a3204d34b97430e7f1f80ebfe1f9f8e6fa9ddc (commit) via dc48589b3d429d7d156c75b4e7bc784b140f40ce (commit) from 7cb3feaf64d3098a5bc56cad62576bb67e5d74bf (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 88a3204d34b97430e7f1f80ebfe1f9f8e6fa9ddc Author: Andre Heinecke Date: Wed Apr 11 13:15:09 2018 +0200 Change S/MIME behavior depending on Exchange ver. * src/oomhelp.cpp, src/oomhelp.h (get_ex_major_version_for_addr): New. * src/cryptcontroller.cpp (create_encrypt_attach): Accept exchange version as parameter. Change behavior accordingly. (CryptController::update_mail_mapi): Add handling for exchange ver. * src/mimemaker.cpp (create_top_encryption_header): Accept exchange ver. * src/mimemaker.h: Update accordingly. -- This fixes 7cb3feaf which broke S/MIME encrypted send for older exchange versions and SMTP / IMAP. Because it unconditionally used different code to construct the encrypted message in the expectation that this would also work as an alternative. GnuPG-Bug-Id: T3884 diff --git a/src/cryptcontroller.cpp b/src/cryptcontroller.cpp index 5aa1022..bc308cb 100644 --- a/src/cryptcontroller.cpp +++ b/src/cryptcontroller.cpp @@ -825,11 +825,12 @@ create_sign_attach (sink_t sink, protocol_t protocol, static int create_encrypt_attach (sink_t sink, protocol_t protocol, - GpgME::Data &encryptedData) + GpgME::Data &encryptedData, + int exchange_major_version) { char boundary[BOUNDARYSIZE+1]; int rc = create_top_encryption_header (sink, protocol, boundary, - false); + false, exchange_major_version); // From here on use goto failure pattern. if (rc) { @@ -838,7 +839,18 @@ create_encrypt_attach (sink_t sink, protocol_t protocol, return rc; } - rc = write_data (sink, encryptedData); + if (protocol == PROTOCOL_OPENPGP || + exchange_major_version >= 15) + { + // With exchange 2016 we have to construct S/MIME + // differently and write the raw data here. + rc = write_data (sink, encryptedData); + } + else + { + const auto encStr = encryptedData.toString(); + rc = write_b64 (sink, encStr.c_str(), encStr.size()); + } if (rc) { @@ -886,12 +898,20 @@ CryptController::update_mail_mapi () sink->cb_data = &m_input; sink->writefnc = sink_data_write; - // For S/MIME encrypted mails we have to use the multipart/encrypted + // For S/MIME encrypted mails we have to use the application/pkcs7-mime // content type. Otherwise newer (2016) exchange servers will throw // an M2MCVT.StorageError.Exeption (See GnuPG-Bug-Id: T3853 ) + + // This means that the conversion / build of the mime structure also + // happens differently. + int exchange_major_version = get_ex_major_version_for_addr ( + m_mail->get_cached_sender ().c_str ()); + std::string overrideMimeTag; - if (m_proto == GpgME::CMS && m_encrypt) + if (m_proto == GpgME::CMS && m_encrypt && exchange_major_version >= 15) { + log_debug ("%s:%s: CMS Encrypt with Exchange %i activating alternative.", + SRCNAME, __func__, exchange_major_version); overrideMimeTag = "application/pkcs7-mime"; } @@ -909,6 +929,7 @@ CryptController::update_mail_mapi () protocol_t protocol = m_proto == GpgME::CMS ? PROTOCOL_SMIME : PROTOCOL_OPENPGP; + int rc = 0; /* Do we have override MIME ? */ const auto overrideMime = m_mail->get_override_mime_data (); @@ -918,11 +939,11 @@ CryptController::update_mail_mapi () } else if (m_sign && m_encrypt) { - rc = create_encrypt_attach (sink, protocol, m_output); + rc = create_encrypt_attach (sink, protocol, m_output, exchange_major_version); } else if (m_encrypt) { - rc = create_encrypt_attach (sink, protocol, m_output); + rc = create_encrypt_attach (sink, protocol, m_output, exchange_major_version); } else if (m_sign) { diff --git a/src/mimemaker.cpp b/src/mimemaker.cpp index ed961f7..1e4a5d6 100644 --- a/src/mimemaker.cpp +++ b/src/mimemaker.cpp @@ -1892,7 +1892,7 @@ sink_encryption_write_b64 (sink_t encsink, const void *data, size_t datalen) function. */ int create_top_encryption_header (sink_t sink, protocol_t protocol, char *boundary, - bool is_inline) + bool is_inline, int exchange_major_version) { int rc; @@ -1915,26 +1915,31 @@ create_top_encryption_header (sink_t sink, protocol_t protocol, char *boundary, else if (protocol == PROTOCOL_SMIME) { *boundary = 0; - rc = 0; - /* - For S/MIME encrypted mails we do not use the S/MIME conversion - code anymore. With Exchange 2016 this no longer works. Instead - we set an override mime tag, the extended headers in OOM in - Mail::update_crypt_oom and let outlook convert the attachment - to base64. - - A bit more details can be found in T3853 / T3884 - - rc = write_multistring (sink, - "Content-Type: application/pkcs7-mime; " - "smime-type=enveloped-data;\r\n" - "\tname=\"smime.p7m\"\r\n" - "Content-Disposition: attachment; filename=\"smime.p7m\"\r\n" - "Content-Transfer-Encoding: base64\r\n" - "MIME-Version: 1.0\r\n" - "\r\n", - NULL); - */ + if (exchange_major_version >= 15) + { + /* + For S/MIME encrypted mails we do not use the S/MIME conversion + code anymore. With Exchange 2016 this no longer works. Instead + we set an override mime tag, the extended headers in OOM in + Mail::update_crypt_oom and let outlook convert the attachment + to base64. + + A bit more details can be found in T3853 / T3884 + */ + rc = 0; + } + else + { + rc = write_multistring (sink, + "Content-Type: application/pkcs7-mime; " + "smime-type=enveloped-data;\r\n" + "\tname=\"smime.p7m\"\r\n" + "Content-Disposition: attachment; filename=\"smime.p7m\"\r\n" + "Content-Transfer-Encoding: base64\r\n" + "MIME-Version: 1.0\r\n" + "\r\n", + NULL); + } } else { diff --git a/src/mimemaker.h b/src/mimemaker.h index 4758bfd..eed47a3 100644 --- a/src/mimemaker.h +++ b/src/mimemaker.h @@ -77,7 +77,7 @@ int add_body_and_attachments (sink_t sink, LPMESSAGE message, mapi_attach_item_t *att_table, Mail *mail, const char *body, int n_att_usable); int create_top_encryption_header (sink_t sink, protocol_t protocol, char *boundary, - bool is_inline = false); + bool is_inline = false, int exchange_major_version = -1); /* Helper to write a boundary to the output sink. The leading LF will be written as well. */ diff --git a/src/oomhelp.cpp b/src/oomhelp.cpp index 51d025b..4ba8715 100644 --- a/src/oomhelp.cpp +++ b/src/oomhelp.cpp @@ -2034,3 +2034,26 @@ get_inline_body () return body; } + +int +get_ex_major_version_for_addr (const char *mbox) +{ + LPDISPATCH account = get_account_for_mail (mbox); + if (!account) + { + TRACEPOINT; + return -1; + } + + char *version_str = get_oom_string (account, "ExchangeMailboxServerVersion"); + gpgol_release (account); + + if (!version_str) + { + return -1; + } + long int version = strtol (version_str, nullptr, 10); + xfree (version_str); + + return (int) version; +} diff --git a/src/oomhelp.h b/src/oomhelp.h index 3bf86a6..13faafb 100644 --- a/src/oomhelp.h +++ b/src/oomhelp.h @@ -343,6 +343,12 @@ char *get_sender_SenderEMailAddress (LPDISPATCH mailitem); /* Get the body of the active inline response */ char *get_inline_body (void); + +/* Get the major version of the exchange server of the account for the + mail address "mbox". Returns -1 if no version could be detected + or exchange is not used.*/ +int get_ex_major_version_for_addr (const char *mbox); + #ifdef __cplusplus char *get_sender_SendUsingAccount (LPDISPATCH mailitem, bool *r_is_GSuite); } commit dc48589b3d429d7d156c75b4e7bc784b140f40ce Author: Andre Heinecke Date: Wed Apr 11 10:13:33 2018 +0200 Handle weirdly constructed PGP/MIME mails * src/mapihelp.cpp (get_msgcls_from_pgp_lines): Add return value for empty body. (get_msgcls_from_first_attachment): New. factored out. (change_message_class_ipm_note): Use get_msgcls_from_first_attachment. -- This fixes the handling of mails that are: multipart/mixed ->application/pgp-encrypted ->application/octed-stream They also don't have a body. To avoid overhead in a normal unencrypted multipart mixed mail we only check for this structure if we don't have a body. GnuPG-Bug-Id: T3882 diff --git a/src/mapihelp.cpp b/src/mapihelp.cpp index 7e33823..1be66b6 100644 --- a/src/mapihelp.cpp +++ b/src/mapihelp.cpp @@ -630,9 +630,12 @@ mapi_get_body (LPMESSAGE message, size_t *r_nbytes) /* Look at the body of the MESSAGE and try to figure out whether this is a supported PGP message. Returns the new message class or NULL - if it does not look like a PGP message. */ + if it does not look like a PGP message. + + If r_nobody is not null it is set to true if no body was found. + */ static char * -get_msgcls_from_pgp_lines (LPMESSAGE message) +get_msgcls_from_pgp_lines (LPMESSAGE message, bool *r_nobody = nullptr) { HRESULT hr; LPSTREAM stream; @@ -649,6 +652,11 @@ get_msgcls_from_pgp_lines (LPMESSAGE message) return NULL; } + if (r_nobody) + { + *r_nobody = false; + } + stream = mapi_get_body_as_stream (message); if (!stream) { @@ -660,6 +668,10 @@ get_msgcls_from_pgp_lines (LPMESSAGE message) { log_error ("%s:%s: Failed to get w_body stream. : hr=%#lx", SRCNAME, __func__, hr); + if (r_nobody) + { + *r_nobody = true; + } return NULL; } else @@ -979,6 +991,30 @@ get_first_attach_mime_tag (LPMESSAGE message) } +/* Look at the first attachment's content type to determine the + messageclass. */ +static char * +get_msgcls_from_first_attachment (LPMESSAGE message) +{ + char *ret = nullptr; + char *attach_mime = get_first_attach_mime_tag (message); + if (!attach_mime) + { + return nullptr; + } + if (!strcmp (attach_mime, "application/pgp-encrypted")) + { + ret = xstrdup ("IPM.Note.GpgOL.MultipartEncrypted"); + xfree (attach_mime); + } + else if (!strcmp (attach_mime, "application/pgp-signature")) + { + ret = xstrdup ("IPM.Note.GpgOL.MultipartSigned"); + xfree (attach_mime); + } + return ret; +} + /* Helper for mapi_change_message_class. Returns the new message class as an allocated string. @@ -1022,22 +1058,7 @@ change_message_class_ipm_note (LPMESSAGE message) if (!newvalue) { /* So no PGP Inline. Lets look at the attachment. */ - char *attach_mime = get_first_attach_mime_tag (message); - if (!attach_mime) - { - xfree (ct); - return nullptr; - } - if (!strcmp (attach_mime, "application/pgp-encrypted")) - { - newvalue = xstrdup ("IPM.Note.GpgOL.MultipartEncrypted"); - xfree (attach_mime); - } - else if (!strcmp (attach_mime, "application/pgp-signature")) - { - newvalue = xstrdup ("IPM.Note.GpgOL.MultipartSigned"); - xfree (attach_mime); - } + newvalue = get_msgcls_from_first_attachment (message); } } else if (!ct || !strcmp (ct, "text/plain") || @@ -1046,10 +1067,21 @@ change_message_class_ipm_note (LPMESSAGE message) !strcmp (ct, "multipart/related") || !strcmp (ct, "text/html")) { + bool has_no_body = false; /* It is quite common to have a multipart/mixed or alternative mail with separate encrypted PGP parts. Look at the body to decide. */ - newvalue = get_msgcls_from_pgp_lines (message); + newvalue = get_msgcls_from_pgp_lines (message, &has_no_body); + + if (!newvalue && has_no_body && !strcmp (ct, "multipart/mixed")) + { + /* This is uncommon. But some Exchanges might break a PGP/MIME mail + this way. Let's take a look at the attachments. Maybe it's + a PGP/MIME mail. */ + log_debug ("%s:%s: Multipart mixed without body found. Looking at attachments.", + SRCNAME, __func__); + newvalue = get_msgcls_from_first_attachment (message); + } } xfree (ct); ----------------------------------------------------------------------- Summary of changes: src/cryptcontroller.cpp | 35 ++++++++++++++++++++----- src/mapihelp.cpp | 70 +++++++++++++++++++++++++++++++++++-------------- src/mimemaker.cpp | 47 ++++++++++++++++++--------------- src/mimemaker.h | 2 +- src/oomhelp.cpp | 23 ++++++++++++++++ src/oomhelp.h | 6 +++++ 6 files changed, 135 insertions(+), 48 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 15:25:29 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 11 Apr 2018 15:25:29 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-128-g34f6bb7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 34f6bb73882ee5a9c996db506fb4f730aa57e658 (commit) from 88a3204d34b97430e7f1f80ebfe1f9f8e6fa9ddc (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 34f6bb73882ee5a9c996db506fb4f730aa57e658 Author: Andre Heinecke Date: Wed Apr 11 15:22:05 2018 +0200 Implement send again for crypto mails * src/mail.cpp (Mail::set_is_send_again): New. (Mail::parsing_done): Add handling for send again. * src/mailitem-events.cpp: Detect a send again. -- This detects the send again by the propchange of SendUsingAccount and a "sent" value of false. Usually crypto mails have a sent value of true. In this case we remove our attachments (so that they are not included in the sent again), set the draft info so that the crypto state is nicely preselected and finally change the type so that is_crypo_mail returns false for decrypted send again mails. GnuPG-Bug-Id: T3885 diff --git a/src/mail.cpp b/src/mail.cpp index ea2f65a..a408800 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -93,7 +93,8 @@ Mail::Mail (LPDISPATCH mailitem) : m_crypt_state(NoCryptMail), m_window(nullptr), m_async_crypt_disabled(false), - m_is_forwarded_crypto_mail(false) + m_is_forwarded_crypto_mail(false), + m_is_send_again(false) { if (get_mail_for_item (mailitem)) { @@ -1143,7 +1144,7 @@ Mail::parsing_done() } update_sigstate (); - m_needs_wipe = true; + m_needs_wipe = !m_is_send_again; TRACEPOINT; /* Set categories according to the result. */ @@ -1164,6 +1165,26 @@ Mail::parsing_done() SRCNAME, __func__); } + if (m_is_send_again) + { + log_debug ("%s:%s: I think that this is the send again of a crypto mail.", + SRCNAME, __func__); + + /* We no longer want to be treated like a crypto mail. */ + m_type = MSGTYPE_UNKNOWN; + LPMESSAGE msg = get_oom_base_message (m_mailitem); + if (!msg) + { + TRACEPOINT; + } + else + { + set_gpgol_draft_info_flags (msg, m_crypto_flags); + gpgol_release (msg); + } + remove_our_attachments (); + } + log_debug ("%s:%s: Delayed invalidate to update sigstate.", SRCNAME, __func__); CloseHandle(CreateThread (NULL, 0, delayed_invalidate_ui, (LPVOID) this, 0, diff --git a/src/mail.h b/src/mail.h index d267d8b..ee108a2 100644 --- a/src/mail.h +++ b/src/mail.h @@ -473,6 +473,14 @@ public: bool has_crypted_or_empty_body (); void update_body (); + + /** Set if this mail looks like the send again of a crypto mail. + This will mean that after it is decrypted it is treated + like an unencrypted mail so that it can be encrypted again + or sent unencrypted. + */ + void set_is_send_again (bool value) { m_is_send_again = value; } + private: void update_categories (); void update_sigstate (); @@ -513,5 +521,6 @@ private: bool m_async_crypt_disabled; std::string m_mime_data; bool m_is_forwarded_crypto_mail; /* Is this a forward of a crypto mail */ + bool m_is_send_again; /* Is this a send again of a crypto mail */ }; #endif // MAIL_H diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index ec6d6cc..f63665c 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -269,6 +269,21 @@ EVENT_SINK_INVOKE(MailItemEvents) log_oom ("%s:%s: Message %p propchange: %ls.", SRCNAME, __func__, m_object, prop_name); + if (!wcscmp (prop_name, L"SendUsingAccount")) + { + bool sent = get_oom_bool (m_object, "Sent"); + if (sent) + { + log_debug ("%s:%s: Ignoring SendUsingAccount change for sent %p ", + SRCNAME, __func__, m_object); + return S_OK; + } + log_debug ("%s:%s: Message %p looks like send again.", + SRCNAME, __func__, m_object); + m_mail->set_is_send_again (true); + return S_OK; + } + /* We have tried several scenarios to handle propery changes. Only save the property in MAPI and call MAPI SaveChanges worked and did not leak plaintext but this caused outlook ----------------------------------------------------------------------- Summary of changes: src/mail.cpp | 25 +++++++++++++++++++++++-- src/mail.h | 9 +++++++++ src/mailitem-events.cpp | 15 +++++++++++++++ 3 files changed, 47 insertions(+), 2 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 16:15:54 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Wed, 11 Apr 2018 16:15:54 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-132-gd13de35 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via d13de350caa214e97ac18066ba9cdb8caef64ed8 (commit) via 17b513433ba0e0d0bda5f3b24d310a923c993759 (commit) via d3a220f060cd670e707a511fd577309e418521eb (commit) via 49d53c7dfdc188427635a0515ef01e17f753b2a9 (commit) from 34f6bb73882ee5a9c996db506fb4f730aa57e658 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d13de350caa214e97ac18066ba9cdb8caef64ed8 Author: Andre Heinecke Date: Wed Apr 11 16:14:44 2018 +0200 Show warning if attachment of crypt mail removed * src/mailitem-events.cpp (EVENT_SINK_INVOKE): Handle AttachmentRemove event and show warning if an attachment is removed from a crypto mail. -- GnuPG-Bug-Id: T3886 diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index 7dec4c4..e73e0ee 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -103,6 +103,7 @@ MailItemEvents::~MailItemEvents() } static bool propchangeWarnShown = false; +static bool attachRemoveWarnShown = false; static DWORD WINAPI do_delayed_locate (LPVOID arg) @@ -787,6 +788,21 @@ EVENT_SINK_INVOKE(MailItemEvents) gpgol_release (msg); break; } + case AttachmentRemove: + { + log_oom_extra ("%s:%s: AttachmentRemove: %p", + SRCNAME, __func__, m_mail); + if (!m_mail->is_crypto_mail () || attachRemoveWarnShown) + { + return S_OK; + } + gpgol_message_box (get_active_hwnd (), + _("Attachments are part of the crypto message.\nThey " + "can't be permanently removed and will be shown again the next " + "time this message is opened."), + _("Sorry, that's not possible, yet"), MB_OK); + attachRemoveWarnShown = true; + } default: log_oom_extra ("%s:%s: Message:%p Unhandled Event: %lx \n", commit 17b513433ba0e0d0bda5f3b24d310a923c993759 Author: Andre Heinecke Date: Wed Apr 11 16:14:16 2018 +0200 Ignore received time propchange * src/mailitem-events.cpp (prop_blacklist): Add ReceivedTime to blacklist. diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index f63665c..7dec4c4 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -44,6 +44,7 @@ const wchar_t *prop_blacklist[] = { L"UnRead", L"OutlookVersion", L"OutlookInternalVersion", + L"ReceivedTime", NULL }; typedef enum commit d3a220f060cd670e707a511fd577309e418521eb Author: Andre Heinecke Date: Wed Apr 11 16:12:49 2018 +0200 Fix early deletion of temporary attachments * src/mail.cpp (add_attachments): Close handle before deletion. -- This fixes the problem that as long as Outlook is open the temporary files stick around and are not removed. Which in turn leads to numbers added to the attachments. GnuPG-Bug-Id: T3886 diff --git a/src/mail.cpp b/src/mail.cpp index a408800..2abff2a 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -632,6 +632,7 @@ add_attachments(LPDISPATCH mail, SRCNAME, __func__, att->get_display_name().c_str()); err = 1; } + CloseHandle (hFile); if (!DeleteFileW (wchar_file)) { log_error ("%s:%s: Failed to delete tmp attachment for: %s", commit 49d53c7dfdc188427635a0515ef01e17f753b2a9 Author: Andre Heinecke Date: Wed Apr 11 16:11:31 2018 +0200 Fix spelling in german propchange warning * po/de.po: Fix german propchange warning. -- GnuPG-Bug-Id: T3884 diff --git a/po/de.po b/po/de.po index 9d29005..f8b9ebb 100644 --- a/po/de.po +++ b/po/de.po @@ -759,15 +759,15 @@ msgid "" "\n" "For example by right clicking but not selecting the message.\n" msgstr "" -"GpgOL hat eine ?nderung an der \"%s\" Eigenschaft verhindern.\n" -"?nderungen an Eigenschaften werden noch nicht f?r Krypto Nachrichten " +"GpgOL hat eine ?nderung an der \"%s\" Eigenschaft verhindert.\n" +"?nderungen an Eigenschaften werden noch nicht f?r Krypto-Nachrichten " "unterst?tzt.\n" "\n" -"Um dieses Problem zu umgehen ?ndern Sie bitte die Eigenschaft zu einem " -"Zeitpunkt wenn die Nachricht in keinem Fenster ge?ffnet ist und nicht in der " +"Um dieses Problem zu umgehen, ?ndern Sie bitte die Eigenschaft wenn " +"die Nachricht in keinem Fenster ge?ffnet ist und nicht in der " "Nachrichtenliste ausgew?hlt ist.\n" "\n" -"Beispielsweise durch einen Rechtsklick auf die Nachricht wenn diese nicht " +"Beispielsweise durch einen Rechtsklick auf die Nachricht, wenn diese nicht " "ausgew?hlt ist.\n" #: src/main.c:466 ----------------------------------------------------------------------- Summary of changes: po/de.po | 10 +++++----- src/mail.cpp | 1 + src/mailitem-events.cpp | 17 +++++++++++++++++ 3 files changed, 23 insertions(+), 5 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 20:43:01 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 11 Apr 2018 20:43:01 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-5-g789d240 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 789d240cb40ab36406a7c57ad49897e0bafbb41e (commit) from 9f69dbeb902ac447adbc92937cd451c4e909f234 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 789d240cb40ab36406a7c57ad49897e0bafbb41e Author: Werner Koch Date: Wed Apr 11 20:35:40 2018 +0200 gpg: New option --no-symkey-cache. * g10/gpg.c (oNoSymkeyCache): New. (opts): Add that option. (main): Set var. * g10/options.h (struct opt): New field no_symkey_cache. * g10/passphrase.c (passphrase_to_dek): Implement that feature. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 8b9d2bc..403c2a0 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,9 @@ Noteworthy changes in version 2.2.7 (unreleased) ------------------------------------------------ + * gpg: New option --no-symkey-cache to disable the passphrase cache + for symmetrical en- and decryption. + Noteworthy changes in version 2.2.6 (2018-04-09) ------------------------------------------------ diff --git a/doc/gpg.texi b/doc/gpg.texi index 086b4fc..908af7b 100644 --- a/doc/gpg.texi +++ b/doc/gpg.texi @@ -214,7 +214,10 @@ symmetric cipher used is @value{GPGSYMENCALGO}, but may be chosen with the @option{--encrypt} (for a message that may be decrypted via a secret key or a passphrase), or @option{--sign} and @option{--encrypt} together (for a signed message that may be decrypted via a secret key or a -passphrase). +passphrase). @command{@gpgname} caches the passphrase used for +symmetric encryption so that a decrypt operation may not require that +the user needs to enter the passphrase. The option + at option{--no-symkey-cache} can be used to disable this feature. @item --store @opindex store @@ -3140,6 +3143,12 @@ are: Pinentry the user is not prompted again if he enters a bad password. @end table + at item --no-symkey-cache + at opindex no-symkey-cache +Disable the passphrase cache used for symmetrical en- and decryption. +This cache is based on the message specific salt value +(cf. @option{--s2k-mode}). + @item --request-origin @var{origin} @opindex request-origin Tell gpg to assume that the operation ultimately originated at diff --git a/g10/gpg.c b/g10/gpg.c index 2c93a83..fbbdd92 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -423,6 +423,7 @@ enum cmd_and_opt_values oSender, oKeyOrigin, oRequestOrigin, + oNoSymkeyCache, oNoop }; @@ -888,6 +889,7 @@ static ARGPARSE_OPTS opts[] = { ARGPARSE_s_s (oAutoKeyLocate, "auto-key-locate", "@"), ARGPARSE_s_n (oNoAutoKeyLocate, "no-auto-key-locate", "@"), ARGPARSE_s_n (oNoAutostart, "no-autostart", "@"), + ARGPARSE_s_n (oNoSymkeyCache, "no-symkey-cache", "@"), /* Dummy options with warnings. */ ARGPARSE_s_n (oUseAgent, "use-agent", "@"), @@ -3556,6 +3558,7 @@ main (int argc, char **argv) break; case oNoAutostart: opt.autostart = 0; break; + case oNoSymkeyCache: opt.no_symkey_cache = 1; break; case oDefaultNewKeyAlgo: opt.def_new_key_algo = pargs.r.ret_str; diff --git a/g10/options.h b/g10/options.h index e1bf97f..96b76f8 100644 --- a/g10/options.h +++ b/g10/options.h @@ -242,7 +242,7 @@ struct unsigned int allow_weak_digest_algos:1; unsigned int large_rsa:1; unsigned int disable_signer_uid:1; - /* Flag to enbale experimental features from RFC4880bis. */ + /* Flag to enable experimental features from RFC4880bis. */ unsigned int rfc4880bis:1; } flags; @@ -275,6 +275,8 @@ struct int unwrap_encryption; int only_sign_text_ids; + + int no_symkey_cache; /* Disable the cache used for --symmetric. */ } opt; /* CTRL is used to keep some global variables we currently can't diff --git a/g10/passphrase.c b/g10/passphrase.c index a498f62..ffdcdf2 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -317,6 +317,9 @@ passphrase_to_dek (int cipher_algo, STRING2KEY *s2k, canceled = &dummy_canceled; *canceled = 0; + if (opt.no_symkey_cache) + nocache = 1; /* Force no symmtric key caching. */ + if ( !s2k ) { log_assert (create && !nocache); ----------------------------------------------------------------------- Summary of changes: NEWS | 3 +++ doc/gpg.texi | 11 ++++++++++- g10/gpg.c | 3 +++ g10/options.h | 4 +++- g10/passphrase.c | 3 +++ 5 files changed, 22 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 11 21:01:50 2018 From: cvs at cvs.gnupg.org (by Damien Goutte-Gattat via Gnupg-devel) Date: Wed, 11 Apr 2018 21:01:50 +0200 Subject: [git] GPG-ERROR - branch, master, updated. gpgrt-1.29-2-g8ef76d9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 8ef76d9373db16f1ca176f9c87c8dac2758c8b85 (commit) from 253ca177055e23617b14e0934b09ef50253f29eb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8ef76d9373db16f1ca176f9c87c8dac2758c8b85 Author: Damien Goutte-Gattat via Gnupg-devel Date: Wed Apr 11 16:06:01 2018 +0100 build: Make sure version.texi is generated in time. [[PGP Signed Part:Good signature from AA4373E6C82C78AD Damien Goutte-Gattat (trust undefined) created at 2018-04-11T17:05:27+0200 using RSA]] [1. text/plain] * doc/Makefile.am (yat2m-stamp): Depend on version.texi. -- When building from a cloned Git repository and with `make -j 3` (or higher), the version.texi file may not have been generated yet when yat2m is called to generate the man page, resulting in a build failure. Signed-off-by: Damien Goutte-Gattat diff --git a/doc/Makefile.am b/doc/Makefile.am index d5eb886..7439a49 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -54,7 +54,7 @@ YAT2M_DEP = yat2m endif endif -yat2m-stamp: $(myman_sources) +yat2m-stamp: $(myman_sources) $(srcdir)/version.texi @rm -f yat2m-stamp.tmp @touch yat2m-stamp.tmp for file in $(myman_sources) ; do \ ----------------------------------------------------------------------- Summary of changes: doc/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 02:44:59 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Thu, 12 Apr 2018 02:44:59 +0200 Subject: [git] GPG-ERROR - branch, master, updated. gpgrt-1.29-3-ge357490 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via e35749023ca68de6f1f85d3072f7b36fd6f6fe7c (commit) from 8ef76d9373db16f1ca176f9c87c8dac2758c8b85 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e35749023ca68de6f1f85d3072f7b36fd6f6fe7c Author: NIIBE Yutaka Date: Thu Apr 12 09:40:19 2018 +0900 build: Check -lsocket -lnsl for Solaris. * configure.ac: Check inet_addr for -lnsl, and socket for -lsocket. -- Once I used LIB_SOCKET_NSL for the variable name, but it is already used by AX_LIB_SOCKET_NSL in autoconf-archive as an alias of the macro. So, I changed the variable name. GnuPG-bug-id: 3869 Signed-off-by: NIIBE Yutaka diff --git a/configure.ac b/configure.ac index e1f8858..2026128 100644 --- a/configure.ac +++ b/configure.ac @@ -462,6 +462,20 @@ AC_SEARCH_LIBS([sched_yield], [rt posix4], config_libs="$config_libs $LIB_SCHED_YIELD" fi]) +LIB_NETWORK= +AC_SUBST([LIB_NETWORK]) +AC_SEARCH_LIBS([inet_addr], [nsl], + [if test "$ac_cv_search_inet_addr" != "none required"; then + LIB_NETWORK=$ac_cv_search_inet_addr + fi]) +AC_SEARCH_LIBS([socket], [socket], + [if test "$ac_cv_search_socket" != "none required"; then + LIB_NETWORK="$ac_cv_search_socket $LIB_NETWORK" + fi], [], [$LIB_NETWORK]) +if test "x$LIB_NETWORK" != x; then + config_libs="$config_libs $LIB_NETWORK" +fi + # Check for optional readline support GNUPG_CHECK_READLINE ----------------------------------------------------------------------- Summary of changes: configure.ac | 14 ++++++++++++++ 1 file changed, 14 insertions(+) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 03:53:05 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Thu, 12 Apr 2018 03:53:05 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-6-gbb2680a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via bb2680a45ab27427d33861802617211052242a33 (commit) from 789d240cb40ab36406a7c57ad49897e0bafbb41e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bb2680a45ab27427d33861802617211052242a33 Author: NIIBE Yutaka Date: Thu Apr 12 10:52:51 2018 +0900 po: Update Japanese translation. -- Signed-off-by: NIIBE Yutaka diff --git a/po/ja.po b/po/ja.po index 4920e4e..d805066 100644 --- a/po/ja.po +++ b/po/ja.po @@ -4,13 +4,13 @@ # IIDA Yosiaki , 1999, 2000, 2002, 2003, 2004. # Yoshihiro Kajiki , 1999. # Takashi P.KATOH, 2002. -# NIIBE Yutaka , 2013, 2014, 2015, 2016, 2017. +# NIIBE Yutaka , 2013, 2014, 2015, 2016, 2017, 2018. # msgid "" msgstr "" "Project-Id-Version: gnupg 2.2.6\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2018-03-30 19:31+0900\n" +"PO-Revision-Date: 2018-04-12 10:51+0900\n" "Last-Translator: NIIBE Yutaka \n" "Language-Team: none\n" "Language: ja\n" @@ -278,7 +278,7 @@ msgstr "" "???????" msgid "Warning: You have entered an insecure passphrase." -msgstr "*??*: ???????????????????????" +msgstr "??: ???????????????????????" #, c-format msgid "Please enter the passphrase to%0Aprotect your new key" @@ -397,7 +397,7 @@ msgstr "???????????????????????? #, c-format msgid "Note: no default option file '%s'\n" -msgstr "*??*: ???????????????? '%s' ??????\n" +msgstr "??: ???????????????? '%s' ??????\n" #, c-format msgid "option file '%s': %s\n" @@ -409,7 +409,7 @@ msgstr "'%s' ??????????????\n" #, c-format msgid "Note: '%s' is not considered an option\n" -msgstr "*??*: '%s'???????????????\n" +msgstr "??: '%s'???????????????\n" #, c-format msgid "can't create socket: %s\n" @@ -626,7 +626,7 @@ msgstr "??" #, c-format msgid "Note: This passphrase has never been changed.%0APlease change it now." -msgstr "*??*: ?????????????????%0A???????????" +msgstr "??: ?????????????????%0A???????????" #, c-format msgid "" @@ -1195,12 +1195,12 @@ msgstr "*??*: %s\n" msgid "Note: Outdated servers may lack important security fixes.\n" msgstr "" -"*??*: ????????????????????????????????" +"??: ????????????????????????????????" "??\n" #, c-format msgid "Note: Use the command \"%s\" to restart them.\n" -msgstr "*??*: \"%s\"??????????????????\n" +msgstr "??: \"%s\"??????????????????\n" #, c-format msgid "%s is not compliant with %s mode\n" @@ -1320,9 +1320,9 @@ msgid "" " If the key generation does not succeed, please check the\n" " documentation of your card to see what sizes are allowed.\n" msgstr "" -"*??*: ????????????????????????????????\n" -" ????????????????????????????????\n" -" ??????????????????\n" +"??: ????????????????????????????????\n" +" ????????????????????????????????\n" +" ??????????????????\n" #, c-format msgid "What keysize do you want? (%u) " @@ -1364,12 +1364,12 @@ msgstr "????????\n" #, c-format msgid "The card will now be re-configured to generate a key of %u bits\n" -msgstr "??%u????????????????????????????\n" +msgstr "???????%u???????????????????????\n" #, c-format msgid "The card will now be re-configured to generate a key of type: %s\n" msgstr "" -"???????????????????????????????????: %s\n" +"??????????????????????????????????: %s\n" #, c-format msgid "error changing key attribute for key %d: %s\n" @@ -1377,7 +1377,7 @@ msgstr "?%d?????????????: %s\n" #, c-format msgid "error getting card info: %s\n" -msgstr "?????????: %s\n" +msgstr "???????????: %s\n" msgid "This command is not supported by this card\n" msgstr "???????????????????????????\n" @@ -1386,7 +1386,7 @@ msgid "Make off-card backup of encryption key? (Y/n) " msgstr "??????????????????????? (Y/n) " msgid "Note: keys are already stored on the card!\n" -msgstr "*??*: ??????????????????!\n" +msgstr "??: ??????????????????!\n" msgid "Replace existing keys? (y/N) " msgstr "????????????? (y/N) " @@ -1421,7 +1421,7 @@ msgid "KEYTOCARD failed: %s\n" msgstr "KEYTOCARD???????: %s\n" msgid "Note: This command destroys all keys stored on the card!\n" -msgstr "*??*: ????????????????????????????!\n" +msgstr "??: ????????????????????????????!\n" msgid "Continue? (y/N) " msgstr "?????? (y/N) " @@ -1555,7 +1555,7 @@ msgstr "???????????????\n" #, c-format msgid "there is a secret key for public key \"%s\"!\n" -msgstr "?????????????\"%s\"?????!\n" +msgstr "????????????\"%s\"?????!\n" msgid "use option \"--delete-secret-keys\" to delete it first.\n" msgstr "??\"--delete-secret-keys\"??????????????????\n" @@ -2091,11 +2091,11 @@ msgstr "(????????\"help\"????????)\n" #, c-format msgid "Note: old default options file '%s' ignored\n" -msgstr "*??*: ????????????????????'%s'????????\n" +msgstr "??: ????????????????????'%s'????????\n" #, c-format msgid "Note: %s is not for normal use!\n" -msgstr "*??*: ??%s??????!\n" +msgstr "??: ??%s??????!\n" #, c-format msgid "'%s' is not a valid signature expiration\n" @@ -2250,7 +2250,7 @@ msgid "invalid min-cert-level; must be 1, 2, or 3\n" msgstr "???min-cert-level?0?1?2?3??????????\n" msgid "Note: simple S2K mode (0) is strongly discouraged\n" -msgstr "*??*: ???S2K???(0)????????????\n" +msgstr "??: ???S2K???(0)????????????\n" msgid "invalid S2K mode; must be 0, 1 or 3\n" msgstr "???S2K????0?1?3??????????\n" @@ -2350,7 +2350,7 @@ msgstr "'%s'?????ID, ??????????keygrip???? msgid "WARNING: no command supplied. Trying to guess what you mean ...\n" msgstr "" -"??: ???????????????????????????????? ...\n" +"*??*: ???????????????????????????????? ...\n" msgid "Go ahead and type your message ...\n" msgstr "??????????????????? ...\n" @@ -2868,7 +2868,7 @@ msgid "" "The self-signature on \"%s\"\n" "is a PGP 2.x-style signature.\n" msgstr "" -"\"%s\"???????????\n" +"\"%s\"??????????\n" "PGP 2.x????????\n" msgid "Do you want to promote it to an OpenPGP self-signature? (y/N) " @@ -2890,7 +2890,7 @@ msgid "" "Your current signature on \"%s\"\n" "is a local signature.\n" msgstr "" -"\"%s\"?????????????\n" +"\"%s\"????????????\n" "???????????\n" msgid "Do you want to promote it to a full exportable signature? (y/N) " @@ -3467,15 +3467,11 @@ msgstr "??????????????\n" msgid "You can't change the expiration date of a v3 key\n" msgstr "v3??????????????\n" -#, fuzzy -#| msgid "Changing expiration time for a subkey.\n" msgid "Changing usage of a subkey.\n" -msgstr "??????????????\n" +msgstr "?????????????\n" -#, fuzzy -#| msgid "Changing expiration time for the primary key.\n" msgid "Changing usage of the primary key.\n" -msgstr "??????????????\n" +msgstr "?????????????\n" #, c-format msgid "signing subkey %s is already cross-certified\n" @@ -3982,7 +3978,7 @@ msgstr "???????????'%s'????????: %s\n" #, c-format msgid "Note: backup of card key saved to '%s'\n" -msgstr "*??*: ????????????'%s'???????\n" +msgstr "??: ????????????'%s'???????\n" #, c-format msgid "writing public key to '%s'\n" @@ -4017,7 +4013,7 @@ msgid "" msgstr "??%lu????????? (??????????????)\n" msgid "Note: creating subkeys for v3 keys is not OpenPGP compliant\n" -msgstr "*??*: v3????????????OpenPGP???????\n" +msgstr "??: v3????????????OpenPGP???????\n" msgid "Secret parts of primary key are not available.\n" msgstr "????????????????\n" @@ -4069,7 +4065,7 @@ msgstr[0] "??????%d???????????\n" #, c-format msgid "Warning: %lu key skipped due to its large size\n" msgid_plural "Warning: %lu keys skipped due to their large sizes\n" -msgstr[0] "*??*: %lu?????????????????????\n" +msgstr[0] "??: %lu?????????????????????\n" msgid "Keyring" msgstr "????" @@ -4262,7 +4258,7 @@ msgid "decryption failed: %s\n" msgstr "?????????: %s\n" msgid "Note: sender requested \"for-your-eyes-only\"\n" -msgstr "*??*: ????\"?????\"?????????\n" +msgstr "??: ????\"?????\"?????????\n" #, c-format msgid "original file name='%.*s'\n" @@ -4401,7 +4397,7 @@ msgstr "*??*: ????????????? %s ?????? #, c-format msgid "Note: signatures using the %s algorithm are rejected\n" -msgstr "*??*: ?????? %s ??????????????\n" +msgstr "??: ?????? %s ??????????????\n" #, c-format msgid "(reported error: %s)\n" @@ -4725,15 +4721,15 @@ msgid "WARNING: This subkey has been revoked by its owner!\n" msgstr "*??*: ????????????????????!\n" msgid "Note: This key has been disabled.\n" -msgstr "*??*: ??????????????????\n" +msgstr "??: ??????????????????\n" #, c-format msgid "Note: Verified signer's address is '%s'\n" -msgstr "*??*: ??????????????'%s'??\n" +msgstr "??: ??????????????'%s'??\n" #, c-format msgid "Note: Signer's address '%s' does not match DNS entry\n" -msgstr "*??*: ????????'%s'?DNS????????????\n" +msgstr "??: ????????'%s'?DNS????????????\n" msgid "trustlevel adjusted to FULL due to valid PKA info\n" msgstr "PKA???????????????FULL????????\n" @@ -4742,7 +4738,7 @@ msgid "trustlevel adjusted to NEVER due to bad PKA info\n" msgstr "PKA???????????????NEVER????????\n" msgid "Note: This key has expired!\n" -msgstr "*??*: ??????????!\n" +msgstr "??: ??????????!\n" msgid "WARNING: This key is not certified with a trusted signature!\n" msgstr "*??*: ?????????????????????!\n" @@ -4823,11 +4819,11 @@ msgstr "???????????\n" #, c-format msgid "Note: key %s has no %s feature\n" -msgstr "*??*: ?%s?? %s ?????????\n" +msgstr "??: ?%s?? %s ?????????\n" #, c-format msgid "Note: key %s has no preference for %s\n" -msgstr "*??*: ?%s??%s??????????????\n" +msgstr "??: ?%s??%s??????????????\n" msgid "data not saved; use option \"--output\" to save it\n" msgstr "" @@ -4877,10 +4873,10 @@ msgstr "*??*: ????????%s???????????? #, c-format msgid "Note: secret key %s expired at %s\n" -msgstr "*??*: ???%s?%s??????????\n" +msgstr "??: ???%s?%s??????????\n" msgid "Note: key has been revoked" -msgstr "*??*: ????????" +msgstr "??: ????????" #, c-format msgid "build_packet failed: %s\n" @@ -5074,28 +5070,27 @@ msgstr[0] "?%s?%lu?????????? (???????? #, c-format msgid "Note: signature key %s expired %s\n" -msgstr "*??*: ???%s?%s??????????\n" +msgstr "??: ???%s?%s??????????\n" #, c-format msgid "Note: signature key %s has been revoked\n" -msgstr "*??*: ? %s ???????\n" +msgstr "??: ? %s ???????\n" -#, fuzzy, c-format -#| msgid "standalone signature of class 0x%02x\n" +#, c-format msgid "bad key signature from key %s: %s (0x%02x, 0x%x)\n" -msgstr "???0x%02x??????????\n" +msgstr "?%s???????????: %s (0x%02x, 0x%x)\n" #, c-format msgid "assuming bad signature from key %s due to an unknown critical bit\n" -msgstr "??????????????????%s????????????\n" +msgstr "??????????????????%s??????????????\n" #, c-format msgid "key %s: no subkey for subkey revocation signature\n" -msgstr "?%s: ???????????????????\n" +msgstr "?%s: ??????????????????\n" #, c-format msgid "key %s: no subkey for subkey binding signature\n" -msgstr "?%s: ?????????????????????\n" +msgstr "?%s: ????????????????????\n" #, c-format msgid "WARNING: unable to %%-expand notation (too large). Using unexpanded.\n" @@ -5225,7 +5220,7 @@ msgid "%s: trustdb created\n" msgstr "%s: ??????????????\n" msgid "Note: trustdb not writable\n" -msgstr "*??*: ??????????????????\n" +msgstr "??: ??????????????????\n" #, c-format msgid "%s: invalid trustdb\n" @@ -6089,7 +6084,7 @@ msgid "failed to open '%s': %s\n" msgstr "'%s'??????: %s\n" msgid "Note: non-critical certificate policy not allowed" -msgstr "*??*: ????????????????????????" +msgstr "??: ????????????????????????" msgid "certificate policy not allowed" msgstr "???????????????" @@ -6605,7 +6600,7 @@ msgstr "" #, c-format msgid "Note: won't be able to encrypt to '%s': %s\n" -msgstr "*??*:'%s'????????????: %s\n" +msgstr "??:'%s'????????????: %s\n" #, c-format msgid "unknown validation model '%s'\n" ----------------------------------------------------------------------- Summary of changes: po/ja.po | 101 ++++++++++++++++++++++++++++++--------------------------------- 1 file changed, 48 insertions(+), 53 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 08:55:19 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 12 Apr 2018 08:55:19 +0200 Subject: [git] gnupg-doc - branch, master, updated. 0ab16972dc62edd7e610248f5d9859e273113183 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 0ab16972dc62edd7e610248f5d9859e273113183 (commit) from e033305a5b7c3cc79d35af8f4baff9c1346bb48f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0ab16972dc62edd7e610248f5d9859e273113183 Author: Andre Heinecke Date: Thu Apr 12 08:50:27 2018 +0200 swdb: Fix gpgex checksums -- Strange i've copied the ones from make distcheck, but the signed tarball (double checked the sig) has different checksums. diff --git a/web/swdb.mac b/web/swdb.mac index 4617b87..6c2188d 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -174,8 +174,8 @@ #+macro: gpgex_ver 1.0.6 #+macro: gpgex_date 2018-04-10 #+macro: gpgex_size 297k -#+macro: gpgex_sha1 9994f89b466cb2098099aedbda259479a1484485 -#+macro: gpgex_sha2 8cb429bfcf1e938fa4ef8953e0eb2eff88848d883afcf66fdf5fa67ef01ed424 +#+macro: gpgex_sha1 443270219d542f97b6f124d2101ae8d803c6dbe2 +#+macro: gpgex_sha2 d69898d1022400bd09bb684080edc95be554af736ae9c014df73543f34f7481b # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 08:57:06 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 12 Apr 2018 08:57:06 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-7-g327fece Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 327fece0aed2c9974659c72304f9fd1f461d460c (commit) from bb2680a45ab27427d33861802617211052242a33 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 327fece0aed2c9974659c72304f9fd1f461d460c Author: Andre Heinecke Date: Thu Apr 12 08:56:00 2018 +0200 build: Update getswdb version check to 2.2 * build-aux/getswdb.sh: Check for gnupg22_ver gnupg21_ver no longer exists. diff --git a/build-aux/getswdb.sh b/build-aux/getswdb.sh index 83ecdb2..cd419f2 100755 --- a/build-aux/getswdb.sh +++ b/build-aux/getswdb.sh @@ -175,9 +175,9 @@ fi # to help detect rollback attacks. # if [ $skip_selfcheck = no ]; then - gnupg_ver=$(awk '$1=="gnupg21_ver" {print $2;exit}' swdb.lst) + gnupg_ver=$(awk '$1=="gnupg22_ver" {print $2;exit}' swdb.lst) if [ -z "$gnupg_ver" ]; then - echo "GnuPG 2.1 version missing in swdb.lst!" >&2 + echo "GnuPG 2.2 version missing in swdb.lst!" >&2 exit 1 fi gnupg_ver_num=$(echo "$gnupg_ver" | cvtver) ----------------------------------------------------------------------- Summary of changes: build-aux/getswdb.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 09:24:34 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 09:24:34 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-184-gf7700a0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via f7700a016926f0d8e9cb3c0337837deb7fe01079 (commit) from 5eb261d6028ab2c0ddd9af8e3e1f82e479c6109c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f7700a016926f0d8e9cb3c0337837deb7fe01079 Author: Werner Koch Date: Thu Apr 12 09:17:27 2018 +0200 core: Add new context flag "no-symkey-cache". * src/gpgme.c (gpgme_set_ctx_flag): Set flag. (gpgme_get_ctx_flag): Get flag. * src/context.h (struct gpgme_context): Add field no_symkey_cache. * src/engine-gpg.c (struct engine_gpg): Ditto. (gpg_set_engine_flags): Set flag. (build_argv): Pass option --no-symkey-cache to gpg. * tests/run-decrypt.c (print_result): Fix segv for symmetric messages. (main): New option --no-symkey-cache. * tests/run-encrypt.c (main): New option --no-symkey-cache. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 7b6fdd9..a8d73a5 100644 --- a/NEWS +++ b/NEWS @@ -1,6 +1,8 @@ Noteworthy changes in version 1.10.1 (unreleased) ------------------------------------------------- + * New context flag "no-symkey-cache". + * Interface changes relative to the 1.10.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys' diff --git a/doc/gpgme.texi b/doc/gpgme.texi index ab554d8..cbb0e64 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -3069,7 +3069,13 @@ the time when you verified the signature. The string given in @var{value} is passed to the GnuPG engines to request restrictions based on the origin of the request. Valid values are documented in the GnuPG manual and the gpg man page under the -option ``--request-origin''. +option ``--request-origin''. Requires at least GnuPG 2.2.6 to have an +effect. + + at item "no-symkey-cache" +For OpenPGP disable the passphrase cache used for symmetrical en- and +decryption. This cache is based on the message specific salt value. +Requires at least GnuPG 2.2.7 to have an effect. @end table diff --git a/src/context.h b/src/context.h index 202cf16..c8e75ba 100644 --- a/src/context.h +++ b/src/context.h @@ -121,6 +121,9 @@ struct gpgme_context /* True if the option --auto-key-retrieve shall be passed to gpg. */ unsigned int auto_key_retrieve : 1; + /* Do not use the symmtric encryption passphrase cache. */ + unsigned int no_symkey_cache : 1; + /* Flags for keylist mode. */ gpgme_keylist_mode_t keylist_mode; diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 3b9a6ff..a37d1f7 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -145,6 +145,10 @@ struct engine_gpg gpgme_pinentry_mode_t pinentry_mode; char request_origin[10]; + struct { + unsigned int no_symkey_cache : 1; + } flags; + /* NULL or the data object fed to --override_session_key-fd. */ gpgme_data_t override_session_key; }; @@ -642,6 +646,10 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx) else strcpy (gpg->request_origin, ctx->request_origin); } + else if (ctx->no_symkey_cache && have_gpg_version (gpg, "2.2.7")) + { + gpg->flags.no_symkey_cache = 1; + } else *gpg->request_origin = 0; } @@ -875,7 +883,7 @@ build_argv (engine_gpg_t gpg, const char *pgmname) argc++; if (!gpg->cmd.used) argc++; /* --batch */ - argc += 2; /* --no-sk-comments, --request-origin */ + argc += 3; /* --no-sk-comments, --request-origin, --no-symkey-cache */ argv = calloc (argc + 1, sizeof *argv); if (!argv) @@ -937,6 +945,19 @@ build_argv (engine_gpg_t gpg, const char *pgmname) argc++; } + if (gpg->flags.no_symkey_cache) + { + argv[argc] = strdup ("--no-symkey-cache"); + if (!argv[argc]) + { + int saved_err = gpg_error_from_syserror (); + free (fd_data_map); + free_argv (argv); + return saved_err; + } + argc++; + } + if (gpg->pinentry_mode && have_gpg_version (gpg, "2.1.0")) { const char *s = NULL; diff --git a/src/gpgme.c b/src/gpgme.c index 9e65c50..82d6747 100644 --- a/src/gpgme.c +++ b/src/gpgme.c @@ -538,6 +538,10 @@ gpgme_set_ctx_flag (gpgme_ctx_t ctx, const char *name, const char *value) if (!ctx->request_origin) err = gpg_error_from_syserror (); } + else if (!strcmp (name, "no-symkey-cache")) + { + ctx->no_symkey_cache = abool; + } else err = gpg_error (GPG_ERR_UNKNOWN_NAME); @@ -583,6 +587,10 @@ gpgme_get_ctx_flag (gpgme_ctx_t ctx, const char *name) { return ctx->request_origin? ctx->request_origin : ""; } + else if (!strcmp (name, "no-symkey-cache")) + { + return ctx->no_symkey_cache? "1":""; + } else return NULL; } diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c index f4c4754..a2e82a0 100644 --- a/tests/run-decrypt.c +++ b/tests/run-decrypt.c @@ -60,7 +60,7 @@ print_result (gpgme_decrypt_result_t result) if (result->session_key) printf ("Session key: %s\n", result->session_key); - for (recp = result->recipients; recp->next; recp = recp->next) + for (recp = result->recipients; recp && recp->next; recp = recp->next) { printf ("recipient %d\n", count++); printf (" status ....: %s\n", gpgme_strerror (recp->status)); @@ -82,6 +82,7 @@ show_usage (int ex) " --export-session-key show the session key\n" " --override-session-key STRING use STRING as session key\n" " --request-origin STRING use STRING as request origin\n" + " --no-symkey-cache disable the use of that cache\n" " --unwrap remove only the encryption layer\n" , stderr); exit (ex); @@ -104,6 +105,7 @@ main (int argc, char **argv) int export_session_key = 0; const char *override_session_key = NULL; const char *request_origin = NULL; + int no_symkey_cache = 0; int raw_output = 0; if (argc) @@ -160,6 +162,11 @@ main (int argc, char **argv) request_origin = *argv; argc--; argv++; } + else if (!strcmp (*argv, "--no-symkey-cache")) + { + no_symkey_cache = 1; + argc--; argv++; + } else if (!strcmp (*argv, "--unwrap")) { flags |= GPGME_DECRYPT_UNWRAP; @@ -226,6 +233,17 @@ main (int argc, char **argv) } } + if (no_symkey_cache) + { + err = gpgme_set_ctx_flag (ctx, "no-symkey-cache", "1"); + if (err) + { + fprintf (stderr, PGM ": error setting no-symkey-cache: %s\n", + gpgme_strerror (err)); + exit (1); + } + } + err = gpgme_data_new_from_stream (&in, fp_in); if (err) { diff --git a/tests/run-encrypt.c b/tests/run-encrypt.c index e949d76..51e2d60 100644 --- a/tests/run-encrypt.c +++ b/tests/run-encrypt.c @@ -80,17 +80,18 @@ show_usage (int ex) { fputs ("usage: " PGM " [options] FILE\n\n" "Options:\n" - " --verbose run in verbose mode\n" - " --status print status lines from the backend\n" - " --progress print progress info\n" - " --openpgp use the OpenPGP protocol (default)\n" - " --cms use the CMS protocol\n" - " --uiserver use the UI server\n" - " --loopback use a loopback pinentry\n" - " --key NAME encrypt to key NAME\n" - " --throw-keyids use this option\n" - " --wrap assume input is valid OpenPGP message\n" - " --symmetric encrypt symmetric (OpenPGP only)\n" + " --verbose run in verbose mode\n" + " --status print status lines from the backend\n" + " --progress print progress info\n" + " --openpgp use the OpenPGP protocol (default)\n" + " --cms use the CMS protocol\n" + " --uiserver use the UI server\n" + " --loopback use a loopback pinentry\n" + " --key NAME encrypt to key NAME\n" + " --throw-keyids use this option\n" + " --no-symkey-cache disable the use of that cache\n" + " --wrap assume input is valid OpenPGP message\n" + " --symmetric encrypt symmetric (OpenPGP only)\n" , stderr); exit (ex); } @@ -115,6 +116,7 @@ main (int argc, char **argv) int i; gpgme_encrypt_flags_t flags = GPGME_ENCRYPT_ALWAYS_TRUST; gpgme_off_t offset; + int no_symkey_cache = 0; if (argc) { argc--; argv++; } @@ -192,6 +194,11 @@ main (int argc, char **argv) flags |= GPGME_ENCRYPT_SYMMETRIC; argc--; argv++; } + else if (!strcmp (*argv, "--no-symkey-cache")) + { + no_symkey_cache = 1; + argc--; argv++; + } else if (!strncmp (*argv, "--", 2)) show_usage (1); @@ -227,6 +234,16 @@ main (int argc, char **argv) gpgme_set_pinentry_mode (ctx, GPGME_PINENTRY_MODE_LOOPBACK); gpgme_set_passphrase_cb (ctx, passphrase_cb, NULL); } + if (no_symkey_cache) + { + err = gpgme_set_ctx_flag (ctx, "no-symkey-cache", "1"); + if (err) + { + fprintf (stderr, PGM ": error setting no-symkey-cache: %s\n", + gpgme_strerror (err)); + exit (1); + } + } for (i=0; i < keycount; i++) { ----------------------------------------------------------------------- Summary of changes: NEWS | 2 ++ doc/gpgme.texi | 8 +++++++- src/context.h | 3 +++ src/engine-gpg.c | 23 ++++++++++++++++++++++- src/gpgme.c | 8 ++++++++ tests/run-decrypt.c | 20 +++++++++++++++++++- tests/run-encrypt.c | 39 ++++++++++++++++++++++++++++----------- 7 files changed, 89 insertions(+), 14 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 11:34:09 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 11:34:09 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-8-gbbb5bfa Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via bbb5bfacc0d1f179cfec94fd32fee01a09df0f1d (commit) from 327fece0aed2c9974659c72304f9fd1f461d460c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bbb5bfacc0d1f179cfec94fd32fee01a09df0f1d Author: Werner Koch Date: Thu Apr 12 11:24:54 2018 +0200 agent,dirmngr: Add "getenv" to the getinfo command. * agent/command.c (cmd_getinfo): Add sub-command getenv. * dirmngr/server.c (cmd_getinfo): Ditto. -- It is sometimes helpful to be able to inspect certain envvars in a running agent. For example "http_proxy". Signed-off-by: Werner Koch diff --git a/agent/command.c b/agent/command.c index f2d0389..20abb28 100644 --- a/agent/command.c +++ b/agent/command.c @@ -2825,6 +2825,7 @@ static const char hlp_getinfo[] = " std_env_names - List the names of the standard environment.\n" " std_session_env - List the standard session environment.\n" " std_startup_env - List the standard startup environment.\n" + " getenv NAME - Return value of envvar NAME.\n" " connections - Return number of active connections.\n" " jent_active - Returns OK if Libgcrypt's JENT is active.\n" " restricted - Returns OK if the connection is in restricted mode.\n" @@ -2961,6 +2962,23 @@ cmd_getinfo (assuan_context_t ctx, char *line) } } } + else if (!strncmp (line, "getenv", 6) + && (line[6] == ' ' || line[6] == '\t' || !line[6])) + { + line += 6; + while (*line == ' ' || *line == '\t') + line++; + if (!*line) + rc = gpg_error (GPG_ERR_MISSING_VALUE); + else + { + const char *s = getenv (line); + if (!s) + rc = set_error (GPG_ERR_NOT_FOUND, "No such envvar"); + else + rc = assuan_send_data (ctx, s, strlen (s)); + } + } else if (!strcmp (line, "connections")) { char numbuf[20]; diff --git a/dirmngr/server.c b/dirmngr/server.c index 60d9802..4315c41 100644 --- a/dirmngr/server.c +++ b/dirmngr/server.c @@ -2489,7 +2489,8 @@ static const char hlp_getinfo[] = "dnsinfo - Return info about the DNS resolver\n" "socket_name - Return the name of the socket.\n" "session_id - Return the current session_id.\n" - "workqueue - Inspect the work queue\n"; + "workqueue - Inspect the work queue\n" + "getenv NAME - Return value of envvar NAME\n"; static gpg_error_t cmd_getinfo (assuan_context_t ctx, char *line) { @@ -2557,6 +2558,23 @@ cmd_getinfo (assuan_context_t ctx, char *line) workqueue_dump_queue (ctrl); err = 0; } + else if (!strncmp (line, "getenv", 6) + && (line[6] == ' ' || line[6] == '\t' || !line[6])) + { + line += 6; + while (*line == ' ' || *line == '\t') + line++; + if (!*line) + err = gpg_error (GPG_ERR_MISSING_VALUE); + else + { + const char *s = getenv (line); + if (!s) + err = set_error (GPG_ERR_NOT_FOUND, "No such envvar"); + else + err = assuan_send_data (ctx, s, strlen (s)); + } + } else err = set_error (GPG_ERR_ASS_PARAMETER, "unknown value for WHAT"); ----------------------------------------------------------------------- Summary of changes: agent/command.c | 18 ++++++++++++++++++ dirmngr/server.c | 20 +++++++++++++++++++- 2 files changed, 37 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 11:57:55 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 11:57:55 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-9-ge2bd152 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via e2bd152a928d79ddfb95fd2f7911c80a1a8d5a21 (commit) from bbb5bfacc0d1f179cfec94fd32fee01a09df0f1d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e2bd152a928d79ddfb95fd2f7911c80a1a8d5a21 Author: Werner Koch Date: Thu Apr 12 11:49:36 2018 +0200 gpg: Relax printing of STATUS_FAILURE. * g10/gpg.c (g10_exit): Print STATUS_FAILURE only based on passed return code and not on the presence of any call to log_error. -- This fixes an actual regression in GPGME where FAILURE is considered for example by a signature verify operation. The operation will simply fail and not just record that that a signature could not be verified. In particular for files with more than one signature a log_error if often called to show that a pubkey is missing for one of the signatures. Using that log_error is correct in that case. Fixes-commit: 0336e5d1a7b9d46e06c838e6a98aecfcc9542882 Signed-off-by: Werner Koch diff --git a/g10/gpg.c b/g10/gpg.c index fbbdd92..aaeddee 100644 --- a/g10/gpg.c +++ b/g10/gpg.c @@ -5111,7 +5111,7 @@ g10_exit( int rc ) /* If we had an error but not printed an error message, do it now. * Note that write_status_failure will never print a second failure * status line. */ - if (log_get_errorcount (0)) + if (rc) write_status_failure ("gpg-exit", gpg_error (GPG_ERR_GENERAL)); gcry_control (GCRYCTL_UPDATE_RANDOM_SEED_FILE); ----------------------------------------------------------------------- Summary of changes: g10/gpg.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 13:01:02 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 12 Apr 2018 13:01:02 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.0.6-137-g536f069 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 536f0690ed85250756f1cc58dc957f8015e3785a (commit) via 02a7a047e1912824ef8680446084fed1f4b230d0 (commit) via 0f3ac66840961e2147d148d3d36017b675a3e896 (commit) via 68ba8ea2d624c025fcd8fce7a0a1bdc6d79b431c (commit) via 6f7b2db102838df077162b9b2d1f7df1f1716994 (commit) from d13de350caa214e97ac18066ba9cdb8caef64ed8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 536f0690ed85250756f1cc58dc957f8015e3785a Author: Andre Heinecke Date: Thu Apr 12 13:00:52 2018 +0200 Update NEWS for todays release -- diff --git a/NEWS b/NEWS index c773c0b..e127e5e 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Noteworthy changes for version 2.1.0 (unreleased) +Noteworthy changes for version 2.1.0 (2018-04-12) ================================================= * Encryption and Signing has been reworked to, again, commit 02a7a047e1912824ef8680446084fed1f4b230d0 Author: Andre Heinecke Date: Thu Apr 12 13:00:17 2018 +0200 Update german l10n * po/de.po: Translate. diff --git a/po/de.po b/po/de.po index 1690017..d0378bc 100644 --- a/po/de.po +++ b/po/de.po @@ -9,7 +9,7 @@ msgstr "" "Project-Id-Version: GpgOL 1.0.0\n" "Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" "POT-Creation-Date: 2018-04-12 12:58+0200\n" -"PO-Revision-Date: 2018-03-07 08:59+0100\n" +"PO-Revision-Date: 2018-04-12 12:59+0100\n" "Last-Translator: Andre Heinecke \n" "Language-Team: English \n" "Language: en_US\n" @@ -125,9 +125,8 @@ msgid "GpgOL - Save attachment" msgstr "GpgOL - Anlage Speichern" #: src/common.c:1073 -#, fuzzy msgid "GpgOL Error" -msgstr "GpgOL" +msgstr "GpgOL Fehler" #: src/config-dialog.c:38 msgid "Debug output (for analysing problems)" @@ -782,6 +781,9 @@ msgid "" "They can't be permanently removed and will be shown again the next time this " "message is opened." msgstr "" +"Anh?nge sind Teil der Krypto-Nachricht.\n" +"Sie k?nnen nicht permanent entfernt werden und werden beim " +"n?chsten ?ffnen dieser Nachricht wieder angezeigt." #: src/main.c:466 #, c-format commit 0f3ac66840961e2147d148d3d36017b675a3e896 Author: Andre Heinecke Date: Thu Apr 12 12:58:10 2018 +0200 Auto update po files -- diff --git a/po/de.po b/po/de.po index f8b9ebb..1690017 100644 --- a/po/de.po +++ b/po/de.po @@ -8,7 +8,7 @@ msgid "" msgstr "" "Project-Id-Version: GpgOL 1.0.0\n" "Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" -"POT-Creation-Date: 2018-03-21 13:02+0100\n" +"POT-Creation-Date: 2018-04-12 12:58+0200\n" "PO-Revision-Date: 2018-03-07 08:59+0100\n" "Last-Translator: Andre Heinecke \n" "Language-Team: English \n" @@ -77,7 +77,7 @@ msgstr "Die Benutzeroberfl?che zu ?ndern erfordert einen Neustart von Outlook" #: src/gpgoladdin.cpp:864 src/gpgoladdin.cpp:907 src/gpgoladdin.cpp:980 #: src/gpgoladdin.cpp:982 src/gpgoladdin.cpp:1018 src/gpgoladdin.cpp:1172 #: src/gpgoladdin.cpp:1255 src/gpgoladdin.cpp:1261 src/gpgoladdin.cpp:1334 -#: src/gpgoladdin.cpp:1338 src/mail.cpp:761 src/main.c:467 src/message.cpp:303 +#: src/gpgoladdin.cpp:1338 src/main.c:467 src/message.cpp:303 #: src/ribbon-callbacks.cpp:134 src/ribbon-callbacks.cpp:248 #: src/ribbon-callbacks.cpp:263 src/ribbon-callbacks.cpp:275 #: src/ribbon-callbacks.cpp:312 src/ribbon-callbacks.cpp:324 @@ -124,6 +124,11 @@ msgstr "Die Zertifikatsverwaltung konnte nicht aufgerufen werden" msgid "GpgOL - Save attachment" msgstr "GpgOL - Anlage Speichern" +#: src/common.c:1073 +#, fuzzy +msgid "GpgOL Error" +msgstr "GpgOL" + #: src/config-dialog.c:38 msgid "Debug output (for analysing problems)" msgstr "Debugausgabe (zur Problemanalyse)" @@ -175,11 +180,11 @@ msgstr "" msgid "Do you want to revert this folder?" msgstr "M?chten Sie diesen Ordner von GpgOL befreien?" -#: src/gpgoladdin.cpp:446 src/mail.cpp:1685 src/mail.cpp:1756 +#: src/gpgoladdin.cpp:446 src/mail.cpp:1794 src/mail.cpp:1865 msgid "GpgOL: Encrypted Message" msgstr "GpgOL: Verschl?sselte Nachricht" -#: src/gpgoladdin.cpp:447 src/mail.cpp:1686 src/mail.cpp:1757 +#: src/gpgoladdin.cpp:447 src/mail.cpp:1795 src/mail.cpp:1866 msgid "GpgOL: Trusted Sender Address" msgstr "GpgOL: Vertraute Absenderadresse" @@ -383,7 +388,7 @@ msgstr "" "Dies ist eine verschl?sselte Nachricht.\n" "Klicken Sie hier um weitere Informationen zu erhalten. " -#: src/mail.cpp:323 +#: src/mail.cpp:325 msgid "" "Not all attachments were encrypted or signed.\n" "The unsigned / unencrypted attachments are:\n" @@ -393,7 +398,7 @@ msgstr "" "Die unsignierten / unverschl?sselten Anh?nge sind:\n" "\n" -#: src/mail.cpp:328 +#: src/mail.cpp:330 msgid "" "Not all attachments were signed.\n" "The unsigned attachments are:\n" @@ -403,7 +408,7 @@ msgstr "" "Die unsignierten Anh?nge sind:\n" "\n" -#: src/mail.cpp:333 +#: src/mail.cpp:335 msgid "" "Not all attachments were encrypted.\n" "The unencrypted attachments are:\n" @@ -413,7 +418,7 @@ msgstr "" "Die unverschl?sselten Anh?nge sind:\n" "\n" -#: src/mail.cpp:373 +#: src/mail.cpp:375 msgid "" "Note: The attachments may be encrypted or signed on a file level but the " "GpgOL status does not apply to them." @@ -421,15 +426,15 @@ msgstr "" "Note: Die Anh?nge k?nnten auf Dateiebene verschl?sselt oder signiert sein, " "aber GpgOL kann deren Kryptostatus nicht anzeigen." -#: src/mail.cpp:376 +#: src/mail.cpp:378 msgid "GpgOL Warning" msgstr "GpgOL Warnung" -#: src/mail.cpp:843 +#: src/mail.cpp:925 msgid "Pubkey directory confirmation" msgstr "?schl Verzeichnis Best?tigung" -#: src/mail.cpp:844 +#: src/mail.cpp:926 msgid "" "This is a confirmation request to publish your Pubkey in the directory for " "your domain.\n" @@ -443,19 +448,19 @@ msgstr "" "

Wenn sie dies nicht angefordert haben, k?nnen Sie diese Mail ignorieren.\n" -#: src/mail.cpp:852 src/mail.cpp:2000 +#: src/mail.cpp:934 src/mail.cpp:2109 msgid "Encrypted message" msgstr "Verschl?sselte Nachricht" -#: src/mail.cpp:853 +#: src/mail.cpp:935 msgid "Please wait while the message is being decrypted / verified..." msgstr "Bitte warten Sie w?hrend die Nachricht entschl?sselt / gepr?ft wird..." -#: src/mail.cpp:1132 +#: src/mail.cpp:1234 msgid "GpgOL: Oops, G Suite Sync account detected" msgstr "GpgOL: Oops, G Suite Sync Konto erkannt" -#: src/mail.cpp:1134 +#: src/mail.cpp:1236 msgid "" "G Suite Sync breaks outgoing crypto mails with attachments.\n" "Using crypto and attachments with G Suite Sync is not supported.\n" @@ -468,93 +473,93 @@ msgstr "" "\n" "Details siehe: https://dev.gnupg.org/T3545" -#: src/mail.cpp:1945 +#: src/mail.cpp:2054 msgid "Security Level 4" msgstr "Sicherheit Stufe 4" -#: src/mail.cpp:1949 +#: src/mail.cpp:2058 msgid "Trust Level 4" msgstr "Vertrauen Stufe 4" -#: src/mail.cpp:1953 +#: src/mail.cpp:2062 msgid "Security Level 3" msgstr "Sicherheit Stufe 3" -#: src/mail.cpp:1957 +#: src/mail.cpp:2066 msgid "Trust Level 3" msgstr "Vertrauen Stufe 3" -#: src/mail.cpp:1961 +#: src/mail.cpp:2070 msgid "Security Level 2" msgstr "Sicherheit Stufe 2" -#: src/mail.cpp:1965 +#: src/mail.cpp:2074 msgid "Trust Level 2" msgstr "Vertrauen Stufe 2" -#: src/mail.cpp:1969 +#: src/mail.cpp:2078 msgid "Encrypted" msgstr "Verschl?sselt" -#: src/mail.cpp:1978 src/mail.cpp:1980 src/ribbon-callbacks.cpp:1631 +#: src/mail.cpp:2087 src/mail.cpp:2089 src/ribbon-callbacks.cpp:1631 msgid "Insecure" msgstr "Unsicher" -#: src/mail.cpp:1992 +#: src/mail.cpp:2101 msgid "Signed and encrypted message" msgstr "Signierte und verschl?sselte Nachricht" -#: src/mail.cpp:1996 +#: src/mail.cpp:2105 msgid "Signed message" msgstr "Signierte Nachricht" -#: src/mail.cpp:2003 src/ribbon-callbacks.cpp:1654 +#: src/mail.cpp:2112 src/ribbon-callbacks.cpp:1654 msgid "Insecure message" msgstr "Unsichere Nachricht" -#: src/mail.cpp:2014 src/mail.cpp:2025 +#: src/mail.cpp:2123 src/mail.cpp:2134 msgid "You cannot be sure who sent, modified and read the message in transit." msgstr "" "Sie k?nnen nicht sicher sein wer die Nachricht gesendet, modifiziert oder " "w?hrend der ?bertragung gelesen hat." -#: src/mail.cpp:2017 +#: src/mail.cpp:2126 msgid "The message was signed but the verification failed with:" msgstr "Die Nachricht ist signiert aber die ?berpr?fung schlug fehl mit:" -#: src/mail.cpp:2035 +#: src/mail.cpp:2144 msgid "The encryption was VS-NfD-compliant." msgstr "Diese Verschl?sselung war VS-NfD-konform." -#: src/mail.cpp:2039 +#: src/mail.cpp:2148 msgid "The encryption was not VS-NfD-compliant." msgstr "Diese Verschl?sselung war nicht VS-NfD-konform." -#: src/mail.cpp:2043 +#: src/mail.cpp:2152 msgid "You cannot be sure who sent the message because it is not signed." msgstr "" "Aber Sie k?nnen nicht sicher sein wer der Absender der Nachricht ist da " "diese nicht signiert wurde. " -#: src/mail.cpp:2066 +#: src/mail.cpp:2175 msgid "You signed this message." msgstr "Sie haben diese Nachricht signiert." -#: src/mail.cpp:2070 +#: src/mail.cpp:2179 msgid "The senders identity was certified by yourself." msgstr "Die Identit?t des Absenders wurde von ihnen selbst beglaubigt." -#: src/mail.cpp:2074 +#: src/mail.cpp:2183 msgid "The sender is allowed to certify identities for you." msgstr "Der Absender ist berechtigt f?r Sie Identit?ten zu beglaubigen." -#: src/mail.cpp:2087 +#: src/mail.cpp:2196 msgid "The senders identity was certified by several trusted people." msgstr "" "Die Identit?t des Absenders wurde von mehreren vertrauensw?rdigen Personen " "beglaubigt." -#: src/mail.cpp:2092 +#: src/mail.cpp:2201 #, c-format msgid "" "The senders identity is certified by the trusted issuer:\n" @@ -563,12 +568,13 @@ msgstr "" "Die Identit?t des Absenders wurde best?tigt von:\n" "'%s'\n" -#: src/mail.cpp:2100 +#: src/mail.cpp:2209 msgid "Some trusted people have certified the senders identity." msgstr "" -"Einige vertrauensw?rdige Personen haben die Identit?t des Absenders beglaubigt." +"Einige vertrauensw?rdige Personen haben die Identit?t des Absenders " +"beglaubigt." -#: src/mail.cpp:2110 +#: src/mail.cpp:2219 #, c-format msgid "" "The senders address is trusted, because you have established a communication " @@ -580,11 +586,11 @@ msgstr "" "Seit %s haben Sie %i Nachrichten an diesen Absender verschl?sselt und %i " "Signaturen gepr?ft." -#: src/mail.cpp:2126 +#: src/mail.cpp:2235 msgid "The senders signature was verified for the first time." msgstr "Die Signatur des Absenders wurde das erste mal verifiziert." -#: src/mail.cpp:2133 +#: src/mail.cpp:2242 #, c-format msgid "" "The senders address is not trustworthy yet because you only verified %i " @@ -594,70 +600,70 @@ msgstr "" "Nachrichten von diesem Absender verifiziert und %i Nachrichten verschl?sselt " "haben. Seit dem %s." -#: src/mail.cpp:2147 +#: src/mail.cpp:2256 msgid "But the sender address is not trustworthy because:" msgstr "Aber die Absenderadresse ist nicht vertrauensw?rdig da:" -#: src/mail.cpp:2148 +#: src/mail.cpp:2257 msgid "The sender address is not trustworthy because:" msgstr "Die Absenderadresse ist nicht vertrauensw?rdig da:" -#: src/mail.cpp:2156 +#: src/mail.cpp:2265 msgid "The signature is invalid: \n" msgstr "Die Signatur ist ung?ltig: \n" -#: src/mail.cpp:2161 +#: src/mail.cpp:2270 msgid "There was an error verifying the signature.\n" msgstr "Beim ?berpr?fen der Signatur ist ein Fehler aufgetreten.\n" -#: src/mail.cpp:2165 +#: src/mail.cpp:2274 msgid "The signature is expired.\n" msgstr "Die Signatur ist abgelaufen.\n" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used key" msgstr "Der verwendete Schl?ssel" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used certificate" msgstr "Das verwendete Zertifikat" -#: src/mail.cpp:2177 +#: src/mail.cpp:2286 msgid "is not available." msgstr "ist nicht verf?gbar." -#: src/mail.cpp:2181 +#: src/mail.cpp:2290 msgid "is revoked." msgstr "wurde zur?ckgezogen." -#: src/mail.cpp:2185 +#: src/mail.cpp:2294 msgid "is expired." msgstr "ist veraltet. " -#: src/mail.cpp:2189 +#: src/mail.cpp:2298 msgid "is not meant for signing." msgstr "ist nicht zum signieren vorgesehen. " -#: src/mail.cpp:2193 src/mail.cpp:2197 +#: src/mail.cpp:2302 src/mail.cpp:2306 msgid "could not be checked for revocation." msgstr "wurde m?glicherweise zur?ckgezogen." -#: src/mail.cpp:2202 +#: src/mail.cpp:2311 msgid "is not the same as the key that was used for this address in the past." msgstr "" "ist nicht der gleiche Schl?ssel der in der Vergangenheit f?r diese Adresse " "verwendet wurde." -#: src/mail.cpp:2208 +#: src/mail.cpp:2317 #, c-format msgid "does not claim the address: \"%s\"." msgstr "passt nicht zu der mailaddresse: \"%s\". " -#: src/mail.cpp:2221 +#: src/mail.cpp:2330 msgid "is not certified by any trustworthy key." msgstr "wurde von keinem vertrauensw?rdigen Schl?ssel beglaubigt." -#: src/mail.cpp:2225 +#: src/mail.cpp:2334 msgid "" "is not certified by a trustworthy Certificate Authority or the Certificate " "Authority is unknown." @@ -665,59 +671,59 @@ msgstr "" "wurde von keiner vertrauensw?rdigen Zertifizierungsstelle beglaubigt oder " "die Zertifizierungsstelle ist unbekannt." -#: src/mail.cpp:2230 +#: src/mail.cpp:2339 msgid "The sender marked this address as revoked." msgstr "Der Absender hat diese Adresse zur?ckgezogen." -#: src/mail.cpp:2234 +#: src/mail.cpp:2343 msgid "is marked as not trustworthy." msgstr "ist als nicht vertrauensw?rdig markiert." -#: src/mail.cpp:2244 +#: src/mail.cpp:2353 msgid "The signature is VS-NfD-compliant." msgstr "Die Signatur ist VS-NfD-konform." -#: src/mail.cpp:2248 +#: src/mail.cpp:2357 msgid "The signature is not VS-NfD-compliant." msgstr "Die Signatur ist nicht VS-NfD-konform." -#: src/mail.cpp:2256 +#: src/mail.cpp:2365 msgid "The encryption is VS-NfD-compliant." msgstr "Diese Verschl?sselung ist VS-NfD-konform." -#: src/mail.cpp:2260 +#: src/mail.cpp:2369 msgid "The encryption is not VS-NfD-compliant." msgstr "Diese Verschl?sselung ist nicht VS-NfD-konform." -#: src/mail.cpp:2271 +#: src/mail.cpp:2380 msgid "Click here to change the key used for this address." msgstr "Klicken Sie hier um den Schl?ssel f?r diese Adresse zu ?ndern." -#: src/mail.cpp:2275 +#: src/mail.cpp:2384 msgid "Click here for details about the key." msgstr "Klicken Sie hier f?r Details zu dem Schl?ssel" -#: src/mail.cpp:2276 +#: src/mail.cpp:2385 msgid "Click here for details about the certificate." msgstr "Klicken Sie hier f?r Details zu dem Zertifikat." -#: src/mail.cpp:2280 +#: src/mail.cpp:2389 msgid "Click here to search the key on the configured keyserver." msgstr "" "Klicken Sie hier um den Schl?ssel auf dem konfigurierten Schl?sselserver zu " "suchen. " -#: src/mail.cpp:2281 +#: src/mail.cpp:2390 msgid "Click here to search the certificate on the configured X509 keyserver." msgstr "" "Klicken Sie hier um das Zertifikat auf dem konfigurierten X509 " "Schl?sselserver zu suchen." -#: src/mail.cpp:2509 +#: src/mail.cpp:2678 msgid "GpgOL: Encryption not possible!" msgstr "GpgOL: Verschl?sselung nicht m?glich!" -#: src/mail.cpp:2511 +#: src/mail.cpp:2680 msgid "" "Outlook returned an error when trying to send the encrypted mail.\n" "\n" @@ -744,11 +750,11 @@ msgstr "" "Sie sicher, da? lediglich das Text Format ausgew?hlt wurde.\n" "(In der Men?leiste: \"Format\" => \"Nur Text\")" -#: src/mailitem-events.cpp:295 +#: src/mailitem-events.cpp:313 src/mailitem-events.cpp:805 msgid "Sorry, that's not possible, yet" msgstr "Sorry, dies ist leider noch nicht m?glich" -#: src/mailitem-events.cpp:297 +#: src/mailitem-events.cpp:315 #, c-format msgid "" "GpgOL has prevented the change to the \"%s\" property.\n" @@ -763,23 +769,30 @@ msgstr "" "?nderungen an Eigenschaften werden noch nicht f?r Krypto-Nachrichten " "unterst?tzt.\n" "\n" -"Um dieses Problem zu umgehen, ?ndern Sie bitte die Eigenschaft wenn " -"die Nachricht in keinem Fenster ge?ffnet ist und nicht in der " -"Nachrichtenliste ausgew?hlt ist.\n" +"Um dieses Problem zu umgehen, ?ndern Sie bitte die Eigenschaft wenn die " +"Nachricht in keinem Fenster ge?ffnet ist und nicht in der Nachrichtenliste " +"ausgew?hlt ist.\n" "\n" "Beispielsweise durch einen Rechtsklick auf die Nachricht, wenn diese nicht " "ausgew?hlt ist.\n" +#: src/mailitem-events.cpp:802 +msgid "" +"Attachments are part of the crypto message.\n" +"They can't be permanently removed and will be shown again the next time this " +"message is opened." +msgstr "" + #: src/main.c:466 #, c-format msgid "Note: Using compatibility flags: %s" msgstr "Notiz: Diese Kompatibilit?tsflags werden verwendet: %s" -#: src/mapihelp.cpp:1886 src/mapihelp.cpp:1894 src/mapihelp.cpp:1902 +#: src/mapihelp.cpp:1918 src/mapihelp.cpp:1926 src/mapihelp.cpp:1934 msgid "[no subject]" msgstr "[Kein Betreff]" -#: src/mapihelp.cpp:2527 +#: src/mapihelp.cpp:2559 msgid "" "[The content of this message is not visible because it has been decrypted by " "another Outlook session. Use the \"decrypt/verify\" command to make it " @@ -789,7 +802,7 @@ msgstr "" "Outlook Sitzung entschl?sselt wurde. Verwenden Sie den Men?punkt " "\"entschl?sseln/?berpr?fen\" um den Inhalt wieder sichtbar zu machen.]" -#: src/mapihelp.cpp:3421 +#: src/mapihelp.cpp:3453 msgid "" "[The content of this message is not visible due to an processing error in " "GpgOL.]" @@ -1168,19 +1181,19 @@ msgstr "" msgid "GpgOL: Request confirmed!" msgstr "GpgOL: Eintragung best?tigt." -#: src/cryptcontroller.cpp:393 +#: src/cryptcontroller.cpp:404 msgid "Resolving recipients..." msgstr "Empf?nger aufl?sen..." -#: src/cryptcontroller.cpp:397 +#: src/cryptcontroller.cpp:408 msgid "Resolving signers..." msgstr "Signierer aufl?sen..." -#: src/cryptcontroller.cpp:1004 +#: src/cryptcontroller.cpp:1042 msgid "Encrypting..." msgstr "Verschl?sseln..." -#: src/cryptcontroller.cpp:1008 +#: src/cryptcontroller.cpp:1046 msgid "Signing..." msgstr "Signieren..." diff --git a/po/fr.po b/po/fr.po index 77ffe1c..9e0b62a 100644 --- a/po/fr.po +++ b/po/fr.po @@ -6,7 +6,7 @@ msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" -"POT-Creation-Date: 2018-03-21 13:02+0100\n" +"POT-Creation-Date: 2018-04-12 12:58+0200\n" "PO-Revision-Date: 2015-10-01 17:05+0200\n" "Last-Translator: Olivier Serve \n" "Language-Team: French \n" @@ -75,7 +75,7 @@ msgstr "" #: src/gpgoladdin.cpp:864 src/gpgoladdin.cpp:907 src/gpgoladdin.cpp:980 #: src/gpgoladdin.cpp:982 src/gpgoladdin.cpp:1018 src/gpgoladdin.cpp:1172 #: src/gpgoladdin.cpp:1255 src/gpgoladdin.cpp:1261 src/gpgoladdin.cpp:1334 -#: src/gpgoladdin.cpp:1338 src/mail.cpp:761 src/main.c:467 src/message.cpp:303 +#: src/gpgoladdin.cpp:1338 src/main.c:467 src/message.cpp:303 #: src/ribbon-callbacks.cpp:134 src/ribbon-callbacks.cpp:248 #: src/ribbon-callbacks.cpp:263 src/ribbon-callbacks.cpp:275 #: src/ribbon-callbacks.cpp:312 src/ribbon-callbacks.cpp:324 @@ -122,6 +122,11 @@ msgstr "D?marrer le gestionnaire de certificats" msgid "GpgOL - Save attachment" msgstr "GpgOL - Enregistrer le fichier joint" +#: src/common.c:1073 +#, fuzzy +msgid "GpgOL Error" +msgstr "GpgOL" + #: src/config-dialog.c:38 msgid "Debug output (for analysing problems)" msgstr "Sortie Debug (pour analyser les probl?mes)" @@ -172,12 +177,12 @@ msgstr "" msgid "Do you want to revert this folder?" msgstr "Voulez-vous r?cup?rer ce dossier ?" -#: src/gpgoladdin.cpp:446 src/mail.cpp:1685 src/mail.cpp:1756 +#: src/gpgoladdin.cpp:446 src/mail.cpp:1794 src/mail.cpp:1865 #, fuzzy msgid "GpgOL: Encrypted Message" msgstr "D?chiffrer le message" -#: src/gpgoladdin.cpp:447 src/mail.cpp:1686 src/mail.cpp:1757 +#: src/gpgoladdin.cpp:447 src/mail.cpp:1795 src/mail.cpp:1866 msgid "GpgOL: Trusted Sender Address" msgstr "" @@ -378,42 +383,42 @@ msgstr "" "Ceci est un message chiffr?.\n" "Veuillez le s?lectionner pour plus d'informations." -#: src/mail.cpp:323 +#: src/mail.cpp:325 msgid "" "Not all attachments were encrypted or signed.\n" "The unsigned / unencrypted attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:328 +#: src/mail.cpp:330 msgid "" "Not all attachments were signed.\n" "The unsigned attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:333 +#: src/mail.cpp:335 msgid "" "Not all attachments were encrypted.\n" "The unencrypted attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:373 +#: src/mail.cpp:375 msgid "" "Note: The attachments may be encrypted or signed on a file level but the " "GpgOL status does not apply to them." msgstr "" -#: src/mail.cpp:376 +#: src/mail.cpp:378 msgid "GpgOL Warning" msgstr "" -#: src/mail.cpp:843 +#: src/mail.cpp:925 msgid "Pubkey directory confirmation" msgstr "" -#: src/mail.cpp:844 +#: src/mail.cpp:926 msgid "" "This is a confirmation request to publish your Pubkey in the directory for " "your domain.\n" @@ -422,20 +427,20 @@ msgid "" "directory, simply ignore this message.

\n" msgstr "" -#: src/mail.cpp:852 src/mail.cpp:2000 +#: src/mail.cpp:934 src/mail.cpp:2109 #, fuzzy msgid "Encrypted message" msgstr "D?chiffrer le message" -#: src/mail.cpp:853 +#: src/mail.cpp:935 msgid "Please wait while the message is being decrypted / verified..." msgstr "" -#: src/mail.cpp:1132 +#: src/mail.cpp:1234 msgid "GpgOL: Oops, G Suite Sync account detected" msgstr "" -#: src/mail.cpp:1134 +#: src/mail.cpp:1236 msgid "" "G Suite Sync breaks outgoing crypto mails with attachments.\n" "Using crypto and attachments with G Suite Sync is not supported.\n" @@ -443,105 +448,105 @@ msgid "" "See: https://dev.gnupg.org/T3545 for details." msgstr "" -#: src/mail.cpp:1945 +#: src/mail.cpp:2054 msgid "Security Level 4" msgstr "" -#: src/mail.cpp:1949 +#: src/mail.cpp:2058 msgid "Trust Level 4" msgstr "" -#: src/mail.cpp:1953 +#: src/mail.cpp:2062 msgid "Security Level 3" msgstr "" -#: src/mail.cpp:1957 +#: src/mail.cpp:2066 msgid "Trust Level 3" msgstr "" -#: src/mail.cpp:1961 +#: src/mail.cpp:2070 msgid "Security Level 2" msgstr "" -#: src/mail.cpp:1965 +#: src/mail.cpp:2074 msgid "Trust Level 2" msgstr "" -#: src/mail.cpp:1969 +#: src/mail.cpp:2078 #, fuzzy msgid "Encrypted" msgstr "Chiffrer" -#: src/mail.cpp:1978 src/mail.cpp:1980 src/ribbon-callbacks.cpp:1631 +#: src/mail.cpp:2087 src/mail.cpp:2089 src/ribbon-callbacks.cpp:1631 msgid "Insecure" msgstr "" -#: src/mail.cpp:1992 +#: src/mail.cpp:2101 #, fuzzy msgid "Signed and encrypted message" msgstr "D?chiffrer le message" -#: src/mail.cpp:1996 +#: src/mail.cpp:2105 #, fuzzy msgid "Signed message" msgstr "D?chiffrer le message" -#: src/mail.cpp:2003 src/ribbon-callbacks.cpp:1654 +#: src/mail.cpp:2112 src/ribbon-callbacks.cpp:1654 #, fuzzy msgid "Insecure message" msgstr "D?chiffrer le message" -#: src/mail.cpp:2014 src/mail.cpp:2025 +#: src/mail.cpp:2123 src/mail.cpp:2134 msgid "You cannot be sure who sent, modified and read the message in transit." msgstr "" -#: src/mail.cpp:2017 +#: src/mail.cpp:2126 msgid "The message was signed but the verification failed with:" msgstr "" -#: src/mail.cpp:2035 +#: src/mail.cpp:2144 #, fuzzy msgid "The encryption was VS-NfD-compliant." msgstr "Cette signature est valide\n" -#: src/mail.cpp:2039 +#: src/mail.cpp:2148 #, fuzzy msgid "The encryption was not VS-NfD-compliant." msgstr "Cette signature est valide\n" -#: src/mail.cpp:2043 +#: src/mail.cpp:2152 msgid "You cannot be sure who sent the message because it is not signed." msgstr "" -#: src/mail.cpp:2066 +#: src/mail.cpp:2175 #, fuzzy msgid "You signed this message." msgstr "D?chiffrer le message" -#: src/mail.cpp:2070 +#: src/mail.cpp:2179 msgid "The senders identity was certified by yourself." msgstr "" -#: src/mail.cpp:2074 +#: src/mail.cpp:2183 msgid "The sender is allowed to certify identities for you." msgstr "" -#: src/mail.cpp:2087 +#: src/mail.cpp:2196 msgid "The senders identity was certified by several trusted people." msgstr "" -#: src/mail.cpp:2092 +#: src/mail.cpp:2201 #, c-format msgid "" "The senders identity is certified by the trusted issuer:\n" "'%s'\n" msgstr "" -#: src/mail.cpp:2100 +#: src/mail.cpp:2209 msgid "Some trusted people have certified the senders identity." msgstr "" -#: src/mail.cpp:2110 +#: src/mail.cpp:2219 #, c-format msgid "" "The senders address is trusted, because you have established a communication " @@ -549,142 +554,142 @@ msgid "" "You encrypted %i and verified %i messages since." msgstr "" -#: src/mail.cpp:2126 +#: src/mail.cpp:2235 msgid "The senders signature was verified for the first time." msgstr "" -#: src/mail.cpp:2133 +#: src/mail.cpp:2242 #, c-format msgid "" "The senders address is not trustworthy yet because you only verified %i " "messages and encrypted %i messages to it since %s." msgstr "" -#: src/mail.cpp:2147 +#: src/mail.cpp:2256 msgid "But the sender address is not trustworthy because:" msgstr "" -#: src/mail.cpp:2148 +#: src/mail.cpp:2257 msgid "The sender address is not trustworthy because:" msgstr "" -#: src/mail.cpp:2156 +#: src/mail.cpp:2265 #, fuzzy msgid "The signature is invalid: \n" msgstr "Cette signature est valide\n" -#: src/mail.cpp:2161 +#: src/mail.cpp:2270 msgid "There was an error verifying the signature.\n" msgstr "" -#: src/mail.cpp:2165 +#: src/mail.cpp:2274 #, fuzzy msgid "The signature is expired.\n" msgstr "Cette signature est valide\n" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used key" msgstr "" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 #, fuzzy msgid "The used certificate" msgstr "Erreur de v?rification" -#: src/mail.cpp:2177 +#: src/mail.cpp:2286 #, fuzzy msgid "is not available." msgstr "La liste de r?vocation (CRL) n'est pas disponible\n" -#: src/mail.cpp:2181 +#: src/mail.cpp:2290 msgid "is revoked." msgstr "" -#: src/mail.cpp:2185 +#: src/mail.cpp:2294 msgid "is expired." msgstr "" -#: src/mail.cpp:2189 +#: src/mail.cpp:2298 msgid "is not meant for signing." msgstr "" -#: src/mail.cpp:2193 src/mail.cpp:2197 +#: src/mail.cpp:2302 src/mail.cpp:2306 msgid "could not be checked for revocation." msgstr "" -#: src/mail.cpp:2202 +#: src/mail.cpp:2311 msgid "is not the same as the key that was used for this address in the past." msgstr "" -#: src/mail.cpp:2208 +#: src/mail.cpp:2317 #, c-format msgid "does not claim the address: \"%s\"." msgstr "" -#: src/mail.cpp:2221 +#: src/mail.cpp:2330 msgid "is not certified by any trustworthy key." msgstr "" -#: src/mail.cpp:2225 +#: src/mail.cpp:2334 msgid "" "is not certified by a trustworthy Certificate Authority or the Certificate " "Authority is unknown." msgstr "" -#: src/mail.cpp:2230 +#: src/mail.cpp:2339 msgid "The sender marked this address as revoked." msgstr "" -#: src/mail.cpp:2234 +#: src/mail.cpp:2343 msgid "is marked as not trustworthy." msgstr "" -#: src/mail.cpp:2244 +#: src/mail.cpp:2353 #, fuzzy msgid "The signature is VS-NfD-compliant." msgstr "Cette signature est valide\n" -#: src/mail.cpp:2248 +#: src/mail.cpp:2357 #, fuzzy msgid "The signature is not VS-NfD-compliant." msgstr "Cette signature est valide\n" -#: src/mail.cpp:2256 +#: src/mail.cpp:2365 #, fuzzy msgid "The encryption is VS-NfD-compliant." msgstr "Cette signature est valide\n" -#: src/mail.cpp:2260 +#: src/mail.cpp:2369 #, fuzzy msgid "The encryption is not VS-NfD-compliant." msgstr "Cette signature est valide\n" -#: src/mail.cpp:2271 +#: src/mail.cpp:2380 msgid "Click here to change the key used for this address." msgstr "" -#: src/mail.cpp:2275 +#: src/mail.cpp:2384 msgid "Click here for details about the key." msgstr "" -#: src/mail.cpp:2276 +#: src/mail.cpp:2385 msgid "Click here for details about the certificate." msgstr "" -#: src/mail.cpp:2280 +#: src/mail.cpp:2389 msgid "Click here to search the key on the configured keyserver." msgstr "" -#: src/mail.cpp:2281 +#: src/mail.cpp:2390 msgid "Click here to search the certificate on the configured X509 keyserver." msgstr "" -#: src/mail.cpp:2509 +#: src/mail.cpp:2678 #, fuzzy msgid "GpgOL: Encryption not possible!" msgstr "D?chiffrer le message" -#: src/mail.cpp:2511 +#: src/mail.cpp:2680 msgid "" "Outlook returned an error when trying to send the encrypted mail.\n" "\n" @@ -704,11 +709,11 @@ msgstr "" "et non des messages RTF. Merci de v?rifier que seul le format texte\n" "a ?t? s?lectionn?." -#: src/mailitem-events.cpp:295 +#: src/mailitem-events.cpp:313 src/mailitem-events.cpp:805 msgid "Sorry, that's not possible, yet" msgstr "" -#: src/mailitem-events.cpp:297 +#: src/mailitem-events.cpp:315 #, c-format msgid "" "GpgOL has prevented the change to the \"%s\" property.\n" @@ -720,16 +725,23 @@ msgid "" "For example by right clicking but not selecting the message.\n" msgstr "" +#: src/mailitem-events.cpp:802 +msgid "" +"Attachments are part of the crypto message.\n" +"They can't be permanently removed and will be shown again the next time this " +"message is opened." +msgstr "" + #: src/main.c:466 #, c-format msgid "Note: Using compatibility flags: %s" msgstr "Note?: Utilisation de marqueurs de compatibilit??: %s" -#: src/mapihelp.cpp:1886 src/mapihelp.cpp:1894 src/mapihelp.cpp:1902 +#: src/mapihelp.cpp:1918 src/mapihelp.cpp:1926 src/mapihelp.cpp:1934 msgid "[no subject]" msgstr "[pas de sujet]" -#: src/mapihelp.cpp:2527 +#: src/mapihelp.cpp:2559 msgid "" "[The content of this message is not visible because it has been decrypted by " "another Outlook session. Use the \"decrypt/verify\" command to make it " @@ -739,7 +751,7 @@ msgstr "" "autre session Outlook. Utiliser la commande \"d?chiffrer/v?rifier\" afin de " "le rendre visible]" -#: src/mapihelp.cpp:3421 +#: src/mapihelp.cpp:3453 msgid "" "[The content of this message is not visible due to an processing error in " "GpgOL.]" @@ -1069,21 +1081,21 @@ msgstr "" msgid "GpgOL: Request confirmed!" msgstr "" -#: src/cryptcontroller.cpp:393 +#: src/cryptcontroller.cpp:404 #, fuzzy msgid "Resolving recipients..." msgstr "Destinataires s?lectionn?s?:" -#: src/cryptcontroller.cpp:397 +#: src/cryptcontroller.cpp:408 msgid "Resolving signers..." msgstr "" -#: src/cryptcontroller.cpp:1004 +#: src/cryptcontroller.cpp:1042 #, fuzzy msgid "Encrypting..." msgstr "Chiffrement" -#: src/cryptcontroller.cpp:1008 +#: src/cryptcontroller.cpp:1046 msgid "Signing..." msgstr "" diff --git a/po/pt.po b/po/pt.po index 7b03a14..04122d7 100644 --- a/po/pt.po +++ b/po/pt.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: GpgOL 1.1.1\n" "Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" -"POT-Creation-Date: 2018-03-21 13:02+0100\n" +"POT-Creation-Date: 2018-04-12 12:58+0200\n" "PO-Revision-Date: 2018-03-09 11:00+0000\n" "Last-Translator: Marco A.G.Pinto \n" "Language-Team: Portuguese \n" @@ -78,7 +78,7 @@ msgstr "Mudar a interface necessita reiniciar o Outlook." #: src/gpgoladdin.cpp:864 src/gpgoladdin.cpp:907 src/gpgoladdin.cpp:980 #: src/gpgoladdin.cpp:982 src/gpgoladdin.cpp:1018 src/gpgoladdin.cpp:1172 #: src/gpgoladdin.cpp:1255 src/gpgoladdin.cpp:1261 src/gpgoladdin.cpp:1334 -#: src/gpgoladdin.cpp:1338 src/mail.cpp:761 src/main.c:467 src/message.cpp:303 +#: src/gpgoladdin.cpp:1338 src/main.c:467 src/message.cpp:303 #: src/ribbon-callbacks.cpp:134 src/ribbon-callbacks.cpp:248 #: src/ribbon-callbacks.cpp:263 src/ribbon-callbacks.cpp:275 #: src/ribbon-callbacks.cpp:312 src/ribbon-callbacks.cpp:324 @@ -124,6 +124,11 @@ msgstr "N?o foi poss?vel iniciar o gestor de certificados" msgid "GpgOL - Save attachment" msgstr "GpgOL - Guardar anexo" +#: src/common.c:1073 +#, fuzzy +msgid "GpgOL Error" +msgstr "GpgOL" + #: src/config-dialog.c:38 msgid "Debug output (for analysing problems)" msgstr "Debug output (para analisar problemas)" @@ -175,11 +180,11 @@ msgstr "" msgid "Do you want to revert this folder?" msgstr "Queres reverter esta pasta?" -#: src/gpgoladdin.cpp:446 src/mail.cpp:1685 src/mail.cpp:1756 +#: src/gpgoladdin.cpp:446 src/mail.cpp:1794 src/mail.cpp:1865 msgid "GpgOL: Encrypted Message" msgstr "GpgOL: Mensagem Encriptada" -#: src/gpgoladdin.cpp:447 src/mail.cpp:1686 src/mail.cpp:1757 +#: src/gpgoladdin.cpp:447 src/mail.cpp:1795 src/mail.cpp:1866 msgid "GpgOL: Trusted Sender Address" msgstr "GpgOL: Endere?o de Remetente Confi?vel" @@ -383,7 +388,7 @@ msgstr "" "Esta ? uma mensagem encriptada.\n" "Clica para mais informa??o. " -#: src/mail.cpp:323 +#: src/mail.cpp:325 msgid "" "Not all attachments were encrypted or signed.\n" "The unsigned / unencrypted attachments are:\n" @@ -393,7 +398,7 @@ msgstr "" "Os anexos n?o-assinados / n?o-encriptados s?o:\n" "\n" -#: src/mail.cpp:328 +#: src/mail.cpp:330 msgid "" "Not all attachments were signed.\n" "The unsigned attachments are:\n" @@ -403,7 +408,7 @@ msgstr "" "Os anexos n?o-assinados s?o:\n" "\n" -#: src/mail.cpp:333 +#: src/mail.cpp:335 msgid "" "Not all attachments were encrypted.\n" "The unencrypted attachments are:\n" @@ -413,7 +418,7 @@ msgstr "" "Os anexos n?o-encriptados s?o:\n" "\n" -#: src/mail.cpp:373 +#: src/mail.cpp:375 msgid "" "Note: The attachments may be encrypted or signed on a file level but the " "GpgOL status does not apply to them." @@ -421,15 +426,15 @@ msgstr "" "Nota: Os anexos podem ser encriptados ou assinados ao n?vel de ficheiro, mas " "o status do GpgOL n?o se aplica a eles." -#: src/mail.cpp:376 +#: src/mail.cpp:378 msgid "GpgOL Warning" msgstr "Aviso do GpgOL" -#: src/mail.cpp:843 +#: src/mail.cpp:925 msgid "Pubkey directory confirmation" msgstr "Confirma??o de diretoria Pubkey" -#: src/mail.cpp:844 +#: src/mail.cpp:926 msgid "" "This is a confirmation request to publish your Pubkey in the directory for " "your domain.\n" @@ -443,21 +448,21 @@ msgstr "" "

Se n?o pediste para publicar a tua Pubkey na diretoria do teu provedor, " "simplesmente ignora esta mensagem.

\n" -#: src/mail.cpp:852 src/mail.cpp:2000 +#: src/mail.cpp:934 src/mail.cpp:2109 msgid "Encrypted message" msgstr "Mensagem encriptada" -#: src/mail.cpp:853 +#: src/mail.cpp:935 msgid "Please wait while the message is being decrypted / verified..." msgstr "" "Por favor, aguarda enquanto a mensagem est? a ser desencriptada / " "verificada..." -#: src/mail.cpp:1132 +#: src/mail.cpp:1234 msgid "GpgOL: Oops, G Suite Sync account detected" msgstr "GpgOL: Oops, conta G Suite Sync detetada" -#: src/mail.cpp:1134 +#: src/mail.cpp:1236 msgid "" "G Suite Sync breaks outgoing crypto mails with attachments.\n" "Using crypto and attachments with G Suite Sync is not supported.\n" @@ -469,91 +474,91 @@ msgstr "" "\n" "V?: https://dev.gnupg.org/T3545 para detalhes." -#: src/mail.cpp:1945 +#: src/mail.cpp:2054 msgid "Security Level 4" msgstr "N?vel de seguran?a 4" -#: src/mail.cpp:1949 +#: src/mail.cpp:2058 msgid "Trust Level 4" msgstr "N?vel de Confian?a 4" -#: src/mail.cpp:1953 +#: src/mail.cpp:2062 msgid "Security Level 3" msgstr "N?vel de Seguran?a 3" -#: src/mail.cpp:1957 +#: src/mail.cpp:2066 msgid "Trust Level 3" msgstr "N?vel de Confian?a 3" -#: src/mail.cpp:1961 +#: src/mail.cpp:2070 msgid "Security Level 2" msgstr "N?vel de Seguran?a 2" -#: src/mail.cpp:1965 +#: src/mail.cpp:2074 msgid "Trust Level 2" msgstr "N?vel de Confian?a 2" -#: src/mail.cpp:1969 +#: src/mail.cpp:2078 msgid "Encrypted" msgstr "Encriptada" -#: src/mail.cpp:1978 src/mail.cpp:1980 src/ribbon-callbacks.cpp:1631 +#: src/mail.cpp:2087 src/mail.cpp:2089 src/ribbon-callbacks.cpp:1631 msgid "Insecure" msgstr "Insegura" -#: src/mail.cpp:1992 +#: src/mail.cpp:2101 msgid "Signed and encrypted message" msgstr "Mensagem assinada e encriptada" -#: src/mail.cpp:1996 +#: src/mail.cpp:2105 msgid "Signed message" msgstr "Mensagem assinada" -#: src/mail.cpp:2003 src/ribbon-callbacks.cpp:1654 +#: src/mail.cpp:2112 src/ribbon-callbacks.cpp:1654 msgid "Insecure message" msgstr "Mensagem insegura" -#: src/mail.cpp:2014 src/mail.cpp:2025 +#: src/mail.cpp:2123 src/mail.cpp:2134 msgid "You cannot be sure who sent, modified and read the message in transit." msgstr "" "N?o podes ter a certeza de quem enviou, modificou e leu a mensagem em " "tr?nsito." -#: src/mail.cpp:2017 +#: src/mail.cpp:2126 msgid "The message was signed but the verification failed with:" msgstr "A mensagem foi assinada, mas a verifica??o falhou com:" -#: src/mail.cpp:2035 +#: src/mail.cpp:2144 msgid "The encryption was VS-NfD-compliant." msgstr "A encripta??o est? em conformidade com VS-NfD." -#: src/mail.cpp:2039 +#: src/mail.cpp:2148 msgid "The encryption was not VS-NfD-compliant." msgstr "A encripta??o n?o est? em conformidade com VS-NfD." -#: src/mail.cpp:2043 +#: src/mail.cpp:2152 msgid "You cannot be sure who sent the message because it is not signed." msgstr "" "N?o podes ter certeza de quem enviou a mensagem, porque n?o est? assinada." -#: src/mail.cpp:2066 +#: src/mail.cpp:2175 msgid "You signed this message." msgstr "Assinaste esta mensagem." -#: src/mail.cpp:2070 +#: src/mail.cpp:2179 msgid "The senders identity was certified by yourself." msgstr "A identidade dos remetentes foi certificada por ti pr?prio." -#: src/mail.cpp:2074 +#: src/mail.cpp:2183 msgid "The sender is allowed to certify identities for you." msgstr "O remetente pode certificar identidades para ti." -#: src/mail.cpp:2087 +#: src/mail.cpp:2196 msgid "The senders identity was certified by several trusted people." msgstr "" "A identidade dos remetentes foi certificada por v?rias pessoas confi?veis." -#: src/mail.cpp:2092 +#: src/mail.cpp:2201 #, c-format msgid "" "The senders identity is certified by the trusted issuer:\n" @@ -562,11 +567,11 @@ msgstr "" "A identidade dos remetentes ? certificada pelo emissor confi?vel:\n" "'%s'\n" -#: src/mail.cpp:2100 +#: src/mail.cpp:2209 msgid "Some trusted people have certified the senders identity." msgstr "Algumas pessoas confi?veis certificaram a identidade dos remetentes." -#: src/mail.cpp:2110 +#: src/mail.cpp:2219 #, c-format msgid "" "The senders address is trusted, because you have established a communication " @@ -577,11 +582,11 @@ msgstr "" "comunica??o com este endere?o desde %s.\n" "Encriptaste %i e verificaste %i mensagens desde ent?o." -#: src/mail.cpp:2126 +#: src/mail.cpp:2235 msgid "The senders signature was verified for the first time." msgstr "A assinatura dos remetentes foi verificada pela primeira vez." -#: src/mail.cpp:2133 +#: src/mail.cpp:2242 #, c-format msgid "" "The senders address is not trustworthy yet because you only verified %i " @@ -590,68 +595,68 @@ msgstr "" "O endere?o dos remetentes ainda n?o ? confi?vel porque apenas verificaste %i " "mensagens e encriptaste %i mensagens a eles desde %s." -#: src/mail.cpp:2147 +#: src/mail.cpp:2256 msgid "But the sender address is not trustworthy because:" msgstr "Mas o endere?o do remetente n?o ? confi?vel porque:" -#: src/mail.cpp:2148 +#: src/mail.cpp:2257 msgid "The sender address is not trustworthy because:" msgstr "O endere?o do remetente n?o ? confi?vel porque:" -#: src/mail.cpp:2156 +#: src/mail.cpp:2265 msgid "The signature is invalid: \n" msgstr "A assinatura ? inv?lida: \n" -#: src/mail.cpp:2161 +#: src/mail.cpp:2270 msgid "There was an error verifying the signature.\n" msgstr "Houve um erro ao verificar a assinatura.\n" -#: src/mail.cpp:2165 +#: src/mail.cpp:2274 msgid "The signature is expired.\n" msgstr "A assinatura expirou.\n" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used key" msgstr "A chave usada" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used certificate" msgstr "O certificado usado" -#: src/mail.cpp:2177 +#: src/mail.cpp:2286 msgid "is not available." msgstr "n?o est? dispon?vel." -#: src/mail.cpp:2181 +#: src/mail.cpp:2290 msgid "is revoked." msgstr "est? revogado." -#: src/mail.cpp:2185 +#: src/mail.cpp:2294 msgid "is expired." msgstr "expirou." -#: src/mail.cpp:2189 +#: src/mail.cpp:2298 msgid "is not meant for signing." msgstr "n?o ? destinado a assinar." -#: src/mail.cpp:2193 src/mail.cpp:2197 +#: src/mail.cpp:2302 src/mail.cpp:2306 msgid "could not be checked for revocation." msgstr "n?o pode ser verificado para revoga??o." -#: src/mail.cpp:2202 +#: src/mail.cpp:2311 msgid "is not the same as the key that was used for this address in the past." msgstr "n?o ? o mesmo que a chave usada para este endere?o no passado." -#: src/mail.cpp:2208 +#: src/mail.cpp:2317 #, c-format msgid "does not claim the address: \"%s\"." msgstr "n?o reivindica o endere?o: \"%s\"." -#: src/mail.cpp:2221 +#: src/mail.cpp:2330 msgid "is not certified by any trustworthy key." msgstr "n?o est? certificado por qualquer chave confi?vel." -#: src/mail.cpp:2225 +#: src/mail.cpp:2334 msgid "" "is not certified by a trustworthy Certificate Authority or the Certificate " "Authority is unknown." @@ -659,57 +664,57 @@ msgstr "" "n?o est? certificado por uma Autoridade de Certifica??o confi?vel ou a " "Autoridade de Certifica??o ? desconhecida." -#: src/mail.cpp:2230 +#: src/mail.cpp:2339 msgid "The sender marked this address as revoked." msgstr "O remetente marcou este endere?o como revogado." -#: src/mail.cpp:2234 +#: src/mail.cpp:2343 msgid "is marked as not trustworthy." msgstr "est? marcado como n?o confi?vel." -#: src/mail.cpp:2244 +#: src/mail.cpp:2353 msgid "The signature is VS-NfD-compliant." msgstr "A assinatura est? em conformidade com VS-NfD." -#: src/mail.cpp:2248 +#: src/mail.cpp:2357 msgid "The signature is not VS-NfD-compliant." msgstr "A assinatura n?o est? em conformidade com VS-NfD." -#: src/mail.cpp:2256 +#: src/mail.cpp:2365 msgid "The encryption is VS-NfD-compliant." msgstr "A encripta??o est? em conformidade com VS-NfD." -#: src/mail.cpp:2260 +#: src/mail.cpp:2369 msgid "The encryption is not VS-NfD-compliant." msgstr "A encripta??o n?o est? em conformidade com VS-NfD." -#: src/mail.cpp:2271 +#: src/mail.cpp:2380 msgid "Click here to change the key used for this address." msgstr "Clica aqui para alterar a chave usada para este endere?o." -#: src/mail.cpp:2275 +#: src/mail.cpp:2384 msgid "Click here for details about the key." msgstr "Clica aqui para obter detalhes sobre a chave." -#: src/mail.cpp:2276 +#: src/mail.cpp:2385 msgid "Click here for details about the certificate." msgstr "Clica aqui para obter detalhes sobre o certificado." -#: src/mail.cpp:2280 +#: src/mail.cpp:2389 msgid "Click here to search the key on the configured keyserver." msgstr "Clica aqui para localizar a chave no servidor de chaves configurado." -#: src/mail.cpp:2281 +#: src/mail.cpp:2390 msgid "Click here to search the certificate on the configured X509 keyserver." msgstr "" "Clica aqui para localizar o certificado no servidor de chaves X509 " "configurado." -#: src/mail.cpp:2509 +#: src/mail.cpp:2678 msgid "GpgOL: Encryption not possible!" msgstr "GpgOL: Encripta??o n?o poss?vel!" -#: src/mail.cpp:2511 +#: src/mail.cpp:2680 msgid "" "Outlook returned an error when trying to send the encrypted mail.\n" "\n" @@ -735,11 +740,11 @@ msgstr "" "n?o mensagens RTF. Por favor, certifica-te que apenas o formato\n" "de texto foi selecionado." -#: src/mailitem-events.cpp:295 +#: src/mailitem-events.cpp:313 src/mailitem-events.cpp:805 msgid "Sorry, that's not possible, yet" msgstr "Desculpa, isso n?o ? poss?vel, ainda" -#: src/mailitem-events.cpp:297 +#: src/mailitem-events.cpp:315 #, c-format msgid "" "GpgOL has prevented the change to the \"%s\" property.\n" @@ -761,16 +766,23 @@ msgstr "" "Por exemplo, ao clicar com o bot?o direito do rato, mas n?o selecionar a " "mensagem.\n" +#: src/mailitem-events.cpp:802 +msgid "" +"Attachments are part of the crypto message.\n" +"They can't be permanently removed and will be shown again the next time this " +"message is opened." +msgstr "" + #: src/main.c:466 #, c-format msgid "Note: Using compatibility flags: %s" msgstr "Nota: A usar sinalizadores de compatibilidade: %s" -#: src/mapihelp.cpp:1886 src/mapihelp.cpp:1894 src/mapihelp.cpp:1902 +#: src/mapihelp.cpp:1918 src/mapihelp.cpp:1926 src/mapihelp.cpp:1934 msgid "[no subject]" msgstr "[sem assunto]" -#: src/mapihelp.cpp:2527 +#: src/mapihelp.cpp:2559 msgid "" "[The content of this message is not visible because it has been decrypted by " "another Outlook session. Use the \"decrypt/verify\" command to make it " @@ -780,7 +792,7 @@ msgstr "" "sess?o do Outlook. Usa o comando \"desencriptar/verificar\" para torn?-lo " "vis?vel]" -#: src/mapihelp.cpp:3421 +#: src/mapihelp.cpp:3453 msgid "" "[The content of this message is not visible due to an processing error in " "GpgOL.]" @@ -1148,19 +1160,19 @@ msgstr "A tua Pubkey pode ser brevemente recuperada do teu dom?nio." msgid "GpgOL: Request confirmed!" msgstr "GpgOL: Pedido confirmado!" -#: src/cryptcontroller.cpp:393 +#: src/cryptcontroller.cpp:404 msgid "Resolving recipients..." msgstr "A resolver destinat?rios..." -#: src/cryptcontroller.cpp:397 +#: src/cryptcontroller.cpp:408 msgid "Resolving signers..." msgstr "A resolver assinantes..." -#: src/cryptcontroller.cpp:1004 +#: src/cryptcontroller.cpp:1042 msgid "Encrypting..." msgstr "A encriptar..." -#: src/cryptcontroller.cpp:1008 +#: src/cryptcontroller.cpp:1046 msgid "Signing..." msgstr "A assinar..." diff --git a/po/sv.po b/po/sv.po index 9ba884a..bcff6f3 100644 --- a/po/sv.po +++ b/po/sv.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: GPGol\n" "Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" -"POT-Creation-Date: 2018-03-21 13:02+0100\n" +"POT-Creation-Date: 2018-04-12 12:58+0200\n" "PO-Revision-Date: 2006-12-12 23:52+0100\n" "Last-Translator: Daniel Nylander \n" "Language-Team: Swedish \n" @@ -75,7 +75,7 @@ msgstr "" #: src/gpgoladdin.cpp:864 src/gpgoladdin.cpp:907 src/gpgoladdin.cpp:980 #: src/gpgoladdin.cpp:982 src/gpgoladdin.cpp:1018 src/gpgoladdin.cpp:1172 #: src/gpgoladdin.cpp:1255 src/gpgoladdin.cpp:1261 src/gpgoladdin.cpp:1334 -#: src/gpgoladdin.cpp:1338 src/mail.cpp:761 src/main.c:467 src/message.cpp:303 +#: src/gpgoladdin.cpp:1338 src/main.c:467 src/message.cpp:303 #: src/ribbon-callbacks.cpp:134 src/ribbon-callbacks.cpp:248 #: src/ribbon-callbacks.cpp:263 src/ribbon-callbacks.cpp:275 #: src/ribbon-callbacks.cpp:312 src/ribbon-callbacks.cpp:324 @@ -123,6 +123,11 @@ msgstr "Kunde inte starta nyckelhanteraren" msgid "GpgOL - Save attachment" msgstr "GPG - Spara dekrypterad bilaga" +#: src/common.c:1073 +#, fuzzy +msgid "GpgOL Error" +msgstr "In-/Ut-fel" + #: src/config-dialog.c:38 msgid "Debug output (for analysing problems)" msgstr "" @@ -164,12 +169,12 @@ msgstr "" msgid "Do you want to revert this folder?" msgstr "" -#: src/gpgoladdin.cpp:446 src/mail.cpp:1685 src/mail.cpp:1756 +#: src/gpgoladdin.cpp:446 src/mail.cpp:1794 src/mail.cpp:1865 #, fuzzy msgid "GpgOL: Encrypted Message" msgstr "Dekryptera och validera meddelandet." -#: src/gpgoladdin.cpp:447 src/mail.cpp:1686 src/mail.cpp:1757 +#: src/gpgoladdin.cpp:447 src/mail.cpp:1795 src/mail.cpp:1866 msgid "GpgOL: Trusted Sender Address" msgstr "" @@ -367,42 +372,42 @@ msgid "" "Click for more information. " msgstr "" -#: src/mail.cpp:323 +#: src/mail.cpp:325 msgid "" "Not all attachments were encrypted or signed.\n" "The unsigned / unencrypted attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:328 +#: src/mail.cpp:330 msgid "" "Not all attachments were signed.\n" "The unsigned attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:333 +#: src/mail.cpp:335 msgid "" "Not all attachments were encrypted.\n" "The unencrypted attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:373 +#: src/mail.cpp:375 msgid "" "Note: The attachments may be encrypted or signed on a file level but the " "GpgOL status does not apply to them." msgstr "" -#: src/mail.cpp:376 +#: src/mail.cpp:378 msgid "GpgOL Warning" msgstr "" -#: src/mail.cpp:843 +#: src/mail.cpp:925 msgid "Pubkey directory confirmation" msgstr "" -#: src/mail.cpp:844 +#: src/mail.cpp:926 msgid "" "This is a confirmation request to publish your Pubkey in the directory for " "your domain.\n" @@ -411,20 +416,20 @@ msgid "" "directory, simply ignore this message.

\n" msgstr "" -#: src/mail.cpp:852 src/mail.cpp:2000 +#: src/mail.cpp:934 src/mail.cpp:2109 #, fuzzy msgid "Encrypted message" msgstr "Dekryptera och validera meddelandet." -#: src/mail.cpp:853 +#: src/mail.cpp:935 msgid "Please wait while the message is being decrypted / verified..." msgstr "" -#: src/mail.cpp:1132 +#: src/mail.cpp:1234 msgid "GpgOL: Oops, G Suite Sync account detected" msgstr "" -#: src/mail.cpp:1134 +#: src/mail.cpp:1236 msgid "" "G Suite Sync breaks outgoing crypto mails with attachments.\n" "Using crypto and attachments with G Suite Sync is not supported.\n" @@ -432,105 +437,105 @@ msgid "" "See: https://dev.gnupg.org/T3545 for details." msgstr "" -#: src/mail.cpp:1945 +#: src/mail.cpp:2054 msgid "Security Level 4" msgstr "" -#: src/mail.cpp:1949 +#: src/mail.cpp:2058 msgid "Trust Level 4" msgstr "" -#: src/mail.cpp:1953 +#: src/mail.cpp:2062 msgid "Security Level 3" msgstr "" -#: src/mail.cpp:1957 +#: src/mail.cpp:2066 msgid "Trust Level 3" msgstr "" -#: src/mail.cpp:1961 +#: src/mail.cpp:2070 msgid "Security Level 2" msgstr "" -#: src/mail.cpp:1965 +#: src/mail.cpp:2074 msgid "Trust Level 2" msgstr "" -#: src/mail.cpp:1969 +#: src/mail.cpp:2078 #, fuzzy msgid "Encrypted" msgstr "Kryptering" -#: src/mail.cpp:1978 src/mail.cpp:1980 src/ribbon-callbacks.cpp:1631 +#: src/mail.cpp:2087 src/mail.cpp:2089 src/ribbon-callbacks.cpp:1631 msgid "Insecure" msgstr "" -#: src/mail.cpp:1992 +#: src/mail.cpp:2101 #, fuzzy msgid "Signed and encrypted message" msgstr "Dekryptera och validera meddelandet." -#: src/mail.cpp:1996 +#: src/mail.cpp:2105 #, fuzzy msgid "Signed message" msgstr "Dekryptera och validera meddelandet." -#: src/mail.cpp:2003 src/ribbon-callbacks.cpp:1654 +#: src/mail.cpp:2112 src/ribbon-callbacks.cpp:1654 #, fuzzy msgid "Insecure message" msgstr "Dekryptera och validera meddelandet." -#: src/mail.cpp:2014 src/mail.cpp:2025 +#: src/mail.cpp:2123 src/mail.cpp:2134 msgid "You cannot be sure who sent, modified and read the message in transit." msgstr "" -#: src/mail.cpp:2017 +#: src/mail.cpp:2126 msgid "The message was signed but the verification failed with:" msgstr "" -#: src/mail.cpp:2035 +#: src/mail.cpp:2144 #, fuzzy msgid "The encryption was VS-NfD-compliant." msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2039 +#: src/mail.cpp:2148 #, fuzzy msgid "The encryption was not VS-NfD-compliant." msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2043 +#: src/mail.cpp:2152 msgid "You cannot be sure who sent the message because it is not signed." msgstr "" -#: src/mail.cpp:2066 +#: src/mail.cpp:2175 #, fuzzy msgid "You signed this message." msgstr "Dekryptera och validera meddelandet." -#: src/mail.cpp:2070 +#: src/mail.cpp:2179 msgid "The senders identity was certified by yourself." msgstr "" -#: src/mail.cpp:2074 +#: src/mail.cpp:2183 msgid "The sender is allowed to certify identities for you." msgstr "" -#: src/mail.cpp:2087 +#: src/mail.cpp:2196 msgid "The senders identity was certified by several trusted people." msgstr "" -#: src/mail.cpp:2092 +#: src/mail.cpp:2201 #, c-format msgid "" "The senders identity is certified by the trusted issuer:\n" "'%s'\n" msgstr "" -#: src/mail.cpp:2100 +#: src/mail.cpp:2209 msgid "Some trusted people have certified the senders identity." msgstr "" -#: src/mail.cpp:2110 +#: src/mail.cpp:2219 #, c-format msgid "" "The senders address is trusted, because you have established a communication " @@ -538,142 +543,142 @@ msgid "" "You encrypted %i and verified %i messages since." msgstr "" -#: src/mail.cpp:2126 +#: src/mail.cpp:2235 msgid "The senders signature was verified for the first time." msgstr "" -#: src/mail.cpp:2133 +#: src/mail.cpp:2242 #, c-format msgid "" "The senders address is not trustworthy yet because you only verified %i " "messages and encrypted %i messages to it since %s." msgstr "" -#: src/mail.cpp:2147 +#: src/mail.cpp:2256 msgid "But the sender address is not trustworthy because:" msgstr "" -#: src/mail.cpp:2148 +#: src/mail.cpp:2257 msgid "The sender address is not trustworthy because:" msgstr "" -#: src/mail.cpp:2156 +#: src/mail.cpp:2265 #, fuzzy msgid "The signature is invalid: \n" msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2161 +#: src/mail.cpp:2270 msgid "There was an error verifying the signature.\n" msgstr "" -#: src/mail.cpp:2165 +#: src/mail.cpp:2274 #, fuzzy msgid "The signature is expired.\n" msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used key" msgstr "" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 #, fuzzy msgid "The used certificate" msgstr "Validering" -#: src/mail.cpp:2177 +#: src/mail.cpp:2286 #, fuzzy msgid "is not available." msgstr "Sp?rrlistan ?r inte tillg?nglig\n" -#: src/mail.cpp:2181 +#: src/mail.cpp:2290 msgid "is revoked." msgstr "" -#: src/mail.cpp:2185 +#: src/mail.cpp:2294 msgid "is expired." msgstr "" -#: src/mail.cpp:2189 +#: src/mail.cpp:2298 msgid "is not meant for signing." msgstr "" -#: src/mail.cpp:2193 src/mail.cpp:2197 +#: src/mail.cpp:2302 src/mail.cpp:2306 msgid "could not be checked for revocation." msgstr "" -#: src/mail.cpp:2202 +#: src/mail.cpp:2311 msgid "is not the same as the key that was used for this address in the past." msgstr "" -#: src/mail.cpp:2208 +#: src/mail.cpp:2317 #, c-format msgid "does not claim the address: \"%s\"." msgstr "" -#: src/mail.cpp:2221 +#: src/mail.cpp:2330 msgid "is not certified by any trustworthy key." msgstr "" -#: src/mail.cpp:2225 +#: src/mail.cpp:2334 msgid "" "is not certified by a trustworthy Certificate Authority or the Certificate " "Authority is unknown." msgstr "" -#: src/mail.cpp:2230 +#: src/mail.cpp:2339 msgid "The sender marked this address as revoked." msgstr "" -#: src/mail.cpp:2234 +#: src/mail.cpp:2343 msgid "is marked as not trustworthy." msgstr "" -#: src/mail.cpp:2244 +#: src/mail.cpp:2353 #, fuzzy msgid "The signature is VS-NfD-compliant." msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2248 +#: src/mail.cpp:2357 #, fuzzy msgid "The signature is not VS-NfD-compliant." msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2256 +#: src/mail.cpp:2365 #, fuzzy msgid "The encryption is VS-NfD-compliant." msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2260 +#: src/mail.cpp:2369 #, fuzzy msgid "The encryption is not VS-NfD-compliant." msgstr "Den h?r signaturen ?r giltig\n" -#: src/mail.cpp:2271 +#: src/mail.cpp:2380 msgid "Click here to change the key used for this address." msgstr "" -#: src/mail.cpp:2275 +#: src/mail.cpp:2384 msgid "Click here for details about the key." msgstr "" -#: src/mail.cpp:2276 +#: src/mail.cpp:2385 msgid "Click here for details about the certificate." msgstr "" -#: src/mail.cpp:2280 +#: src/mail.cpp:2389 msgid "Click here to search the key on the configured keyserver." msgstr "" -#: src/mail.cpp:2281 +#: src/mail.cpp:2390 msgid "Click here to search the certificate on the configured X509 keyserver." msgstr "" -#: src/mail.cpp:2509 +#: src/mail.cpp:2678 #, fuzzy msgid "GpgOL: Encryption not possible!" msgstr "Dekryptera och validera meddelandet." -#: src/mail.cpp:2511 +#: src/mail.cpp:2680 msgid "" "Outlook returned an error when trying to send the encrypted mail.\n" "\n" @@ -694,11 +699,11 @@ msgstr "" "och inte RTF-meddelanden. Se till att endast textformatet\n" "har valts i inst?llningarna." -#: src/mailitem-events.cpp:295 +#: src/mailitem-events.cpp:313 src/mailitem-events.cpp:805 msgid "Sorry, that's not possible, yet" msgstr "" -#: src/mailitem-events.cpp:297 +#: src/mailitem-events.cpp:315 #, c-format msgid "" "GpgOL has prevented the change to the \"%s\" property.\n" @@ -710,23 +715,30 @@ msgid "" "For example by right clicking but not selecting the message.\n" msgstr "" +#: src/mailitem-events.cpp:802 +msgid "" +"Attachments are part of the crypto message.\n" +"They can't be permanently removed and will be shown again the next time this " +"message is opened." +msgstr "" + #: src/main.c:466 #, c-format msgid "Note: Using compatibility flags: %s" msgstr "" -#: src/mapihelp.cpp:1886 src/mapihelp.cpp:1894 src/mapihelp.cpp:1902 +#: src/mapihelp.cpp:1918 src/mapihelp.cpp:1926 src/mapihelp.cpp:1934 msgid "[no subject]" msgstr "" -#: src/mapihelp.cpp:2527 +#: src/mapihelp.cpp:2559 msgid "" "[The content of this message is not visible because it has been decrypted by " "another Outlook session. Use the \"decrypt/verify\" command to make it " "visible]" msgstr "" -#: src/mapihelp.cpp:3421 +#: src/mapihelp.cpp:3453 msgid "" "[The content of this message is not visible due to an processing error in " "GpgOL.]" @@ -1028,20 +1040,20 @@ msgstr "" msgid "GpgOL: Request confirmed!" msgstr "" -#: src/cryptcontroller.cpp:393 +#: src/cryptcontroller.cpp:404 msgid "Resolving recipients..." msgstr "" -#: src/cryptcontroller.cpp:397 +#: src/cryptcontroller.cpp:408 msgid "Resolving signers..." msgstr "" -#: src/cryptcontroller.cpp:1004 +#: src/cryptcontroller.cpp:1042 #, fuzzy msgid "Encrypting..." msgstr "Kryptering" -#: src/cryptcontroller.cpp:1008 +#: src/cryptcontroller.cpp:1046 msgid "Signing..." msgstr "" diff --git a/po/zh_CN.po b/po/zh_CN.po index dba6840..6de3b27 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -7,7 +7,7 @@ msgid "" msgstr "" "Project-Id-Version: GpgOL\n" "Report-Msgid-Bugs-To: bug-gpgol at g10code.com\n" -"POT-Creation-Date: 2018-03-21 13:02+0100\n" +"POT-Creation-Date: 2018-04-12 12:58+0200\n" "PO-Revision-Date: 2015-08-15 21:58+0800\n" "Last-Translator: Mingye Wang (Arthur2e5) \n" "Language-Team: \n" @@ -76,7 +76,7 @@ msgstr "" #: src/gpgoladdin.cpp:864 src/gpgoladdin.cpp:907 src/gpgoladdin.cpp:980 #: src/gpgoladdin.cpp:982 src/gpgoladdin.cpp:1018 src/gpgoladdin.cpp:1172 #: src/gpgoladdin.cpp:1255 src/gpgoladdin.cpp:1261 src/gpgoladdin.cpp:1334 -#: src/gpgoladdin.cpp:1338 src/mail.cpp:761 src/main.c:467 src/message.cpp:303 +#: src/gpgoladdin.cpp:1338 src/main.c:467 src/message.cpp:303 #: src/ribbon-callbacks.cpp:134 src/ribbon-callbacks.cpp:248 #: src/ribbon-callbacks.cpp:263 src/ribbon-callbacks.cpp:275 #: src/ribbon-callbacks.cpp:312 src/ribbon-callbacks.cpp:324 @@ -123,6 +123,11 @@ msgstr "???????" msgid "GpgOL - Save attachment" msgstr "GpgOL - ????" +#: src/common.c:1073 +#, fuzzy +msgid "GpgOL Error" +msgstr "GpgOL" + #: src/config-dialog.c:38 msgid "Debug output (for analysing problems)" msgstr "????????????" @@ -168,12 +173,12 @@ msgstr "" msgid "Do you want to revert this folder?" msgstr "????????????" -#: src/gpgoladdin.cpp:446 src/mail.cpp:1685 src/mail.cpp:1756 +#: src/gpgoladdin.cpp:446 src/mail.cpp:1794 src/mail.cpp:1865 #, fuzzy msgid "GpgOL: Encrypted Message" msgstr "????" -#: src/gpgoladdin.cpp:447 src/mail.cpp:1686 src/mail.cpp:1757 +#: src/gpgoladdin.cpp:447 src/mail.cpp:1795 src/mail.cpp:1866 msgid "GpgOL: Trusted Sender Address" msgstr "" @@ -366,42 +371,42 @@ msgstr "" "???????\n" "???????????" -#: src/mail.cpp:323 +#: src/mail.cpp:325 msgid "" "Not all attachments were encrypted or signed.\n" "The unsigned / unencrypted attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:328 +#: src/mail.cpp:330 msgid "" "Not all attachments were signed.\n" "The unsigned attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:333 +#: src/mail.cpp:335 msgid "" "Not all attachments were encrypted.\n" "The unencrypted attachments are:\n" "\n" msgstr "" -#: src/mail.cpp:373 +#: src/mail.cpp:375 msgid "" "Note: The attachments may be encrypted or signed on a file level but the " "GpgOL status does not apply to them." msgstr "" -#: src/mail.cpp:376 +#: src/mail.cpp:378 msgid "GpgOL Warning" msgstr "" -#: src/mail.cpp:843 +#: src/mail.cpp:925 msgid "Pubkey directory confirmation" msgstr "" -#: src/mail.cpp:844 +#: src/mail.cpp:926 msgid "" "This is a confirmation request to publish your Pubkey in the directory for " "your domain.\n" @@ -410,20 +415,20 @@ msgid "" "directory, simply ignore this message.

\n" msgstr "" -#: src/mail.cpp:852 src/mail.cpp:2000 +#: src/mail.cpp:934 src/mail.cpp:2109 #, fuzzy msgid "Encrypted message" msgstr "????" -#: src/mail.cpp:853 +#: src/mail.cpp:935 msgid "Please wait while the message is being decrypted / verified..." msgstr "" -#: src/mail.cpp:1132 +#: src/mail.cpp:1234 msgid "GpgOL: Oops, G Suite Sync account detected" msgstr "" -#: src/mail.cpp:1134 +#: src/mail.cpp:1236 msgid "" "G Suite Sync breaks outgoing crypto mails with attachments.\n" "Using crypto and attachments with G Suite Sync is not supported.\n" @@ -431,105 +436,105 @@ msgid "" "See: https://dev.gnupg.org/T3545 for details." msgstr "" -#: src/mail.cpp:1945 +#: src/mail.cpp:2054 msgid "Security Level 4" msgstr "" -#: src/mail.cpp:1949 +#: src/mail.cpp:2058 msgid "Trust Level 4" msgstr "" -#: src/mail.cpp:1953 +#: src/mail.cpp:2062 msgid "Security Level 3" msgstr "" -#: src/mail.cpp:1957 +#: src/mail.cpp:2066 msgid "Trust Level 3" msgstr "" -#: src/mail.cpp:1961 +#: src/mail.cpp:2070 msgid "Security Level 2" msgstr "" -#: src/mail.cpp:1965 +#: src/mail.cpp:2074 msgid "Trust Level 2" msgstr "" -#: src/mail.cpp:1969 +#: src/mail.cpp:2078 #, fuzzy msgid "Encrypted" msgstr "??" -#: src/mail.cpp:1978 src/mail.cpp:1980 src/ribbon-callbacks.cpp:1631 +#: src/mail.cpp:2087 src/mail.cpp:2089 src/ribbon-callbacks.cpp:1631 msgid "Insecure" msgstr "" -#: src/mail.cpp:1992 +#: src/mail.cpp:2101 #, fuzzy msgid "Signed and encrypted message" msgstr "????" -#: src/mail.cpp:1996 +#: src/mail.cpp:2105 #, fuzzy msgid "Signed message" msgstr "????" -#: src/mail.cpp:2003 src/ribbon-callbacks.cpp:1654 +#: src/mail.cpp:2112 src/ribbon-callbacks.cpp:1654 #, fuzzy msgid "Insecure message" msgstr "????" -#: src/mail.cpp:2014 src/mail.cpp:2025 +#: src/mail.cpp:2123 src/mail.cpp:2134 msgid "You cannot be sure who sent, modified and read the message in transit." msgstr "" -#: src/mail.cpp:2017 +#: src/mail.cpp:2126 msgid "The message was signed but the verification failed with:" msgstr "" -#: src/mail.cpp:2035 +#: src/mail.cpp:2144 #, fuzzy msgid "The encryption was VS-NfD-compliant." msgstr "????\n" -#: src/mail.cpp:2039 +#: src/mail.cpp:2148 #, fuzzy msgid "The encryption was not VS-NfD-compliant." msgstr "????\n" -#: src/mail.cpp:2043 +#: src/mail.cpp:2152 msgid "You cannot be sure who sent the message because it is not signed." msgstr "" -#: src/mail.cpp:2066 +#: src/mail.cpp:2175 #, fuzzy msgid "You signed this message." msgstr "????" -#: src/mail.cpp:2070 +#: src/mail.cpp:2179 msgid "The senders identity was certified by yourself." msgstr "" -#: src/mail.cpp:2074 +#: src/mail.cpp:2183 msgid "The sender is allowed to certify identities for you." msgstr "" -#: src/mail.cpp:2087 +#: src/mail.cpp:2196 msgid "The senders identity was certified by several trusted people." msgstr "" -#: src/mail.cpp:2092 +#: src/mail.cpp:2201 #, c-format msgid "" "The senders identity is certified by the trusted issuer:\n" "'%s'\n" msgstr "" -#: src/mail.cpp:2100 +#: src/mail.cpp:2209 msgid "Some trusted people have certified the senders identity." msgstr "" -#: src/mail.cpp:2110 +#: src/mail.cpp:2219 #, c-format msgid "" "The senders address is trusted, because you have established a communication " @@ -537,142 +542,142 @@ msgid "" "You encrypted %i and verified %i messages since." msgstr "" -#: src/mail.cpp:2126 +#: src/mail.cpp:2235 msgid "The senders signature was verified for the first time." msgstr "" -#: src/mail.cpp:2133 +#: src/mail.cpp:2242 #, c-format msgid "" "The senders address is not trustworthy yet because you only verified %i " "messages and encrypted %i messages to it since %s." msgstr "" -#: src/mail.cpp:2147 +#: src/mail.cpp:2256 msgid "But the sender address is not trustworthy because:" msgstr "" -#: src/mail.cpp:2148 +#: src/mail.cpp:2257 msgid "The sender address is not trustworthy because:" msgstr "" -#: src/mail.cpp:2156 +#: src/mail.cpp:2265 #, fuzzy msgid "The signature is invalid: \n" msgstr "????\n" -#: src/mail.cpp:2161 +#: src/mail.cpp:2270 msgid "There was an error verifying the signature.\n" msgstr "" -#: src/mail.cpp:2165 +#: src/mail.cpp:2274 #, fuzzy msgid "The signature is expired.\n" msgstr "????\n" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 msgid "The used key" msgstr "" -#: src/mail.cpp:2169 +#: src/mail.cpp:2278 #, fuzzy msgid "The used certificate" msgstr "????" -#: src/mail.cpp:2177 +#: src/mail.cpp:2286 #, fuzzy msgid "is not available." msgstr "???????CRL????\n" -#: src/mail.cpp:2181 +#: src/mail.cpp:2290 msgid "is revoked." msgstr "" -#: src/mail.cpp:2185 +#: src/mail.cpp:2294 msgid "is expired." msgstr "" -#: src/mail.cpp:2189 +#: src/mail.cpp:2298 msgid "is not meant for signing." msgstr "" -#: src/mail.cpp:2193 src/mail.cpp:2197 +#: src/mail.cpp:2302 src/mail.cpp:2306 msgid "could not be checked for revocation." msgstr "" -#: src/mail.cpp:2202 +#: src/mail.cpp:2311 msgid "is not the same as the key that was used for this address in the past." msgstr "" -#: src/mail.cpp:2208 +#: src/mail.cpp:2317 #, c-format msgid "does not claim the address: \"%s\"." msgstr "" -#: src/mail.cpp:2221 +#: src/mail.cpp:2330 msgid "is not certified by any trustworthy key." msgstr "" -#: src/mail.cpp:2225 +#: src/mail.cpp:2334 msgid "" "is not certified by a trustworthy Certificate Authority or the Certificate " "Authority is unknown." msgstr "" -#: src/mail.cpp:2230 +#: src/mail.cpp:2339 msgid "The sender marked this address as revoked." msgstr "" -#: src/mail.cpp:2234 +#: src/mail.cpp:2343 msgid "is marked as not trustworthy." msgstr "" -#: src/mail.cpp:2244 +#: src/mail.cpp:2353 #, fuzzy msgid "The signature is VS-NfD-compliant." msgstr "????\n" -#: src/mail.cpp:2248 +#: src/mail.cpp:2357 #, fuzzy msgid "The signature is not VS-NfD-compliant." msgstr "????\n" -#: src/mail.cpp:2256 +#: src/mail.cpp:2365 #, fuzzy msgid "The encryption is VS-NfD-compliant." msgstr "????\n" -#: src/mail.cpp:2260 +#: src/mail.cpp:2369 #, fuzzy msgid "The encryption is not VS-NfD-compliant." msgstr "????\n" -#: src/mail.cpp:2271 +#: src/mail.cpp:2380 msgid "Click here to change the key used for this address." msgstr "" -#: src/mail.cpp:2275 +#: src/mail.cpp:2384 msgid "Click here for details about the key." msgstr "" -#: src/mail.cpp:2276 +#: src/mail.cpp:2385 msgid "Click here for details about the certificate." msgstr "" -#: src/mail.cpp:2280 +#: src/mail.cpp:2389 msgid "Click here to search the key on the configured keyserver." msgstr "" -#: src/mail.cpp:2281 +#: src/mail.cpp:2390 msgid "Click here to search the certificate on the configured X509 keyserver." msgstr "" -#: src/mail.cpp:2509 +#: src/mail.cpp:2678 #, fuzzy msgid "GpgOL: Encryption not possible!" msgstr "????" -#: src/mail.cpp:2511 +#: src/mail.cpp:2680 msgid "" "Outlook returned an error when trying to send the encrypted mail.\n" "\n" @@ -692,11 +697,11 @@ msgstr "" "?????????????????\n" "????" -#: src/mailitem-events.cpp:295 +#: src/mailitem-events.cpp:313 src/mailitem-events.cpp:805 msgid "Sorry, that's not possible, yet" msgstr "" -#: src/mailitem-events.cpp:297 +#: src/mailitem-events.cpp:315 #, c-format msgid "" "GpgOL has prevented the change to the \"%s\" property.\n" @@ -708,16 +713,23 @@ msgid "" "For example by right clicking but not selecting the message.\n" msgstr "" +#: src/mailitem-events.cpp:802 +msgid "" +"Attachments are part of the crypto message.\n" +"They can't be permanently removed and will be shown again the next time this " +"message is opened." +msgstr "" + #: src/main.c:466 #, c-format msgid "Note: Using compatibility flags: %s" msgstr "???????????%s" -#: src/mapihelp.cpp:1886 src/mapihelp.cpp:1894 src/mapihelp.cpp:1902 +#: src/mapihelp.cpp:1918 src/mapihelp.cpp:1926 src/mapihelp.cpp:1934 msgid "[no subject]" msgstr "[???]" -#: src/mapihelp.cpp:2527 +#: src/mapihelp.cpp:2559 msgid "" "[The content of this message is not visible because it has been decrypted by " "another Outlook session. Use the \"decrypt/verify\" command to make it " @@ -726,7 +738,7 @@ msgstr "" "[???????????????? Outlook ?????????/????????" "?]" -#: src/mapihelp.cpp:3421 +#: src/mapihelp.cpp:3453 msgid "" "[The content of this message is not visible due to an processing error in " "GpgOL.]" @@ -1056,21 +1068,21 @@ msgstr "" msgid "GpgOL: Request confirmed!" msgstr "" -#: src/cryptcontroller.cpp:393 +#: src/cryptcontroller.cpp:404 #, fuzzy msgid "Resolving recipients..." msgstr "??????" -#: src/cryptcontroller.cpp:397 +#: src/cryptcontroller.cpp:408 msgid "Resolving signers..." msgstr "" -#: src/cryptcontroller.cpp:1004 +#: src/cryptcontroller.cpp:1042 #, fuzzy msgid "Encrypting..." msgstr "??" -#: src/cryptcontroller.cpp:1008 +#: src/cryptcontroller.cpp:1046 msgid "Signing..." msgstr "" commit 68ba8ea2d624c025fcd8fce7a0a1bdc6d79b431c Author: Andre Heinecke Date: Thu Apr 12 12:49:35 2018 +0200 Hide attachment removal warning on revert * src/mail.cpp (attachment_remove_warning_disabled): New. (Mail::revert): Disable attachment warning. * src/mailitem-events.cpp: Check if warnings are disabled. -- On revert this would otherwise show the newly introduced warning. diff --git a/src/mail.cpp b/src/mail.cpp index 2abff2a..cbff50d 100644 --- a/src/mail.cpp +++ b/src/mail.cpp @@ -94,7 +94,8 @@ Mail::Mail (LPDISPATCH mailitem) : m_window(nullptr), m_async_crypt_disabled(false), m_is_forwarded_crypto_mail(false), - m_is_send_again(false) + m_is_send_again(false), + m_disable_att_remove_warning(false) { if (get_mail_for_item (mailitem)) { @@ -1491,6 +1492,8 @@ Mail::revert () return 0; } + m_disable_att_remove_warning = true; + err = gpgol_mailitem_revert (m_mailitem); if (err == -1) { @@ -1501,6 +1504,7 @@ Mail::revert () /* We need to reprocess the mail next time around. */ m_processed = false; m_needs_wipe = false; + m_disable_att_remove_warning = false; return 0; } diff --git a/src/mail.h b/src/mail.h index ee108a2..d3b6afa 100644 --- a/src/mail.h +++ b/src/mail.h @@ -481,6 +481,10 @@ public: */ void set_is_send_again (bool value) { m_is_send_again = value; } + + /* Attachment removal state variables. */ + bool attachment_remove_warning_disabled () { return m_disable_att_remove_warning; } + private: void update_categories (); void update_sigstate (); @@ -522,5 +526,6 @@ private: std::string m_mime_data; bool m_is_forwarded_crypto_mail; /* Is this a forward of a crypto mail */ bool m_is_send_again; /* Is this a send again of a crypto mail */ + bool m_disable_att_remove_warning; /* Should not warn about attachment removal. */ }; #endif // MAIL_H diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index 3a262fe..e4dd961 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -793,7 +793,8 @@ EVENT_SINK_INVOKE(MailItemEvents) { log_oom_extra ("%s:%s: AttachmentRemove: %p", SRCNAME, __func__, m_mail); - if (!m_mail->is_crypto_mail () || attachRemoveWarnShown) + if (!m_mail->is_crypto_mail () || attachRemoveWarnShown || + m_mail->attachment_remove_warning_disabled ()) { return S_OK; } @@ -803,6 +804,7 @@ EVENT_SINK_INVOKE(MailItemEvents) "time this message is opened."), _("Sorry, that's not possible, yet"), MB_OK); attachRemoveWarnShown = true; + return S_OK; } default: commit 6f7b2db102838df077162b9b2d1f7df1f1716994 Author: Andre Heinecke Date: Thu Apr 12 12:49:08 2018 +0200 Ignore InternetCodepage changes * src/mailitem-events.cpp: Ignore internetcodepage changes. diff --git a/src/mailitem-events.cpp b/src/mailitem-events.cpp index e73e0ee..3a262fe 100644 --- a/src/mailitem-events.cpp +++ b/src/mailitem-events.cpp @@ -45,6 +45,7 @@ const wchar_t *prop_blacklist[] = { L"OutlookVersion", L"OutlookInternalVersion", L"ReceivedTime", + L"InternetCodepage", NULL }; typedef enum ----------------------------------------------------------------------- Summary of changes: NEWS | 2 +- po/de.po | 181 ++++++++++++++++++++++++++---------------------- po/fr.po | 168 +++++++++++++++++++++++--------------------- po/pt.po | 168 +++++++++++++++++++++++--------------------- po/sv.po | 168 +++++++++++++++++++++++--------------------- po/zh_CN.po | 168 +++++++++++++++++++++++--------------------- po/zh_TW.po | 168 +++++++++++++++++++++++--------------------- src/mail.cpp | 6 +- src/mail.h | 5 ++ src/mailitem-events.cpp | 5 +- 10 files changed, 563 insertions(+), 476 deletions(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 13:15:21 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 12 Apr 2018 13:15:21 +0200 Subject: [git] GpgOL - branch, master, updated. gpgol-2.1.0-1-g8695b2e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG extension for MS Outlook". The branch, master has been updated via 8695b2eda8a9e665f0088a21fba67d097dfa592a (commit) from 536f0690ed85250756f1cc58dc957f8015e3785a (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 8695b2eda8a9e665f0088a21fba67d097dfa592a Author: Andre Heinecke Date: Thu Apr 12 13:15:12 2018 +0200 Post release version bump diff --git a/NEWS b/NEWS index e127e5e..53e510d 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes for version 2.1.1 (unreleased) +================================================= + + Noteworthy changes for version 2.1.0 (2018-04-12) ================================================= diff --git a/configure.ac b/configure.ac index 7fb6a92..9d71086 100644 --- a/configure.ac +++ b/configure.ac @@ -17,7 +17,7 @@ min_automake_version="1.14" # (git tag -s gpgol-k.n.m) and run "./autogen.sh --force". Please # bump the version number immediately *after* the release and do # another commit and push so that the git magic is able to work. -m4_define([mym4_version], [2.1.0]) +m4_define([mym4_version], [2.1.1]) # Below is m4 magic to extract and compute the git revision number, # the decimalized short revision number, a beta version string and a ----------------------------------------------------------------------- Summary of changes: NEWS | 4 ++++ configure.ac | 2 +- 2 files changed, 5 insertions(+), 1 deletion(-) hooks/post-receive -- GnuPG extension for MS Outlook http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 13:16:15 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Thu, 12 Apr 2018 13:16:15 +0200 Subject: [git] gnupg-doc - branch, master, updated. 57ef28a1cda058e4489f150724786a039691bd84 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 57ef28a1cda058e4489f150724786a039691bd84 (commit) from 0ab16972dc62edd7e610248f5d9859e273113183 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 57ef28a1cda058e4489f150724786a039691bd84 Author: Andre Heinecke Date: Thu Apr 12 13:15:45 2018 +0200 swdb: Update GpgOL to 2.1.0 -- diff --git a/web/swdb.mac b/web/swdb.mac index 6c2188d..ed2d1ef 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -181,11 +181,11 @@ # # GpgOL # -#+macro: gpgol_ver 2.0.5 -#+macro: gpgol_date 2017-12-08 -#+macro: gpgol_size 750k -#+macro: gpgol_sha1 2f7eb7453ad5c6e811823be5348eec4c78f97695 -#+macro: gpgol_sha2 8fa5d4d13edfb344ec75a0e9dce3e633e6ce81e92cd388b73e2d34a14c78d46e +#+macro: gpgol_ver 2.1.0 +#+macro: gpgol_date 2018-04-12 +#+macro: gpgol_size 775k +#+macro: gpgol_sha1 4b581ec9b8efdd02f2222c5a68934b0decef72c2 +#+macro: gpgol_sha2 3193fc5c85f7ef8cddca97c537831daf7a51f56c244f3d33ce2c3fcc01437764 # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 15:46:22 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 15:46:22 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-185-gbdf7cd2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via bdf7cd2e28432cf0fa7e0758acdfee03d7bfd45f (commit) from f7700a016926f0d8e9cb3c0337837deb7fe01079 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bdf7cd2e28432cf0fa7e0758acdfee03d7bfd45f Author: Werner Koch Date: Thu Apr 12 15:39:20 2018 +0200 tests: Add another check to gpg/t-verify. * tests/gpg/t-verify.c (PGM): New. Use it instead of __FILE__. (test_sig1_plus_unknown_key): New test signature. (check_result): Allow checking of several signatures. (main): Check a signature with a know and an unknown key. Signed-off-by: Werner Koch diff --git a/tests/gpg/t-verify.c b/tests/gpg/t-verify.c index f955cc9..ffc41ee 100644 --- a/tests/gpg/t-verify.c +++ b/tests/gpg/t-verify.c @@ -31,31 +31,14 @@ #include +#define PGM "t-verify" #include "t-support.h" + static const char test_text1[] = "Just GNU it!\n"; static const char test_text1f[]= "Just GNU it?\n"; static const char test_sig1[] = -#if 0 -"-----BEGIN PGP SIGNATURE-----\n" -"\n" -"iEYEABECAAYFAjoKgjIACgkQLXJ8x2hpdzQMSwCeO/xUrhysZ7zJKPf/FyXA//u1\n" -"ZgIAn0204PBR7yxSdQx6CFxugstNqmRv\n" -"=yku6\n" -"-----END PGP SIGNATURE-----\n" -#elif 0 -"-----BEGIN PGP SIGNATURE-----\n" -"Version: GnuPG v1.0.4-2 (GNU/Linux)\n" -"Comment: For info see http://www.gnupg.org\n" -"\n" -"iJcEABECAFcFAjoS8/E1FIAAAAAACAAkZm9vYmFyLjF0aGlzIGlzIGEgbm90YXRp\n" -"b24gZGF0YSB3aXRoIDIgbGluZXMaGmh0dHA6Ly93d3cuZ3Uub3JnL3BvbGljeS8A\n" -"CgkQLXJ8x2hpdzQLyQCbBW/fgU8ZeWSlWPM1F8umHX17bAAAoIfSNDSp5zM85XcG\n" -"iwxMrf+u8v4r\n" -"=88Zo\n" -"-----END PGP SIGNATURE-----\n" -#elif 1 "-----BEGIN PGP SIGNATURE-----\n" "\n" "iN0EABECAJ0FAjoS+i9FFIAAAAAAAwA5YmFyw7bDpMO8w58gZGFzIHdhcmVuIFVt\n" @@ -64,9 +47,24 @@ static const char test_sig1[] = "Oi8vd3d3Lmd1Lm9yZy9wb2xpY3kvAAoJEC1yfMdoaXc0JBIAoIiLlUsvpMDOyGEc\n" "dADGKXF/Hcb+AKCJWPphZCphduxSvrzH0hgzHdeQaA==\n" "=nts1\n" -"-----END PGP SIGNATURE-----\n" -#endif -; +"-----END PGP SIGNATURE-----\n"; + +/* The same as test_sig1 but with a second signature for which we do + * not have the public key (deleted after signature creation). */ +static const char test_sig1_plus_unknown_key[] = +"-----BEGIN PGP SIGNATURE-----\n" +"\n" +"iN0EABECAJ0FAjoS+i9FFIAAAAAAAwA5YmFyw7bDpMO8w58gZGFzIHdhcmVuIFVt\n" +"bGF1dGUgdW5kIGpldHp0IGVpbiBwcm96ZW50JS1aZWljaGVuNRSAAAAAAAgAJGZv\n" +"b2Jhci4xdGhpcyBpcyBhIG5vdGF0aW9uIGRhdGEgd2l0aCAyIGxpbmVzGhpodHRw\n" +"Oi8vd3d3Lmd1Lm9yZy9wb2xpY3kvAAoJEC1yfMdoaXc0JBIAoIiLlUsvpMDOyGEc\n" +"dADGKXF/Hcb+AKCJWPphZCphduxSvrzH0hgzHdeQaIh1BAAWCAAdFiEENuwqcMZC\n" +"brD85btN+RyY8EnUIEwFAlrPR4cACgkQ+RyY8EnUIEyiuAEAm41LJTGUFDzhavRm\n" +"jNwqUZxGGOySduW+u/X1lEfV+MYA/2lJOo75rHtD1EG+tkFVWt4Ukj0rjhR132vZ\n" +"IOtrYAcG\n" +"=yYwZ\n" +"-----END PGP SIGNATURE-----\n"; + static const char test_sig2[] = "-----BEGIN PGP MESSAGE-----\n" "\n" @@ -91,37 +89,51 @@ static const char double_plaintext_sig[] = +/* NO_OF_SIGS is the expected number of signatures. SKIP_SKIPS is + * which of these signatures to check (0 based). */ static void -check_result (gpgme_verify_result_t result, unsigned int summary, - const char *fpr, +check_result (gpgme_verify_result_t result, int no_of_sigs, int skip_sigs, + unsigned int summary, const char *fpr, gpgme_error_t status, int notation) { gpgme_signature_t sig; + int n; sig = result->signatures; - if (!sig || sig->next) + for (n=0; sig; sig = sig->next) + n++; + if (n != no_of_sigs) { - fprintf (stderr, "%s:%i: Unexpected number of signatures\n", - __FILE__, __LINE__); + fprintf (stderr, "%s:%i: Unexpected number of signatures" + " (got %d expected %d)\n", PGM, __LINE__, n, no_of_sigs); exit (1); } + if (skip_sigs >= n) + { + fprintf (stderr, "%s:%i: oops SKIPP_SIGS to high\n", PGM, __LINE__); + exit (1); + } + + for (n=0, sig = result->signatures; n < skip_sigs; sig = sig->next, n++) + ; + if (sig->summary != summary) { - fprintf (stderr, "%s:%i: Unexpected signature summary: " + fprintf (stderr, "%s:%i:sig-%d: Unexpected signature summary: " "want=0x%x have=0x%x\n", - __FILE__, __LINE__, summary, sig->summary); + PGM, __LINE__, skip_sigs, summary, sig->summary); exit (1); } if (strcmp (sig->fpr, fpr)) { - fprintf (stderr, "%s:%i: Unexpected fingerprint: %s\n", - __FILE__, __LINE__, sig->fpr); + fprintf (stderr, "%s:%i:sig-%d: Unexpected fingerprint: %s\n", + PGM, __LINE__, skip_sigs, sig->fpr); exit (1); } if (gpgme_err_code (sig->status) != status) { - fprintf (stderr, "%s:%i: Unexpected signature status: %s\n", - __FILE__, __LINE__, gpgme_strerror (sig->status)); + fprintf (stderr, "%s:%i:sig-%d: Unexpected signature status: %s\n", + PGM, __LINE__, skip_sigs, gpgme_strerror (sig->status)); exit (1); } if (notation) @@ -166,8 +178,8 @@ check_result (gpgme_verify_result_t result, unsigned int summary, } if (!any) { - fprintf (stderr, "%s:%i: Unexpected notation data\n", - __FILE__, __LINE__); + fprintf (stderr, "%s:%i:sig-%d: Unexpected notation data\n", + PGM, __LINE__, skip_sigs); exit (1); } } @@ -175,28 +187,30 @@ check_result (gpgme_verify_result_t result, unsigned int summary, { if (expected_notations[i].seen != 1) { - fprintf (stderr, "%s:%i: Missing or duplicate notation data\n", - __FILE__, __LINE__); + fprintf (stderr, "%s:%i:sig-%d: " + "Missing or duplicate notation data\n", + PGM, __LINE__, skip_sigs); exit (1); } } } if (sig->wrong_key_usage) { - fprintf (stderr, "%s:%i: Unexpectedly wrong key usage\n", - __FILE__, __LINE__); + fprintf (stderr, "%s:%i:sig-%d: Unexpectedly wrong key usage\n", + PGM, __LINE__, skip_sigs); exit (1); } if (sig->validity != GPGME_VALIDITY_UNKNOWN) { - fprintf (stderr, "%s:%i: Unexpected validity: %i\n", - __FILE__, __LINE__, sig->validity); + fprintf (stderr, "%s:%i:sig-%d: Unexpected validity: %i\n", + PGM, __LINE__, skip_sigs, sig->validity); exit (1); } if (gpgme_err_code (sig->validity_reason) != GPG_ERR_NO_ERROR) { - fprintf (stderr, "%s:%i: Unexpected validity reason: %s\n", - __FILE__, __LINE__, gpgme_strerror (sig->validity_reason)); + fprintf (stderr, "%s:%i:sig-%d: Unexpected validity reason: %s\n", + PGM, __LINE__, skip_sigs, + gpgme_strerror (sig->validity_reason)); exit (1); } } @@ -227,7 +241,7 @@ main (int argc, char *argv[]) err = gpgme_op_verify (ctx, sig, text, NULL); fail_if_err (err); result = gpgme_op_verify_result (ctx); - check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", + check_result (result, 1, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", GPG_ERR_NO_ERROR, 1); /* Checking a manipulated message. */ @@ -238,9 +252,27 @@ main (int argc, char *argv[]) err = gpgme_op_verify (ctx, sig, text, NULL); fail_if_err (err); result = gpgme_op_verify_result (ctx); - check_result (result, GPGME_SIGSUM_RED, "2D727CC768697734", + check_result (result, 1, 0, GPGME_SIGSUM_RED, "2D727CC768697734", GPG_ERR_BAD_SIGNATURE, 0); + /* Checking a valid message. Bu that one has a second signature + * made by an unknown key. */ + gpgme_data_release (text); + gpgme_data_release (sig); + err = gpgme_data_new_from_mem (&text, test_text1, strlen (test_text1), 0); + fail_if_err (err); + err = gpgme_data_new_from_mem (&sig, test_sig1_plus_unknown_key, + strlen (test_sig1_plus_unknown_key), 0); + fail_if_err (err); + err = gpgme_op_verify (ctx, sig, text, NULL); + fail_if_err (err); + result = gpgme_op_verify_result (ctx); + check_result (result, 2, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", + GPG_ERR_NO_ERROR, 1); + check_result (result, 2, 1, 0, "36EC2A70C6426EB0FCE5BB4DF91C98F049D4204C", + GPG_ERR_NO_ERROR, 0); + + /* Checking a normal signature. */ gpgme_data_release (sig); gpgme_data_release (text); @@ -251,7 +283,7 @@ main (int argc, char *argv[]) err = gpgme_op_verify (ctx, sig, NULL, text); fail_if_err (err); result = gpgme_op_verify_result (ctx); - check_result (result, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", + check_result (result, 1, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", GPG_ERR_NO_ERROR, 0); @@ -267,7 +299,7 @@ main (int argc, char *argv[]) if (gpgme_err_code (err) != GPG_ERR_BAD_DATA) { fprintf (stderr, "%s:%i: Double plaintext message not detected\n", - __FILE__, __LINE__); + PGM, __LINE__); exit (1); } @@ -278,7 +310,7 @@ main (int argc, char *argv[]) if (!s || strcmp (s, "foo at example.org")) { fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n", - __FILE__, __LINE__); + PGM, __LINE__); exit (1); } @@ -288,7 +320,7 @@ main (int argc, char *argv[]) if (!s || strcmp (s, "bar at example.org")) { fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n", - __FILE__, __LINE__); + PGM, __LINE__); exit (1); } @@ -298,7 +330,7 @@ main (int argc, char *argv[]) if (!s || strcmp (s, "foo at example.org")) { fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n", - __FILE__, __LINE__); + PGM, __LINE__); exit (1); } @@ -306,7 +338,7 @@ main (int argc, char *argv[]) if (gpgme_err_code (err) != GPG_ERR_INV_VALUE) { fprintf (stderr, "%s:%i: gpgme_set_sender didn't detect bogus address\n", - __FILE__, __LINE__); + PGM, __LINE__); exit (1); } /* (the former address should still be there.) */ @@ -314,7 +346,7 @@ main (int argc, char *argv[]) if (!s || strcmp (s, "foo at example.org")) { fprintf (stderr, "%s:%i: gpgme_{set,get}_sender mismatch\n", - __FILE__, __LINE__); + PGM, __LINE__); exit (1); } ----------------------------------------------------------------------- Summary of changes: tests/gpg/t-verify.c | 136 +++++++++++++++++++++++++++++++-------------------- 1 file changed, 84 insertions(+), 52 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 16:06:26 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 16:06:26 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-186-gee8fad3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via ee8fad3ea0cbc82f31c86b3483abd8549df62b69 (commit) from bdf7cd2e28432cf0fa7e0758acdfee03d7bfd45f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ee8fad3ea0cbc82f31c86b3483abd8549df62b69 Author: Werner Koch Date: Thu Apr 12 15:59:22 2018 +0200 tests: Avoid segv in run-verify due to Policy URLs * tests/run-verify.c (print_result): Take care of Policy URLs. Signed-off-by: Werner Koch diff --git a/tests/run-verify.c b/tests/run-verify.c index b22e644..699bfd1 100644 --- a/tests/run-verify.c +++ b/tests/run-verify.c @@ -163,15 +163,22 @@ print_result (gpgme_verify_result_t result) ); for (nt = sig->notations; nt; nt = nt->next) { - printf (" notation ..: '%s'\n", nt->name); - if (strlen (nt->name) != nt->name_len) - printf (" warning : name larger (%d)\n", nt->name_len); - printf (" flags ...:%s%s (0x%02x)\n", - nt->critical? " critical":"", - nt->human_readable? " human":"", - nt->flags); - if (nt->value) - printf (" value ...: '%s'\n", nt->value); + if (nt->name) + { + printf (" notation ..: '%s'\n", nt->name); + if (strlen (nt->name) != nt->name_len) + printf (" warning : name larger (%d)\n", nt->name_len); + printf (" flags ...:%s%s (0x%02x)\n", + nt->critical? " critical":"", + nt->human_readable? " human":"", + nt->flags); + if (nt->value) + printf (" value ...: '%s'\n", nt->value); + } + else + { + printf (" policy ....: '%s'\n", nt->value); + } if ((nt->value?strlen (nt->value):0) != nt->value_len) printf (" warning : value larger (%d)\n", nt->value_len); } ----------------------------------------------------------------------- Summary of changes: tests/run-verify.c | 25 ++++++++++++++++--------- 1 file changed, 16 insertions(+), 9 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 16:48:24 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 16:48:24 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-10-g23a7145 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 23a714598c247d78cfda46a6dc338b17e17cc194 (commit) from e2bd152a928d79ddfb95fd2f7911c80a1a8d5a21 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 23a714598c247d78cfda46a6dc338b17e17cc194 Author: Werner Koch Date: Thu Apr 12 16:41:05 2018 +0200 gpg: Extend the ERRSIG status line with a fingerprint. * g10/mainproc.c (issuer_fpr_raw): New. (issuer_fpr_string): Re-implement using issuer_fpr_rtaw. (check_sig_and_print): Don't free ISSUER_FPR. Use ISSUER_FPR_RAW. Use write_status_printf. Extend ERRSIG status. -- Modern OpenPGP implementations put the ISSUER_FPR into the signature to make it easier to discover the, public needed to check the signature. This is also useful in error messages and thus we add it. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 403c2a0..cd547a1 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,9 @@ Noteworthy changes in version 2.2.7 (unreleased) * gpg: New option --no-symkey-cache to disable the passphrase cache for symmetrical en- and decryption. + * gpg: The ERRSIG status now prints the fingerprint if that is part + of the signature. + Noteworthy changes in version 2.2.6 (2018-04-09) ------------------------------------------------ diff --git a/doc/DETAILS b/doc/DETAILS index e54e8a0..2d78fec 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -435,14 +435,17 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: available. This is the case with CMS and might eventually also be available for OpenPGP. -*** ERRSIG +*** ERRSIG It was not possible to check the signature. This may be caused by a missing public key or an unsupported algorithm. A RC of 4 indicates unknown algorithm, a 9 indicates a missing public key. The other fields give more information about this signature. sig_class is a 2 byte hex-value. The fingerprint may be used - instead of the keyid if it is available. This is the case with - gpgsm and might eventually also be available for OpenPGP. + instead of the long_keyid_or_fpr if it is available. This is the + case with gpgsm and might eventually also be available for + OpenPGP. The ERRSIG line has FPR filed which is only available + since 2.2.7; that FPR may either be missing or - if the signature + has no fingerprint as meta data. Note, that TIME may either be the number of seconds since Epoch or an ISO 8601 string. The latter can be detected by the presence of @@ -717,7 +720,9 @@ pkd:0:1024:B665B1435F4C2 .... FF26ABB: The used key has been revoked by its owner. No arguments yet. *** NO_PUBKEY - The public key is not available + The public key is not available. Note the arg should in general + not be used because it is better to take it from the ERRSIG + status line which is printed right before this one. *** NO_SECKEY The secret key is not available diff --git a/g10/mainproc.c b/g10/mainproc.c index 512d33c..8582827 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1608,6 +1608,26 @@ akl_has_wkd_method (void) } +/* Return the ISSUER fingerprint buffer and its lenbgth at R_LEN. + * Returns NULL if not available. The returned buffer is valid as + * long as SIG is not modified. */ +static const byte * +issuer_fpr_raw (PKT_signature *sig, size_t *r_len) +{ + const byte *p; + size_t n; + + p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); + if (p && n == 21 && p[0] == 4) + { + *r_len = n - 1; + return p+1; + } + *r_len = 0; + return NULL; +} + + /* Return the ISSUER fingerprint string in human readbale format if * available. Caller must release the string. */ static char * @@ -1616,10 +1636,8 @@ issuer_fpr_string (PKT_signature *sig) const byte *p; size_t n; - p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); - if (p && n == 21 && p[0] == 4) - return bin2hex (p+1, n-1, NULL); - return NULL; + p = issuer_fpr_raw (sig, &n); + return p? bin2hex (p, n, NULL) : NULL; } @@ -1659,7 +1677,7 @@ check_sig_and_print (CTX c, kbnode_t node) int rc; int is_expkey = 0; int is_revkey = 0; - char *issuer_fpr; + char *issuer_fpr = NULL; PKT_public_key *pk = NULL; /* The public key for the signature or NULL. */ int tried_ks_by_fpr; @@ -1786,13 +1804,14 @@ check_sig_and_print (CTX c, kbnode_t node) write_status_text (STATUS_NEWSIG, NULL); astr = openpgp_pk_algo_name ( sig->pubkey_algo ); - if ((issuer_fpr = issuer_fpr_string (sig))) + issuer_fpr = issuer_fpr_string (sig); + + if (issuer_fpr) { log_info (_("Signature made %s\n"), asctimestamp(sig->timestamp)); log_info (_(" using %s key %s\n"), astr? astr: "?", issuer_fpr); - xfree (issuer_fpr); } else if (!keystrlen () || keystrlen () > 8) { @@ -1899,14 +1918,14 @@ check_sig_and_print (CTX c, kbnode_t node) const byte *p; size_t n; - p = parse_sig_subpkt (sig->hashed, SIGSUBPKT_ISSUER_FPR, &n); - if (p && n == 21 && p[0] == 4) + p = issuer_fpr_raw (sig, &n); + if (p) { /* v4 packet with a SHA-1 fingerprint. */ free_public_key (pk); pk = NULL; glo_ctrl.in_auto_key_retrieve++; - res = keyserver_import_fprint (c->ctrl, p+1, n-1, opt.keyserver, 1); + res = keyserver_import_fprint (c->ctrl, p, n, opt.keyserver, 1); tried_ks_by_fpr = 1; glo_ctrl.in_auto_key_retrieve--; if (!res) @@ -2273,22 +2292,22 @@ check_sig_and_print (CTX c, kbnode_t node) } else { - char buf[50]; - - snprintf (buf, sizeof buf, "%08lX%08lX %d %d %02x %lu %d", - (ulong)sig->keyid[0], (ulong)sig->keyid[1], - sig->pubkey_algo, sig->digest_algo, - sig->sig_class, (ulong)sig->timestamp, gpg_err_code (rc)); - write_status_text (STATUS_ERRSIG, buf); + write_status_printf (STATUS_ERRSIG, "%08lX%08lX %d %d %02x %lu %d %s", + (ulong)sig->keyid[0], (ulong)sig->keyid[1], + sig->pubkey_algo, sig->digest_algo, + sig->sig_class, (ulong)sig->timestamp, + gpg_err_code (rc), + issuer_fpr? issuer_fpr:"-"); if (gpg_err_code (rc) == GPG_ERR_NO_PUBKEY) { - buf[16] = 0; - write_status_text (STATUS_NO_PUBKEY, buf); + write_status_printf (STATUS_NO_PUBKEY, "%08lX%08lX", + (ulong)sig->keyid[0], (ulong)sig->keyid[1]); } if (gpg_err_code (rc) != GPG_ERR_NOT_PROCESSED) log_error (_("Can't check signature: %s\n"), gpg_strerror (rc)); } + xfree (issuer_fpr); return rc; } ----------------------------------------------------------------------- Summary of changes: NEWS | 3 +++ doc/DETAILS | 13 +++++++++---- g10/mainproc.c | 57 ++++++++++++++++++++++++++++++++++++++------------------- 3 files changed, 50 insertions(+), 23 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 18:03:27 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 18:03:27 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-11-g69c3e7a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 69c3e7acb744e1e5606a4d946e3b948704cfbbae (commit) from 23a714598c247d78cfda46a6dc338b17e17cc194 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 69c3e7acb744e1e5606a4d946e3b948704cfbbae Author: Werner Koch Date: Thu Apr 12 17:53:17 2018 +0200 gpg: Extend the "sig" record in --list-mode. * g10/getkey.c (get_user_id_string): Add arg R_NOUID. Change call callers. (get_user_id): Add arg R_NOUID. Change call callers. * g10/mainproc.c (issuer_fpr_string): Make global. * g10/keylist.c (list_keyblock_colon): Print a '?' for a missing key also in --list-mode. Print the "issuer fpr" field also if there is an issuer fingerprint subpacket. -- Scripts used to rely on the "User ID not found" string even in the --with-colons listing. However, that is not a good idea because that string is subject to translations etc. Now we have an explicit way of telling that a key is missing. For example: gpg --list-sigs --with-colons | \ awk -F: '$1=="sig" && $2=="?" {if($13){print $13}else{print $5}}' Prints all keyids or fingerprint of signing keys for which we do not have the key in our local keyring. Signed-off-by: Werner Koch diff --git a/doc/DETAILS b/doc/DETAILS index 2d78fec..16e77c7 100644 --- a/doc/DETAILS +++ b/doc/DETAILS @@ -105,6 +105,19 @@ described here. certificate (i.e. for the trust anchor) and an 'f' for all other valid certificates. + In "sig" records, this field may have one of these values as first + character: + + - ! :: Signature is good. + - - :: Signature is bad. + - ? :: No public key to verify signature or public key is not usable. + - % :: Other error verifying a signature + + More values may be added later. The field may also be empty if + gpg has been invoked in a non-checking mode (--list-sigs) or in a + fast checking mode. Since 2.2.7 '?' will also be printed by the + command --list-sigs if the key is not in the local keyring. + *** Field 3 - Key length The length of key in bits. @@ -195,9 +208,11 @@ described here. gpg's --edit-key menu does. For "sig" records, this is the fingerprint of the key that issued - the signature. Note that this is only filled in if the signature + the signature. Note that this may only be filled if the signature verified correctly. Note also that for various technical reasons, this fingerprint is only available if --no-sig-cache is used. + Since 2.2.7 this field will also be set if the key is missing but + the signature carries an issuer fingerprint as meta data. *** Field 14 - Flag field diff --git a/g10/getkey.c b/g10/getkey.c index 0405d1d..c77b409 100644 --- a/g10/getkey.c +++ b/g10/getkey.c @@ -4119,15 +4119,20 @@ get_seckey_default_or_card (ctrl_t ctrl, PKT_public_key *pk, *********************************************/ /* Return a string with a printable representation of the user_id. - * this string must be freed by xfree. */ + * this string must be freed by xfree. If R_NOUID is not NULL it is + * set to true if a user id was not found; otherwise to false. */ static char * -get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) +get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len, + int *r_nouid) { user_id_db_t r; keyid_list_t a; int pass = 0; char *p; + if (r_nouid) + *r_nouid = 0; + /* Try it two times; second pass reads from the database. */ do { @@ -4174,6 +4179,8 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) else p = xasprintf ("%s [?]", keystr (keyid)); + if (r_nouid) + *r_nouid = 1; if (r_len) *r_len = strlen (p); return p; @@ -4183,7 +4190,7 @@ get_user_id_string (ctrl_t ctrl, u32 * keyid, int mode, size_t *r_len) char * get_user_id_string_native (ctrl_t ctrl, u32 * keyid) { - char *p = get_user_id_string (ctrl, keyid, 0, NULL); + char *p = get_user_id_string (ctrl, keyid, 0, NULL, NULL); char *p2 = utf8_to_native (p, strlen (p), 0); xfree (p); return p2; @@ -4193,15 +4200,15 @@ get_user_id_string_native (ctrl_t ctrl, u32 * keyid) char * get_long_user_id_string (ctrl_t ctrl, u32 * keyid) { - return get_user_id_string (ctrl, keyid, 1, NULL); + return get_user_id_string (ctrl, keyid, 1, NULL, NULL); } /* Please try to use get_user_byfpr instead of this one. */ char * -get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn) +get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid) { - return get_user_id_string (ctrl, keyid, 2, rn); + return get_user_id_string (ctrl, keyid, 2, rn, r_nouid); } @@ -4210,7 +4217,7 @@ char * get_user_id_native (ctrl_t ctrl, u32 *keyid) { size_t rn; - char *p = get_user_id (ctrl, keyid, &rn); + char *p = get_user_id (ctrl, keyid, &rn, NULL); char *p2 = utf8_to_native (p, rn, 0); xfree (p); return p2; diff --git a/g10/keydb.h b/g10/keydb.h index cc99241..c5671d6 100644 --- a/g10/keydb.h +++ b/g10/keydb.h @@ -404,10 +404,10 @@ void setup_main_keyids (kbnode_t keyblock); data structures. */ void merge_keys_and_selfsig (ctrl_t ctrl, kbnode_t keyblock); -char*get_user_id_string_native (ctrl_t ctrl, u32 *keyid); -char*get_long_user_id_string (ctrl_t ctrl, u32 *keyid); -char*get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn); -char*get_user_id_native (ctrl_t ctrl, u32 *keyid); +char *get_user_id_string_native (ctrl_t ctrl, u32 *keyid); +char *get_long_user_id_string (ctrl_t ctrl, u32 *keyid); +char *get_user_id (ctrl_t ctrl, u32 *keyid, size_t *rn, int *r_nouid); +char *get_user_id_native (ctrl_t ctrl, u32 *keyid); char *get_user_id_byfpr (ctrl_t ctrl, const byte *fpr, size_t *rn); char *get_user_id_byfpr_native (ctrl_t ctrl, const byte *fpr); diff --git a/g10/keyedit.c b/g10/keyedit.c index 7cd883d..c3eca93 100644 --- a/g10/keyedit.c +++ b/g10/keyedit.c @@ -264,7 +264,7 @@ keyedit_print_one_sig (ctrl_t ctrl, estream_t fp, else { size_t n; - char *p = get_user_id (ctrl, sig->keyid, &n); + char *p = get_user_id (ctrl, sig->keyid, &n, NULL); tty_print_utf8_string2 (fp, p, n, opt.screen_columns - keystrlen () - 26 - ((opt. diff --git a/g10/keylist.c b/g10/keylist.c index 86d1c56..199cd13 100644 --- a/g10/keylist.c +++ b/g10/keylist.c @@ -1145,7 +1145,7 @@ list_keyblock_print (ctrl_t ctrl, kbnode_t keyblock, int secret, int fpr, else if (!opt.fast_list_mode) { size_t n; - char *p = get_user_id (ctrl, sig->keyid, &n); + char *p = get_user_id (ctrl, sig->keyid, &n, NULL); print_utf8_buffer (es_stdout, p, n); xfree (p); } @@ -1513,6 +1513,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, byte fparray[MAX_FINGERPRINT_LEN]; char *siguid; size_t siguidlen; + char *issuer_fpr = NULL; if (sig->sig_class == 0x20 || sig->sig_class == 0x28 || sig->sig_class == 0x30) @@ -1570,11 +1571,16 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, else { rc = 0; - sigrc = ' '; + sigrc = ' '; /* Note the fix-up below in --list-sigs mode. */ } if (sigrc != '%' && sigrc != '?' && !opt.fast_list_mode) - siguid = get_user_id (ctrl, sig->keyid, &siguidlen); + { + int nouid; + siguid = get_user_id (ctrl, sig->keyid, &siguidlen, &nouid); + if (!opt.check_sigs && nouid) + sigrc = '?'; /* No key in local keyring. */ + } else { siguid = NULL; @@ -1613,6 +1619,8 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, for (i = 0; i < fplen; i++) es_fprintf (es_stdout, "%02X", fparray[i]); } + else if ((issuer_fpr = issuer_fpr_string (sig))) + es_fputs (issuer_fpr, es_stdout); es_fprintf (es_stdout, ":::%d:\n", sig->digest_algo); @@ -1621,6 +1629,7 @@ list_keyblock_colon (ctrl_t ctrl, kbnode_t keyblock, /* fixme: check or list other sigs here */ xfree (siguid); + xfree (issuer_fpr); } } diff --git a/g10/mainproc.c b/g10/mainproc.c index 8582827..49e7286 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -1209,7 +1209,7 @@ list_node (CTX c, kbnode_t node) } else if (!opt.fast_list_mode) { - p = get_user_id (c->ctrl, sig->keyid, &n); + p = get_user_id (c->ctrl, sig->keyid, &n, NULL); es_write_sanitized (es_stdout, p, n, opt.with_colons?":":NULL, NULL ); xfree (p); @@ -1630,7 +1630,8 @@ issuer_fpr_raw (PKT_signature *sig, size_t *r_len) /* Return the ISSUER fingerprint string in human readbale format if * available. Caller must release the string. */ -static char * +/* FIXME: Move to another file. */ +char * issuer_fpr_string (PKT_signature *sig) { const byte *p; diff --git a/g10/packet.h b/g10/packet.h index 8dca88b..43c097e 100644 --- a/g10/packet.h +++ b/g10/packet.h @@ -604,6 +604,8 @@ int proc_signature_packets_by_fd (ctrl_t ctrl, int proc_encryption_packets (ctrl_t ctrl, void *ctx, iobuf_t a); int list_packets( iobuf_t a ); +char *issuer_fpr_string (PKT_signature *sig); + /*-- parse-packet.c --*/ /* Sets the packet list mode to MODE (i.e., whether we are dumping a diff --git a/g10/passphrase.c b/g10/passphrase.c index ffdcdf2..10574ec 100644 --- a/g10/passphrase.c +++ b/g10/passphrase.c @@ -488,7 +488,7 @@ gpg_format_keydesc (ctrl_t ctrl, PKT_public_key *pk, int mode, int escaped) && pk->keyid[1] != pk->main_keyid[1]); algo_name = openpgp_pk_algo_name (pk->pubkey_algo); timestr = strtimestamp (pk->timestamp); - uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen); + uid = get_user_id (ctrl, is_subkey? pk->main_keyid:pk->keyid, &uidlen, NULL); orig_codeset = i18n_switchto_utf8 (); diff --git a/g10/pkclist.c b/g10/pkclist.c index 581cae4..dc19204 100644 --- a/g10/pkclist.c +++ b/g10/pkclist.c @@ -1149,7 +1149,7 @@ build_pk_list (ctrl_t ctrl, strlist_t rcpts, PK_LIST *ret_pk_list) else { size_t n; - char *p = get_user_id (ctrl, keyid, &n ); + char *p = get_user_id (ctrl, keyid, &n, NULL); tty_print_utf8_string ( p, n ); xfree(p); } diff --git a/g10/revoke.c b/g10/revoke.c index 8465232..3a08972 100644 --- a/g10/revoke.c +++ b/g10/revoke.c @@ -571,7 +571,7 @@ gen_standard_revoke (ctrl_t ctrl, PKT_public_key *psk, const char *cache_nonce) kl = opt.keyid_format == KF_NONE? 0 : keystrlen (); - tmpstr = get_user_id (ctrl, keyid, &len); + tmpstr = get_user_id (ctrl, keyid, &len, NULL); es_fprintf (memfp, "uid%*s%.*s\n\n", kl + 10, "", (int)len, tmpstr); ----------------------------------------------------------------------- Summary of changes: doc/DETAILS | 17 ++++++++++++++++- g10/getkey.c | 21 ++++++++++++++------- g10/keydb.h | 8 ++++---- g10/keyedit.c | 2 +- g10/keylist.c | 15 ++++++++++++--- g10/mainproc.c | 5 +++-- g10/packet.h | 2 ++ g10/passphrase.c | 2 +- g10/pkclist.c | 2 +- g10/revoke.c | 2 +- 10 files changed, 55 insertions(+), 21 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 20:33:26 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 20:33:26 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-187-g478d165 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 478d1650bbef84958ccce439fac982ef57b16cd0 (commit) from ee8fad3ea0cbc82f31c86b3483abd8549df62b69 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 478d1650bbef84958ccce439fac982ef57b16cd0 Author: Werner Koch Date: Thu Apr 12 20:26:00 2018 +0200 core: For a failed verification return the sig's fingerprint. * src/verify.c (parse_new_sig): Parse the new ERRSIG fpr. -- This works only when the signatures features an ISSUER_FPR sub-packet and with GnuPG >= 2.2.7. If that is not the case the keyid is kept in the FPR field. Signed-off-by: Werner Koch diff --git a/src/verify.c b/src/verify.c index ee730a3..4eab902 100644 --- a/src/verify.c +++ b/src/verify.c @@ -284,6 +284,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, gpgme_signature_t sig; char *end = strchr (args, ' '); char *tail; + int got_fpr = 0; if (end) { @@ -370,7 +371,23 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, if (!*end) goto parse_err_sig_fail; - sig->status = strtoul (end, NULL, 10); + gpg_err_set_errno (0); + sig->status = strtoul (end, &tail, 10); + if (errno || end == tail || (*tail && *tail != ' ')) + goto parse_err_sig_fail; + if (!*tail) + goto parse_err_sig_ok; + end = tail; + while (*end == ' ') + end++; + + /* Parse the new fingerprint (from the ISSUER_FPR subpacket). */ + if (!*end || (*end == '-' && (end[1] == ' ' || !end[1]))) + goto parse_err_sig_ok; /* Okay (just trailing spaces). */ + sig->fpr = strdup (end); + if (!sig->fpr) + return gpg_error_from_syserror (); + got_fpr = 1; goto parse_err_sig_ok; parse_err_sig_fail: @@ -382,7 +399,7 @@ parse_new_sig (op_data_t opd, gpgme_status_code_t code, char *args, return gpg_error (GPG_ERR_GENERAL); } - if (*args) + if (*args && !got_fpr) { sig->fpr = strdup (args); if (!sig->fpr) ----------------------------------------------------------------------- Summary of changes: src/verify.c | 21 +++++++++++++++++++-- 1 file changed, 19 insertions(+), 2 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 20:45:16 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 20:45:16 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-188-gb995022 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via b99502274ae5efdf6df0d967900ec3d1e64373d7 (commit) from 478d1650bbef84958ccce439fac982ef57b16cd0 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b99502274ae5efdf6df0d967900ec3d1e64373d7 Author: Werner Koch Date: Thu Apr 12 20:36:30 2018 +0200 core: Tweak STATUS_FAILURE handling. * src/op-support.c (_gpgme_parse_failure): Ignore failures with location "gpg-exit". * tests/gpg/t-verify.c (main): Adjust for the now working checking of the second key. Signed-off-by: Werner Koch diff --git a/src/op-support.c b/src/op-support.c index 43cb1c7..e55875f 100644 --- a/src/op-support.c +++ b/src/op-support.c @@ -400,7 +400,13 @@ _gpgme_parse_plaintext (char *args, char **filenamep) /* Parse a FAILURE status line and return the error code. ARGS is - modified to contain the location part. */ + * modified to contain the location part. Note that for now we ignore + * failure codes with a location of gpg-exit; they are too trouble + * some. Instead we should eventually record that error in the + * context and provide a function to return a fuller error + * description; this could then also show the location of the error + * (e.g. "option- parser") to make it easier for the user to detect + * the actual error. */ gpgme_error_t _gpgme_parse_failure (char *args) { @@ -418,6 +424,8 @@ _gpgme_parse_failure (char *args) *where = '\0'; where = args; + if (!strcmp (where, "gpg-exit")) + return 0; return atoi (which); } diff --git a/tests/gpg/t-verify.c b/tests/gpg/t-verify.c index ffc41ee..7c23406 100644 --- a/tests/gpg/t-verify.c +++ b/tests/gpg/t-verify.c @@ -267,10 +267,12 @@ main (int argc, char *argv[]) err = gpgme_op_verify (ctx, sig, text, NULL); fail_if_err (err); result = gpgme_op_verify_result (ctx); - check_result (result, 2, 0, 0, "A0FF4590BB6122EDEF6E3C542D727CC768697734", + check_result (result, 2, 0, 0, + "A0FF4590BB6122EDEF6E3C542D727CC768697734", GPG_ERR_NO_ERROR, 1); - check_result (result, 2, 1, 0, "36EC2A70C6426EB0FCE5BB4DF91C98F049D4204C", - GPG_ERR_NO_ERROR, 0); + check_result (result, 2, 1, GPGME_SIGSUM_KEY_MISSING, + "36EC2A70C6426EB0FCE5BB4DF91C98F049D4204C", + GPG_ERR_NO_PUBKEY, 0); /* Checking a normal signature. */ ----------------------------------------------------------------------- Summary of changes: src/op-support.c | 10 +++++++++- tests/gpg/t-verify.c | 8 +++++--- 2 files changed, 14 insertions(+), 4 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 12 21:09:46 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 12 Apr 2018 21:09:46 +0200 Subject: [git] gnupg-doc - branch, master, updated. b17c7d1ff35e55da6f4450dec241e6f49b17940b Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via b17c7d1ff35e55da6f4450dec241e6f49b17940b (commit) from 57ef28a1cda058e4489f150724786a039691bd84 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b17c7d1ff35e55da6f4450dec241e6f49b17940b Author: Werner Koch Date: Thu Apr 12 21:02:32 2018 +0200 web: Typo fix in recent news. diff --git a/web/index.org b/web/index.org index ed07c39..1bd190b 100644 --- a/web/index.org +++ b/web/index.org @@ -65,7 +65,7 @@ The latest release news:\\ # GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttps://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just # point or paste the [[news.en.rss][RSS file]] into your aggregator. -** GnuPG 2.2.5 released (2018-04-09) +** GnuPG 2.2.6 released (2018-04-09) We are pleased to announce the availability of GnuPG version 2.2.6. This is a maintenance release fixing a few problems. {[[https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000421.html][more]]} ----------------------------------------------------------------------- Summary of changes: web/index.org | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 03:11:00 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 13 Apr 2018 03:11:00 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-13-gc31abf8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via c31abf84659dbda5503dd9f3aa3449520bcd1b84 (commit) from 40fcddd3a98b778f9f31654adf4c06037e8b8e5d (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c31abf84659dbda5503dd9f3aa3449520bcd1b84 Author: NIIBE Yutaka Date: Fri Apr 13 10:09:02 2018 +0900 g10: Push compress filter only if compressed. * g10/compress.c (handle_compressed): Fix memory leak. -- All other calls of push_compress_filter checks ALGO, so, do it here, too. GnuPG-bug-id: 3898 Signed-off-by: NIIBE Yutaka diff --git a/g10/compress.c b/g10/compress.c index 61bb756..67c9c9b 100644 --- a/g10/compress.c +++ b/g10/compress.c @@ -309,15 +309,18 @@ int handle_compressed (ctrl_t ctrl, void *procctx, PKT_compressed *cd, int (*callback)(IOBUF, void *), void *passthru ) { - compress_filter_context_t *cfx; int rc; if(check_compress_algo(cd->algorithm)) return GPG_ERR_COMPR_ALGO; - cfx = xmalloc_clear (sizeof *cfx); - cfx->release = release_context; - cfx->algo = cd->algorithm; - push_compress_filter(cd->buf,cfx,cd->algorithm); + if(cd->algorithm) { + compress_filter_context_t *cfx; + + cfx = xmalloc_clear (sizeof *cfx); + cfx->release = release_context; + cfx->algo = cd->algorithm; + push_compress_filter(cd->buf,cfx,cd->algorithm); + } if( callback ) rc = callback(cd->buf, passthru ); else ----------------------------------------------------------------------- Summary of changes: g10/compress.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 03:23:32 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 13 Apr 2018 03:23:32 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-1-4, updated. gnupg-1.4.22-14-g0f8fd95 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-1-4 has been updated via 0f8fd95ab32a6d29dac79e19f0850037c7d0c16f (commit) from 097c59315813b3568d1682bccd37e16411006d5b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 0f8fd95ab32a6d29dac79e19f0850037c7d0c16f Author: NIIBE Yutaka Date: Fri Apr 13 10:09:02 2018 +0900 g10: Push compress filter only if compressed. * g10/compress.c (handle_compressed): Fix memory leak. -- (backport from STABLE-BRANCH-2-2 commit: c31abf84659dbda5503dd9f3aa3449520bcd1b84) All other calls of push_compress_filter checks ALGO, so, do it here, too. GnuPG-bug-id: 3898 Signed-off-by: NIIBE Yutaka diff --git a/g10/compress.c b/g10/compress.c index 4598aff..aad8a75 100644 --- a/g10/compress.c +++ b/g10/compress.c @@ -313,15 +313,18 @@ int handle_compressed( void *procctx, PKT_compressed *cd, int (*callback)(IOBUF, void *), void *passthru ) { - compress_filter_context_t *cfx; int rc; if(check_compress_algo(cd->algorithm)) return G10ERR_COMPR_ALGO; - cfx = xmalloc_clear (sizeof *cfx); - cfx->release = release_context; - cfx->algo = cd->algorithm; - push_compress_filter(cd->buf,cfx,cd->algorithm); + if(cd->algorithm) { + compress_filter_context_t *cfx; + + cfx = xmalloc_clear (sizeof *cfx); + cfx->release = release_context; + cfx->algo = cd->algorithm; + push_compress_filter(cd->buf,cfx,cd->algorithm); + } if( callback ) rc = callback(cd->buf, passthru ); else ----------------------------------------------------------------------- Summary of changes: g10/compress.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 08:47:16 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 13 Apr 2018 08:47:16 +0200 Subject: [git] GPG-ERROR - branch, master, updated. gpgrt-1.29-4-g792877a Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "Error codes used by GnuPG et al.". The branch, master has been updated via 792877a08ca7bc9d1377161dc9af374602a394cc (commit) from e35749023ca68de6f1f85d3072f7b36fd6f6fe7c (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 792877a08ca7bc9d1377161dc9af374602a394cc Author: NIIBE Yutaka Date: Fri Apr 13 15:45:54 2018 +0900 doc: Fix yat2m build for cross compilation. * doc/Makefile.am: Fix target of yat2m-for-build. -- GnuPG-bug-id: 3901 Fixes-commit: efc4769339d42a4a399c040c146cf4a29c02ea4f Signed-off-by: NIIBE Yutaka diff --git a/doc/Makefile.am b/doc/Makefile.am index 7439a49..76af5be 100644 --- a/doc/Makefile.am +++ b/doc/Makefile.am @@ -46,7 +46,7 @@ YAT2M_CMD = ./yat2m-for-build YAT2M_DEP = yat2m-for-build CLEANFILES += yat2m-for-build -yat2m-for-build$(EXEEXT): yat2m.c +yat2m-for-build: yat2m.c $(CC_FOR_BUILD) -o $@ $(srcdir)/yat2m.c else YAT2M_CMD = ./yat2m ----------------------------------------------------------------------- Summary of changes: doc/Makefile.am | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) hooks/post-receive -- Error codes used by GnuPG et al. http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 09:45:01 2018 From: cvs at cvs.gnupg.org (by NIIBE Yutaka) Date: Fri, 13 Apr 2018 09:45:01 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-14-gf747b8f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via f747b8f0734338baa1e608b193b213aca2c577e8 (commit) from c31abf84659dbda5503dd9f3aa3449520bcd1b84 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit f747b8f0734338baa1e608b193b213aca2c577e8 Author: NIIBE Yutaka Date: Fri Apr 13 16:42:34 2018 +0900 g10: Fix memory leak in check_sig_and_print. * g10/mainproc.c (check_sig_and_print): Free the public key. -- GnuPG-bug-id: 3900 Signed-off-by: NIIBE Yutaka diff --git a/g10/mainproc.c b/g10/mainproc.c index 49e7286..c7deeab 100644 --- a/g10/mainproc.c +++ b/g10/mainproc.c @@ -2308,6 +2308,7 @@ check_sig_and_print (CTX c, kbnode_t node) log_error (_("Can't check signature: %s\n"), gpg_strerror (rc)); } + free_public_key (pk); xfree (issuer_fpr); return rc; } ----------------------------------------------------------------------- Summary of changes: g10/mainproc.c | 1 + 1 file changed, 1 insertion(+) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 10:47:43 2018 From: cvs at cvs.gnupg.org (by Andre Heinecke) Date: Fri, 13 Apr 2018 10:47:43 +0200 Subject: [git] gnupg-doc - branch, master, updated. 90dab4d9c1bea664c92ee2b30f8cac4c0234aecb Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 90dab4d9c1bea664c92ee2b30f8cac4c0234aecb (commit) from b17c7d1ff35e55da6f4450dec241e6f49b17940b (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 90dab4d9c1bea664c92ee2b30f8cac4c0234aecb Author: Andre Heinecke Date: Fri Apr 13 10:46:05 2018 +0200 swdb: Add Gpg4win 3.1.0 -- diff --git a/web/swdb.mac b/web/swdb.mac index ed2d1ef..6f352a8 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -51,17 +51,17 @@ # # Gpg4win # -#+macro: gpg4win_ver 3.0.3 -#+macro: gpg4win_date 2018-01-12 -#+macro: gpg4win_src_size 5226k -#+macro: gpg4win_src_sha1 4be455a6e8176054ce940ae68890e8aa82a99137 -#+macro: gpg4win_src_sha2 fda270694eca7f4a6767e3a239d15d1166313c397cf83d6d06ad962a7a13717b -#+macro: gpg4win_exe_size 26357k -#+macro: gpg4win_exe_sha1 e901af858a964192cec891cdbae76ca6789d741c -#+macro: gpg4win_exe_sha2 477f56212ee60cc74e0c5e5cc526cec52a069abff485c89c2d57d1b4b6a54971 -#+macro: gpg4win_isrc_size 220342k -#+macro: gpg4win_isrc_sha1 cb259311fe133017847981f31cb9b1fba6e2e456 -#+macro: gpg4win_isrc_sha2 41cb2a6d17ab0b0a0bd45a06e4dcc421191297e928a23afdf7ff8a349dedc59e +#+macro: gpg4win_ver 3.1.0 +#+macro: gpg4win_date 2018-04-13 +#+macro: gpg4win_src_size 5292k +#+macro: gpg4win_src_sha1 d0a0c7665d4bc724a5f1a83763c526754be47024 +#+macro: gpg4win_src_sha2 6d697372ec4c75a29c6daa6aca00060455825966c079efac6370140929b2c4f8 +#+macro: gpg4win_exe_size 27592k +#+macro: gpg4win_exe_sha1 fb9f39199d7b096d1397dad4aa0719de5ff05b31 +#+macro: gpg4win_exe_sha2 a416aca375a80eada7edc69efdf3757988310a2f1723cd6190d9e3113d787301 +#+macro: gpg4win_isrc_size 222756k +#+macro: gpg4win_isrc_sha1 23e9a6bc7fb1eceda7ece3a6655a09789c673ef5 +#+macro: gpg4win_isrc_sha2 ca40ade2dcb55f08d412d768f7946f9199a28edc189c4dc430dcd990b2fb8315 # ----------------------------------------------------------------------- Summary of changes: web/swdb.mac | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 12:09:44 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 13 Apr 2018 12:09:44 +0200 Subject: [git] GPGME - branch, gpgme-1.10-branch, created. gpgme-1.10.0-1-g7da01c7 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, gpgme-1.10-branch has been created at 7da01c7352d41eb33e445968b248544d301588f9 (commit) - Log ----------------------------------------------------------------- ----------------------------------------------------------------------- hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Fri Apr 13 12:21:09 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Fri, 13 Apr 2018 12:21:09 +0200 Subject: [git] GPGME - branch, gpgme-1.10-branch, updated. gpgme-1.10.0-2-g9aa33a9 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, gpgme-1.10-branch has been updated via 9aa33a99701e189d7fc0ff7322fc9e21e35b73fa (commit) from 7da01c7352d41eb33e445968b248544d301588f9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9aa33a99701e189d7fc0ff7322fc9e21e35b73fa Author: Werner Koch Date: Thu Apr 12 20:36:30 2018 +0200 core: Tweak STATUS_FAILURE handling. * src/op-support.c (_gpgme_parse_failure): Ignore failures with location "gpg-exit". -- Signed-off-by: Werner Koch diff --git a/src/op-support.c b/src/op-support.c index 817c569..8269ce2 100644 --- a/src/op-support.c +++ b/src/op-support.c @@ -398,7 +398,13 @@ _gpgme_parse_plaintext (char *args, char **filenamep) /* Parse a FAILURE status line and return the error code. ARGS is - modified to contain the location part. */ + * modified to contain the location part. Note that for now we ignore + * failure codes with a location of gpg-exit; they are too trouble + * some. Instead we should eventually record that error in the + * context and provide a function to return a fuller error + * description; this could then also show the location of the error + * (e.g. "option- parser") to make it easier for the user to detect + * the actual error. */ gpgme_error_t _gpgme_parse_failure (char *args) { @@ -416,6 +422,8 @@ _gpgme_parse_failure (char *args) *where = '\0'; where = args; + if (!strcmp (where, "gpg-exit")) + return 0; return atoi (which); } ----------------------------------------------------------------------- Summary of changes: src/op-support.c | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Sun Apr 15 21:11:14 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Sun, 15 Apr 2018 21:11:14 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-15-g3b1ee41 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via 3b1ee413a65bf566aa8e5f29a5a2cd5a94e66faa (commit) from f747b8f0734338baa1e608b193b213aca2c577e8 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3b1ee413a65bf566aa8e5f29a5a2cd5a94e66faa Author: Werner Koch Date: Sun Apr 15 21:01:50 2018 +0200 build: New target "release" to automate the release process. * Makefile.am (RELEASE_ARCHIVE_DIR): New. (RELEASE_SIGNING_KEY): New. (AM_DISTCHECK_CONFIGURE_FLAGS): Remove removed --enable-gpg2-is-gpg, (RELEASE_NAME, RELEASE_W32_STEM_NAME): New. (release, sign-release): New. -- This requires GNU make and also some other decent utilities; however, they are anyway required for building the W32 installer. Signed-off-by: Werner Koch diff --git a/Makefile.am b/Makefile.am index c01c0a8..680fe1b 100644 --- a/Makefile.am +++ b/Makefile.am @@ -18,10 +18,21 @@ ## Process this file with automake to produce Makefile.in +# Location of the released tarball archives. Note that this is an +# internal archive and before uploading this to the public server, +# manual tests should be run and the git release tat set and pushed. +# Adjust as needed. +RELEASE_ARCHIVE_DIR = wk at vigenere:tarballs/gnupg/v2.2 + +# The key used to sign the released sources. Adjust as needed. +RELEASE_SIGNING_KEY = D8692123C4065DEA5E0F3AB5249B39D24F25E3B6 + + +# Autoconf flags. ACLOCAL_AMFLAGS = -I m4 AM_DISTCHECK_CONFIGURE_FLAGS = --enable-gnupg-builddir-envvar \ --enable-all-tests --enable-symcryptrun --enable-g13 \ - --enable-gpg2-is-gpg --enable-gpgtar --enable-wks-tools --disable-ntbtls + --enable-gpgtar --enable-wks-tools --disable-ntbtls GITLOG_TO_CHANGELOG=gitlog-to-changelog @@ -151,8 +162,68 @@ TESTS_ENVIRONMENT = \ objdir=$(abs_top_builddir) \ GPGSCM_PATH=$(abs_top_srcdir)/tests/gpgscm -.PHONY: check-all +.PHONY: check-all release sign-release check-all: $(TESTS_ENVIRONMENT) \ $(abs_top_builddir)/tests/gpgscm/gpgscm \ $(abs_srcdir)/tests/run-tests.scm $(TESTFLAGS) $(TESTS) + +# Names of to help the release target. +RELEASE_NAME = $(PACKAGE_TARNAME)-$(PACKAGE_VERSION) +RELEASE_W32_STEM_NAME = $(PACKAGE_TARNAME)-w32-$(PACKAGE_VERSION) + +release: + +(set -e;\ + if [ "$(abs_top_builddir)" = "$(abs_top_srcdir)" ]; then \ + echo "error: build directory must not be the source directory" >&2;\ + exit 2;\ + fi ;\ + echo "/* Build started at $$(date -uIseconds) */" ;\ + cd $(top_srcdir); \ + ./autogen.sh --force; \ + cd $(abs_top_builddir); \ + rm -rf dist; mkdir dist ; cd dist ; \ + $(abs_top_srcdir)/configure --enable-maintainer-mode; \ + $(MAKE) distcheck TESTFLAGS=--parallel; \ + $(TAR) xjf $(RELEASE_NAME).tar.bz2 ;\ + $(MAKE) -f $(RELEASE_NAME)/build-aux/speedo.mk w32-release ;\ + echo "/* Build finished at $$(date -uIseconds) */" ;\ + echo "/*" ;\ + echo " * Please run the final step interactivly:" ;\ + echo " * make sign-release" ;\ + echo " */" ;\ + ) 2>&1 | tee "$(RELEASE_NAME).buildlog" + +sign-release: + +(set -e; \ + cd dist; \ + release_w32_name="$(RELEASE_W32_STEM_NAME)_$$(date -u +%Y%m%d)" ;\ + files1="$(RELEASE_NAME).tar.bz2 \ + $${release_w32_name}.tar.xz \ + $${release_w32_name}.exe" ;\ + files2="$(RELEASE_NAME).tar.bz2.sig \ + $(RELEASE_NAME).swdb \ + $(RELEASE_NAME).buildlog \ + $${release_w32_name}.tar.xz.sig \ + $${release_w32_name}.exe.sig \ + $${release_w32_name}.exe.swdb" ;\ + $(MAKE) -f $(RELEASE_NAME)/build-aux/speedo.mk w32-sign-installer ;\ + echo "/* Signing the source tarball ..." ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $(RELEASE_NAME).tar.bz2 ;\ + echo "/* Signing the W32 source tarball ..." ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $${release_w32_name}.tar.xz ;\ + echo "/* Signing the W32 installer ..." ;\ + gpg -sbu $(RELEASE_SIGNING_KEY) $${release_w32_name}.exe ;\ + cat $(RELEASE_NAME).swdb >swdb.snippet;\ + echo '#+macro: gnupg22_branch STABLE-BRANCH-2-2' >>swdb.snippet;\ + cat $${release_w32_name}.exe.swdb >>swdb.snippet;\ + echo >>swdb.snippet ;\ + sha1sum $${files1} >>swdb.snippet ;\ + cat "../$(RELEASE_NAME).buildlog" swdb.snippet \ + | gzip >$(RELEASE_NAME).buildlog ;\ + echo "Release created - copying it to the local archive ..." ;\ + scp -p $${files1} $${files2} $(RELEASE_ARCHIVE_DIR)/ || true;\ + echo '/*' ;\ + echo ' * All done; for checksums see dist/swdb.snippet' ;\ + echo ' */' ;\ + ) ----------------------------------------------------------------------- Summary of changes: Makefile.am | 75 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 73 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 16 09:25:27 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 16 Apr 2018 09:25:27 +0200 Subject: [git] GPA - branch, master, updated. gpa-0.9.10-13-g069e354 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Assistant". The branch, master has been updated via 069e354d8265ef0071522b14df981281e78a6409 (commit) via 38aeb4b188904a475ac4659dd0aa7e89578093ed (commit) from 69c777580bb9eff0fbc373b3a84cdfe74b07f566 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 069e354d8265ef0071522b14df981281e78a6409 Author: Werner Koch Date: Mon Apr 16 09:17:54 2018 +0200 Add a User ID notebook page. * src/gpa-uid-list.c, src/gpa-uid-list.h: New. * src/Makefile.am (gpa_SOURCES): Add them. * src/convert.c (keyorg_string): New. (gpa_update_origin_string): New. * src/gpgmetools.c (gpa_uid_validity_string): new. * src/gpa-key-details.c: Include gpa-uid-list.h. (_GpaKeyDetails): Add fields uid_page and uid_list. (construct_details_page): Add "Last Update" line. (build_uid_page): New. (ui_mode_changed): Call that function. (gpa_key_details_finalize): Free the uid_list. (gpa_key_details_update): Inset a new notepad page. Signed-off-by: Werner Koch diff --git a/src/Makefile.am b/src/Makefile.am index 4957b66..3cc1dc9 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -119,6 +119,7 @@ gpa_SOURCES = \ selectkeydlg.c selectkeydlg.h \ keymanager.c keymanager.h \ gpa-key-details.c gpa-key-details.h \ + gpa-uid-list.c gpa-uid-list.h \ gpa-tofu-list.c gpa-tofu-list.h \ ownertrustdlg.c ownertrustdlg.h \ keysigndlg.c keysigndlg.h \ diff --git a/src/convert.c b/src/convert.c index 280c5b8..1e05c76 100644 --- a/src/convert.c +++ b/src/convert.c @@ -129,6 +129,48 @@ gpa_creation_date_string (unsigned long creation_time) return result; } + +#if GPGME_VERSION_NUMBER >= 0x010a00 /* GPGME >= 1.10.0 */ +static const char * +keyorg_string (unsigned int origin) +{ + switch (origin) + { + case GPGME_KEYORG_UNKNOWN: return _("unknown"); + case GPGME_KEYORG_KS: return _("keyserver"); + case GPGME_KEYORG_DANE: return _("DANE"); + case GPGME_KEYORG_WKD: return _("Web Key Directory"); + case GPGME_KEYORG_URL: return _("URL"); + case GPGME_KEYORG_FILE: return _("file"); + case GPGME_KEYORG_SELF: return _("self"); + case GPGME_KEYORG_OTHER: return _("other"); + } + return "[?]"; +} + + +char * +gpa_update_origin_string (unsigned long last_update, unsigned int origin) +{ + gchar *result; + GDate adate; + + if (last_update && origin) + { + g_date_set_time_t (&adate, (time_t)last_update); + result = g_strdup_printf ("%04d-%02d-%02d (%s)", + g_date_get_year (&adate), + g_date_get_month (&adate), + g_date_get_day (&adate), + keyorg_string (origin)); + } + else + result = g_strdup (_("Unknown")); + return result; +} +#endif /* gpgme >= 1.10.0 */ + + const char * gpa_sex_char_to_string (char sex) { diff --git a/src/convert.h b/src/convert.h index 6373417..90e1b66 100644 --- a/src/convert.h +++ b/src/convert.h @@ -25,6 +25,7 @@ char gpa_time_unit_from_string (const char *string); char *gpa_date_string (unsigned long t); char *gpa_expiry_date_string (unsigned long expiry_time); char *gpa_creation_date_string (unsigned long creation_time); +char *gpa_update_origin_string (unsigned long last_update, unsigned int origin); const char *gpa_sex_char_to_string (char sex); #endif /*CONVERT_H*/ diff --git a/src/gpa-key-details.c b/src/gpa-key-details.c index d48e2b0..e10d17b 100644 --- a/src/gpa-key-details.c +++ b/src/gpa-key-details.c @@ -37,6 +37,7 @@ #include "siglist.h" #include "certchain.h" #include "gpasubkeylist.h" +#include "gpa-uid-list.h" #include "gpa-tofu-list.h" #include "gpa-key-details.h" #include "gtktools.h" @@ -67,6 +68,11 @@ struct _GpaKeyDetails GtkWidget *detail_key_trust; GtkWidget *detail_key_type; GtkWidget *detail_creation; + GtkWidget *detail_last_update; + + /* The widgets in the user ID page. */ + GtkWidget *uid_page; + GtkWidget *uid_list; /* The widgets in the signatures page. */ GtkWidget *signatures_page; @@ -211,6 +217,12 @@ details_page_fill_key (GpaKeyDetails *kdt, gpgme_key_t key) gtk_label_set_text (GTK_LABEL (kdt->detail_creation), text); g_free (text); +#if GPGME_VERSION_NUMBER >= 0x010100 /* GPGME >= 1.10.0 */ + text = gpa_update_origin_string (key->last_update, key->origin); + gtk_label_set_text (GTK_LABEL (kdt->detail_last_update), text); + g_free (text); +#endif + gtk_widget_hide_all (kdt->details_num_label); gtk_widget_show_all (kdt->details_table); gtk_widget_set_no_show_all (kdt->details_num_label, TRUE); @@ -324,12 +336,63 @@ construct_details_page (GpaKeyDetails *kdt) (table, table_row++, _("Key type:"), FALSE); kdt->detail_creation = add_details_row (table, table_row++, _("Created at:"), FALSE); + kdt->detail_last_update = add_details_row + (table, table_row++, _("Last update:"), FALSE); gtk_notebook_append_page (GTK_NOTEBOOK (kdt), scrolled, gtk_label_new (_("Details"))); } +/* Create and append new page with USER ID info for KEY. If KEY is NULL + remove an existing USER ID page. */ +static void +build_uid_page (GpaKeyDetails *kdt, gpgme_key_t key) +{ + GtkWidget *vbox; + GtkWidget *scrolled; + GtkWidget *uidlist; + int pnum; + + /* First remove an existing page. */ + if (kdt->uid_page) + { + pnum = gtk_notebook_page_num (GTK_NOTEBOOK (kdt), kdt->uid_page); + if (pnum >= 0) + gtk_notebook_remove_page (GTK_NOTEBOOK (kdt), pnum); + kdt->uid_page = NULL; + if (kdt->uid_list) + { + g_object_unref (kdt->uid_list); + kdt->uid_list = NULL; + } + } + if (!key) + return; + + /* Create a new page. */ + vbox = gtk_vbox_new (FALSE, 5); + gtk_container_set_border_width (GTK_CONTAINER (vbox), 5); + scrolled = gtk_scrolled_window_new (NULL, NULL); + gtk_scrolled_window_set_shadow_type (GTK_SCROLLED_WINDOW (scrolled), + GTK_SHADOW_IN); + gtk_box_pack_start (GTK_BOX (vbox), scrolled, TRUE, TRUE, 0); + uidlist = gpa_uid_list_new (); + gtk_container_add (GTK_CONTAINER (scrolled), uidlist); + gtk_scrolled_window_set_policy (GTK_SCROLLED_WINDOW (scrolled), + GTK_POLICY_AUTOMATIC, + GTK_POLICY_AUTOMATIC); + kdt->uid_list = uidlist; + g_object_ref (kdt->uid_list); + kdt->uid_page = vbox; + gtk_notebook_append_page (GTK_NOTEBOOK (kdt), kdt->uid_page, + gtk_label_new (_("User IDs"))); + + /* Fill this page. */ + gpa_uid_list_set_key (kdt->uid_list, key); +} + + /* Add the signatures page to the notebook. */ static void build_signatures_page (GpaKeyDetails *kdt, gpgme_key_t key) @@ -560,11 +623,13 @@ ui_mode_changed (GpaOptions *options, gpointer param) if (gpa_options_get_simplified_ui (gpa_options_get_instance ())) { + build_uid_page (kdt, NULL); build_signatures_page (kdt, NULL); build_subkeys_page (kdt, NULL); } else { + build_uid_page (kdt, kdt->current_key); build_signatures_page (kdt, kdt->current_key); build_subkeys_page (kdt, kdt->current_key); } @@ -625,6 +690,11 @@ gpa_key_details_finalize (GObject *object) gpgme_key_unref (kdt->current_key); kdt->current_key = NULL; } + if (kdt->uid_list) + { + g_object_unref (kdt->uid_list); + kdt->uid_list = NULL; + } if (kdt->signatures_list) { g_object_unref (kdt->signatures_list); @@ -709,13 +779,15 @@ gpa_key_details_update (GtkWidget *keydetails, gpgme_key_t key, int keycount) if (pnum >= 0 && (widget = gtk_notebook_get_nth_page (GTK_NOTEBOOK (kdt), pnum))) { - if (widget == kdt->signatures_page) + if (widget == kdt->uid_page) pnum = 1; - else if (widget == kdt->subkeys_page) + else if (widget == kdt->signatures_page) pnum = 2; + else if (widget == kdt->subkeys_page) + pnum = 3; #ifdef ENABLE_TOFU_INFO else if (widget == kdt->tofu_page) - pnum = 3; + pnum = 4; #endif /*ENABLE_TOFU_INFO*/ else pnum = 0; @@ -739,11 +811,13 @@ gpa_key_details_update (GtkWidget *keydetails, gpgme_key_t key, int keycount) /* Depend the generation of pages on the mode of the UI. */ if (gpa_options_get_simplified_ui (gpa_options_get_instance ())) { + build_uid_page (kdt, NULL); build_signatures_page (kdt, NULL); build_subkeys_page (kdt, NULL); } else { + build_uid_page (kdt, key); build_signatures_page (kdt, key); build_subkeys_page (kdt, key); } @@ -761,12 +835,14 @@ gpa_key_details_update (GtkWidget *keydetails, gpgme_key_t key, int keycount) gtk_widget_show_all (keydetails); /* Try to select the last selected page. */ - if (pnum == 1 && kdt->signatures_page) + if (pnum == 1 && kdt->uid_page) + pnum = gtk_notebook_page_num (GTK_NOTEBOOK (kdt), kdt->uid_page); + else if (pnum == 2 && kdt->signatures_page) pnum = gtk_notebook_page_num (GTK_NOTEBOOK (kdt), kdt->signatures_page); - else if (pnum == 2 && kdt->subkeys_page) + else if (pnum == 3 && kdt->subkeys_page) pnum = gtk_notebook_page_num (GTK_NOTEBOOK (kdt), kdt->subkeys_page); #ifdef ENABLE_TOFU_INFO - else if (pnum == 3 && kdt->tofu_page) + else if (pnum == 4 && kdt->tofu_page) pnum = gtk_notebook_page_num (GTK_NOTEBOOK (kdt), kdt->tofu_page); #endif /*ENABLE_TOFU_INFO*/ else diff --git a/src/gpa-uid-list.c b/src/gpa-uid-list.c new file mode 100644 index 0000000..0136e57 --- /dev/null +++ b/src/gpa-uid-list.c @@ -0,0 +1,169 @@ +/* gpa-uid-list.c - A list to show User ID information. + * Copyright (C) 2018 g10 Code GmbH + * + * This file is part of GPA + * + * GPA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GPA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#include + +#include "gpa.h" +#include "convert.h" +#include "gtktools.h" +#include "keytable.h" +#include "gpa-uid-list.h" + +static gboolean uid_list_query_tooltip_cb (GtkWidget *wdiget, int x, int y, + gboolean keyboard_mode, + GtkTooltip *tooltip, + gpointer user_data); + + + +typedef enum +{ + UID_ADDRESS, + UID_VALIDITY, + UID_UPDATE, + UID_FULLUID, + UID_N_COLUMNS +} UidListColumn; + + +/* Create a new user id list. */ +GtkWidget * +gpa_uid_list_new (void) +{ + GtkListStore *store; + GtkWidget *list; + GtkTreeViewColumn *column; + GtkCellRenderer *renderer; + + /* Init the model */ + store = gtk_list_store_new (UID_N_COLUMNS, + G_TYPE_STRING, /* address */ + G_TYPE_STRING, /* validity */ + G_TYPE_STRING, /* updated */ + G_TYPE_STRING /* fulluid */ + ); + + /* The view */ + list = gtk_tree_view_new_with_model (GTK_TREE_MODEL (store)); + gtk_tree_view_set_rules_hint (GTK_TREE_VIEW (list), TRUE); + + /* Add the columns */ + renderer = gtk_cell_renderer_text_new (); + column = gtk_tree_view_column_new_with_attributes (NULL, renderer, + "text", UID_ADDRESS, + NULL); + gpa_set_column_title (column, _("Address"), + _("The mail address.")); + gtk_tree_view_append_column (GTK_TREE_VIEW (list), column); + + renderer = gtk_cell_renderer_text_new (); + column = gtk_tree_view_column_new_with_attributes (NULL, renderer, + "text", UID_VALIDITY, + NULL); + gpa_set_column_title (column, _("Validity"), + _("The validity of the mail address\n")); + gtk_tree_view_append_column (GTK_TREE_VIEW (list), column); + + renderer = gtk_cell_renderer_text_new (); + column = gtk_tree_view_column_new_with_attributes (NULL, renderer, + "text", UID_UPDATE, + NULL); + gpa_set_column_title (column, _("Update"), + _("The date the key was last updated via this mail address.")); + gtk_tree_view_append_column (GTK_TREE_VIEW (list), column); + + renderer = gtk_cell_renderer_text_new (); + column = gtk_tree_view_column_new_with_attributes (NULL, renderer, + "text", UID_FULLUID, + NULL); + gpa_set_column_title (column, _("User ID"), + _("The full user ID.")); + gtk_tree_view_append_column (GTK_TREE_VIEW (list), column); + + + g_object_set (list, "has-tooltip", TRUE, NULL); + g_signal_connect (list, "query-tooltip", + G_CALLBACK (uid_list_query_tooltip_cb), list); + + return list; +} + + +/* Set the key whose user ids shall be displayed. */ +void +gpa_uid_list_set_key (GtkWidget *list, gpgme_key_t key) +{ + GtkListStore *store = GTK_LIST_STORE (gtk_tree_view_get_model + (GTK_TREE_VIEW (list))); + GtkTreeIter iter; + gpgme_user_id_t uid; + + /* Empty the list */ + gtk_list_store_clear (store); + + if (!key || !key->uids) + return; + + for (uid = key->uids; uid; uid = uid->next) + { + char *lupd = gpa_update_origin_string (uid->last_update, uid->origin); + + gtk_list_store_append (store, &iter); + gtk_list_store_set + (store, &iter, + UID_ADDRESS, uid->address? uid->address : "", + UID_VALIDITY, gpa_uid_validity_string (uid), + UID_UPDATE, lupd, + UID_FULLUID, uid->uid, + -1); + + g_free (lupd); + } + +} + + +/* Tooltip display callback. */ +static gboolean +uid_list_query_tooltip_cb (GtkWidget *widget, int x, int y, + gboolean keyboard_tip, + GtkTooltip *tooltip, gpointer user_data) +{ + GtkTreeView *tv = GTK_TREE_VIEW (widget); + GtkTreeViewColumn *column; + char *text; + + (void)user_data; + + if (!gtk_tree_view_get_tooltip_context (tv, &x, &y, keyboard_tip, + NULL, NULL, NULL)) + return FALSE; /* Not at a row - do not show a tooltip. */ + if (!gtk_tree_view_get_path_at_pos (tv, x, y, NULL, &column, NULL, NULL)) + return FALSE; + + widget = gtk_tree_view_column_get_widget (column); + text = widget? gtk_widget_get_tooltip_text (widget) : NULL; + if (!text) + return FALSE; /* No tooltip desired. */ + + gtk_tooltip_set_text (tooltip, text); + g_free (text); + + return TRUE; /* Show tooltip. */ +} diff --git a/src/gpa-uid-list.h b/src/gpa-uid-list.h new file mode 100644 index 0000000..5d07193 --- /dev/null +++ b/src/gpa-uid-list.h @@ -0,0 +1,31 @@ +/* gpa-uid-list.h - A list to show TOFU information + * Copyright (C) 2018 g10 Code GmbH + * + * This file is part of GPA + * + * GPA is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * GPA is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see . + */ + +#ifndef GPA_UID_LIST_H +#define GPA_UID_LIST_H + +#include + +/* Create a new User ID list. */ +GtkWidget * gpa_uid_list_new (void); + +/* Set the key for which User ID information shall be shown. */ +void gpa_uid_list_set_key (GtkWidget *list, gpgme_key_t key); + +#endif /* GPA_UID_LIST_H */ diff --git a/src/gpgmetools.c b/src/gpgmetools.c index cc45052..2dfd741 100644 --- a/src/gpgmetools.c +++ b/src/gpgmetools.c @@ -753,6 +753,28 @@ gpa_key_validity_string (gpgme_key_t key) } +/* UID validity strings. */ +const gchar * +gpa_uid_validity_string (gpgme_user_id_t uid) +{ + if (uid->revoked) + return _("Revoked"); + else if (uid->invalid) + return _("Invalid"); + + switch (uid->validity) + { + case GPGME_VALIDITY_UNKNOWN: + case GPGME_VALIDITY_UNDEFINED:return _("Unknown"); + case GPGME_VALIDITY_NEVER: return _("Faked"); + case GPGME_VALIDITY_MARGINAL: return _("Marginal"); + case GPGME_VALIDITY_FULL: return _("Fully"); + case GPGME_VALIDITY_ULTIMATE: return _("Ultimate"); + default: return "[?]"; + } +} + + static GtkWidget * passphrase_question_label (const char *uid_hint, const char *passphrase_info, diff --git a/src/gpgmetools.h b/src/gpgmetools.h index 1cfeb3a..dc39839 100644 --- a/src/gpgmetools.h +++ b/src/gpgmetools.h @@ -171,6 +171,9 @@ const gchar *gpa_key_ownertrust_string (gpgme_key_t key); /* Key validity strings. */ const gchar *gpa_key_validity_string (gpgme_key_t key); +/* UID validity strings. */ +const gchar *gpa_uid_validity_string (gpgme_user_id_t uid); + /* Function to manage import results. */ void gpa_gpgme_update_import_results (gpa_import_result_t result, unsigned int files, commit 38aeb4b188904a475ac4659dd0aa7e89578093ed Author: Damien Goutte-Gattat Date: Thu Mar 29 13:52:57 2018 +0100 Load the secret keyring before the public one. * src/keylist.c (gpa_keylist_init): Forcefully load the secret keyring before attempting to load the public keys. -- Gpa loads the private keyring in a kind of "lazy mode", in that the private keyring is only loaded the first time Gpa needs to lookup a private key. This normally happens during the loading of the public keyring, since for each public key Gpa must lookup in the private keyring to check whether a private counterpart is available. The result is that a Gpg process is spawn to list the secret keys while another Gpg process is still listing the public keys. If the trust model happens to be TOFU or TOFU+PGP, this can cause some problems with regard to the locking of the TOFU database. To avoid that, this patch makes sure the private keyring is actively and synchronously loaded before we fetch the public keys (no more lazy loading). GnuPG-bug-id: 3748 Signed-off-by: Damien Goutte-Gattat diff --git a/src/keylist.c b/src/keylist.c index 442da08..2c8e7e8 100644 --- a/src/keylist.c +++ b/src/keylist.c @@ -231,7 +231,16 @@ gpa_keylist_init (GTypeInstance *instance, void *class_ptr) } else { - /* Initialize from the global keytable. */ + /* Initialize from the global keytable. + * + * We must forcefully load the secret keytable first to + * prevent concurrent access to the TOFU database. */ + gpa_keytable_force_reload (gpa_keytable_get_secret_instance (), + NULL, (GpaKeyTableEndFunc) gtk_main_quit, + NULL); + gtk_main (); + + /* Now we can load the public keyring. */ gpa_keytable_list_keys (gpa_keytable_get_public_instance(), gpa_keylist_next, gpa_keylist_end, list); } ----------------------------------------------------------------------- Summary of changes: src/Makefile.am | 1 + src/convert.c | 42 ++++++++ src/convert.h | 1 + src/gpa-key-details.c | 88 +++++++++++++++-- src/gpa-uid-list.c | 169 ++++++++++++++++++++++++++++++++ src/{gpa-tofu-list.h => gpa-uid-list.h} | 18 ++-- src/gpgmetools.c | 22 +++++ src/gpgmetools.h | 3 + src/keylist.c | 11 ++- 9 files changed, 339 insertions(+), 16 deletions(-) create mode 100644 src/gpa-uid-list.c copy src/{gpa-tofu-list.h => gpa-uid-list.h} (65%) hooks/post-receive -- The GNU Privacy Assistant http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 16 14:32:32 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Mon, 16 Apr 2018 14:32:32 +0200 Subject: [git] gnupg-doc - branch, master, updated. 9e4065b60ff6f313f4b7dfc54d2dca22755916c1 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via 9e4065b60ff6f313f4b7dfc54d2dca22755916c1 (commit) from 90dab4d9c1bea664c92ee2b30f8cac4c0234aecb (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 9e4065b60ff6f313f4b7dfc54d2dca22755916c1 Author: Werner Koch Date: Mon Apr 16 14:25:03 2018 +0200 web: Add note about GPGME patch for GnuPG 2.2.6. Signed-off-by: Werner Koch diff --git a/web/index.org b/web/index.org index 1bd190b..af086af 100644 --- a/web/index.org +++ b/web/index.org @@ -70,6 +70,10 @@ The latest release news:\\ We are pleased to announce the availability of GnuPG version 2.2.6. This is a maintenance release fixing a few problems. {[[https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000421.html][more]]} +Update (2018-04-16): In case you run into problems with [[file:software/gpgme/index.org][GPGME]] and this +or a later version of GnuPG, please apply this [[https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180413/e2c8e5d5/attachment-0001.patch][patch]] to GPGME or use +GPGME version 1.11 which will soon be released. + ** GnuPG 2.2.5 released (2018-02-22) We are pleased to announce the availability of GnuPG version 2.2.5. ----------------------------------------------------------------------- Summary of changes: web/index.org | 4 ++++ 1 file changed, 4 insertions(+) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Mon Apr 16 21:59:33 2018 From: cvs at cvs.gnupg.org (by emma peel) Date: Mon, 16 Apr 2018 21:59:33 +0200 Subject: [git] GnuPG - branch, STABLE-BRANCH-2-2, updated. gnupg-2.2.6-19-gacd6d5f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU Privacy Guard". The branch, STABLE-BRANCH-2-2 has been updated via acd6d5ff7436bb7fba171ced3294046a14fb777d (commit) via 21b2e88a7e6c3d7313773c9ffb3e0d1fb2af45df (commit) via a5290dace7f85d66272af3e14f9f2bc43d2a4af8 (commit) via e12475429578add12a53fb2232cb45dc9e2aae1b (commit) from 3b1ee413a65bf566aa8e5f29a5a2cd5a94e66faa (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit acd6d5ff7436bb7fba171ced3294046a14fb777d Author: emma peel Date: Mon Apr 16 12:58:31 2018 -0700 po: more updates to Spanish translation Signed-off-by: Daniel Kahn Gillmor diff --git a/po/es.po b/po/es.po index 1676983..3fdaac4 100644 --- a/po/es.po +++ b/po/es.po @@ -252,7 +252,7 @@ msgstr "Por favor introduzca el PIN%s%s%s para desbloquear la tarjeta" #, c-format msgid "error creating temporary file: %s\n" -msgstr "error creando fichero temporal: %s\n" +msgstr "error al crear fichero temporal: %s\n" #, c-format msgid "error writing to temporary file: %s\n" @@ -483,7 +483,7 @@ msgstr "no puede usar '%s' como directorio personal\n" #, c-format msgid "error reading nonce on fd %d: %s\n" -msgstr "error leyendo valor ?nico en el descriptor %d: %s\n" +msgstr "error al leer valor ?nico en el descriptor %d: %s\n" #, c-format msgid "handler 0x%lx for fd %d started\n" @@ -608,10 +608,10 @@ msgstr "opci?n de clave inv?lida en '%s', l?nea %d\n" #, c-format msgid "error reading '%s', line %d: %s\n" -msgstr "error leyendo '%s', l?nea %d: %s\n" +msgstr "error al leer '%s', l?nea %d: %s\n" msgid "error reading list of trusted root certificates\n" -msgstr "error leyendo la lista de certificados ra?z fiables\n" +msgstr "error al leer la lista de certificados ra?z fiables\n" #. TRANSLATORS: This prompt is shown by the Pinentry #. and has one special property: A "%%0A" is used by @@ -736,11 +736,11 @@ msgstr "el algoritmo de protecci?n de hash %d (%s) no se puede usar\n" #, c-format msgid "error creating a pipe: %s\n" -msgstr "error creando tuber?a: %s\n" +msgstr "error al crear tuber?a: %s\n" #, c-format msgid "error creating a stream for a pipe: %s\n" -msgstr "error creando stream para una tuber?a: %s\n" +msgstr "error al crear stream para una tuber?a: %s\n" #, c-format msgid "error forking process: %s\n" @@ -1550,7 +1550,7 @@ msgstr "clave \"%s\" no encontrada: %s\n" #, c-format msgid "error reading keyblock: %s\n" -msgstr "error leyendo bloque de claves: %s\n" +msgstr "error al leer bloque de claves: %s\n" #, c-format msgid "key \"%s\" not found\n" @@ -1594,7 +1594,7 @@ msgstr "use antes la opci?n \"--delete-secret-key\" para borrarla.\n" #, c-format msgid "error creating passphrase: %s\n" -msgstr "error creando frase contrase?a: %s\n" +msgstr "error al crear frase contrase?a: %s\n" msgid "can't use a symmetric ESK packet due to the S2K mode\n" msgstr "no puede usar un paquete sim?trico ESK debido al modo S2K\n" @@ -2395,7 +2395,7 @@ msgstr "algoritmo de distribuci?n inv?lido '%s'\n" #, c-format msgid "error parsing key specification '%s': %s\n" -msgstr "error leyendo la especificaci?n de clave '%s': %s\n" +msgstr "error al leer la especificaci?n de clave '%s': %s\n" #, c-format msgid "'%s' does not appear to be a valid key ID, fingerprint or keygrip\n" @@ -3260,7 +3260,7 @@ msgstr "No se puede abrir '%s': %s\n" #, c-format msgid "Error reading backup key from '%s': %s\n" -msgstr "Error leyendo clave de respaldo desde '%s': %s\n" +msgstr "Error al leer clave de respaldo desde '%s': %s\n" msgid "You must select at least one key.\n" msgstr "Debe seleccionar por lo menos una clave.\n" @@ -4051,14 +4051,14 @@ msgstr "" "\n" msgid "Continue? (Y/n) " -msgstr "?Continuar? (s/N) " +msgstr "?Continuar? (S/n) " #, c-format msgid "A key for \"%s\" already exists\n" msgstr "Ya existe una clave para \"%s\"\n" msgid "Create anyway? (y/N) " -msgstr "?Crear de todas formas?(y/N) " +msgstr "?Crear de todas formas?(s/N) " msgid "creating anyway\n" msgstr "creando de todas formas\n" @@ -4088,7 +4088,7 @@ msgstr "anillo p?blico de claves no escribible encontrado: %s\n" #, c-format msgid "error writing public keyring '%s': %s\n" -msgstr "error escribiendo anillo p?blico '%s': %s\n" +msgstr "error al escribir en el anillo p?blico '%s': %s\n" msgid "public and secret key created and signed.\n" msgstr "claves p?blica y secreta creadas y firmadas.\n" @@ -4584,7 +4584,7 @@ msgstr "" #, c-format msgid "unknown weak digest '%s'\n" -msgstr "algritmo d?bil de resumen desconocido '%s'\n" +msgstr "algoritmo d?bil de resumen desconocido '%s'\n" #. Do not overwrite. #, c-format @@ -5409,7 +5409,7 @@ msgstr "%s: error actualizando el registro de versi?n: %s\n" #, c-format msgid "%s: error reading version record: %s\n" -msgstr "%s: error leyendo registro de versi?n: %s\n" +msgstr "%s: error al leer registro de versi?n: %s\n" #, c-format msgid "%s: error writing version record: %s\n" @@ -5437,7 +5437,7 @@ msgstr "%s: versi?n del fichero %d inv?lida\n" #, c-format msgid "%s: error reading free record: %s\n" -msgstr "%s: error leyendo registro libre: %s\n" +msgstr "%s: error al leer registro libre: %s\n" #, c-format msgid "%s: error writing dir record: %s\n" @@ -5600,6 +5600,7 @@ msgid_plural "Encrypted %d messages in the future." msgstr[0] "Cifrado %d mensaje en el futuro." msgstr[1] "Cifrados %d mensajes en el futuro." +# this string and the following ones are not easy to translate to spanish. is the string of the answer always meaning plural thins, or it can say 1week apart of 7weeks? if so, we in Spanish need to change the translation of 'last'... #, c-format msgid "Messages verified over the past %d day: %d." msgid_plural "Messages verified over the past %d days: %d." @@ -6073,7 +6074,7 @@ msgstr "la respuesta no incluye la clave p?blica\n" #, c-format msgid "reading public key failed: %s\n" -msgstr "fallo leyendo clave p?blica: %s\n" +msgstr "fallo al leer clave p?blica: %s\n" #. TRANSLATORS: Put a \x1f right before a colon. This can be #. * used by pinentry to nicely align the names and values. Keep @@ -6165,10 +6166,10 @@ msgid "||Please enter the PIN and New PIN" msgstr "||Por favor introduzca el PIN y el Nuevo PIN" msgid "error reading application data\n" -msgstr "error leyendo datos de la aplicaci?n\n" +msgstr "error al leer datos de la aplicaci?n\n" msgid "error reading fingerprint DO\n" -msgstr "error leyendo huella digital DO\n" +msgstr "error al leer huella digital DO\n" msgid "key already exists\n" msgstr "la clave ya existe\n" @@ -6634,7 +6635,7 @@ msgstr " (%d) Clave existente de la tarjeta\n" #, c-format msgid "error reading the card: %s\n" -msgstr "error leyendo la tarjeta: %s\n" +msgstr "error al leer la tarjeta: %s\n" #, c-format msgid "Serial number of the card: %s\n" @@ -6911,7 +6912,7 @@ msgstr "error importando el certificado: %s\n" #, c-format msgid "error reading input: %s\n" -msgstr "error leyendo entrada: %s\n" +msgstr "error al leer la entrada: %s\n" msgid "failed to get the fingerprint\n" msgstr "fallo obteniendo huella digital\n" @@ -7131,7 +7132,7 @@ msgstr "error al leer directorio '%s': %s\n" #, c-format msgid "removing cache file '%s'\n" -msgstr "removiendo archivo de almacenamiento '%s'\n" +msgstr "removiendo archivo de cache '%s'\n" #, c-format msgid "not removing file '%s'\n" @@ -7139,41 +7140,41 @@ msgstr "no se remueve el archivo '%s'\n" #, c-format msgid "error closing cache file: %s\n" -msgstr "error cerrando archivo de almacenamiento: %s\n" +msgstr "error cerrando archivo de cache: %s\n" #, c-format msgid "failed to open cache dir file '%s': %s\n" -msgstr "fallo al abrir archivo de directorio de almacenamiento '%s': %s\n" +msgstr "fallo al abrir archivo de directorio de cache '%s': %s\n" #, c-format msgid "error creating new cache dir file '%s': %s\n" -msgstr "error al crear nuevo archivo de almacenamiento '%s': %s\n" +msgstr "error al crear nuevo archivo de cache '%s': %s\n" #, c-format msgid "error writing new cache dir file '%s': %s\n" -msgstr "error al escribir nuevo archivo de almacenamiento '%s': %s\n" +msgstr "error al escribir nuevo archivo de cache '%s': %s\n" #, c-format msgid "error closing new cache dir file '%s': %s\n" -msgstr "error al cerrar nuevo archivo de almacenamiento '%s': %s\n" +msgstr "error al cerrar nuevo archivo de cache '%s': %s\n" #, c-format msgid "new cache dir file '%s' created\n" -msgstr "creado nuevo archivo de almacenamiento '%s'\n" +msgstr "creado nuevo archivo de cache '%s'\n" #, c-format msgid "failed to re-open cache dir file '%s': %s\n" -msgstr "no se puede reabrir el archivo de almacenamiento '%s': %s\n" +msgstr "no se puede reabrir el archivo de cache '%s': %s\n" #, c-format msgid "first record of '%s' is not the version\n" msgstr "la primera entrada de '%s' no es la versi?n\n" msgid "old version of cache directory - cleaning up\n" -msgstr "versi?n antigua del directorio de almacenamiento - limpiando\n" +msgstr "versi?n antigua del directorio de cache - limpiando\n" msgid "old version of cache directory - giving up\n" -msgstr "versi?n antigua del directorio de almacenamiento - me rindo\n" +msgstr "versi?n antigua del directorio de cache - me rindo\n" #, c-format msgid "extra field detected in crl record of '%s' line %u\n" @@ -7207,18 +7208,17 @@ msgstr "fecha no v?lida en '%s', l?nea %u\n" #, c-format msgid "WARNING: invalid cache file hash in '%s' line %u\n" -msgstr "" -"ADVERTENCIA: hash de archivo de almacenamiento no v?lida en '%s', l?nea %u\n" +msgstr "ADVERTENCIA: hash de archivo de cache no v?lido en '%s', l?nea %u\n" msgid "detected errors in cache dir file\n" -msgstr "errores detectados en el archivo de almacenamiento\n" +msgstr "errores detectados en el archivo de cache\n" msgid "please check the reason and manually delete that file\n" msgstr "chequea el problema y borra este archivo manualmente\n" #, c-format msgid "failed to create temporary cache dir file '%s': %s\n" -msgstr "no se puede crear el fichero de almacenamiento temporal '%s': %s\n" +msgstr "no se puede crear el fichero de cache '%s': %s\n" #, c-format msgid "error closing '%s': %s\n" @@ -7245,21 +7245,19 @@ msgid "invalid formatted checksum for '%s'\n" msgstr "formato inv?lido de huella digital para '%s'\n" msgid "too many open cache files; can't open anymore\n" -msgstr "" -"demasiados archivos de almacenamiento abiertos; ya no puedo abrir m?s\n" +msgstr "demasiados archivos de cache abiertos; ya no puedo abrir m?s\n" #, c-format msgid "opening cache file '%s'\n" -msgstr "abriendo archivo de almacenamiento '%s'\n" +msgstr "abriendo archivo de cache '%s'\n" #, c-format msgid "error opening cache file '%s': %s\n" -msgstr "error al abrir archivo de almacenamiento '%s': %s\n" +msgstr "error al abrir archivo de cache '%s': %s\n" #, c-format msgid "error initializing cache file '%s' for reading: %s\n" -msgstr "" -"error al inicializar el archivo de almacenamiento '%s' para lectura: %s\n" +msgstr "error al inicializar el archivo de cache '%s' para lectura: %s\n" msgid "calling unlock_db_file on a closed file\n" msgstr "llamando unlock_db_file para un archivo cerrado\n" @@ -7269,7 +7267,7 @@ msgstr "llamando unlock_db_file para un archivo ya desbloqueado\n" #, c-format msgid "failed to create a new cache object: %s\n" -msgstr "fallo al crear un nuevo objecto de almacenamiento: %s\n" +msgstr "fallo al crear un nuevo objecto de cache: %s\n" #, c-format msgid "no CRL available for issuer id %s\n" @@ -7308,11 +7306,11 @@ msgstr "" "toqueteado; necesitamos actualizar\n" msgid "WARNING: invalid cache record length for S/N " -msgstr "ATENCI?N: largo de entrada de almacenamiento no v?lido para S/N" +msgstr "ATENCI?N: largo de entrada de cache no v?lido para S/N " #, c-format msgid "problem reading cache record for S/N %s: %s\n" -msgstr "problemas leyendo la entrada de cache para S/N %s: %s\n" +msgstr "problemas al leer la entrada de cache para S/N %s: %s\n" #, c-format msgid "S/N %s is not valid; reason=%02X date=%.15s\n" @@ -7324,7 +7322,7 @@ msgstr "S/N %s es v?lido, no est? listado en el CRL\n" #, c-format msgid "error getting data from cache file: %s\n" -msgstr "error al obtener datos del archivo de almacenamiento: %s\n" +msgstr "error al obtener datos del archivo de cache: %s\n" #, c-format msgid "unknown hash algorithm '%s'\n" @@ -7393,17 +7391,15 @@ msgstr "ha fallado ksba_crl_set_reader: %s\n" #, c-format msgid "removed stale temporary cache file '%s'\n" -msgstr "se ha removido el fichero temporal de almacenamiento en desuso '%s'\n" +msgstr "se ha removido el fichero temporal de cache en desuso '%s'\n" #, c-format msgid "problem removing stale temporary cache file '%s': %s\n" -msgstr "" -"problema al remover el fichero temporal de almacenamiento en desuso '%s': " -"%s\n" +msgstr "problema al remover el fichero temporal de cache en desuso '%s': %s\n" #, c-format msgid "error creating temporary cache file '%s': %s\n" -msgstr "error al crear fichero temporal de almacenamiento '%s': %s\n" +msgstr "error al crear fichero temporal de cache '%s': %s\n" #, c-format msgid "crl_parse_insert failed: %s\n" @@ -7411,11 +7407,11 @@ msgstr "ha fallado crl_parse_insert: %s\n" #, c-format msgid "error finishing temporary cache file '%s': %s\n" -msgstr "error al finalizar fichero temporal de almacenamiento '%s': %s\n" +msgstr "error al finalizar fichero temporal de cache '%s': %s\n" #, c-format msgid "error closing temporary cache file '%s': %s\n" -msgstr "error al cerrar fichero temporal de almacenamiento '%s': %s\n" +msgstr "error al cerrar fichero temporal de cache '%s': %s\n" #, c-format msgid "WARNING: new CRL still too old; it expired on %s - loading anyway\n" @@ -7437,7 +7433,7 @@ msgstr "error al leer las extensiones CRL: %s\n" #, c-format msgid "creating cache file '%s'\n" -msgstr "creando fichero de almacenamiento '%s'\n" +msgstr "creando fichero de cache '%s'\n" #, c-format msgid "problem renaming '%s' to '%s': %s\n" @@ -7447,8 +7443,8 @@ msgid "" "updating the DIR file failed - cache entry will get lost with the next " "program start\n" msgstr "" -"ha fallado la actualizaci?n del archivo DIR - la entrada del almacenamiento " -"local se perder? al reiniciar el programa\n" +"ha fallado la actualizaci?n del archivo DIR - la entrada de cache se perder? " +"al reiniciar el programa\n" #, c-format msgid "Begin CRL dump (retrieved via %s)\n" @@ -7476,19 +7472,19 @@ msgstr "" " ERROR: ?Puede que alguien haya manipulado este CRL almacenado en local!\n" msgid " WARNING: invalid cache record length\n" -msgstr " ATENCI?N: largo de entrada de almacenamiento no v?lido\n" +msgstr " ATENCI?N: el tama?o de la entrada de cache no es correcto\n" #, c-format msgid "problem reading cache record: %s\n" -msgstr "error al leer entrada de almacenamiento: %s\n" +msgstr "error al leer entrada de cache: %s\n" #, c-format msgid "problem reading cache key: %s\n" -msgstr "problema al leer clave de almacenamiento: %s\n" +msgstr "problema al leer clave de cache: %s\n" #, c-format msgid "error reading cache entry from db: %s\n" -msgstr "error al leer entrada de almacenamiento de la base de datos: %s\n" +msgstr "error al leer entrada de cache de la base de datos: %s\n" msgid "End CRL dump\n" msgstr "Terminar el dump de CRL\n" @@ -7506,7 +7502,7 @@ msgid "crl_cache_insert via issuer failed: %s\n" msgstr "ha fallado crl_cache_insert via emisor: %s\n" msgid "reader to file mapping table full - waiting\n" -msgstr "" +msgstr "la tabla de mapeo lector a archivo est? llena - esperando\n" msgid "using \"http\" instead of \"https\"\n" msgstr "usando \"http\" en lugar de \"https\"\n" @@ -7552,7 +7548,7 @@ msgid "check whether a dirmngr is running" msgstr "verifica si hay un dirmngr corriendo" msgid "add a certificate to the cache" -msgstr "a?adir un certificado al almacenamiento local" +msgstr "a?adir un certificado a la cache" msgid "validate a certificate" msgstr "valida el certificado" @@ -7652,10 +7648,10 @@ msgid "looking up '%s'\n" msgstr "buscando '%s'\n" msgid "list the contents of the CRL cache" -msgstr "listar los contenidos del almacenamiento CRL" +msgstr "listar los contenidos del cache CRL" msgid "|FILE|load CRL from FILE into cache" -msgstr "|FILE|carga CRL de FILE al empezar" +msgstr "|FILE|carga CRL de FILE en la cache" msgid "|URL|fetch a CRL from URL" msgstr "|URL|carga un CRL de una URL" @@ -7664,7 +7660,7 @@ msgid "shutdown the dirmngr" msgstr "apaga el dirmngr" msgid "flush the cache" -msgstr "" +msgstr "descargar la memoria cache" msgid "|FILE|write server mode logs to FILE" msgstr "|FILE|escribir logs en modo servidor en FICHERO" @@ -7983,7 +7979,7 @@ msgstr "el wrapper %d de ldap est? parado - mat?ndolo\n" #, c-format msgid "error spawning ldap wrapper reaper thread: %s\n" -msgstr "" +msgstr "error mientras desplegaba el hilo del ldap wrapper reaper: %s\n" #, c-format msgid "reading from ldap wrapper %d failed: %s\n" @@ -7991,7 +7987,7 @@ msgstr "error al leer desde el wrapper %d de ldap: %s\n" #, c-format msgid "invalid char 0x%02x in host name - not added\n" -msgstr "" +msgstr "caracter incorrecto 0x%02x en el nombre de host - no a?adido\n" #, c-format msgid "adding '%s:%d' to the ldap server list\n" @@ -8003,10 +7999,10 @@ msgstr "ha fallado malloc: %s\n" #, c-format msgid "start_cert_fetch: invalid pattern '%s'\n" -msgstr "" +msgstr "start_cert_fetch: patr?n '%s' incorrecto\n" msgid "ldap_search hit the size limit of the server\n" -msgstr "" +msgstr "ldap_search ha llegado al l?mite de tama?o del servidor\n" msgid "invalid canonical S-expression found\n" msgstr "se encontr? S-expression can?nica no v?lida\n" @@ -8020,7 +8016,7 @@ msgid "oops: ksba_cert_hash failed: %s\n" msgstr "oops: ha fallado ksba_cert_hash: %s\n" msgid "bad URL encoding detected\n" -msgstr "" +msgstr "detectado mal encoding de la URL\n" #, c-format msgid "error reading from responder: %s\n" @@ -8065,17 +8061,17 @@ msgstr "status del OCSP responder en '%s': %s\n" #, c-format msgid "hashing the OCSP response for '%s' failed: %s\n" -msgstr "" +msgstr "ha fallado el hashing de la respuesta OCSP para '%s': %s\n" msgid "not signed by a default OCSP signer's certificate" -msgstr "" +msgstr "no firmada por un certificado predeterminado de firma OCSP" msgid "only SHA-1 is supported for OCSP responses\n" -msgstr "" +msgstr "s?lo SHA-1 es compatible para las respuestas OCSP\n" #, c-format msgid "allocating list item failed: %s\n" -msgstr "" +msgstr "fallo al colocar item en la lista: %s\n" #, c-format msgid "error getting responder ID: %s\n" @@ -8091,10 +8087,10 @@ msgid "issuer certificate not found: %s\n" msgstr "no se encuentra el emisor de este certificado: %s\n" msgid "caller did not return the target certificate\n" -msgstr "" +msgstr "el caller no devolvi? el certificado del target\n" msgid "caller did not return the issuing certificate\n" -msgstr "" +msgstr "el caller no devolvi? el certificado emisor\n" #, c-format msgid "failed to allocate OCSP context: %s\n" @@ -8102,10 +8098,10 @@ msgstr "fallo al asignar el contexto OCSP: %s\n" #, c-format msgid "can't get authorityInfoAccess: %s\n" -msgstr "" +msgstr "no se ha podido obtener authorityInfoAccess: %s\n" msgid "no default OCSP responder defined\n" -msgstr "" +msgstr "no hay un OCSP responder predeterminado\n" msgid "no default OCSP signer defined\n" msgstr "no hay ning?n firmante OCSP predeterminado definido\n" @@ -8120,7 +8116,7 @@ msgstr "usar OCSP responder '%s'\n" #, c-format msgid "failed to establish a hashing context for OCSP: %s\n" -msgstr "" +msgstr "fallo al establecer un contexto de hashing para OCSP: %s\n" #, c-format msgid "error getting OCSP status for target certificate: %s\n" @@ -8138,68 +8134,67 @@ msgid "certificate has been revoked at: %s due to: %s\n" msgstr "el certificado ha sido revocado el: %s a causa de: %s\n" msgid "OCSP responder returned a status in the future\n" -msgstr "" +msgstr "el OCSP respondor ha devuelto un estado en el futuro\n" msgid "OCSP responder returned a non-current status\n" -msgstr "" +msgstr "el OCSP respondor ha devuelto un estado no actual\n" msgid "OCSP responder returned an too old status\n" -msgstr "" +msgstr "el OCSP respondor ha devuelto un estado demasiado antiguo\n" -#, fuzzy, c-format +#, c-format msgid "assuan_inquire(%s) failed: %s\n" -msgstr "renombrar '%s' a '%s' fall?: %s\n" +msgstr "ha fallado assuan_inquire(%s): %s\n" -#, fuzzy msgid "ldapserver missing" -msgstr "falta el par?metro" +msgstr "falta el ldapserver" msgid "serialno missing in cert ID" -msgstr "" +msgstr "falta el n?mero de serie en el ID del certificado" -#, fuzzy, c-format +#, c-format msgid "assuan_inquire failed: %s\n" -msgstr "ha fallado la b?squeda '%s': %s\n" +msgstr "ha fallado assuan_inquire: %s\n" -#, fuzzy, c-format +#, c-format msgid "fetch_cert_by_url failed: %s\n" -msgstr "ha fallado crl_fetch via DP: %s\n" +msgstr "ha fallado fetch_cert_by_url: %s\n" -#, fuzzy, c-format +#, c-format msgid "error sending data: %s\n" -msgstr "clave %s: error enviando al agente: %s\n" +msgstr "error al enviar datos: %s\n" -#, fuzzy, c-format +#, c-format msgid "start_cert_fetch failed: %s\n" -msgstr "ha fallado crl_fetch via DP: %s\n" +msgstr "ha fallado start_cert_fetch: %s\n" -#, fuzzy, c-format +#, c-format msgid "fetch_next_cert failed: %s\n" -msgstr "lectura fallida: %s\n" +msgstr "ha fallado fetch_next_cert: %s\n" #, c-format msgid "max_replies %d exceeded\n" -msgstr "" +msgstr "se ha excedido el n?mero de respuestas(max_replies) %d\n" -#, fuzzy, c-format +#, c-format msgid "can't allocate control structure: %s\n" -msgstr "no puedo reservar espacio para la cadena de salida: %s\n" +msgstr "no puedo colocar la estructura de control: %s\n" -#, fuzzy, c-format +#, c-format msgid "failed to allocate assuan context: %s\n" -msgstr "fallo al crear un flujo desde el socket: %s\n" +msgstr "fallo al reservar el contexto assuan: %s\n" -#, fuzzy, c-format +#, c-format msgid "failed to initialize the server: %s\n" -msgstr "inicializaci?n de la base de datos de confianza fallida: %s\n" +msgstr "ha fallado la inicializaci?n del servidor: %s\n" -#, fuzzy, c-format +#, c-format msgid "failed to the register commands with Assuan: %s\n" -msgstr "fallo guardando la fecha de creaci?n: %s\n" +msgstr "fallo en las ?rdenes de registro con Assuan: %s\n" -#, fuzzy, c-format +#, c-format msgid "Assuan accept problem: %s\n" -msgstr "problema al renombrar '%s' a '%s': %s\n" +msgstr "problema de aceptaci?n Assuan: %s\n" #, c-format msgid "Assuan processing failed: %s\n" @@ -8406,7 +8401,7 @@ msgid "Private Keys" msgstr "Claves privados" msgid "Smartcards" -msgstr "" +msgstr "Smartcards" msgid "S/MIME" msgstr "S/MIME" @@ -8475,7 +8470,7 @@ msgid "check global configuration file" msgstr "comprobar fichero global de configuraci?n" msgid "query the software version database" -msgstr "" +msgstr "consulta la base de datos de versiones de software" msgid "reload all or a given component" msgstr "listar todos los componentes, o uno en particular" @@ -8576,7 +8571,7 @@ msgstr "error escribiendo en %s: %s\n" #, c-format msgid "error reading from %s: %s\n" -msgstr "error leyendo de %s: %s\n" +msgstr "error al leer de %s: %s\n" #, c-format msgid "error closing %s: %s\n" commit 21b2e88a7e6c3d7313773c9ffb3e0d1fb2af45df Author: emma peel Date: Mon Apr 16 12:47:14 2018 -0700 po: correct attribution for Spanish translation Signed-off-by: Daniel Kahn Gillmor diff --git a/po/es.po b/po/es.po index e889e60..1676983 100644 --- a/po/es.po +++ b/po/es.po @@ -4,13 +4,12 @@ # I've tried to mantain the terminology used by Armando Ramos # in his PGP 2.3.6i translation. # I also got inspiration from it.po by Marco d'Itri -# Jaime Su?rez 2017 -# +# Jaime Su?rez 2017 msgid "" msgstr "" "Project-Id-Version: gnupg 2.0.9\n" "Report-Msgid-Bugs-To: translations at gnupg.org\n" -"PO-Revision-Date: 2017-11-02 17:39+0100\n" +"PO-Revision-Date: 2018-04-16 14:06+0000\n" "Last-Translator: emma peel \n" "Language-Team: Spanish \n" "Language: es\n" commit a5290dace7f85d66272af3e14f9f2bc43d2a4af8 Author: emma peel Date: Mon Apr 16 12:42:21 2018 -0700 po: correct label tags in Polish translation Signed-off-by: Daniel Kahn Gillmor diff --git a/po/pl.po b/po/pl.po index 3079b31..d0e5cbf 100644 --- a/po/pl.po +++ b/po/pl.po @@ -357,7 +357,7 @@ msgid "csh-style command output" msgstr "wyj?cie polece? w stylu csh" msgid "|FILE|read options from FILE" -msgstr "|PLIK|odczyt opcji z PLIKU" +msgstr "|FILE|odczyt opcji z PLIKU" msgid "do not detach from the console" msgstr "nie odczepianie od konsoli" @@ -377,7 +377,7 @@ msgstr "nie u?ywanie SCdaemona" #, fuzzy #| msgid "|NAME|connect to Assuan socket NAME" msgid "|NAME|accept some commands via NAME" -msgstr "|NAZWA|po??czenie z gniazdem Assuan o tej nazwie" +msgstr "|NAME|po??czenie z gniazdem Assuan o tej nazwie" msgid "ignore requests to change the TTY" msgstr "ignorowanie ??da? zmiany TTY" @@ -1926,12 +1926,12 @@ msgstr "klucz prywatny ,,%s'' nie zosta? odnaleziony: %s\n" #, fuzzy, c-format #| msgid "|NAME|use NAME as default secret key" msgid "Warning: not using '%s' as default key: %s\n" -msgstr "|NAZWA|u?ycie NAZWY jako domy?lnego klucza tajnego" +msgstr "|NAME|u?ycie NAZWY jako domy?lnego klucza tajnego" #, fuzzy, c-format #| msgid "|NAME|use NAME as default secret key" msgid "using \"%s\" as default secret key for signing\n" -msgstr "|NAZWA|u?ycie NAZWY jako domy?lnego klucza tajnego" +msgstr "|NAME|u?ycie NAZWY jako domy?lnego klucza tajnego" #, c-format msgid "all values passed to '%s' ignored\n" @@ -2101,7 +2101,7 @@ msgid "use canonical text mode" msgstr "kanoniczny format tekstowy" msgid "|FILE|write output to FILE" -msgstr "|PLIK|zapis wyj?cia do PLIKU" +msgstr "|FILE|zapis wyj?cia do PLIKU" msgid "do not make any changes" msgstr "pozostawienie bez zmian" @@ -2632,7 +2632,7 @@ msgid "the given preferred keyserver URL is invalid\n" msgstr "podany preferowany URL serwera kluczy jest niepoprawny\n" msgid "|FILE|take the keys from the keyring FILE" -msgstr "|PLIK|pobieranie kluczy ze zbioru PLIK" +msgstr "|FILE|pobieranie kluczy ze zbioru PLIK" msgid "make timestamp conflicts only a warning" msgstr "nie traktowa? konfliktu datownik?w jako b??du" @@ -6659,19 +6659,19 @@ msgid "run in multi server mode (foreground)" msgstr "uruchomienie w trybie serwera (pierwszoplanowo)" msgid "|LEVEL|set the debugging level to LEVEL" -msgstr "|POZIOM|ustawienie POZIOMU diagnostyki" +msgstr "|LEVEL|ustawienie POZIOMU diagnostyki" msgid "|FILE|write a log to FILE" -msgstr "|PLIK|zapisanie log?w do PLIKu" +msgstr "|FILE|zapisanie log?w do PLIKu" msgid "|N|connect to reader at port N" msgstr "|N|po??czenie z czytnikiem na porcie N" msgid "|NAME|use NAME as ct-API driver" -msgstr "|NAZWA|u?ycie NAZWY jako sterownika ct-API" +msgstr "|NAME|u?ycie NAZWY jako sterownika ct-API" msgid "|NAME|use NAME as PC/SC driver" -msgstr "|NAZWA|u?ycie NAZWY jako sterownika PC/SC" +msgstr "|NAME|u?ycie NAZWY jako sterownika PC/SC" msgid "do not use the internal CCID driver" msgstr "nie u?ywanie wewn?trznego sterownika CCID" @@ -7235,7 +7235,7 @@ msgid "|N|number of certificates to include" msgstr "|N|liczba certyfikat?w do do??czenia" msgid "|FILE|take policy information from FILE" -msgstr "|PLIK|pobranie informacji o polityce z PLIKU" +msgstr "|FILE|pobranie informacji o polityce z PLIKU" msgid "do not check certificate policies" msgstr "nie sprawdzanie polityk certyfikat?w" @@ -7247,10 +7247,10 @@ msgid "don't use the terminal at all" msgstr "nie u?ywanie w og?le terminala" msgid "|FILE|write a server mode log to FILE" -msgstr "|PLIK|zapisanie log?w trybu serwerowego do PLIKU" +msgstr "|FILE|zapisanie log?w trybu serwerowego do PLIKU" msgid "|FILE|write an audit log to FILE" -msgstr "|PLIK|zapisanie log?w audytowych do PLIKU" +msgstr "|FILE|zapisanie log?w audytowych do PLIKU" msgid "batch mode: never ask" msgstr "tryb wsadowy: bez ?adnych pyta?" @@ -7262,19 +7262,19 @@ msgid "assume no on most questions" msgstr "przyj?cie odpowiedzi ,,nie'' na wi?kszo?? pyta?" msgid "|FILE|add keyring to the list of keyrings" -msgstr "|PLIK|dodanie tego zbioru kluczy do listy zbior?w kluczy" +msgstr "|FILE|dodanie tego zbioru kluczy do listy zbior?w kluczy" msgid "|USER-ID|use USER-ID as default secret key" -msgstr "|U?YTKOWNIK|u?ycie tego identyfikatora jako domy?lnego klucza tajnego" +msgstr "|USER-ID|u?ycie tego identyfikatora jako domy?lnego klucza tajnego" msgid "|SPEC|use this keyserver to lookup keys" msgstr "|SPEC|u?ycie tego serwera do wyszukiwania kluczy" msgid "|NAME|use cipher algorithm NAME" -msgstr "|NAZWA|u?ycie tego algorytmu szyfrowania NAZWA" +msgstr "|NAME|u?ycie tego algorytmu szyfrowania NAZWA" msgid "|NAME|use message digest algorithm NAME" -msgstr "|NAZWA|u?ycie tego algorytmu skr?tu wiadomo?ci" +msgstr "|NAME|u?ycie tego algorytmu skr?tu wiadomo?ci" #, fuzzy #| msgid "Usage: gpg [options] [files] (-h for help)" @@ -8187,7 +8187,7 @@ msgstr "" #, fuzzy #| msgid "|FILE|run commands from FILE on startup" msgid "|FILE|load CRL from FILE into cache" -msgstr "|PLIK|uruchomienie polece? z PLIKU przy starcie" +msgstr "|FILE|uruchomienie polece? z PLIKU przy starcie" msgid "|URL|fetch a CRL from URL" msgstr "" @@ -8201,7 +8201,7 @@ msgid "flush the cache" msgstr "" msgid "|FILE|write server mode logs to FILE" -msgstr "|PLIK|zapisanie log?w trybu serwerowego do PLIKu" +msgstr "|FILE|zapisanie log?w trybu serwerowego do PLIKu" #, fuzzy #| msgid "Quit without saving? (y/N) " @@ -8246,7 +8246,7 @@ msgstr "" #, fuzzy #| msgid "|FILE|read options from FILE" msgid "|FILE|read LDAP server list from FILE" -msgstr "|PLIK|odczyt opcji z PLIKU" +msgstr "|FILE|odczyt opcji z PLIKU" msgid "add new servers discovered in CRL distribution points to serverlist" msgstr "" @@ -8380,7 +8380,7 @@ msgstr "" #, fuzzy #| msgid "|NAME|connect to Assuan socket NAME" msgid "|NAME|connect to host NAME" -msgstr "|NAZWA|po??czenie z gniazdem Assuan o tej nazwie" +msgstr "|NAME|po??czenie z gniazdem Assuan o tej nazwie" #, fuzzy #| msgid "|N|connect to reader at port N" @@ -8882,12 +8882,12 @@ msgid "connect to the dirmngr" msgstr "przekazanie polecenia do dirmngr" msgid "|NAME|connect to Assuan socket NAME" -msgstr "|NAZWA|po??czenie z gniazdem Assuan o tej nazwie" +msgstr "|NAME|po??czenie z gniazdem Assuan o tej nazwie" #, fuzzy #| msgid "|NAME|connect to Assuan socket NAME" msgid "|ADDR|connect to Assuan server at ADDR" -msgstr "|NAZWA|po??czenie z gniazdem Assuan o tej nazwie" +msgstr "|ADDR|po??czenie z gniazdem Assuan o tej nazwie" msgid "run the Assuan server given on the command line" msgstr "uruchomienie serwera Assuan podanego z linii polece?" @@ -8896,7 +8896,7 @@ msgid "do not use extended connect mode" msgstr "nie u?ywanie rozszerzonego trybu po??czenia" msgid "|FILE|run commands from FILE on startup" -msgstr "|PLIK|uruchomienie polece? z PLIKU przy starcie" +msgstr "|FILE|uruchomienie polece? z PLIKU przy starcie" msgid "run /subst on startup" msgstr "uruchomienie /subst przy starcie" @@ -8983,7 +8983,7 @@ msgid "|N|require at least N non-alpha characters for a new passphrase" msgstr "|N|wymaganie przynajmniej N znak?w niealfanumerycznych w nowym ha?le" msgid "|FILE|check new passphrases against pattern in FILE" -msgstr "|PLIK|sprawdzanie nowych hase? pod k?tem wzorc?w z PLIKU" +msgstr "|FILE|sprawdzanie nowych hase? pod k?tem wzorc?w z PLIKU" msgid "|N|expire the passphrase after N days" msgstr "|N|przedawnianie hase? po N dniach" @@ -8998,10 +8998,10 @@ msgstr "" "|N|ustawienie maksymalnego czasu ?ycia pami?ci podr?cznej PIN-?w na N sekund" msgid "|NAME|use NAME as default secret key" -msgstr "|NAZWA|u?ycie NAZWY jako domy?lnego klucza tajnego" +msgstr "|NAME|u?ycie NAZWY jako domy?lnego klucza tajnego" msgid "|NAME|encrypt to user ID NAME as well" -msgstr "|NAZWA|szyfrowanie tak?e dla odbiorcy NAZWA" +msgstr "|NAME|szyfrowanie tak?e dla odbiorcy NAZWA" msgid "|SPEC|set up email aliases" msgstr "|SPEC|okre?l adres email" @@ -9017,14 +9017,14 @@ msgstr "zezwolenie na wyszukiwania PKA (??dania DNS)" msgid "|MECHANISMS|use MECHANISMS to locate keys by mail address" msgstr "" -"|MECHANIZMY|wykorzystaj MECHANIZMY do wyszukiwania kluczy na podstawie " +"|MECHANISMS|wykorzystaj MECHANIZMY do wyszukiwania kluczy na podstawie " "adres?w e-mail" msgid "disable all access to the dirmngr" msgstr "zablokuj dost?p do dirmngr" msgid "|NAME|use encoding NAME for PKCS#12 passphrases" -msgstr "|NAZWA|u?ycie kodowania NAZWA dla hase? PKCS#12" +msgstr "|NAME|u?ycie kodowania NAZWA dla hase? PKCS#12" msgid "do not check CRLs for root certificates" msgstr "nie sprawdzanie CRL dla g??wnych certyfikat?w" @@ -9104,13 +9104,13 @@ msgid "check all programs" msgstr "sprawdzenie wszystkich program?w" msgid "|COMPONENT|list options" -msgstr "|KOMPONENT|wypisanie opcji" +msgstr "|COMPONENT|wypisanie opcji" msgid "|COMPONENT|change options" -msgstr "|KOMPONENT|zmiana opcji" +msgstr "|COMPONENT|zmiana opcji" msgid "|COMPONENT|check options" -msgstr "|KOMPONENT|zaznaczenie opcji" +msgstr "|COMPONENT|zaznaczenie opcji" msgid "apply global default values" msgstr "zastosowanie globalnych warto?ci domy?lnych" @@ -9118,7 +9118,7 @@ msgstr "zastosowanie globalnych warto?ci domy?lnych" #, fuzzy #| msgid "|FILE|take policy information from FILE" msgid "|FILE|update configuration files using FILE" -msgstr "|PLIK|pobranie informacji o polityce z PLIKU" +msgstr "|FILE|pobranie informacji o polityce z PLIKU" #, fuzzy #| msgid "get the configuration directories for gpgconf" @@ -9696,7 +9696,7 @@ msgstr "" #~ msgstr "u?ycie standardowego po?o?enia gniazda" #~ msgid "|FILE|write environment settings also to FILE" -#~ msgstr "|PLIK|zapis ustawie? ?rodowiska tak?e do PLIKU" +#~ msgstr "|FILE|zapis ustawie? ?rodowiska tak?e do PLIKU" #~ msgid "Usage: gpg-agent [options] (-h for help)" #~ msgstr "Wywo?anie: gpg-agent [opcje] (-h podaje pomoc)" commit e12475429578add12a53fb2232cb45dc9e2aae1b Author: emma peel Date: Mon Apr 16 12:39:14 2018 -0700 po: correct label tags in Finnish translation Signed-off-by: Daniel Kahn Gillmor diff --git a/po/fi.po b/po/fi.po index ee40859..1e5236e 100644 --- a/po/fi.po +++ b/po/fi.po @@ -346,7 +346,7 @@ msgstr "" #, fuzzy msgid "|FILE|read options from FILE" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "do not detach from the console" msgstr "" @@ -368,7 +368,7 @@ msgstr "p?ivit? luottamustietokanta" #, fuzzy #| msgid "|NAME|set terminal charset to NAME" msgid "|NAME|accept some commands via NAME" -msgstr "|NIMI|aseta p??tteen merkist?ksi NIMI" +msgstr "|NAME|aseta p??tteen merkist?ksi NIMI" msgid "ignore requests to change the TTY" msgstr "" @@ -1914,12 +1914,12 @@ msgstr "salaista avainta \"%s\" ei l?ydy: %s\n" #, fuzzy, c-format #| msgid "|NAME|use NAME as default secret key" msgid "Warning: not using '%s' as default key: %s\n" -msgstr "|NIMI|k?yt? oletusarvoisesti salaista avainta NIMI" +msgstr "|NAME|k?yt? oletusarvoisesti salaista avainta NIMI" #, fuzzy, c-format #| msgid "|NAME|use NAME as default secret key" msgid "using \"%s\" as default secret key for signing\n" -msgstr "|NIMI|k?yt? oletusarvoisesti salaista avainta NIMI" +msgstr "|NAME|k?yt? oletusarvoisesti salaista avainta NIMI" #, c-format msgid "all values passed to '%s' ignored\n" @@ -2081,7 +2081,7 @@ msgstr "tuota ascii-koodattu tuloste" #, fuzzy msgid "|USER-ID|encrypt for USER-ID" -msgstr "|NIMI|salaa vastaanottajalle NIMI" +msgstr "|USER-ID|salaa vastaanottajalle NIMI" #, fuzzy msgid "|USER-ID|use USER-ID to sign or decrypt" @@ -2096,7 +2096,7 @@ msgstr "k?yt? tekstimuotoa" #, fuzzy msgid "|FILE|write output to FILE" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "do not make any changes" msgstr "?l? tee muutoksia" @@ -6534,18 +6534,18 @@ msgstr "" #, fuzzy msgid "|FILE|write a log to FILE" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "|N|connect to reader at port N" msgstr "" #, fuzzy msgid "|NAME|use NAME as ct-API driver" -msgstr "|NIMI|k?yt? NIMI oletusvastaanottajana" +msgstr "|NAME|k?yt? NIMI oletusvastaanottajana" #, fuzzy msgid "|NAME|use NAME as PC/SC driver" -msgstr "|NIMI|k?yt? NIMI oletusvastaanottajana" +msgstr "|NAME|k?yt? NIMI oletusvastaanottajana" #, fuzzy msgid "do not use the internal CCID driver" @@ -7121,7 +7121,7 @@ msgstr "" #, fuzzy msgid "|FILE|write an audit log to FILE" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "batch mode: never ask" msgstr "er?ajo: ?l? kysy mit??n" @@ -7138,17 +7138,17 @@ msgstr "lis?? t?m? avainrengas avainrenkaiden luetteloon" #, fuzzy msgid "|USER-ID|use USER-ID as default secret key" -msgstr "|NIMI|k?yt? oletusarvoisesti salaista avainta NIMI" +msgstr "|USER-ID|k?yt? oletusarvoisesti salaista avainta NIMI" #, fuzzy msgid "|SPEC|use this keyserver to lookup keys" -msgstr "|PALVELIN|k?yt? t?t? palvelinta avainten etsimiseen" +msgstr "|SPEC|k?yt? t?t? palvelinta avainten etsimiseen" msgid "|NAME|use cipher algorithm NAME" -msgstr "|NIMI|k?yt? salausalgoritmia NIMI" +msgstr "|NAME|k?yt? salausalgoritmia NIMI" msgid "|NAME|use message digest algorithm NAME" -msgstr "|NIMI|k?yt? viestintiivistealgoritmia NIMI" +msgstr "|NAME|k?yt? viestintiivistealgoritmia NIMI" #, fuzzy #| msgid "Usage: gpg [options] [files] (-h for help)" @@ -7964,7 +7964,7 @@ msgstr "" #, fuzzy msgid "|FILE|load CRL from FILE into cache" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "|URL|fetch a CRL from URL" msgstr "" @@ -8017,7 +8017,7 @@ msgstr "" #, fuzzy msgid "|FILE|read LDAP server list from FILE" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "add new servers discovered in CRL distribution points to serverlist" msgstr "" @@ -8133,7 +8133,7 @@ msgstr "" #, fuzzy #| msgid "|NAME|set terminal charset to NAME" msgid "|NAME|connect to host NAME" -msgstr "|NIMI|aseta p??tteen merkist?ksi NIMI" +msgstr "|NAME|aseta p??tteen merkist?ksi NIMI" msgid "|N|connect to port N" msgstr "" @@ -8141,7 +8141,7 @@ msgstr "" #, fuzzy #| msgid "|NAME|use NAME as default recipient" msgid "|NAME|use user NAME for authentication" -msgstr "|NIMI|k?yt? NIMI oletusvastaanottajana" +msgstr "|NAME|k?yt? NIMI oletusvastaanottajana" msgid "|PASS|use password PASS for authentication" msgstr "" @@ -8589,7 +8589,7 @@ msgstr "" #, fuzzy msgid "|FILE|run commands from FILE on startup" -msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" msgid "run /subst on startup" msgstr "" @@ -8682,11 +8682,11 @@ msgid "|N|set the Pinentry timeout to N seconds" msgstr "" msgid "|NAME|use NAME as default secret key" -msgstr "|NIMI|k?yt? oletusarvoisesti salaista avainta NIMI" +msgstr "|NAME|k?yt? oletusarvoisesti salaista avainta NIMI" #, fuzzy msgid "|NAME|encrypt to user ID NAME as well" -msgstr "|NIMI|salaa vastaanottajalle NIMI" +msgstr "|NAME|salaa vastaanottajalle NIMI" msgid "|SPEC|set up email aliases" msgstr "" @@ -8709,7 +8709,7 @@ msgstr "" #, fuzzy msgid "|NAME|use encoding NAME for PKCS#12 passphrases" -msgstr "|NIMI|k?yt? salasanoihin salausalgoritmia NIMI" +msgstr "|NAME|k?yt? salasanoihin salausalgoritmia NIMI" msgid "do not check CRLs for root certificates" msgstr "" @@ -9649,7 +9649,7 @@ msgstr "" #~ msgstr "lis?? t?m? salainen avainrengas luetteloon" #~ msgid "|FILE|load extension module FILE" -#~ msgstr "|TIEDOSTO|lataa laajennusmoduuli TIEDOSTO" +#~ msgstr "|FILE|lataa laajennusmoduuli TIEDOSTO" #~ msgid "|N|use compress algorithm N" #~ msgstr "|N|k?yt? pakkausalgoritmia N" @@ -10664,7 +10664,7 @@ msgstr "" #~ "aseta kaikki paketti-, salain- ja tiivistevaihtoehdot PGP 2.x -muotoon" #~ msgid "|NAME|use message digest algorithm NAME for passphrases" -#~ msgstr "|NIMI|k?yt? salasanoihin viestintiivistealgoritmia NIMI" +#~ msgstr "|NAME|k?yt? salasanoihin viestintiivistealgoritmia NIMI" #~ msgid "throw keyid field of encrypted packets" #~ msgstr "j?t? avaintunnistekentt? pois salatuista paketeista" ----------------------------------------------------------------------- Summary of changes: po/es.po | 220 +++++++++++++++++++++++++++++++-------------------------------- po/fi.po | 48 +++++++------- po/pl.po | 68 ++++++++++---------- 3 files changed, 165 insertions(+), 171 deletions(-) hooks/post-receive -- The GNU Privacy Guard http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 08:52:29 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 08:52:29 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-189-ga1f76b3 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via a1f76b3b54b75a150fe272b804d85ffd40a507a6 (commit) from b99502274ae5efdf6df0d967900ec3d1e64373d7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a1f76b3b54b75a150fe272b804d85ffd40a507a6 Author: Werner Koch Date: Tue Apr 17 08:33:44 2018 +0200 core: Add extended versions of the encrypt functions. * src/gpgme.h.in (gpgme_op_encrypt_ext_start) New. (gpgme_op_encrypt_ext): New. (gpgme_op_encrypt_sign_ext_start): New. (gpgme_op_encrypt_sign_ext): New. * src/libgpgme.vers, tests/run-encrypt.c: Add them. * src/encrypt.c (encrypt_start): Add arg recpstring. (gpgme_op_encrypt): Factor code out to ... (gpgme_op_encrypt_ext): new function with new arg recpstring. (gpgme_op_encrypt_start): Factor code out to ... (gpgme_op_encrypt_ext_start): new function with new arg recpstring. * src/encrypt-sign.c (encrypt_sign_start): Add arg recpstring. (gpgme_op_encrypt_sign): Factor code out to ... (gpgme_op_encrypt_sign_ext): new function with new arg recpstring. (gpgme_op_encrypt_sign_start): Factor code out to ... (gpgme_op_encrypt_sign_ext_start): new function with new arg recpstring. * src/engine-backend.h (struct engine_ops): Change fields encrypt and encrypt_sign. * src/engine.c (_gpgme_engine_op_encrypt): Add arg recpstring and pass to engine. (_gpgme_engine_op_encrypt_sign): Ditto. * src/engine-gpg.c (append_args_from_recipients_string): New. (gpg_encrypt): Add arg recpstring and call new function as needed. (gpg_encrypt_sign): Ditto. * src/engine-gpgsm.c (set_recipients_from_string): New. (gpgsm_encrypt): Add arg recpstring and call new function as needed. * src/engine-uiserver.c (set_recipients_from_string): New. (uiserver_encrypt): Add arg recpstring and call new function as needed. * tests/run-encrypt.c (xstrdup): New. (main): Add option --keystring. * src/gpgme-json.c (get_keys): Simplify. (op_encrypt): Modify to make use of the extended encrypt function. -- This new feature can be used to avoid the need for a key lookup and thus several extra calls to the backend. Note that run-test uses a semicolon as delimiter because that make testing the feature on the command line much easier. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index a8d73a5..51d7923 100644 --- a/NEWS +++ b/NEWS @@ -5,11 +5,16 @@ Noteworthy changes in version 1.10.1 (unreleased) * Interface changes relative to the 1.10.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ - gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys' - cpp: Key::locate NEW. - cpp: Data::toString NEW. + gpgme_op_encrypt_ext NEW. + gpgme_op_encrypt_ext_start NEW. + gpgme_op_encrypt_sign_ext NEW. + gpgme_op_encrypt_sign_ext_start NEW. + gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys'. + cpp: Key::locate NEW. + cpp: Data::toString NEW. cpp: ImportResult::numV3KeysSkipped NEW. + Noteworthy changes in version 1.10.0 (2017-12-12) ------------------------------------------------- diff --git a/doc/gpgme.texi b/doc/gpgme.texi index cbb0e64..1df9c46 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -6154,6 +6154,45 @@ pointer, and @code{GPG_ERR_UNUSABLE_PUBKEY} if @var{rset} does not contain any valid recipients. @end deftypefun + at deftypefun gpgme_error_t gpgme_op_encrypt_ext @ + (@w{gpgme_ctx_t @var{ctx}}, @ + @w{gpgme_key_t @var{recp}[]}, @ + @w{const char *@var{recpstring}}, @ + @w{gpgme_encrypt_flags_t @var{flags}}, @ + @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}}) + + at since{1.11.0} + +This is an extended version of @code{gpgme_op_encrypt} with + at var{recpstring} as additional parameter. If @var{recp} is NULL and + at var{recpstring} is not NULL, the latter is expected to be a linefeed +delimited string with the set of key specifications. In contrast to + at var{recp} the keys are given directly as strings and there is no need +to first create key objects. The keys are passed verbatim to the +backend engine. + + at end deftypefun + + + at deftypefun gpgme_error_t gpgme_op_encrypt_ext_start @ + (@w{gpgme_ctx_t @var{ctx}}, @ + @w{gpgme_key_t @var{recp}[]}, @ + @w{const char *@var{recpstring}}, @ + @w{gpgme_encrypt_flags_t @var{flags}}, @ + @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}}) + + at since{1.11.0} + +This is an extended version of @code{gpgme_op_encrypt_start} with + at var{recpstring} as additional parameter. If @var{recp} is NULL and + at var{recpstring} is not NULL, the latter is expected to be a linefeed +delimited string with the set of key specifications. In contrast to + at var{recp} the keys are given directly as strings and there is no need +to first create key objects. The keys are passed verbatim to the +backend engine. + + at end deftypefun + @deftp {Data type} {gpgme_encrypt_result_t} This is a pointer to a structure used to store the result of a @code{gpgme_op_encrypt} operation. After successfully encrypting @@ -6203,6 +6242,44 @@ if @var{ctx}, @var{rset}, @var{plain} or @var{cipher} is not a valid pointer. @end deftypefun + at deftypefun gpgme_error_t gpgme_op_encrypt_sign_ext @ + (@w{gpgme_ctx_t @var{ctx}}, @ + @w{gpgme_key_t @var{recp}[]}, @ + @w{const char *@var{recpstring}}, @ + @w{gpgme_encrypt_flags_t @var{flags}}, @ + @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}}) + + at since{1.11.0} + +This is an extended version of @code{gpgme_op_encrypt_sign} with + at var{recpstring} as additional parameter. If @var{recp} is NULL and + at var{recpstring} is not NULL, the latter is expected to be a linefeed +delimited string with the set of key specifications. In contrast to + at var{recp} the keys are given directly as strings and there is no need +to first create the key objects. The keys are passed verbatim to the +backend engine. + + at end deftypefun + + at deftypefun gpgme_error_t gpgme_op_encrypt_sign_ext_start @ + (@w{gpgme_ctx_t @var{ctx}}, @ + @w{gpgme_key_t @var{recp}[]}, @ + @w{const char *@var{recpstring}}, @ + @w{gpgme_encrypt_flags_t @var{flags}}, @ + @w{gpgme_data_t @var{plain}}, @w{gpgme_data_t @var{cipher}}) + + at since{1.11.0} + +This is an extended version of @code{gpgme_op_encrypt_sign_start} with + at var{recpstring} as additional parameter. If @var{recp} is NULL and + at var{recpstring} is not NULL, the latter is expected to be a linefeed +delimited string with the set of key specifications. In contrast to + at var{recp} the keys are given directly as strings and there is no need +to first create the key objects. The keys are passed verbatim to the +backend engine. + + at end deftypefun + @node Miscellaneous @section Miscellaneous operations diff --git a/src/encrypt-sign.c b/src/encrypt-sign.c index af6de63..4db46e2 100644 --- a/src/encrypt-sign.c +++ b/src/encrypt-sign.c @@ -62,6 +62,7 @@ encrypt_sym_status_handler (void *priv, gpgme_status_code_t code, char *args) static gpgme_error_t encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher) { @@ -72,7 +73,7 @@ encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[], if (err) return err; - symmetric = !recp || (flags & GPGME_ENCRYPT_SYMMETRIC); + symmetric = (!recp && !recpstring) || (flags & GPGME_ENCRYPT_SYMMETRIC); if (!plain) return gpg_error (GPG_ERR_NO_DATA); @@ -103,43 +104,75 @@ encrypt_sign_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[], : encrypt_sign_status_handler, ctx); - return _gpgme_engine_op_encrypt_sign (ctx->engine, recp, flags, plain, + return _gpgme_engine_op_encrypt_sign (ctx->engine, recp, recpstring, + flags, plain, cipher, ctx->use_armor, ctx /* FIXME */); } -/* Encrypt plaintext PLAIN within CTX for the recipients RECP and - store the resulting ciphertext in CIPHER. Also sign the ciphertext - with the signers in CTX. */ +/* Old version of gpgme_op_encrypt_sign_ext_start w/o RECPSTRING. */ gpgme_error_t gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher) { + return gpgme_op_encrypt_sign_ext_start (ctx, recp, NULL, + flags, plain, cipher); +} + + +/* Old version of gpgme_op_encrypt_sign_ext w/o RECPSTRING. */ +gpgme_error_t +gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, gpgme_data_t cipher) +{ + return gpgme_op_encrypt_sign_ext (ctx, recp, NULL, flags, plain, cipher); +} + + +/* Encrypt plaintext PLAIN within CTX for the recipients RECP and + * store the resulting ciphertext in CIPHER. Also sign the ciphertext + * with the signers in CTX. */ +gpgme_error_t +gpgme_op_encrypt_sign_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, gpgme_data_t cipher) +{ gpgme_error_t err; - TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt_sign_start", ctx, + TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt_sign", ctx, "flags=0x%x, plain=%p, cipher=%p", flags, plain, cipher); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); - if (_gpgme_debug_trace () && recp) + if (_gpgme_debug_trace () && (recp || recpstring)) { - int i = 0; - - while (recp[i]) - { - TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], - (recp[i]->subkeys && recp[i]->subkeys->fpr) ? - recp[i]->subkeys->fpr : "invalid"); - i++; - } + if (recp) + { + int i = 0; + + while (recp[i]) + { + TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], + (recp[i]->subkeys && recp[i]->subkeys->fpr) ? + recp[i]->subkeys->fpr : "invalid"); + i++; + } + } + else + { + TRACE_LOG1 ("recipients = '%s'", recpstring); + } } - err = encrypt_sign_start (ctx, 0, recp, flags, plain, cipher); - return err; + err = encrypt_sign_start (ctx, 1, recp, recpstring, flags, plain, cipher); + if (!err) + err = _gpgme_wait_one (ctx); + return TRACE_ERR (err); } @@ -147,33 +180,39 @@ gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_key_t recp[], store the resulting ciphertext in CIPHER. Also sign the ciphertext with the signers in CTX. */ gpgme_error_t -gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], - gpgme_encrypt_flags_t flags, - gpgme_data_t plain, gpgme_data_t cipher) +gpgme_op_encrypt_sign_ext_start (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, gpgme_data_t cipher) { gpgme_error_t err; - TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt_sign", ctx, + TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt_sign_start", ctx, "flags=0x%x, plain=%p, cipher=%p", flags, plain, cipher); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); - if (_gpgme_debug_trace () && recp) + if (_gpgme_debug_trace () && (recp || recpstring)) { - int i = 0; - - while (recp[i]) - { - TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], - (recp[i]->subkeys && recp[i]->subkeys->fpr) ? - recp[i]->subkeys->fpr : "invalid"); - i++; - } + if (recp) + { + int i = 0; + + while (recp[i]) + { + TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], + (recp[i]->subkeys && recp[i]->subkeys->fpr) ? + recp[i]->subkeys->fpr : "invalid"); + i++; + } + } + else + { + TRACE_LOG1 ("recipients = '%s'", recpstring); + } } - err = encrypt_sign_start (ctx, 1, recp, flags, plain, cipher); - if (!err) - err = _gpgme_wait_one (ctx); - return TRACE_ERR (err); + err = encrypt_sign_start (ctx, 0, recp, recpstring, flags, plain, cipher); + return err; } diff --git a/src/encrypt.c b/src/encrypt.c index 4023654..2318497 100644 --- a/src/encrypt.c +++ b/src/encrypt.c @@ -214,6 +214,7 @@ _gpgme_op_encrypt_init_result (gpgme_ctx_t ctx) static gpgme_error_t encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher) { @@ -228,13 +229,13 @@ encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[], if (err) return err; - symmetric = !recp || (flags & GPGME_ENCRYPT_SYMMETRIC); + symmetric = (!recp && !recpstring) || (flags & GPGME_ENCRYPT_SYMMETRIC); if (!plain) return gpg_error (GPG_ERR_NO_DATA); if (!cipher) return gpg_error (GPG_ERR_INV_VALUE); - if (recp && ! *recp) + if (recp && !*recp) return gpg_error (GPG_ERR_INV_VALUE); if (symmetric && ctx->passphrase_cb) @@ -252,72 +253,111 @@ encrypt_start (gpgme_ctx_t ctx, int synchronous, gpgme_key_t recp[], : encrypt_status_handler, ctx); - return _gpgme_engine_op_encrypt (ctx->engine, recp, flags, plain, cipher, - ctx->use_armor); + return _gpgme_engine_op_encrypt (ctx->engine, recp, recpstring, + flags, plain, cipher, ctx->use_armor); } +/* Old version of gpgme_op_encrypt_ext without RECPSTRING. */ +gpgme_error_t +gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[], + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, gpgme_data_t cipher) +{ + return gpgme_op_encrypt_ext (ctx, recp, NULL, flags, plain, cipher); +} + + +/* Old version of gpgme_op_encrypt_ext_start without RECPSTRING. */ gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t cipher) { + return gpgme_op_encrypt_ext_start (ctx, recp, NULL, flags, plain, cipher); +} + + +/* Encrypt plaintext PLAIN within CTX for the recipients RECP and + * store the resulting ciphertext in CIPHER. RECPSTRING can be used + * instead of the RECP array to directly specify recipients as LF + * delimited strings; these may be any kind of recipient specification + * patterns as supported by the backend. */ +gpgme_error_t +gpgme_op_encrypt_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, gpgme_data_t cipher) +{ gpgme_error_t err; - TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt_start", ctx, + TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt", ctx, "flags=0x%x, plain=%p, cipher=%p", flags, plain, cipher); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); - if (_gpgme_debug_trace () && recp) + if (_gpgme_debug_trace () && (recp || recpstring)) { - int i = 0; + if (recp) + { + int i = 0; - while (recp[i]) - { - TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], + while (recp[i]) + { + TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], (recp[i]->subkeys && recp[i]->subkeys->fpr) ? - recp[i]->subkeys->fpr : "invalid"); - i++; - } + recp[i]->subkeys->fpr : "invalid"); + i++; + } + } + else + { + TRACE_LOG1 ("recipients = '%s'", recpstring); + } } - err = encrypt_start (ctx, 0, recp, flags, plain, cipher); + err = encrypt_start (ctx, 1, recp, recpstring, flags, plain, cipher); + if (!err) + err = _gpgme_wait_one (ctx); return TRACE_ERR (err); } -/* Encrypt plaintext PLAIN within CTX for the recipients RECP and - store the resulting ciphertext in CIPHER. */ gpgme_error_t -gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[], - gpgme_encrypt_flags_t flags, - gpgme_data_t plain, gpgme_data_t cipher) +gpgme_op_encrypt_ext_start (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, gpgme_data_t cipher) { gpgme_error_t err; - TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt", ctx, + TRACE_BEG3 (DEBUG_CTX, "gpgme_op_encrypt_start", ctx, "flags=0x%x, plain=%p, cipher=%p", flags, plain, cipher); if (!ctx) return TRACE_ERR (gpg_error (GPG_ERR_INV_VALUE)); - if (_gpgme_debug_trace () && recp) + if (_gpgme_debug_trace () && (recp || recpstring)) { - int i = 0; - - while (recp[i]) - { - TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], - (recp[i]->subkeys && recp[i]->subkeys->fpr) ? - recp[i]->subkeys->fpr : "invalid"); - i++; - } + if (recp) + { + int i = 0; + + while (recp[i]) + { + TRACE_LOG3 ("recipient[%i] = %p (%s)", i, recp[i], + (recp[i]->subkeys && recp[i]->subkeys->fpr) ? + recp[i]->subkeys->fpr : "invalid"); + i++; + } + } + else + { + TRACE_LOG1 ("recipients = '%s'", recpstring); + } } - err = encrypt_start (ctx, 1, recp, flags, plain, cipher); - if (!err) - err = _gpgme_wait_one (ctx); + err = encrypt_start (ctx, 0, recp, recpstring, flags, plain, cipher); return TRACE_ERR (err); } diff --git a/src/engine-backend.h b/src/engine-backend.h index 97cf6a1..f692666 100644 --- a/src/engine-backend.h +++ b/src/engine-backend.h @@ -72,10 +72,12 @@ struct engine_ops gpgme_error_t (*edit) (void *engine, int type, gpgme_key_t key, gpgme_data_t out, gpgme_ctx_t ctx /* FIXME */); gpgme_error_t (*encrypt) (void *engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor); gpgme_error_t (*encrypt_sign) (void *engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor, gpgme_ctx_t ctx /* FIXME */); diff --git a/src/engine-gpg.c b/src/engine-gpg.c index a37d1f7..809806c 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1914,17 +1914,64 @@ append_args_from_recipients (engine_gpg_t gpg, gpgme_key_t recp[]) } +/* Take recipients from the LF delimited STRING and add -r args. */ +static gpg_error_t +append_args_from_recipients_string (engine_gpg_t gpg, const char *string) +{ + gpg_error_t err = 0; + int any = 0; + const char *s; + int n; + + do + { + /* Skip leading white space */ + while (*string == ' ' || *string == '\t') + string++; + if (!*string) + break; + + /* Look for the LF. */ + s = strchr (string, '\n'); + if (s) + n = s - string; + else + n = strlen (string); + while (n && (string[n-1] == ' ' || string[n-1] == '\t')) + n--; + + /* Add arg if it is not empty. */ + if (n) + { + err = add_arg (gpg, "-r"); + if (!err) + err = add_arg_len (gpg, NULL, string, n); + if (!err) + any = 1; + } + + string += n + !!s; + } + while (!err); + + if (!err && !any) + err = gpg_error (GPG_ERR_MISSING_KEY); + return err; +} + + static gpgme_error_t -gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, +gpg_encrypt (void *engine, gpgme_key_t recp[], const char *recpstring, + gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor) { engine_gpg_t gpg = engine; gpgme_error_t err = 0; - if (recp) + if (recp || recpstring) err = add_arg (gpg, "--encrypt"); - if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || !recp)) + if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || (!recp && !recpstring))) err = add_arg (gpg, "--symmetric"); if (!err && use_armor) @@ -1951,7 +1998,7 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); - if (recp) + if (recp || recpstring) { /* If we know that all recipients are valid (full or ultimate trust) we can suppress further checks. */ @@ -1961,7 +2008,9 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, if (!err && (flags & GPGME_ENCRYPT_NO_ENCRYPT_TO)) err = add_arg (gpg, "--no-encrypt-to"); - if (!err) + if (!err && !recp && recpstring) + err = append_args_from_recipients_string (gpg, recpstring); + else if (!err) err = append_args_from_recipients (gpg, recp); } @@ -1995,6 +2044,7 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, static gpgme_error_t gpg_encrypt_sign (void *engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor, gpgme_ctx_t ctx /* FIXME */) @@ -2002,10 +2052,10 @@ gpg_encrypt_sign (void *engine, gpgme_key_t recp[], engine_gpg_t gpg = engine; gpgme_error_t err = 0; - if (recp) + if (recp || recpstring) err = add_arg (gpg, "--encrypt"); - if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || !recp)) + if (!err && ((flags & GPGME_ENCRYPT_SYMMETRIC) || (!recp && !recpstring))) err = add_arg (gpg, "--symmetric"); if (!err) @@ -2023,7 +2073,7 @@ gpg_encrypt_sign (void *engine, gpgme_key_t recp[], && have_gpg_version (gpg, "2.1.14")) err = add_arg (gpg, "--mimemode"); - if (recp) + if (recp || recpstring) { /* If we know that all recipients are valid (full or ultimate trust) we can suppress further checks. */ @@ -2033,7 +2083,9 @@ gpg_encrypt_sign (void *engine, gpgme_key_t recp[], if (!err && (flags & GPGME_ENCRYPT_NO_ENCRYPT_TO)) err = add_arg (gpg, "--no-encrypt-to"); - if (!err) + if (!err && !recp && recpstring) + err = append_args_from_recipients_string (gpg, recpstring); + else if (!err) err = append_args_from_recipients (gpg, recp); } diff --git a/src/engine-gpgsm.c b/src/engine-gpgsm.c index b8e44e7..da7e524 100644 --- a/src/engine-gpgsm.c +++ b/src/engine-gpgsm.c @@ -1327,8 +1327,57 @@ set_recipients (engine_gpgsm_t gpgsm, gpgme_key_t recp[]) } +/* Take recipients from the LF delimited STRING and send RECIPIENT + * commands to gpgsm. */ static gpgme_error_t -gpgsm_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, +set_recipients_from_string (engine_gpgsm_t gpgsm, const char *string) +{ + gpg_error_t err = 0; + char *line = NULL; + int no_pubkey = 0; + const char *s; + int n; + + for (;;) + { + while (*string == ' ' || *string == '\t') + string++; + if (!*string) + break; + + s = strchr (string, '\n'); + if (s) + n = s - string; + else + n = strlen (string); + while (n && (string[n-1] == ' ' || string[n-1] == '\t')) + n--; + + gpgrt_free (line); + if (gpgrt_asprintf (&line, "RECIPIENT %.*s", n, string) < 0) + { + err = gpg_error_from_syserror (); + break; + } + string += n + !!s; + + err = gpgsm_assuan_simple_command (gpgsm, line, gpgsm->status.fnc, + gpgsm->status.fnc_value); + + /* Fixme: Improve error reporting. */ + if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY) + no_pubkey++; + else if (err) + break; + } + gpgrt_free (line); + return err? err : no_pubkey? gpg_error (GPG_ERR_NO_PUBKEY) : 0; +} + + +static gpgme_error_t +gpgsm_encrypt (void *engine, gpgme_key_t recp[], const char *recpstring, + gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor) { engine_gpgsm_t gpgsm = engine; @@ -1339,7 +1388,7 @@ gpgsm_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, if (!recp) return gpg_error (GPG_ERR_NOT_IMPLEMENTED); - if (flags & GPGME_ENCRYPT_NO_ENCRYPT_TO) + if ((flags & GPGME_ENCRYPT_NO_ENCRYPT_TO)) { err = gpgsm_assuan_simple_command (gpgsm, "OPTION no-encrypt-to", NULL, NULL); @@ -1359,7 +1408,10 @@ gpgsm_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgsm_clear_fd (gpgsm, MESSAGE_FD); gpgsm->inline_data = NULL; - err = set_recipients (gpgsm, recp); + if (!recp && recpstring) + err = set_recipients_from_string (gpgsm, recpstring); + else + err = set_recipients (gpgsm, recp); if (!err) err = start (gpgsm, "ENCRYPT"); diff --git a/src/engine-uiserver.c b/src/engine-uiserver.c index fd5ac17..d8f4fce 100644 --- a/src/engine-uiserver.c +++ b/src/engine-uiserver.c @@ -1075,8 +1075,58 @@ set_recipients (engine_uiserver_t uiserver, gpgme_key_t recp[]) } +/* Take recipients from the LF delimited STRING and send RECIPIENT + * commands to gpgsm. */ static gpgme_error_t -uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, +set_recipients_from_string (engine_uiserver_t uiserver, const char *string) +{ + gpg_error_t err = 0; + char *line = NULL; + int no_pubkey = 0; + const char *s; + int n; + + for (;;) + { + while (*string == ' ' || *string == '\t') + string++; + if (!*string) + break; + + s = strchr (string, '\n'); + if (s) + n = s - string; + else + n = strlen (string); + while (n && (string[n-1] == ' ' || string[n-1] == '\t')) + n--; + + gpgrt_free (line); + if (gpgrt_asprintf (&line, "RECIPIENT %.*s", n, string) < 0) + { + err = gpg_error_from_syserror (); + break; + } + string += n + !!s; + + err = uiserver_assuan_simple_command (uiserver, line, + uiserver->status.fnc, + uiserver->status.fnc_value); + + /* Fixme: Improve error reporting. */ + if (gpg_err_code (err) == GPG_ERR_NO_PUBKEY) + no_pubkey++; + else if (err) + break; + } + gpgrt_free (line); + return err? err : no_pubkey? gpg_error (GPG_ERR_NO_PUBKEY) : 0; +} + + +static gpgme_error_t +uiserver_encrypt (void *engine, gpgme_key_t recp[], const char *recpstring, + gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor) { engine_uiserver_t uiserver = engine; @@ -1140,9 +1190,12 @@ uiserver_encrypt (void *engine, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, uiserver->inline_data = NULL; - if (recp) + if (recp || recpstring) { - err = set_recipients (uiserver, recp); + if (recp) + err = set_recipients (uiserver, recp); + else + err = set_recipients_from_string (uiserver, recpstring); if (err) { gpgrt_free (cmd); diff --git a/src/engine.c b/src/engine.c index e51384f..b716ca2 100644 --- a/src/engine.c +++ b/src/engine.c @@ -721,6 +721,7 @@ _gpgme_engine_op_edit (engine_t engine, int type, gpgme_key_t key, gpgme_error_t _gpgme_engine_op_encrypt (engine_t engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor) { @@ -730,13 +731,14 @@ _gpgme_engine_op_encrypt (engine_t engine, gpgme_key_t recp[], if (!engine->ops->encrypt) return gpg_error (GPG_ERR_NOT_IMPLEMENTED); - return (*engine->ops->encrypt) (engine->engine, recp, flags, plain, ciph, - use_armor); + return (*engine->ops->encrypt) (engine->engine, recp, recpstring, + flags, plain, ciph, use_armor); } gpgme_error_t _gpgme_engine_op_encrypt_sign (engine_t engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor, gpgme_ctx_t ctx /* FIXME */) @@ -747,8 +749,8 @@ _gpgme_engine_op_encrypt_sign (engine_t engine, gpgme_key_t recp[], if (!engine->ops->encrypt_sign) return gpg_error (GPG_ERR_NOT_IMPLEMENTED); - return (*engine->ops->encrypt_sign) (engine->engine, recp, flags, - plain, ciph, use_armor, ctx); + return (*engine->ops->encrypt_sign) (engine->engine, recp, recpstring, + flags, plain, ciph, use_armor, ctx); } diff --git a/src/engine.h b/src/engine.h index 34bf8e9..8b692f2 100644 --- a/src/engine.h +++ b/src/engine.h @@ -98,11 +98,13 @@ gpgme_error_t _gpgme_engine_op_edit (engine_t engine, int type, gpgme_ctx_t ctx /* FIXME */); gpgme_error_t _gpgme_engine_op_encrypt (engine_t engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, int use_armor); gpgme_error_t _gpgme_engine_op_encrypt_sign (engine_t engine, gpgme_key_t recp[], + const char *recpstring, gpgme_encrypt_flags_t flags, gpgme_data_t plain, gpgme_data_t ciph, diff --git a/src/gpgme-json.c b/src/gpgme-json.c index b54d9a8..4b1cd5b 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -354,18 +354,19 @@ get_protocol (cjson_t json, gpgme_protocol_t *r_protocol) } -/* Extract the keys from the KEYS array in the JSON object. CTX is a - * GPGME context object. On success an array with the keys is stored - * at R_KEYS. In failure an error code is returned. */ +/* Extract the keys from the "keys" array in the JSON object. On + * success a string with the keys identifiers is stored at R_KEYS. + * The keys in that string are LF delimited. On failure an error code + * is returned. */ static gpg_error_t -get_keys (gpgme_ctx_t ctx, cjson_t json, gpgme_key_t **r_keys) +get_keys (cjson_t json, char **r_keystring) { - gpg_error_t err; cjson_t j_keys, j_item; int i, nkeys; - gpgme_key_t *keys; + char *p; + size_t length; - *r_keys = NULL; + *r_keystring = NULL; j_keys = cJSON_GetObjectItem (json, "keys"); if (!j_keys) @@ -373,8 +374,15 @@ get_keys (gpgme_ctx_t ctx, cjson_t json, gpgme_key_t **r_keys) if (!cjson_is_array (j_keys) && !cjson_is_string (j_keys)) return gpg_error (GPG_ERR_INV_VALUE); + /* Fixme: We should better use a membuf like thing. */ + length = 1; /* For the EOS. */ if (cjson_is_string (j_keys)) - nkeys = 1; + { + nkeys = 1; + length += strlen (j_keys->valuestring); + if (strchr (j_keys->valuestring, '\n')) + return gpg_error (GPG_ERR_INV_USER_ID); + } else { nkeys = cJSON_GetArraySize (j_keys); @@ -385,43 +393,37 @@ get_keys (gpgme_ctx_t ctx, cjson_t json, gpgme_key_t **r_keys) j_item = cJSON_GetArrayItem (j_keys, i); if (!j_item || !cjson_is_string (j_item)) return gpg_error (GPG_ERR_INV_VALUE); + if (i) + length++; /* Space for delimiter. */ + length += strlen (j_item->valuestring); + if (strchr (j_item->valuestring, '\n')) + return gpg_error (GPG_ERR_INV_USER_ID); } } - /* Now allocate an array to store the gpgme key objects. */ - keys = xcalloc (nkeys + 1, sizeof *keys); + p = *r_keystring = xtrymalloc (length); + if (!p) + return gpg_error_from_syserror (); if (cjson_is_string (j_keys)) { - err = gpgme_get_key (ctx, j_keys->valuestring, &keys[0], 0); - if (err) - goto leave; + strcpy (p, j_keys->valuestring); } else { for (i=0; i < nkeys; i++) { j_item = cJSON_GetArrayItem (j_keys, i); - err = gpgme_get_key (ctx, j_item->valuestring, &keys[i], 0); - if (err) - goto leave; + if (i) + *p++ = '\n'; /* Add delimiter. */ + p = stpcpy (p, j_item->valuestring); } } - err = 0; - *r_keys = keys; - keys = NULL; - - leave: - if (keys) - { - for (i=0; keys[i]; i++) - gpgme_key_unref (keys[i]); - xfree (keys); - } - return err; + return 0; } + /* * GPGME support functions. @@ -582,11 +584,11 @@ op_encrypt (cjson_t request, cjson_t result) gpgme_ctx_t ctx = NULL; gpgme_protocol_t protocol; int opt_base64; - gpgme_key_t *keys = NULL; + char *keystring = NULL; cjson_t j_input; gpgme_data_t input = NULL; gpgme_data_t output = NULL; - int abool, i; + int abool; gpgme_encrypt_flags_t encrypt_flags = 0; if ((err = get_protocol (request, &protocol))) @@ -622,7 +624,7 @@ op_encrypt (cjson_t request, cjson_t result) /* Get the keys. */ - err = get_keys (ctx, request, &keys); + err = get_keys (request, &keystring); if (err) { /* Provide a custom error response. */ @@ -674,7 +676,8 @@ op_encrypt (cjson_t request, cjson_t result) } /* Encrypt. */ - err = gpgme_op_encrypt (ctx, keys, encrypt_flags, input, output); + err = gpgme_op_encrypt_ext (ctx, NULL, keystring, encrypt_flags, + input, output); /* encrypt_result = gpgme_op_encrypt_result (ctx); */ if (err) { @@ -713,12 +716,7 @@ op_encrypt (cjson_t request, cjson_t result) } leave: - if (keys) - { - for (i=0; keys[i]; i++) - gpgme_key_unref (keys[i]); - xfree (keys); - } + xfree (keystring); release_context (ctx); gpgme_data_release (input); return err; diff --git a/src/gpgme.def b/src/gpgme.def index cad30f6..a01d89a 100644 --- a/src/gpgme.def +++ b/src/gpgme.def @@ -267,5 +267,10 @@ EXPORTS gpgme_op_conf_dir @199 + gpgme_op_encrypt_ext @200 + gpgme_op_encrypt_ext_start @201 + gpgme_op_encrypt_sign_ext @202 + gpgme_op_encrypt_sign_ext_start @203 + ; END diff --git a/src/gpgme.h.in b/src/gpgme.h.in index e319879..8aba5ba 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1274,10 +1274,22 @@ gpgme_encrypt_flags_t; store the resulting ciphertext in CIPHER. */ gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, - gpgme_data_t plain, gpgme_data_t cipher); + gpgme_data_t plain, + gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, - gpgme_data_t plain, gpgme_data_t cipher); + gpgme_data_t plain, + gpgme_data_t cipher); +gpgme_error_t gpgme_op_encrypt_ext_start (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, + gpgme_data_t cipher); +gpgme_error_t gpgme_op_encrypt_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, + gpgme_data_t cipher); /* Encrypt plaintext PLAIN within CTX for the recipients RECP and store the resulting ciphertext in CIPHER. Also sign the ciphertext @@ -1289,7 +1301,19 @@ gpgme_error_t gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_data_t cipher); gpgme_error_t gpgme_op_encrypt_sign (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, - gpgme_data_t plain, gpgme_data_t cipher); + gpgme_data_t plain, + gpgme_data_t cipher); +gpgme_error_t gpgme_op_encrypt_sign_ext_start (gpgme_ctx_t ctx, + gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, + gpgme_data_t cipher); +gpgme_error_t gpgme_op_encrypt_sign_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], + const char *recpstring, + gpgme_encrypt_flags_t flags, + gpgme_data_t plain, + gpgme_data_t cipher); /* diff --git a/src/libgpgme.vers b/src/libgpgme.vers index a95befb..b49c86d 100644 --- a/src/libgpgme.vers +++ b/src/libgpgme.vers @@ -215,10 +215,15 @@ GPGME_1.0 { gpgme_op_edit; gpgme_op_edit_start; gpgme_op_encrypt; - gpgme_op_encrypt_result; + gpgme_op_encrypt_start; + gpgme_op_encrypt_ext; + gpgme_op_encrypt_ext_start; gpgme_op_encrypt_sign; + gpgme_op_encrypt_sign_ext; gpgme_op_encrypt_sign_start; - gpgme_op_encrypt_start; + gpgme_op_encrypt_sign_ext_start; + gpgme_op_encrypt_result; + gpgme_op_export; gpgme_op_export_ext; gpgme_op_export_ext_start; diff --git a/tests/run-encrypt.c b/tests/run-encrypt.c index 51e2d60..9408469 100644 --- a/tests/run-encrypt.c +++ b/tests/run-encrypt.c @@ -37,6 +37,19 @@ static int verbose; +static char * +xstrdup (const char *string) +{ + char *p = strdup (string); + if (!p) + { + fprintf (stderr, "strdup failed\n"); + exit (2); + } + return p; +} + + static gpg_error_t status_cb (void *opaque, const char *keyword, const char *value) { @@ -88,6 +101,7 @@ show_usage (int ex) " --uiserver use the UI server\n" " --loopback use a loopback pinentry\n" " --key NAME encrypt to key NAME\n" + " --keystring NAMES encrypt to ';' delimited NAMES\n" " --throw-keyids use this option\n" " --no-symkey-cache disable the use of that cache\n" " --wrap assume input is valid OpenPGP message\n" @@ -103,7 +117,6 @@ main (int argc, char **argv) int last_argc = -1; gpgme_error_t err; gpgme_ctx_t ctx; - const char *key_string = NULL; gpgme_protocol_t protocol = GPGME_PROTOCOL_OpenPGP; gpgme_data_t in, out; gpgme_encrypt_result_t result; @@ -113,6 +126,7 @@ main (int argc, char **argv) char *keyargs[10]; gpgme_key_t keys[10+1]; int keycount = 0; + char *keystring = NULL; int i; gpgme_encrypt_flags_t flags = GPGME_ENCRYPT_ALWAYS_TRUST; gpgme_off_t offset; @@ -174,6 +188,17 @@ main (int argc, char **argv) keyargs[keycount++] = *argv; argc--; argv++; } + else if (!strcmp (*argv, "--keystring")) + { + argc--; argv++; + if (!argc) + show_usage (1); + keystring = xstrdup (*argv); + for (i=0; keystring[i]; i++) + if (keystring[i] == ';') + keystring[i] = '\n'; + argc--; argv++; + } else if (!strcmp (*argv, "--throw-keyids")) { flags |= GPGME_ENCRYPT_THROW_KEYIDS; @@ -207,15 +232,6 @@ main (int argc, char **argv) if (argc != 1) show_usage (1); - if (key_string && protocol == GPGME_PROTOCOL_UISERVER) - { - fprintf (stderr, PGM ": ignoring --key in UI-server mode\n"); - key_string = NULL; - } - - if (!key_string) - key_string = "test"; - init_gpgme (protocol); err = gpgme_new (&ctx); @@ -298,7 +314,8 @@ main (int argc, char **argv) err = gpgme_data_new (&out); fail_if_err (err); - err = gpgme_op_encrypt (ctx, keycount ? keys : NULL, flags, in, out); + err = gpgme_op_encrypt_ext (ctx, keycount ? keys : NULL, keystring, + flags, in, out); result = gpgme_op_encrypt_result (ctx); if (result) print_result (result); @@ -318,5 +335,6 @@ main (int argc, char **argv) for (i=0; i < keycount; i++) gpgme_key_unref (keys[i]); gpgme_release (ctx); + free (keystring); return 0; } ----------------------------------------------------------------------- Summary of changes: NEWS | 11 +++-- doc/gpgme.texi | 77 ++++++++++++++++++++++++++++++++++ src/encrypt-sign.c | 111 ++++++++++++++++++++++++++++++++++---------------- src/encrypt.c | 106 ++++++++++++++++++++++++++++++++--------------- src/engine-backend.h | 2 + src/engine-gpg.c | 70 +++++++++++++++++++++++++++---- src/engine-gpgsm.c | 58 ++++++++++++++++++++++++-- src/engine-uiserver.c | 59 +++++++++++++++++++++++++-- src/engine.c | 10 +++-- src/engine.h | 2 + src/gpgme-json.c | 74 ++++++++++++++++----------------- src/gpgme.def | 5 +++ src/gpgme.h.in | 30 ++++++++++++-- src/libgpgme.vers | 9 +++- tests/run-encrypt.c | 40 +++++++++++++----- 15 files changed, 519 insertions(+), 145 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 09:48:22 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 09:48:22 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-190-g86efba2 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 86efba2be270d2cdd0bc66c9d3fe190495b7af2f (commit) from a1f76b3b54b75a150fe272b804d85ffd40a507a6 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 86efba2be270d2cdd0bc66c9d3fe190495b7af2f Author: Werner Koch Date: Tue Apr 17 09:40:27 2018 +0200 core: New encryption flag GPGME_ENCRYPT_WANT_ADDRESS. * src/gpgme.h.in (GPGME_ENCRYPT_WANT_ADDRESS): New flag. * src/engine-gpg.c (add_arg_recipient): New. (add_arg_recipient_string): New. (append_args_from_recipients): Call new helper function. (append_args_from_recipients_string): Ditto. * src/gpgme-json.c (op_encrypt): Add flag "want-address". -- Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 51d7923..162212c 100644 --- a/NEWS +++ b/NEWS @@ -9,6 +9,7 @@ Noteworthy changes in version 1.10.1 (unreleased) gpgme_op_encrypt_ext_start NEW. gpgme_op_encrypt_sign_ext NEW. gpgme_op_encrypt_sign_ext_start NEW. + GPGME_ENCRYPT_WANT_ADDRESS NEW. gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys'. cpp: Key::locate NEW. cpp: Data::toString NEW. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 1df9c46..330b167 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -6094,7 +6094,7 @@ also expect a sign command. The @code{GPGME_ENCRYPT_SYMMETRIC} symbol specifies that the output should be additionally encrypted symmetrically even -if recipients are provided. This feature is only supported for +if recipients are provided. This feature is only supported for the OpenPGP crypto engine. @item GPGME_ENCRYPT_THROW_KEYIDS @@ -6113,6 +6113,18 @@ The @code{GPGME_ENCRYPT_WRAP} symbol specifies that the input is an OpenPGP message and not a plain data. This is the counterpart to @code{GPGME_DECRYPT_UNWRAP}. + at item GPGME_ENCRYPT_WANT_ADDRESS + at since{1.11.0} + +The @code{GPGME_ENCRYPT_WANT_ADDRESS} symbol requests that all +supplied keys or key specifications include a syntactically valid mail +address. If this is not the case the operation is not even tried and +the error code @code{GPG_ERR_INV_USER_ID} is returned. Only the +address part of the key specification is conveyed to the backend. As +of now the key must be specified using the @var{recpstring} argument +of the extended encrypt functions. This feature is currently only +supported for the OpenPGP crypto engine. + @end table If @code{GPG_ERR_UNUSABLE_PUBKEY} is returned, some recipients in diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 809806c..90e3b89 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -43,6 +43,7 @@ #include "sema.h" #include "debug.h" #include "data.h" +#include "mbox-util.h" #include "engine-backend.h" @@ -1892,8 +1893,70 @@ gpg_edit (void *engine, int type, gpgme_key_t key, gpgme_data_t out, } +/* Add a single argument from a key to an -r option. */ +static gpg_error_t +add_arg_recipient (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, + gpgme_key_t key) +{ + gpg_error_t err; + + if ((flags & GPGME_ENCRYPT_WANT_ADDRESS)) + { + /* We have no way to figure out which mail address was + * requested. FIXME: It would be possible to figure this out by + * consulting the SENDER property of the context. */ + err = gpg_error (GPG_ERR_INV_USER_ID); + } + else + err = add_arg (gpg, key->subkeys->fpr); + + return err; +} + + +/* Add a single argument from a USERID string to an -r option. */ +static gpg_error_t +add_arg_recipient_string (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, + const char *userid, int useridlen) +{ + gpg_error_t err; + + if ((flags & GPGME_ENCRYPT_WANT_ADDRESS)) + { + char *tmpstr, *mbox; + + tmpstr = malloc (useridlen + 1); + if (!tmpstr) + err = gpg_error_from_syserror (); + else + { + memcpy (tmpstr, userid, useridlen); + tmpstr[useridlen] = 0; + + mbox = _gpgme_mailbox_from_userid (tmpstr); + if (!mbox) + { + err = gpg_error_from_syserror (); + if (gpg_err_code (err) == GPG_ERR_EINVAL) + err = gpg_error (GPG_ERR_INV_USER_ID); + } + else + err = add_arg (gpg, mbox); + + free (mbox); + free (tmpstr); + } + } + else + err = add_arg_len (gpg, NULL, userid, useridlen); + + return err; +} + + static gpgme_error_t -append_args_from_recipients (engine_gpg_t gpg, gpgme_key_t recp[]) +append_args_from_recipients (engine_gpg_t gpg, gpgme_encrypt_flags_t flags, + gpgme_key_t recp[]) { gpgme_error_t err = 0; int i = 0; @@ -1905,7 +1968,7 @@ append_args_from_recipients (engine_gpg_t gpg, gpgme_key_t recp[]) if (!err) err = add_arg (gpg, "-r"); if (!err) - err = add_arg (gpg, recp[i]->subkeys->fpr); + err = add_arg_recipient (gpg, flags, recp[i]); if (err) break; i++; @@ -1916,7 +1979,9 @@ append_args_from_recipients (engine_gpg_t gpg, gpgme_key_t recp[]) /* Take recipients from the LF delimited STRING and add -r args. */ static gpg_error_t -append_args_from_recipients_string (engine_gpg_t gpg, const char *string) +append_args_from_recipients_string (engine_gpg_t gpg, + gpgme_encrypt_flags_t flags, + const char *string) { gpg_error_t err = 0; int any = 0; @@ -1945,7 +2010,7 @@ append_args_from_recipients_string (engine_gpg_t gpg, const char *string) { err = add_arg (gpg, "-r"); if (!err) - err = add_arg_len (gpg, NULL, string, n); + err = add_arg_recipient_string (gpg, flags, string, n); if (!err) any = 1; } @@ -2009,9 +2074,9 @@ gpg_encrypt (void *engine, gpgme_key_t recp[], const char *recpstring, err = add_arg (gpg, "--no-encrypt-to"); if (!err && !recp && recpstring) - err = append_args_from_recipients_string (gpg, recpstring); + err = append_args_from_recipients_string (gpg, flags, recpstring); else if (!err) - err = append_args_from_recipients (gpg, recp); + err = append_args_from_recipients (gpg, flags, recp); } /* Tell the gpg object about the data. */ @@ -2084,9 +2149,9 @@ gpg_encrypt_sign (void *engine, gpgme_key_t recp[], err = add_arg (gpg, "--no-encrypt-to"); if (!err && !recp && recpstring) - err = append_args_from_recipients_string (gpg, recpstring); + err = append_args_from_recipients_string (gpg, flags, recpstring); else if (!err) - err = append_args_from_recipients (gpg, recp); + err = append_args_from_recipients (gpg, flags, recp); } if (!err) diff --git a/src/gpgme-json.c b/src/gpgme-json.c index 4b1cd5b..c73bebd 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -569,6 +569,7 @@ static const char hlp_encrypt[] = "no-encrypt-to: Do not use a default recipient.\n" "no-compress: Do not compress the plaintext first.\n" "throw-keyids: Request the --throw-keyids option.\n" + "want-address: Require that the keys include a mail address.\n" "wrap: Assume the input is an OpenPGP message.\n" "\n" "Response on success:\n" @@ -621,6 +622,10 @@ op_encrypt (cjson_t request, cjson_t result) goto leave; if (abool) encrypt_flags |= GPGME_ENCRYPT_WRAP; + if ((err = get_boolean_flag (request, "want-address", 0, &abool))) + goto leave; + if (abool) + encrypt_flags |= GPGME_ENCRYPT_WANT_ADDRESS; /* Get the keys. */ diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 8aba5ba..860e093 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1266,7 +1266,8 @@ typedef enum GPGME_ENCRYPT_NO_COMPRESS = 16, GPGME_ENCRYPT_SYMMETRIC = 32, GPGME_ENCRYPT_THROW_KEYIDS = 64, - GPGME_ENCRYPT_WRAP = 128 + GPGME_ENCRYPT_WRAP = 128, + GPGME_ENCRYPT_WANT_ADDRESS = 256 } gpgme_encrypt_flags_t; ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + doc/gpgme.texi | 14 +++++++++- src/engine-gpg.c | 81 ++++++++++++++++++++++++++++++++++++++++++++++++++------ src/gpgme-json.c | 5 ++++ src/gpgme.h.in | 3 ++- 5 files changed, 94 insertions(+), 10 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 10:11:34 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 10:11:34 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-191-g4bba3b8 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 4bba3b8e2c350b8ff0d562ec63cc03a096448d84 (commit) from 86efba2be270d2cdd0bc66c9d3fe190495b7af2f (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 4bba3b8e2c350b8ff0d562ec63cc03a096448d84 Author: Werner Koch Date: Tue Apr 17 10:04:20 2018 +0200 core: Allow for --hidden keyword in OpenPGP recpstrings. * src/engine-gpg.c (append_args_from_recipients_string): Add special keywords. -- GnuPG-bug-id: 3775 Signed-off-by: Werner Koch diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 330b167..3975a97 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -6180,8 +6180,16 @@ This is an extended version of @code{gpgme_op_encrypt} with @var{recpstring} is not NULL, the latter is expected to be a linefeed delimited string with the set of key specifications. In contrast to @var{recp} the keys are given directly as strings and there is no need -to first create key objects. The keys are passed verbatim to the -backend engine. +to first create key objects. Leading and trailing white space is +remove from each line in @var{recpstring}. The keys are then passed +verbatim to the backend engine. + +For the OpenPGP backend two special keywords are supported to modify +the operation: If the keyword "--hidden" is given as a recipient, it +is skipped but will trun all following key specifications to be hidden +recipients. If the keyword "--" is given as a recipient, it will be +skipped but no keywords will be detected in all following key +specifications. @end deftypefun diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 90e3b89..49a1c75 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -1985,6 +1985,8 @@ append_args_from_recipients_string (engine_gpg_t gpg, { gpg_error_t err = 0; int any = 0; + int ignore = 0; + int hidden = 0; const char *s; int n; @@ -2005,10 +2007,14 @@ append_args_from_recipients_string (engine_gpg_t gpg, while (n && (string[n-1] == ' ' || string[n-1] == '\t')) n--; - /* Add arg if it is not empty. */ - if (n) + if (!ignore && n == 2 && !memcmp (string, "--", 2)) + ignore = 1; + else if (!ignore && n == 8 && !memcmp (string, "--hidden", 8)) + hidden = 1; + else if (n) { - err = add_arg (gpg, "-r"); + /* Add arg if it is not empty. */ + err = add_arg (gpg, hidden? "-R":"-r"); if (!err) err = add_arg_recipient_string (gpg, flags, string, n); if (!err) ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 12 ++++++++++-- src/engine-gpg.c | 12 +++++++++--- 2 files changed, 19 insertions(+), 5 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 10:30:03 2018 From: cvs at cvs.gnupg.org (by Tobias Mueller) Date: Tue, 17 Apr 2018 10:30:03 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-192-gbbfa7c4 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via bbfa7c42337bb619e6af20bf051fe0755ed5a9fd (commit) from 4bba3b8e2c350b8ff0d562ec63cc03a096448d84 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bbfa7c42337bb619e6af20bf051fe0755ed5a9fd Author: Tobias Mueller Date: Tue Feb 20 17:34:14 2018 +0100 python: Fix crash by leaving struct members intact * lang/python/setup.py.in: Copy gpgme.h instead of parsing it. -- The python bindings tried to parse deprecated functions out of gpgme.h. This fails for the current gpgme.h in that it removes an entire field in the key sig struct (_obsolete_class). Hence, the fields were off by an int and the bindings accessed struct members via the wrong offset. That caused python program to crash. At least on 32bit platforms, the crash can be easily triggered by accessing key.uids[0].signatures. On 64bit platforms the compiler probably aligns the struct so that the missing 4 bytes are not noticed. With this change, the python bindings will expose all functions that gpgme exposes, including the deprecated ones. Credits go to Justus Winter for debugging and identying the issue. Signed-off-by: Tobias Mueller GnuPG-bug-id: 3892 diff --git a/lang/python/setup.py.in b/lang/python/setup.py.in index f9dda20..2595073 100755 --- a/lang/python/setup.py.in +++ b/lang/python/setup.py.in @@ -152,25 +152,8 @@ class BuildExtFirstHack(build): sink.write(content) def _generate_gpgme_h(self, source_name, sink_name): - if up_to_date(source_name, sink_name): - return - print("Using gpgme.h from {}".format(source_name)) - - deprec_func = re.compile(r'^(.*typedef.*|.*$.*$|[^#]+\s+.+)' - + r'\s*_GPGME_DEPRECATED(_OUTSIDE_GPGME)?$.*$;\s*', - re.S) - line_break = re.compile(';|\\$|\\x0c|^\s*#|{') - - with open(sink_name, "w") as sink, open(source_name) as source: - text = '' - for line in source: - text += re.sub(' class ', ' _py_obsolete_class ', line) - if line_break.search(line): - if not deprec_func.search(text): - sink.write(text) - text = '' - sink.write(text) + shutil.copy2(source_name, sink_name) def _generate_errors_i(self): ----------------------------------------------------------------------- Summary of changes: lang/python/setup.py.in | 19 +------------------ 1 file changed, 1 insertion(+), 18 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 11:13:32 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 11:13:32 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-193-gc143ab6 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via c143ab692c7fc7cf2ec0aebe40b9479ee15eaba9 (commit) from bbfa7c42337bb619e6af20bf051fe0755ed5a9fd (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit c143ab692c7fc7cf2ec0aebe40b9479ee15eaba9 Author: Werner Koch Date: Tue Apr 17 11:06:27 2018 +0200 core: For OpenPGP let offline mode disable dirmngr. * src/engine-gpg.c (struct engine_gpg): New flag.offline. (gpg_set_engine_flags): Set it. Also fix setting of no_symkey_cache. (build_argv): Pass --disable-dirmngr in offline mode. -- GnuPG-bug-id: 3831 Signed-off-by: Werner Koch diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 3975a97..c14780a 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -2606,22 +2606,26 @@ valid pointer. @deftypefun void gpgme_set_offline (@w{gpgme_ctx_t @var{ctx}}, @w{int @var{yes}}) @since{1.6.0} -The function @code{gpgme_set_offline} specifies if offline mode -should be used. By default, offline mode is not used. +The function @code{gpgme_set_offline} specifies if offline mode should +be used. Offline mode is disabled if @var{yes} is zero, and enabled +otherwise. By default, offline mode is disabled. -The offline mode specifies if dirmngr should be used to do additional -validation that might require connections to external services. -(e.g. CRL / OCSP checks). +The details of the offline mode depend on the used protocol and its +backend engine. It may eventually be extended to be more stricter and +for example completely disable the use of Dirmngr for any engine. -Offline mode only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE} -and is only relevant to the CMS crypto engine. Offline mode -is ignored otherwise. +For the CMS protocol the offline mode specifies whether Dirmngr shall +be used to do additional validation that might require connecting +external services (e.g. CRL / OCSP checks). Here the offline mode +only affects the keylist mode @code{GPGME_KEYLIST_MODE_VALIDATE}. -This option may be extended in the future to completely disable -the use of dirmngr for any engine. +For the OpenPGP protocol offline mode entirely disables the use of the +Dirmngr and will thus guarantee that no network connections are done +as part of an operation on this context. It has only an effect with +GnuPG versions 2.1.23 or later. + +For all other protocols the offline mode is currently ignored. -Offline mode is disabled if @var{yes} is zero, and enabled -otherwise. @end deftypefun @deftypefun int gpgme_get_offline (@w{gpgme_ctx_t @var{ctx}}) diff --git a/src/engine-gpg.c b/src/engine-gpg.c index 49a1c75..fdb786a 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -148,6 +148,7 @@ struct engine_gpg struct { unsigned int no_symkey_cache : 1; + unsigned int offline : 1; } flags; /* NULL or the data object fed to --override_session_key-fd. */ @@ -647,12 +648,14 @@ gpg_set_engine_flags (void *engine, const gpgme_ctx_t ctx) else strcpy (gpg->request_origin, ctx->request_origin); } - else if (ctx->no_symkey_cache && have_gpg_version (gpg, "2.2.7")) - { - gpg->flags.no_symkey_cache = 1; - } else *gpg->request_origin = 0; + + gpg->flags.no_symkey_cache = (ctx->no_symkey_cache + && have_gpg_version (gpg, "2.2.7")); + + gpg->flags.offline = (ctx->offline && have_gpg_version (gpg, "2.1.23")); + } @@ -884,7 +887,8 @@ build_argv (engine_gpg_t gpg, const char *pgmname) argc++; if (!gpg->cmd.used) argc++; /* --batch */ - argc += 3; /* --no-sk-comments, --request-origin, --no-symkey-cache */ + argc += 4; /* --no-sk-comments, --request-origin, --no-symkey-cache */ + /* --disable-dirmngr */ argv = calloc (argc + 1, sizeof *argv); if (!argv) @@ -959,6 +963,19 @@ build_argv (engine_gpg_t gpg, const char *pgmname) argc++; } + if (gpg->flags.offline) + { + argv[argc] = strdup ("--disable-dirmngr"); + if (!argv[argc]) + { + int saved_err = gpg_error_from_syserror (); + free (fd_data_map); + free_argv (argv); + return saved_err; + } + argc++; + } + if (gpg->pinentry_mode && have_gpg_version (gpg, "2.1.0")) { const char *s = NULL; ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 28 ++++++++++++++++------------ src/engine-gpg.c | 27 ++++++++++++++++++++++----- 2 files changed, 38 insertions(+), 17 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 12:47:44 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 12:47:44 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-194-g3589da0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 3589da0500f1c80717e658d103a0cb2751d27b49 (commit) from c143ab692c7fc7cf2ec0aebe40b9479ee15eaba9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 3589da0500f1c80717e658d103a0cb2751d27b49 Author: Werner Koch Date: Tue Apr 17 12:40:30 2018 +0200 core: New keyword --file for OpenPGP recpstring. * src/engine-gpg.c (append_args_from_recipients_string): Add new flags. -- Now you can use gpgme to encrypt without first importing a key. Signed-off-by: Werner Koch diff --git a/doc/gpgme.texi b/doc/gpgme.texi index c14780a..f5efec6 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -6188,12 +6188,32 @@ to first create key objects. Leading and trailing white space is remove from each line in @var{recpstring}. The keys are then passed verbatim to the backend engine. -For the OpenPGP backend two special keywords are supported to modify -the operation: If the keyword "--hidden" is given as a recipient, it -is skipped but will trun all following key specifications to be hidden -recipients. If the keyword "--" is given as a recipient, it will be -skipped but no keywords will be detected in all following key -specifications. +For the OpenPGP backend several special keywords are supported to +modify the operation. These keywords are given instead of a key +specification. The currently supported keywords are: + + at table @code + at item --hidden + at itemx --no-hidden +These keywords toggle between normal and hidden recipients for all +following key specifications. When a hidden recipient is requested +the gpg option @option{-R} (or @option{-F} in file mode) is used +instead of @option{-r} (@option{-f} in file mode). + + at item --file + at itemx --no-file +These keywords toggle between regular and file mode for all following +key specification. In file mode the option @option{-f} or @option{-F} +is passed to gpg. At least GnuPG version 2.1.14 is required to handle +these options. The @code{GPGME_ENCRYPT_WANT_ADDRESS} flag is ignored +in file mode. + + at item -- +This keyword disables all keyword detection up to the end of the +string. All keywords are treated as verbatim arguments. + + at end table + @end deftypefun diff --git a/src/engine-gpg.c b/src/engine-gpg.c index fdb786a..173e940 100644 --- a/src/engine-gpg.c +++ b/src/engine-gpg.c @@ -2001,9 +2001,11 @@ append_args_from_recipients_string (engine_gpg_t gpg, const char *string) { gpg_error_t err = 0; + gpgme_encrypt_flags_t orig_flags = flags; int any = 0; int ignore = 0; int hidden = 0; + int file = 0; const char *s; int n; @@ -2028,10 +2030,22 @@ append_args_from_recipients_string (engine_gpg_t gpg, ignore = 1; else if (!ignore && n == 8 && !memcmp (string, "--hidden", 8)) hidden = 1; - else if (n) + else if (!ignore && n == 11 && !memcmp (string, "--no-hidden", 11)) + hidden = 0; + else if (!ignore && n == 6 && !memcmp (string, "--file", 6)) { - /* Add arg if it is not empty. */ - err = add_arg (gpg, hidden? "-R":"-r"); + file = 1; + /* Because the key is used as is we need to ignore this flag: */ + flags &= ~GPGME_ENCRYPT_WANT_ADDRESS; + } + else if (!ignore && n == 9 && !memcmp (string, "--no-file", 9)) + { + file = 0; + flags = orig_flags; + } + else if (n) /* Not empty - use it. */ + { + err = add_arg (gpg, file? (hidden? "-F":"-f") : (hidden? "-R":"-r")); if (!err) err = add_arg_recipient_string (gpg, flags, string, n); if (!err) ----------------------------------------------------------------------- Summary of changes: doc/gpgme.texi | 32 ++++++++++++++++++++++++++------ src/engine-gpg.c | 20 +++++++++++++++++--- 2 files changed, 43 insertions(+), 9 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 13:56:05 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 13:56:05 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-195-g01435da Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 01435da498af9f7538d7ee810392d7eaa407957e (commit) from 3589da0500f1c80717e658d103a0cb2751d27b49 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 01435da498af9f7538d7ee810392d7eaa407957e Author: Werner Koch Date: Tue Apr 17 13:48:56 2018 +0200 core: Extend decryption result with symkey_algo. * src/gpgme.h.in (gpgme_op_decrypt_result_t): Add field 'symkey_algo'. * src/decrypt.c (release_op_data): Free SYMKEY_ALGO. (gpgme_op_decrypt_result): Make sure SYMKEY_ALGO is not NULL. (parse_decryption_info): New. (_gpgme_decrypt_status_handler): Parse DECRYPTION_INFO status. * src/conversion.c (_gpgme_cipher_algo_name): New. (_gpgme_cipher_mode_name): New. * tests/run-decrypt.c (print_result): Print SYMKEY_ALGO * src/util.h (_gpgme_map_gnupg_error): Remove obsolete prototype. -- Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 162212c..92a9673 100644 --- a/NEWS +++ b/NEWS @@ -11,6 +11,7 @@ Noteworthy changes in version 1.10.1 (unreleased) gpgme_op_encrypt_sign_ext_start NEW. GPGME_ENCRYPT_WANT_ADDRESS NEW. gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys'. + gpgme_decrypt_result_t EXTENDED: New field 'symkey_algo'. cpp: Key::locate NEW. cpp: Data::toString NEW. cpp: ImportResult::numV3KeysSkipped NEW. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index f5efec6..5a09ea0 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -5399,6 +5399,13 @@ You must not try to access this member of the struct unless or @code{gpgme_get_ctx_flag (ctx, "export-session-key")} returns true (non-empty string). + at item char *symkey_algo + at since{1.11.0} + +A string with the symmetric encryption algorithm and mode using the +format ".". Note that old non-MDC encryption mode of +OpenPGP is given as "PGPCFB". + @end table @end deftp diff --git a/src/conversion.c b/src/conversion.c index 5b84f67..4bfd3d3 100644 --- a/src/conversion.c +++ b/src/conversion.c @@ -575,3 +575,49 @@ _gpgme_map_pk_algo (int algo, gpgme_protocol_t protocol) return algo; } + + +/* Return a string with a cipher algorithm. */ +const char * +_gpgme_cipher_algo_name (int algo, gpgme_protocol_t protocol) +{ + if (protocol == GPGME_PROTOCOL_OPENPGP) + { + /* The algo is given according to OpenPGP specs. */ + switch (algo) + { + case 1: return "IDEA"; + case 2: return "3DES"; + case 3: return "CAST5"; + case 4: return "BLOWFISH"; + case 7: return "AES"; + case 8: return "AES192"; + case 9: return "AES256"; + case 10: return "TWOFISH"; + case 11: return "CAMELLIA128"; + case 12: return "CAMELLIA192"; + case 13: return "CAMELLIA256"; + } + } + + return "Unknown"; +} + + +/* Return a string with the cipher mode. */ +const char * +_gpgme_cipher_mode_name (int algo, gpgme_protocol_t protocol) +{ + if (protocol == GPGME_PROTOCOL_OPENPGP) + { + /* The algo is given according to OpenPGP specs. */ + switch (algo) + { + case 0: return "CFB"; + case 1: return "EAX"; + case 2: return "OCB"; + } + } + + return "Unknown"; +} diff --git a/src/decrypt.c b/src/decrypt.c index 8c2cd4d..e4de6e4 100644 --- a/src/decrypt.c +++ b/src/decrypt.c @@ -69,14 +69,10 @@ release_op_data (void *hook) op_data_t opd = (op_data_t) hook; gpgme_recipient_t recipient = opd->result.recipients; - if (opd->result.unsupported_algorithm) - free (opd->result.unsupported_algorithm); - - if (opd->result.file_name) - free (opd->result.file_name); - - if (opd->result.session_key) - free (opd->result.session_key); + free (opd->result.unsupported_algorithm); + free (opd->result.file_name); + free (opd->result.session_key); + free (opd->result.symkey_algo); while (recipient) { @@ -104,6 +100,17 @@ gpgme_op_decrypt_result (gpgme_ctx_t ctx) return NULL; } + /* Make sure that SYMKEY_ALGO has a value. */ + if (!opd->result.symkey_algo) + { + opd->result.symkey_algo = strdup ("?.?"); + if (!opd->result.symkey_algo) + { + TRACE_SUC0 ("result=(null)"); + return NULL; + } + } + if (_gpgme_debug_trace ()) { gpgme_recipient_t rcp; @@ -263,6 +270,49 @@ parse_enc_to (char *args, gpgme_recipient_t *recp, gpgme_protocol_t protocol) } +/* Parse the ARGS of a + * DECRYPTION_INFO [] + * status. Returns 0 on success and updates the OPD. + */ +static gpgme_error_t +parse_decryption_info (char *args, op_data_t opd, gpgme_protocol_t protocol) +{ + char *field[3]; + int nfields; + char *args2; + int mdc, mode; + const char *algostr, *modestr; + + if (!args) + return trace_gpg_error (GPG_ERR_INV_ENGINE); + + args2 = strdup (args); /* Split modifies the input string. */ + nfields = _gpgme_split_fields (args2, field, DIM (field)); + if (nfields < 2) + { + free (args2); + return trace_gpg_error (GPG_ERR_INV_ENGINE); /* Required arg missing. */ + } + + mdc = atoi (field[0]); + algostr = _gpgme_cipher_algo_name (atoi (field[1]), protocol); + mode = nfields < 3? 0 : atoi (field[2]); + modestr = _gpgme_cipher_mode_name (mode, protocol); + + free (args2); + + free (opd->result.symkey_algo); + if (!mode && mdc != 2) + opd->result.symkey_algo = _gpgme_strconcat (algostr, ".PGPCFB", NULL); + else + opd->result.symkey_algo = _gpgme_strconcat (algostr, ".", modestr, NULL); + if (!opd->result.symkey_algo) + return gpg_error_from_syserror (); + + return 0; +} + + gpgme_error_t _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, char *args) @@ -303,7 +353,9 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, break; case GPGME_STATUS_DECRYPTION_INFO: - /* Fixme: Provide a way to return the used symmetric algorithm. */ + err = parse_decryption_info (args, opd, ctx->protocol); + if (err) + return err; break; case GPGME_STATUS_DECRYPTION_OKAY: diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 860e093..202859c 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1368,6 +1368,10 @@ struct _gpgme_op_decrypt_result /* A textual representation of the session key used to decrypt the * message, if available */ char *session_key; + + /* A string with the symmetric encryption algorithm and mode using + * the format ".". */ + char *symkey_algo; }; typedef struct _gpgme_op_decrypt_result *gpgme_decrypt_result_t; diff --git a/src/util.h b/src/util.h index b4043ed..da929eb 100644 --- a/src/util.h +++ b/src/util.h @@ -165,10 +165,11 @@ time_t _gpgme_parse_timestamp (const char *timestamp, char **endp); * on error or missing timestamp. */ unsigned long _gpgme_parse_timestamp_ul (const char *timestamp); -gpgme_error_t _gpgme_map_gnupg_error (char *err); - int _gpgme_map_pk_algo (int algo, gpgme_protocol_t protocol); +const char *_gpgme_cipher_algo_name (int algo, gpgme_protocol_t protocol); +const char *_gpgme_cipher_mode_name (int algo, gpgme_protocol_t protocol); + /*-- b64dec.c --*/ diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c index a2e82a0..8eb6ba0 100644 --- a/tests/run-decrypt.c +++ b/tests/run-decrypt.c @@ -59,6 +59,7 @@ print_result (gpgme_decrypt_result_t result) nonnull(result->unsupported_algorithm)); if (result->session_key) printf ("Session key: %s\n", result->session_key); + printf ("Symmetric algorithm: %s\n", result->symkey_algo); for (recp = result->recipients; recp && recp->next; recp = recp->next) { ----------------------------------------------------------------------- Summary of changes: NEWS | 1 + doc/gpgme.texi | 7 ++++++ src/conversion.c | 46 +++++++++++++++++++++++++++++++++++ src/decrypt.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++------- src/gpgme.h.in | 4 +++ src/util.h | 5 ++-- tests/run-decrypt.c | 1 + 7 files changed, 123 insertions(+), 11 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 17:25:19 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 17:25:19 +0200 Subject: [git] GCRYPT - branch, master, updated. libgcrypt-1.8.1-66-ge7ae0ae Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, master has been updated via e7ae0ae243c8978a67c802169183187d88557be8 (commit) from 3e3b520fb32a37c5c23762531a7b3168e112ac36 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e7ae0ae243c8978a67c802169183187d88557be8 Author: Werner Koch Date: Tue Apr 17 17:15:30 2018 +0200 mpi: Fix for buidling for MIPS64 with Clang * mpi/longlong.h [MIPS64][__clang__]: Use the C version like we already do for 32 bit MIPS. -- GnuPG-bug-id: 3915 Signed-off-by: Werner Koch diff --git a/mpi/longlong.h b/mpi/longlong.h index 0a5acb6..d6958f3 100644 --- a/mpi/longlong.h +++ b/mpi/longlong.h @@ -890,7 +890,8 @@ extern USItype __udiv_qrnnd (); ************** MIPS/64 ************** ***************************************/ #if (defined (__mips) && __mips >= 3) && W_TYPE_SIZE == 64 -# if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) +# if defined (__clang__) || (__GNUC__ >= 5) || (__GNUC__ == 4 && \ + __GNUC_MINOR__ >= 4) typedef unsigned int UTItype __attribute__ ((mode (TI))); # define umul_ppmm(w1, w0, u, v) \ do { \ ----------------------------------------------------------------------- Summary of changes: mpi/longlong.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 17:46:32 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Tue, 17 Apr 2018 17:46:32 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1.8-BRANCH, updated. libgcrypt-1.8.2-9-ga0e016e Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1.8-BRANCH has been updated via a0e016e29409ccd78966a5eb82dea236ad44d9c9 (commit) via 06fdc074eb29faf584ffd13feea4c063936446fb (commit) via 0da4a237661cd273303ae6baaaba2d9f6292b990 (commit) via e1695a8f6ca1135d777450cf9ce64628b0778ccb (commit) via 4e11e9d988181cf9cd87c7c86fa8e7a0f643a573 (commit) via 1900853f2aeec51764d447ddd0ef0bfdf3f77365 (commit) via 0a391b259adcd7ea734dc03c2048a135e018166d (commit) via c114ffd6da837e7aace318e37bbcf9325dd985b7 (commit) from 32577d5b91f853b6d6807339aa93f5a443802732 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit a0e016e29409ccd78966a5eb82dea236ad44d9c9 Author: Werner Koch Date: Tue Apr 17 17:15:30 2018 +0200 mpi: Fix for buidling for MIPS64 with Clang * mpi/longlong.h [MIPS64][__clang__]: Use the C version like we already do for 32 bit MIPS. -- GnuPG-bug-id: 3915 Signed-off-by: Werner Koch (cherry picked from commit e7ae0ae243c8978a67c802169183187d88557be8) diff --git a/mpi/longlong.h b/mpi/longlong.h index 0a5acb6..d6958f3 100644 --- a/mpi/longlong.h +++ b/mpi/longlong.h @@ -890,7 +890,8 @@ extern USItype __udiv_qrnnd (); ************** MIPS/64 ************** ***************************************/ #if (defined (__mips) && __mips >= 3) && W_TYPE_SIZE == 64 -# if (__GNUC__ >= 5) || (__GNUC__ == 4 && __GNUC_MINOR__ >= 4) +# if defined (__clang__) || (__GNUC__ >= 5) || (__GNUC__ == 4 && \ + __GNUC_MINOR__ >= 4) typedef unsigned int UTItype __attribute__ ((mode (TI))); # define umul_ppmm(w1, w0, u, v) \ do { \ commit 06fdc074eb29faf584ffd13feea4c063936446fb Author: NIIBE Yutaka Date: Wed Apr 11 08:45:22 2018 +0900 hmac: Use xtrymalloc. * src/hmac256.c (_gcry_hmac256_new): Use xtrymalloc. (_gcry_hmac256_file): Likewise. -- Don't require config.h but stdint.h for STANDALONE. Drop STANDALONE support for WindowsCE. GnuPG-bug-id: 3877 Signed-off-by: NIIBE Yutaka (cherry picked from commit 3e3b520fb32a37c5c23762531a7b3168e112ac36) diff --git a/src/hmac256.c b/src/hmac256.c index ca1eb75..2d66079 100644 --- a/src/hmac256.c +++ b/src/hmac256.c @@ -24,8 +24,7 @@ internal consistency checks. It should not be used for sensitive data because no mechanisms to clear the stack etc are used. - This module may be used standalone and requires only a few - standard definitions to be provided in a config.h file. + This module may be used standalone. Types: @@ -46,7 +45,19 @@ for testing this included module. */ +#ifdef STANDALONE +#include +#define HAVE_U32_TYPEDEF 1 +typedef uint32_t u32; +#define VERSION "standalone" +/* For GCC, we can detect endianness. If not GCC, please define manually. */ +#if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ +#define WORDS_BIGENDIAN 1 +#endif +#else #include +#endif + #include #include #include @@ -56,13 +67,11 @@ # include /* We need setmode(). */ #endif -/* For a native WindowsCE binary we need to include gpg-error.h to - provide a replacement for strerror. In other cases we need a - replacement macro for gpg_err_set_errno. */ -#ifdef __MINGW32CE__ -# include +#ifdef STANDALONE +#define xtrymalloc(a) malloc((a)) +#define gpg_err_set_errno(a) (errno = (a)) #else -# define gpg_err_set_errno(a) (errno = (a)) +#include "g10lib.h" #endif #include "hmac256.h" @@ -296,7 +305,7 @@ _gcry_hmac256_new (const void *key, size_t keylen) { hmac256_context_t hd; - hd = malloc (sizeof *hd); + hd = xtrymalloc (sizeof *hd); if (!hd) return NULL; @@ -469,7 +478,7 @@ _gcry_hmac256_file (void *result, size_t resultsize, const char *filename, } buffer_size = 32768; - buffer = malloc (buffer_size); + buffer = xtrymalloc (buffer_size); if (!buffer) { fclose (fp); commit 0da4a237661cd273303ae6baaaba2d9f6292b990 Author: NIIBE Yutaka Date: Tue Apr 10 11:01:57 2018 +0900 random: Protect another use of jent_rng_collector. * random/rndjent.c (_gcry_rndjent_get_version): Lock the access. Signed-off-by: NIIBE Yutaka (cherry picked from commit 0de2a22fcf6607d0aecb550feefa414cee3731b2) diff --git a/random/rndjent.c b/random/rndjent.c index 6e56c8a..0c5a820 100644 --- a/random/rndjent.c +++ b/random/rndjent.c @@ -334,11 +334,13 @@ _gcry_rndjent_get_version (int *r_active) { if (r_active) { + lock_rng (); /* Make sure the RNG is initialized. */ _gcry_rndjent_poll (NULL, 0, 0); /* To ease debugging we store 2 for a clock_gettime based * implementation and 1 for a rdtsc based code. */ *r_active = jent_rng_collector? is_rng_available () : 0; + unlock_rng (); } return jent_version (); } commit e1695a8f6ca1135d777450cf9ce64628b0778ccb Author: Martin Storsj? Date: Thu Mar 22 23:32:36 2018 +0200 random: Don't assume that _WIN64 implies x86_64 * random/rndw32.c: Change _WIN64 ifdef into __x86_64__. -- This fixes building this file for windows on aarch64. Signed-off-by: Martin Storsj? (cherry picked from commit ed41d6d6fb4551342b22ef763de1bd60e964e186) diff --git a/random/rndw32.c b/random/rndw32.c index 7e9ac50..08a8867 100644 --- a/random/rndw32.c +++ b/random/rndw32.c @@ -986,7 +986,7 @@ _gcry_rndw32_gather_random_fast (void (*add)(const void*, size_t, On AMD64, TSC is always available and intrinsic is provided for accessing it. */ -#ifdef __WIN64__ +#ifdef __x86_64__ { unsigned __int64 aint64; @@ -1024,7 +1024,7 @@ _gcry_rndw32_gather_random_fast (void (*add)(const void*, size_t, (*add) (&aword, sizeof (aword), origin ); } } -#endif /*__WIN64__*/ +#endif /*__x86_64__*/ } commit 4e11e9d988181cf9cd87c7c86fa8e7a0f643a573 Author: Jussi Kivilinna Date: Thu Mar 22 21:42:22 2018 +0200 Improve constant-time buffer compare * cipher/bufhelp.h (buf_eq_const): Rewrite logic. -- New implementation for constant-time buffer comparing that avoids generating conditional code in comparison loop. Signed-off-by: Jussi Kivilinna (cherry picked from commit a1127dbbada4302abf09eec90fbaceca87bfcdf0) diff --git a/cipher/bufhelp.h b/cipher/bufhelp.h index b854bc0..83d3f53 100644 --- a/cipher/bufhelp.h +++ b/cipher/bufhelp.h @@ -290,13 +290,19 @@ buf_eq_const(const void *_a, const void *_b, size_t len) { const byte *a = _a; const byte *b = _b; - size_t diff, i; + int ab, ba; + size_t i; /* Constant-time compare. */ - for (i = 0, diff = 0; i < len; i++) - diff -= !!(a[i] - b[i]); + for (i = 0, ab = 0, ba = 0; i < len; i++) + { + /* If a[i] != b[i], either ab or ba will be negative. */ + ab |= a[i] - b[i]; + ba |= b[i] - a[i]; + } - return !diff; + /* 'ab | ba' is negative when buffers are not equal. */ + return (ab | ba) >= 0; } commit 1900853f2aeec51764d447ddd0ef0bfdf3f77365 Author: Werner Koch Date: Thu Mar 22 15:28:04 2018 +0100 doc: Clarify the value range of the use-rsa-e parameter. -- Signed-off-by: Werner Koch (cherry picked from commit 92fd86e9956ef3fea51d72495fd0da09522e57a1) diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 2e89213..d2e6293 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -2887,7 +2887,9 @@ Use the given value. @noindent If this parameter is not used, Libgcrypt uses for historic reasons -65537. +65537. Note that the value must fit into a 32 bit unsigned variable +and that the usual C prefixes are considered (e.g. 017 gives 15). + @item qbits @var{n} This is only meanigful for DSA keys. If it is given the DSA key is diff --git a/src/sexp.c b/src/sexp.c index 0462d92..9d89268 100644 --- a/src/sexp.c +++ b/src/sexp.c @@ -401,7 +401,7 @@ _gcry_sexp_vlist( const gcry_sexp_t a, ... ) /**************** * Append n to the list a - * Returns: a new ist (which maybe a) + * Returns: a new list (which maybe a) */ gcry_sexp_t _gcry_sexp_append( const gcry_sexp_t a, const gcry_sexp_t n ) commit 0a391b259adcd7ea734dc03c2048a135e018166d Author: Jussi Kivilinna Date: Wed Jan 31 20:02:48 2018 +0200 Fix incorrect counter overflow handling for GCM * cipher/cipher-gcm.c (gcm_ctr_encrypt): New function to handle 32-bit CTR increment for GCM. (_gcry_cipher_gcm_encrypt, _gcry_cipher_gcm_decrypt): Do not use generic CTR implementation directly, use gcm_ctr_encrypt instead. * tests/basic.c (_check_gcm_cipher): Add test-vectors for 32-bit CTR overflow. (check_gcm_cipher): Add 'split input to 15 bytes and 17 bytes' test-runs. -- Reported-by: Clemens Lang # ------------------------ >8 ------------------------ > I believe we have found what seems to be a bug in counter overflow > handling in AES-GCM in libgcrypt's implementation. This leads to > incorrect results when using a non-12-byte IV and decrypting payloads > encrypted with other AES-GCM implementations, such as OpenSSL. > > According to the NIST Special Publication 800-38D "Recommendation for > Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC", > section 7.1, algorithm 4, step 3 [NIST38D], the counter increment is > defined as inc_32. Section 6.2 of the same document defines the > incrementing function inc_s for positive integers s as follows: > > | the function increments the right-most s bits of the string, regarded > | as the binary representation of an integer, modulo 2^s; the remaining, > | left-most len(X) - s bits remain unchanged > > (X is the complete counter value in this case) > > This problem does not occur when using a 12-byte IV, because AES-GCM has > a special case for the inital counter value with 12-byte IVs: > > | If len(IV)=96, then J_0 = IV || 0^31 || 1 > > i.e., one would have to encrypt (UINT_MAX - 1) * blocksize of data to > hit an overflow. However, for non-12-byte IVs, the initial counter value > is the output of a hash function, which makes hitting an overflow much > more likely. > > In practice, we have found that using > > iv = 9e 79 18 8c ff 09 56 1e c9 90 99 cc 6d 5d f6 d3 > key = 26 56 e5 73 76 03 c6 95 0d 22 07 31 5d 32 5c 6b a5 54 5f 40 23 98 60 f6 f7 06 6f 7a 4f c2 ca 40 > > will reliably trigger an overflow when encrypting 10 MiB of data. It > seems that this is caused by re-using the AES-CTR implementation for > incrementing the counter. # ------------------------ 8< ------------------------ Bug was introduced by commit bd4bd23a2511a4bce63c3217cca0d4ecf0c79532 "GCM: Use counter mode code for speed-up". GnuPG-bug-id: 3764 Signed-off-by: Jussi Kivilinna (cherry picked from commit ffdc6f3623a0bcb41324d562340b2cd1c288e387) Resolved conflicts: tests/basic.c - use new constified version of TV. Added scissor lines to the original commit messages. Signed-off-by: Werner Koch diff --git a/cipher/cipher-gcm.c b/cipher/cipher-gcm.c index 2b8b454..6169d14 100644 --- a/cipher/cipher-gcm.c +++ b/cipher/cipher-gcm.c @@ -1,6 +1,6 @@ /* cipher-gcm.c - Generic Galois Counter Mode implementation * Copyright (C) 2013 Dmitry Eremin-Solenikov - * Copyright (C) 2013 Jussi Kivilinna + * Copyright (C) 2013, 2018 Jussi Kivilinna * * This file is part of Libgcrypt. * @@ -556,6 +556,77 @@ do_ghash_buf(gcry_cipher_hd_t c, byte *hash, const byte *buf, } +static gcry_err_code_t +gcm_ctr_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, + const byte *inbuf, size_t inbuflen) +{ + gcry_err_code_t err = 0; + + while (inbuflen) + { + u32 nblocks_to_overflow; + u32 num_ctr_increments; + u32 curr_ctr_low; + size_t currlen = inbuflen; + byte ctr_copy[GCRY_GCM_BLOCK_LEN]; + int fix_ctr = 0; + + /* GCM CTR increments only least significant 32-bits, without carry + * to upper 96-bits of counter. Using generic CTR implementation + * directly would carry 32-bit overflow to upper 96-bit. Detect + * if input length is long enough to cause overflow, and limit + * input length so that CTR overflow happen but updated CTR value is + * not used to encrypt further input. After overflow, upper 96 bits + * of CTR are restored to cancel out modification done by generic CTR + * encryption. */ + + if (inbuflen > c->unused) + { + curr_ctr_low = gcm_add32_be128 (c->u_ctr.ctr, 0); + + /* Number of CTR increments this inbuflen would cause. */ + num_ctr_increments = (inbuflen - c->unused) / GCRY_GCM_BLOCK_LEN + + !!((inbuflen - c->unused) % GCRY_GCM_BLOCK_LEN); + + if ((u32)(num_ctr_increments + curr_ctr_low) < curr_ctr_low) + { + nblocks_to_overflow = 0xffffffffU - curr_ctr_low + 1; + currlen = nblocks_to_overflow * GCRY_GCM_BLOCK_LEN + c->unused; + if (currlen > inbuflen) + { + currlen = inbuflen; + } + + fix_ctr = 1; + buf_cpy(ctr_copy, c->u_ctr.ctr, GCRY_GCM_BLOCK_LEN); + } + } + + err = _gcry_cipher_ctr_encrypt(c, outbuf, outbuflen, inbuf, currlen); + if (err != 0) + return err; + + if (fix_ctr) + { + /* Lower 32-bits of CTR should now be zero. */ + gcry_assert(gcm_add32_be128 (c->u_ctr.ctr, 0) == 0); + + /* Restore upper part of CTR. */ + buf_cpy(c->u_ctr.ctr, ctr_copy, GCRY_GCM_BLOCK_LEN - sizeof(u32)); + + wipememory(ctr_copy, sizeof(ctr_copy)); + } + + inbuflen -= currlen; + inbuf += currlen; + outbuflen -= currlen; + outbuf += currlen; + } + + return err; +} + + gcry_err_code_t _gcry_cipher_gcm_encrypt (gcry_cipher_hd_t c, byte *outbuf, size_t outbuflen, @@ -595,7 +666,7 @@ _gcry_cipher_gcm_encrypt (gcry_cipher_hd_t c, return GPG_ERR_INV_LENGTH; } - err = _gcry_cipher_ctr_encrypt(c, outbuf, outbuflen, inbuf, inbuflen); + err = gcm_ctr_encrypt(c, outbuf, outbuflen, inbuf, inbuflen); if (err != 0) return err; @@ -642,7 +713,7 @@ _gcry_cipher_gcm_decrypt (gcry_cipher_hd_t c, do_ghash_buf(c, c->u_mode.gcm.u_tag.tag, inbuf, inbuflen, 0); - return _gcry_cipher_ctr_encrypt(c, outbuf, outbuflen, inbuf, inbuflen); + return gcm_ctr_encrypt(c, outbuf, outbuflen, inbuf, inbuflen); } diff --git a/tests/basic.c b/tests/basic.c index 89b7917..034ef8d 100644 --- a/tests/basic.c +++ b/tests/basic.c @@ -1347,7 +1347,8 @@ check_ofb_cipher (void) static void _check_gcm_cipher (unsigned int step) { - struct tv +#define MAX_GCM_DATA_LEN (256 + 32) + static const struct tv { int algo; char key[MAX_DATA_LEN]; @@ -1355,9 +1356,9 @@ _check_gcm_cipher (unsigned int step) int ivlen; unsigned char aad[MAX_DATA_LEN]; int aadlen; - unsigned char plaintext[MAX_DATA_LEN]; + unsigned char plaintext[MAX_GCM_DATA_LEN]; int inlen; - char out[MAX_DATA_LEN]; + char out[MAX_GCM_DATA_LEN]; char tag[MAX_DATA_LEN]; int taglen; int should_fail; @@ -1551,11 +1552,687 @@ _check_gcm_cipher (unsigned int step) "\xee\xb2\xb2\x2a\xaf\xde\x64\x19\xa0\x58\xab\x4f\x6f\x74\x6b\xf4" "\x0f\xc0\xc3\xb7\x80\xf2\x44\x45\x2d\xa3\xeb\xf1\xc5\xd8\x2c\xde" "\xa2\x41\x89\x97\x20\x0e\xf8\x2e\x44\xae\x7e\x3f", - "\xa4\x4a\x82\x66\xee\x1c\x8e\xb0\xc8\xb5\xd4\xcf\x5a\xe9\xf1\x9a" } + "\xa4\x4a\x82\x66\xee\x1c\x8e\xb0\xc8\xb5\xd4\xcf\x5a\xe9\xf1\x9a" }, + /* Test vectors for overflowing CTR. */ + /* After setiv, ctr_low: 0xffffffff */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x86\xdd\x40\xe7", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x7d\x6e\x38\xfd\xd0\x04\x9d\x28\xdf\x4a\x10\x3f\xa3\x9e\xf8\xf8" + "\x6c\x2c\x10\xa7\x91\xab\xc0\x86\xd4\x6d\x69\xea\x58\xc4\xf9\xc0" + "\xd4\xee\xc2\xb0\x9d\x36\xae\xe7\xc9\xa9\x1f\x71\xa8\xee\xa2\x1d" + "\x20\xfd\x79\xc7\xd9\xc4\x90\x51\x38\x97\xb6\x9f\x55\xea\xf3\xf0" + "\x78\xb4\xd3\x8c\xa9\x9b\x32\x7d\x19\x36\x96\xbc\x8e\xab\x80\x9f" + "\x61\x56\xcc\xbd\x3a\x80\xc6\x69\x37\x0a\x89\x89\x21\x82\xb7\x79" + "\x6d\xe9\xb4\x34\xc4\x31\xe0\xbe\x71\xad\xf3\x50\x05\xb2\x61\xab" + "\xb3\x1a\x80\x57\xcf\xe1\x11\x26\xcb\xa9\xd1\xf6\x58\x46\xf1\x69" + "\xa2\xb8\x42\x3c\xe8\x28\x13\xca\x58\xd9\x28\x99\xf8\xc8\x17\x32" + "\x4a\xf9\xb3\x4c\x7a\x47\xad\xe4\x77\x64\xec\x70\xa1\x01\x0b\x88" + "\xe7\x30\x0b\xbd\x66\x25\x39\x1e\x51\x67\xee\xec\xdf\xb8\x24\x5d" + "\x7f\xcb\xee\x7a\x4e\xa9\x93\xf0\xa1\x84\x7b\xfe\x5a\xe3\x86\xb2" + "\xfb\xcd\x39\xe7\x1e\x5e\x48\x65\x4b\x50\x2b\x4a\x99\x46\x3f\x6f" + "\xdb\xd9\x97\xdb\xe5\x6d\xa4\xdd\x6c\x18\x64\x5e\xae\x7e\x2c\xd3" + "\xb4\xf3\x57\x5c\xb5\xf8\x7f\xe5\x87\xb5\x35\xdb\x80\x38\x6e\x2c" + "\x5c\xdd\xeb\x7c\x63\xac\xe4\xb5\x5a\x6a\x40\x6d\x72\x69\x9a\xa9" + "\x8f\x5e\x93\x91\x4d\xce\xeb\x87\xf5\x25\xed\x75\x6b\x3b\x1a\xf2" + "\x0c\xd2\xa4\x10\x45\xd2\x87\xae\x29\x6d\xeb\xea\x66\x5f\xa0\xc2", + "\x8c\x22\xe3\xda\x9d\x94\x8a\xbe\x8a\xbc\x55\x2c\x94\x63\x44\x40" }, + /* After setiv, ctr_low: 0xfffffffe */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x8d\xd1\xc1\xdf", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\xac\x6a\x10\x3f\xe2\x8d\xed\x27\x55\x14\xca\x1f\x03\x67\x0a\xa8" + "\xa1\x07\xbf\x00\x73\x5b\x64\xef\xac\x30\x83\x81\x48\x4c\xaa\xd5" + "\xff\xca\xef\x2f\x77\xbe\xfe\x1b\x20\x5c\x86\x19\xc7\xf9\x11\x99" + "\x27\xc5\x57\xa7\x0a\xc2\xa8\x05\xd9\x07\x2b\xb9\x38\xa4\xef\x58" + "\x92\x74\xcf\x89\xc7\xba\xfc\xb9\x70\xac\x86\xe2\x31\xba\x7c\xf9" + "\xc4\xe2\xe0\x4c\x1b\xe4\x3f\x75\x83\x5c\x40\x0e\xa4\x13\x8b\x04" + "\x60\x78\x57\x29\xbb\xe6\x61\x93\xe3\x16\xf9\x58\x07\x75\xd0\x96" + "\xfb\x8f\x6d\x1e\x49\x0f\xd5\x31\x9e\xee\x31\xe6\x0a\x85\x93\x49" + "\x22\xcf\xd6\x1b\x40\x44\x63\x9c\x95\xaf\xf0\x44\x23\x51\x37\x92" + "\x0d\xa0\x22\x37\xb9\x6d\x13\xf9\x78\xba\x27\x27\xed\x08\x7e\x35" + "\xe4\xe2\x28\xeb\x0e\xbe\x3d\xce\x89\x93\x35\x84\x0f\xa0\xf9\x8d" + "\x94\xe9\x5a\xec\xd4\x0d\x1f\x5c\xbe\x6f\x8e\x6a\x4d\x10\x65\xbb" + "\xc7\x0b\xa0\xd5\x5c\x20\x80\x0b\x4a\x43\xa6\xe1\xb0\xe0\x56\x6a" + "\xde\x90\xe0\x6a\x45\xe7\xc2\xd2\x69\x9b\xc6\x62\x11\xe3\x2b\xa5" + "\x45\x98\xb0\x80\xd3\x57\x4d\x1f\x09\x83\x58\xd4\x4d\xa6\xc5\x95" + "\x87\x59\xb0\x58\x6c\x81\x49\xc5\x95\x18\x23\x1b\x6f\x10\x86\xa2" + "\xd9\x56\x19\x30\xec\xd3\x4a\x4b\xe8\x1c\x11\x37\xfb\x31\x60\x4d" + "\x4f\x9b\xc4\x95\xba\xda\x49\x43\x6c\xc7\x3d\x5b\x13\xf9\x91\xf8", + "\xcd\x2b\x83\xd5\x5b\x5a\x8e\x0b\x2e\x77\x0d\x97\xbf\xf7\xaa\xab" }, + /* After setiv, ctr_low: 0xfffffffd */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x76\x8c\x18\x92", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x3d\x6f\x4e\xf6\xd2\x6f\x4e\xce\xa6\xb4\x4a\x9e\xcb\x57\x13\x90" + "\x51\x3b\xf6\xb2\x40\x55\x0c\x2c\xa2\x85\x44\x72\xf2\x90\xaf\x6b" + "\x86\x8c\x75\x2a\x9c\xd6\x52\x50\xee\xc6\x5f\x59\xbc\x8d\x18\xd7" + "\x87\xa5\x7f\xa0\x13\xd1\x5d\x54\x77\x30\xe2\x5d\x1b\x4f\x87\x9f" + "\x3a\x41\xcb\x6a\xdf\x44\x4f\xa2\x1a\xbc\xfb\x4b\x16\x67\xed\x59" + "\x65\xf0\x77\x48\xca\xfd\xf0\xb6\x90\x65\xca\x23\x09\xca\x83\x43" + "\x8f\xf0\x78\xb4\x5f\x96\x2a\xfd\x29\xae\xda\x62\x85\xc5\x87\x4b" + "\x2a\x3f\xba\xbe\x15\x5e\xb0\x4e\x8e\xe7\x66\xae\xb4\x80\x66\x90" + "\x10\x9d\x81\xb9\x64\xd3\x36\x00\xb2\x95\xa8\x7d\xaf\x54\xf8\xbd" + "\x8f\x7a\xb1\xa1\xde\x09\x0d\x10\xc8\x8e\x1e\x18\x2c\x1e\x73\x71" + "\x2f\x1e\xfd\x16\x6e\xbe\xe1\x3e\xe5\xb4\xb5\xbf\x03\x63\xf4\x5a" + "\x0d\xeb\xff\xe0\x61\x80\x67\x51\xb4\xa3\x1f\x18\xa5\xa9\xf1\x9a" + "\xeb\x2a\x7f\x56\xb6\x01\x88\x82\x78\xdb\xec\xb7\x92\xfd\xef\x56" + "\x55\xd3\x72\x35\xcd\xa4\x0d\x19\x6a\xb6\x79\x91\xd5\xcb\x0e\x3b" + "\xfb\xea\xa3\x55\x9f\x77\xfb\x75\xc2\x3e\x09\x02\x73\x7a\xff\x0e" + "\xa5\xf0\x83\x11\xeb\xe7\xff\x3b\xd0\xfd\x7a\x07\x53\x63\x43\x89" + "\xf5\x7b\xc4\x7d\x3b\x2c\x9b\xca\x1c\xf6\xb2\xab\x13\xf5\xc4\x2a" + "\xbf\x46\x77\x3b\x09\xdd\xd1\x80\xef\x55\x11\x3e\xd8\xe4\x42\x22", + "\xa3\x86\xa1\x5f\xe3\x4f\x3b\xed\x12\x23\xeb\x5c\xb8\x0c\xad\x4a" }, + /* After setiv, ctr_low: 0xfffffffc */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x9b\xc8\xc3\xaf", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x33\x5f\xdc\x8d\x5d\x77\x7b\x78\xc1\x5b\x7b\xb3\xd9\x08\x9a\x0c" + "\xce\x63\x4e\xef\x19\xf8\x8c\x7a\xcb\x31\x39\x93\x69\x7a\x2c\x97" + "\x3a\xb4\x52\x45\x9e\x7b\x78\xbc\xa9\xad\x54\x7f\x88\xa6\xae\xd5" + "\xc0\x8b\x7a\xe4\x23\x6b\xb2\x29\x98\xea\x25\x7a\xae\x11\x0c\xc9" + "\xf3\x77\xa1\x74\x82\xde\x0c\xec\x68\xce\x94\xfd\xb0\xa0\xc5\x32" + "\xd6\xbb\xc3\xe7\xed\x3c\x6f\x0b\x53\x9d\xf3\xc8\xeb\x4e\xee\x99" + "\x19\xc7\x16\xd1\xa5\x59\x1d\xa9\xd3\xe6\x43\x52\x74\x61\x28\xe6" + "\xac\xd8\x47\x63\xc2\xb7\x53\x39\xc1\x9a\xb0\xa3\xa4\x26\x14\xd0" + "\x88\xa9\x8c\xc5\x6d\xe9\x21\x7c\xb9\xa5\xab\x67\xe3\x8d\xe9\x1d" + "\xe3\x1c\x7b\xcd\xa4\x12\x0c\xd7\xa6\x5d\x41\xcf\xdd\x3d\xfc\xbc" + "\x2a\xbb\xa2\x7a\x9c\x4b\x3a\x42\x6c\x98\x1d\x50\x99\x9c\xfb\xda" + "\x21\x09\x2a\x31\xff\x05\xeb\xa5\xf1\xba\x65\x78\xbe\x15\x8e\x84" + "\x35\xdd\x45\x29\xcc\xcd\x32\x2d\x27\xe9\xa8\x94\x4b\x16\x16\xcc" + "\xab\xf2\xec\xfb\xa0\xb5\x9d\x39\x81\x3e\xec\x5e\x3d\x13\xd1\x83" + "\x04\x79\x2d\xbb\x2c\x76\x76\x93\x28\x77\x27\x13\xdd\x1d\x3e\x89" + "\x3e\x37\x46\x4c\xb8\x34\xbe\xbf\x9f\x4f\x9f\x37\xff\x0c\xe6\x14" + "\x14\x66\x52\x41\x18\xa9\x39\x2b\x0c\xe5\x44\x04\xb0\x93\x06\x64" + "\x67\xf7\xa0\x19\xa7\x61\xcf\x03\x7b\xcb\xc8\xb3\x88\x28\xe4\xe7", + "\xe6\xe8\x0a\xe3\x72\xfc\xe0\x07\x69\x09\xf2\xeb\xbc\xc8\x6a\xf0" }, + /* After setiv, ctr_low: 0xfffffffb */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x60\x95\x1a\xe2", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\xd8\x32\x5a\xe3\x55\x8e\xb3\xc2\x51\x84\x2b\x09\x01\x5e\x6c\xfb" + "\x4a\xc4\x88\xa0\x33\xe7\x3e\xbf\xe5\x7c\xd2\x00\x4c\x1a\x85\x32" + "\x34\xec\x38\x9d\x18\x5f\xf1\x50\x61\x82\xee\xf3\x84\x5a\x84\x4e" + "\xeb\x29\x08\x4c\x7b\xb5\x27\xec\x7d\x79\x77\xd7\xa1\x68\x91\x32" + "\x2d\xf3\x38\xa9\xd6\x27\x16\xfb\x7d\x8b\x09\x5e\xcf\x1b\x74\x6d" + "\xcf\x51\x91\x91\xa1\xe7\x40\x19\x43\x7b\x0d\xa5\xa9\xa5\xf4\x2e" + "\x7f\x1c\xc7\xba\xa2\xea\x00\xdd\x24\x01\xa8\x66\x1e\x88\xf1\xf6" + "\x0c\x9a\xd6\x2b\xda\x3f\x3e\xb2\x98\xea\x89\xc7\xc6\x63\x27\xb7" + "\x6a\x48\x9a\xee\x1e\x70\xa0\xc8\xec\x3d\xc3\x3e\xb5\xf0\xc2\xb1" + "\xb9\x71\x1a\x69\x9d\xdd\x72\x1e\xfe\x72\xa0\x21\xb8\x9f\x18\x96" + "\x26\xcf\x89\x2e\x92\xf1\x02\x65\xa5\xb4\x2e\xb7\x4e\x12\xbd\xa0" + "\x48\xbe\xf6\x5c\xef\x7e\xf3\x0a\xcf\x9d\x1f\x1e\x14\x70\x3e\xa0" + "\x01\x0f\x14\xbf\x38\x10\x3a\x3f\x3f\xc2\x76\xe0\xb0\xe0\x7c\xc6" + "\x77\x6d\x7f\x69\x8e\xa0\x4b\x00\xc3\x9d\xf9\x0b\x7f\x8a\x8e\xd3" + "\x17\x58\x40\xfe\xaf\xf4\x16\x3a\x65\xff\xce\x85\xbb\x80\xfa\xb8" + "\x34\xc9\xef\x3a\xdd\x04\x46\xca\x8f\x70\x48\xbc\x1c\x71\x4d\x6a" + "\x17\x30\x32\x87\x2e\x2e\x54\x9e\x3f\x15\xed\x17\xd7\xa1\xcf\x6c" + "\x5d\x0f\x3c\xee\xf5\x96\xf1\x8f\x68\x1c\xbc\x27\xdc\x10\x3c\x3c", + "\x8c\x31\x06\xbb\xf8\x18\x2d\x9d\xd1\x0d\x03\x56\x2b\x28\x25\x9b" }, + /* After setiv, ctr_low: 0xfffffffa */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x6b\x99\x9b\xda", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x7a\x74\x57\xe7\xc1\xb8\x7e\xcf\x91\x98\xf4\x1a\xa4\xdb\x4d\x2c" + "\x6e\xdc\x05\x0b\xd1\x16\xdf\x25\xa8\x1e\x42\xa6\xf9\x09\x36\xfb" + "\x02\x8a\x10\x7d\xa1\x07\x88\x40\xb7\x41\xfd\x64\xf6\xe3\x92\x20" + "\xfd\xc9\xde\xbd\x88\x46\xd3\x1f\x20\x14\x73\x86\x09\xb6\x68\x61" + "\x64\x90\xda\x24\xa8\x0f\x6a\x10\xc5\x01\xbf\x52\x8a\xee\x23\x44" + "\xd5\xb0\xd8\x68\x5e\x77\xc3\x62\xed\xcb\x3c\x1b\x0c\x1f\x13\x92" + "\x2c\x74\x6d\xee\x40\x1b\x6b\xfe\xbe\x3c\xb8\x02\xdd\x24\x9d\xd3" + "\x3d\x4e\xd3\x9b\x18\xfd\xd6\x8f\x95\xef\xa3\xbf\xa9\x2f\x33\xa8" + "\xc2\x37\x69\x58\x92\x42\x3a\x30\x46\x12\x1b\x2c\x04\xf0\xbf\xa9" + "\x79\x55\xcd\xac\x45\x36\x79\xc0\xb4\xb2\x5f\x82\x88\x49\xe8\xa3" + "\xbf\x33\x41\x7a\xcb\xc4\x11\x0e\xcc\x61\xed\xd1\x6b\x59\x5f\x9d" + "\x20\x6f\x85\x01\xd0\x16\x2a\x51\x1b\x79\x35\x42\x5e\x49\xdf\x6f" + "\x64\x68\x31\xac\x49\x34\xfb\x2b\xbd\xb1\xd9\x12\x4e\x4b\x16\xc5" + "\xa6\xfe\x15\xd3\xaf\xac\x51\x08\x95\x1f\x8c\xd2\x52\x37\x8b\x88" + "\xf3\x20\xe2\xf7\x09\x55\x82\x83\x1c\x38\x5f\x17\xfc\x37\x26\x21" + "\xb8\xf1\xfe\xa9\xac\x54\x1e\x53\x83\x53\x3f\x43\xe4\x67\x22\xd5" + "\x86\xec\xf2\xb6\x4a\x8b\x8a\x66\xea\xe0\x92\x50\x3b\x51\xe4\x00" + "\x25\x2a\x7a\x64\x14\xd6\x09\xe1\x6c\x75\x32\x28\x53\x5e\xb3\xab", + "\x5d\x4b\xb2\x8f\xfe\xa5\x7f\x01\x6d\x78\x6c\x13\x58\x08\xe4\x94" }, + /* After setiv, ctr_low: 0xfffffff9 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x90\xc4\x42\x97", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\xf5\xc1\xed\xb8\x7f\x55\x7b\xb5\x47\xed\xaa\x42\xd2\xda\x33\x41" + "\x4a\xe0\x36\x6d\x51\x28\x40\x9c\x35\xfb\x11\x65\x18\x83\x9c\xb5" + "\x02\xb2\xa7\xe5\x52\x27\xa4\xe8\x57\x3d\xb3\xf5\xea\xcb\x21\x07" + "\x67\xbe\xbe\x0f\xf6\xaa\x32\xa1\x4b\x5e\x79\x4f\x50\x67\xcd\x80" + "\xfc\xf1\x65\xf2\x6c\xd0\xdb\x17\xcc\xf9\x52\x93\xfd\x5e\xa6\xb9" + "\x5c\x9f\xa8\xc6\x36\xb7\x80\x80\x6a\xea\x62\xdc\x61\x13\x45\xbe" + "\xab\x8f\xd8\x99\x17\x51\x9b\x29\x04\x6e\xdb\x3e\x9f\x83\xc6\x35" + "\xb3\x90\xce\xcc\x74\xec\xcb\x04\x41\xac\xb1\x92\xde\x20\xb1\x67" + "\xb0\x38\x14\xaa\x7d\xee\x3c\xb2\xd3\xbb\x2f\x88\x0b\x73\xcf\x7b" + "\x69\xc1\x55\x5b\x2b\xf2\xd4\x38\x2b\x3c\xef\x04\xc9\x14\x7c\x31" + "\xd6\x61\x88\xa8\xb3\x8c\x69\xb4\xbc\xaa\x0d\x15\xd2\xd5\x27\x63" + "\xc4\xa4\x80\xe9\x2b\xe9\xd2\x34\xc9\x0e\x3f\x7b\xd3\x43\x0d\x47" + "\x5d\x37\x8e\x42\xa4\x4e\xef\xcd\xbb\x3a\x5b\xa4\xe1\xb0\x8d\x64" + "\xb7\x0b\x58\x52\xec\x55\xd0\xef\x23\xfe\xf2\x8d\xe0\xd1\x6a\x2c" + "\xaa\x1c\x03\xc7\x3e\x58\x4c\x61\x72\x07\xc6\xfd\x0e\xbc\xd4\x6b" + "\x99\x4f\x91\xda\xff\x6f\xea\x81\x0c\x76\x85\x5d\x0c\x7f\x1c\xb8" + "\x84\x8c\x2f\xe1\x36\x3e\x68\xa0\x57\xf5\xdf\x13\x0a\xd6\xe1\xcd" + "\xae\x23\x99\x4e\xed\x7a\x72\x1b\x7c\xe5\x65\xd1\xb7\xcf\x2f\x73", + "\x1e\x2f\xcf\x3c\x95\x9a\x29\xec\xd3\x37\x90\x8c\x84\x8a\xfb\x95" }, + /* After setiv, ctr_low: 0xfffffff8 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xb7\xfa\xc7\x4f", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x14\x33\xc6\x9d\x04\xd3\x48\x29\x0c\x6a\x24\x27\xdf\x5f\x0a\xd2" + "\x71\xd6\xd0\x18\x04\xc0\x9f\x72\x0a\x60\xb7\x10\x52\x56\xf7\xae" + "\x64\xb0\x28\xd4\xfd\x25\x93\x8e\x67\x7e\xac\xc2\x93\xc7\x54\x2e" + "\x82\x93\x88\x6a\xb9\x8b\x73\xbc\x88\xec\x27\xdd\x4f\x9b\x21\x9e" + "\x77\x98\x70\x0b\xf4\xd8\x55\xfe\xf4\xc3\x3a\xcb\xca\x3a\xfb\xd4" + "\x52\x72\x2f\xf8\xac\xa9\x6a\xf5\x13\xab\x7a\x2e\x9f\x52\x41\xbd" + "\x87\x90\x68\xad\x17\xbd\x5a\xff\xc3\xc6\x10\x4d\xc1\xfe\xfc\x72" + "\x21\xb5\x53\x4a\x3f\xe0\x15\x9f\x29\x36\x23\xc0\x9a\x31\xb2\x0f" + "\xcd\x2f\xa6\xd0\xfc\xe6\x4d\xed\x68\xb3\x3d\x26\x67\xab\x40\xf0" + "\xab\xcf\x72\xc0\x50\xb1\x1e\x86\x38\xe2\xe0\x46\x3a\x2e\x3e\x1d" + "\x07\xd6\x9d\xe8\xfc\xa3\xe7\xac\xc9\xa0\xb3\x22\x05\xbc\xbf\xd2" + "\x63\x44\x66\xfc\xb4\x7b\xb4\x70\x7e\x96\xa9\x16\x1b\xb2\x7d\x93" + "\x44\x92\x5e\xbd\x16\x34\xa7\x11\xd0\xdf\x52\xad\x6f\xbd\x23\x3c" + "\x3d\x58\x16\xaf\x99\x8b\xbb\xa0\xdc\x3a\xff\x17\xda\x56\xba\x77" + "\xae\xc4\xb1\x51\xe2\x61\x4f\xf0\x66\x1b\x4c\xac\x79\x34\x1c\xfd" + "\x6c\x5f\x9a\x2c\x60\xfc\x47\x00\x5f\x2d\x81\xcc\xa9\xdd\x2b\xf4" + "\x5b\x53\x44\x61\xd4\x13\x5a\xf3\x93\xf0\xc9\x24\xd4\xe6\x60\x6f" + "\x78\x02\x0c\x75\x9d\x0d\x23\x97\x35\xe2\x06\x8a\x49\x5e\xe5\xbe", + "\x23\xc0\x4a\x2f\x98\x93\xca\xbd\x2e\x44\xde\x05\xcc\xe7\xf1\xf5" }, + /* After setiv, ctr_low: 0xfffffff7 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x4c\xa7\x1e\x02", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x51\x51\x64\x89\xeb\x9f\xf9\xd6\xb1\xa6\x73\x5f\xf1\x62\xb5\xe4" + "\x00\x80\xdb\x4c\x1c\xce\xe5\x00\xeb\xea\x6c\x57\xe4\x27\xfc\x71" + "\x08\x8c\xa1\xfc\x59\x1d\x07\x45\x3c\xc9\x4e\x0f\xb6\xea\x96\x90" + "\xae\xf7\x81\x1e\x7e\x6c\x5e\x50\xaf\x34\x3e\xa0\x55\x59\x8e\xe7" + "\xc1\xba\x48\xfa\x9e\x07\xf6\x6a\x24\x54\x3e\x9b\xa5\xfe\x31\x16" + "\x3d\x4d\x9c\xc4\xe1\xec\x26\xa0\x8b\x59\xa6\xf3\x94\xf8\x88\xda" + "\x1f\x88\x23\x5f\xfb\xfd\x79\xa2\xd3\x62\x30\x66\x69\xd9\x0d\x05" + "\xc0\x75\x4c\xb8\x48\x34\x1d\x97\xcf\x29\x6a\x12\x1c\x26\x54\x1d" + "\x80\xa9\x06\x74\x86\xff\xc6\xb4\x72\xee\x34\xe2\x56\x06\x6c\xf5" + "\x11\xe7\x26\x71\x47\x6b\x05\xbd\xe4\x0b\x40\x78\x84\x3c\xf9\xf2" + "\x78\x34\x2b\x3c\x5f\x0e\x4c\xfb\x17\x39\xdc\x59\x6b\xd1\x56\xac" + "\xe4\x1f\xb9\x19\xbc\xec\xb1\xd0\x6d\x47\x3b\x37\x4d\x0d\x6b\x65" + "\x7c\x70\xe9\xec\x58\xcc\x09\xd4\xd9\xbf\x9f\xe0\x6c\x7f\x60\x28" + "\xd8\xdf\x8e\xd1\x6a\x73\x42\xf3\x50\x01\x79\x68\x41\xc3\xba\x19" + "\x1e\x2d\x30\xc2\x81\x2c\x9f\x11\x8b\xd0\xdc\x31\x3b\x01\xfe\x53" + "\xa5\x11\x13\x22\x89\x40\xb9\x1b\x12\x89\xef\x9a\xcb\xa8\x03\x4f" + "\x54\x1a\x15\x6d\x11\xba\x05\x09\xd3\xdb\xbf\x05\x42\x3a\x5a\x27" + "\x3b\x34\x5c\x58\x8a\x5c\xa4\xc2\x28\xdc\xb2\x3a\xe9\x99\x01\xd6", + "\x30\xb2\xb5\x11\x8a\x3a\x8d\x70\x67\x71\x14\xde\xed\xa7\x43\xb5" }, + /* After setiv, ctr_low: 0xfffffff6 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x47\xab\x9f\x3a", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x05\x72\x44\xa0\x99\x11\x1d\x2c\x4b\x03\x4f\x20\x92\x88\xbe\x55" + "\xee\x31\x2c\xd9\xc0\xc1\x64\x77\x79\xd7\x3e\xfa\x5a\x7d\xf0\x48" + "\xf8\xc8\xfe\x81\x8f\x89\x92\xa6\xc2\x07\xdc\x9f\x3f\xb2\xc8\xf2" + "\xf3\xe9\xe1\xd3\xed\x55\xb4\xab\xc3\x22\xed\x8f\x00\xde\x32\x95" + "\x91\xc0\xc5\xf3\xd3\x93\xf0\xee\x56\x14\x8f\x96\xff\xd0\x6a\xbd" + "\xfc\x57\xc2\xc3\x7b\xc1\x1d\x56\x48\x3f\xa6\xc7\x92\x47\xf7\x2f" + "\x0b\x85\x1c\xff\x87\x29\xe1\xbb\x9b\x14\x6c\xac\x51\x0a\xc0\x7b" + "\x22\x25\xb0\x48\x92\xad\x09\x09\x6e\x39\x8e\x96\x13\x05\x55\x92" + "\xbd\xd7\x5d\x95\x35\xdd\x8a\x9d\x05\x59\x60\xae\xbb\xc0\x85\x92" + "\x4c\x8b\xa0\x3f\xa2\x4a\xe5\x2e\xde\x85\x1a\x39\x10\x22\x11\x1b" + "\xdd\xcc\x96\xf4\x93\x97\xf5\x81\x85\xf3\x33\xda\xa1\x9a\xba\xfd" + "\xb8\xaf\x60\x81\x37\xf1\x02\x88\x54\x15\xeb\x21\xd1\x19\x1a\x1f" + "\x28\x9f\x02\x27\xca\xce\x97\xda\xdc\xd2\x0f\xc5\x0e\x2e\xdd\x4f" + "\x1d\x24\x62\xe4\x6e\x4a\xbe\x96\x95\x38\x0c\xe9\x26\x14\xf3\xf0" + "\x92\xbc\x97\xdc\x38\xeb\x64\xc3\x04\xc1\xa2\x6c\xad\xbd\xf8\x03" + "\xa0\xa4\x68\xaa\x9d\x1f\x09\xe6\x62\x95\xa2\x1c\x32\xef\x62\x28" + "\x7e\x54\x6d\x4b\x6a\xcc\x4a\xd0\x82\x47\x46\x0d\x45\x3c\x36\x03" + "\x86\x90\x44\x65\x18\xac\x19\x75\xe6\xba\xb1\x9a\xb4\x5d\x84\x9b", + "\x31\x22\x2b\x11\x6e\x2b\x94\x56\x37\x9d\xc3\xa5\xde\xe7\x6e\xc9" }, + /* After setiv, ctr_low: 0xfffffff5 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xbc\xf6\x46\x77", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x6e\x32\xdb\x04\x32\x57\x15\x78\x0e\x4c\x70\x66\x5c\x91\x43\x0c" + "\x63\x73\xb8\x86\xad\xb0\xf1\x34\x0f\x0c\x7e\xd3\x4e\xcb\xc9\xea" + "\x19\x3c\xb8\x14\xd0\xab\x9e\x9b\x22\xda\x7a\x96\xa7\xf5\xa2\x99" + "\x58\xe3\xd6\x72\x0f\xf5\xdf\x88\xd1\x33\xb1\xe5\x03\x72\x62\x1c" + "\xa7\xf2\x67\x50\x0e\x70\xc3\x7a\x6c\x4a\x90\xba\x78\x9e\xd2\x0b" + "\x29\xd4\xc8\xa7\x57\x06\xf2\xf4\x01\x4b\x30\x53\xea\xf7\xde\xbf" + "\x1c\x12\x03\xcf\x9f\xcf\x80\x8b\x77\xfd\x73\x48\x79\x19\xbe\x38" + "\x75\x0b\x6d\x78\x7d\x79\x05\x98\x65\x3b\x35\x8f\x68\xff\x30\x7a" + "\x6e\xf7\x10\x9e\x11\x25\xc4\x95\x97\x7d\x92\x0f\xbf\x38\x95\xbd" + "\x5d\x2a\xf2\x06\x2c\xd9\x5a\x80\x91\x4e\x22\x7d\x5f\x69\x85\x03" + "\xa7\x5d\xda\x22\x09\x2b\x8d\x29\x67\x7c\x8c\xf6\xb6\x49\x20\x63" + "\xb9\xb6\x4d\xb6\x37\xa3\x7b\x19\xa4\x28\x90\x83\x55\x3d\x4e\x18" + "\xc8\x65\xbc\xd1\xe7\xb5\xcf\x65\x28\xea\x19\x11\x5c\xea\x83\x8c" + "\x44\x1f\xac\xc5\xf5\x3a\x4b\x1c\x2b\xbf\x76\xd8\x98\xdb\x50\xeb" + "\x64\x45\xae\xa5\x39\xb7\xc8\xdf\x5a\x73\x6d\x2d\x0f\x4a\x5a\x17" + "\x37\x66\x1c\x3d\x27\xd5\xd6\x7d\xe1\x08\x7f\xba\x4d\x43\xc2\x29" + "\xf7\xbe\x83\xec\xd0\x3b\x2e\x19\x9e\xf7\xbf\x1b\x16\x34\xd8\xfa" + "\x32\x17\x2a\x90\x55\x93\xd5\x3e\x14\x8d\xd6\xa1\x40\x45\x09\x52", + "\x89\xf2\xae\x78\x38\x8e\xf2\xd2\x52\xa8\xba\xb6\xf2\x5d\x7c\xfc" }, + /* After setiv, ctr_low: 0xfffffff4 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x51\xb2\x9d\x4a", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x1d\xb8\x77\xcd\xcd\xfe\xde\x07\x97\xcb\x97\x3a\x4f\xa0\xd0\xe6" + "\xcc\xcf\x8b\x71\xd5\x65\x3d\xc4\x17\x52\xe7\x1d\x6a\x68\x4a\x77" + "\xca\x04\x4a\xef\x8e\x7e\xce\x79\xa1\x80\x0d\x9e\xd5\xf4\xce\x66" + "\x4d\x54\xb1\x09\xd1\xb6\xb0\x43\x28\xe8\x53\xe2\x24\x9c\x76\xc5" + "\x4d\x22\xf3\x6e\x13\xf3\xd7\xe0\x85\xb8\x9e\x0b\x17\x22\xc0\x79" + "\x2b\x72\x57\xaa\xbd\x43\xc3\xf7\xde\xce\x22\x41\x3c\x7e\x37\x1a" + "\x55\x2e\x36\x0e\x7e\xdc\xb3\xde\xd7\x33\x36\xc9\xc8\x56\x93\x51" + "\x68\x77\x9a\xb0\x08\x5c\x22\x35\xef\x5c\x9b\xbf\x3e\x20\x8a\x84" + "\x3d\xb3\x60\x10\xe1\x97\x30\xd7\xb3\x6f\x40\x5a\x2c\xe0\xe5\x52" + "\x19\xb6\x2b\xed\x6e\x8e\x18\xb4\x8d\x78\xbd\xc4\x9f\x4f\xbd\x82" + "\x98\xd6\x71\x3d\x71\x5b\x78\x73\xee\x8e\x4b\x37\x88\x9e\x21\xca" + "\x00\x6c\xc2\x96\x8d\xf0\xcd\x09\x58\x54\x5a\x58\x59\x8e\x9b\xf8" + "\x72\x93\xd7\xa0\xf9\xc4\xdc\x48\x89\xaa\x31\x95\xda\x4e\x2f\x79" + "\x1e\x37\x49\x92\x2e\x32\x2e\x76\x54\x2a\x64\xa8\x96\x67\xe9\x75" + "\x10\xa6\xeb\xad\xc6\xa8\xec\xb7\x18\x0a\x32\x26\x8d\x6e\x03\x74" + "\x0e\x1f\xfc\xde\x76\xff\x6e\x96\x42\x2d\x80\x0a\xc6\x78\x70\xc4" + "\xd8\x56\x7b\xa6\x38\x2f\xf6\xc0\x9b\xd7\x21\x6e\x88\x5d\xc8\xe5" + "\x02\x6a\x09\x1e\xb3\x46\x44\x80\x82\x5b\xd1\x66\x06\x61\x4f\xb8", + "\x16\x0e\x73\xa3\x14\x43\xdb\x15\x9c\xb0\x0d\x30\x6d\x9b\xe1\xb1" }, + /* After setiv, ctr_low: 0xfffffff3 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xaa\xef\x44\x07", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x42\x71\x54\xe2\xdb\x50\x5d\x3c\x10\xbd\xf8\x60\xbd\xdb\x26\x14" + "\x7d\x13\x59\x98\x28\xfb\x43\x42\xca\x72\xe6\xd8\x58\x00\xa2\x1b" + "\x6a\x61\xb4\x3a\x80\x6b\x9e\x14\xbd\x11\x33\xab\xe9\xb9\x91\x95" + "\xd7\x5d\xc3\x98\x1f\x7f\xcb\xa8\xf0\xec\x31\x26\x51\xea\x2e\xdf" + "\xd9\xde\x70\xf5\x84\x27\x3a\xac\x22\x05\xb9\xce\x2a\xfb\x2a\x83" + "\x1e\xce\x0e\xb2\x31\x35\xc6\xe6\xc0\xd7\xb0\x5f\xf5\xca\xdb\x13" + "\xa7\xfe\x4f\x85\xa3\x4f\x94\x5c\xc1\x04\x12\xde\x6f\xa1\xdb\x41" + "\x59\x82\x22\x22\x65\x97\x6d\xc8\x67\xab\xf3\x90\xeb\xa4\x00\xb3" + "\x7d\x94\x3d\x7b\x2a\xe2\x85\x36\x87\x16\xb8\x19\x92\x02\xe0\x43" + "\x42\x85\xa1\xe6\xb8\x11\x30\xcc\x2c\xd8\x63\x09\x0e\x53\x5f\xa3" + "\xe0\xd4\xee\x0e\x04\xee\x65\x61\x96\x84\x42\x0c\x68\x8d\xb7\x48" + "\xa3\x02\xb4\x82\x69\xf2\x35\xe4\xce\x3b\xe3\x44\xce\xad\x49\x32" + "\xab\xda\x04\xea\x06\x60\xa6\x2a\x7d\xee\x0f\xb8\x95\x90\x22\x62" + "\x9c\x78\x59\xd3\x7b\x61\x02\x65\x63\x96\x9f\x67\x50\xa0\x61\x43" + "\x53\xb2\x3f\x22\xed\x8c\x42\x39\x97\xd9\xbc\x6e\x81\xb9\x21\x97" + "\xc6\x5b\x68\xd7\x7f\xd0\xc5\x4a\xfb\x74\xc4\xfd\x9a\x2a\xb8\x9b" + "\x48\xe0\x00\xea\x6d\xf5\x30\x26\x61\x8f\xa5\x45\x70\xc9\x3a\xea" + "\x6d\x19\x11\x57\x0f\x21\xe6\x0a\x53\x94\xe3\x0c\x99\xb0\x2f\xc5", + "\x92\x92\x89\xcd\x4f\x3c\x6d\xbc\xe8\xb3\x70\x14\x5b\x3c\x12\xe4" }, + /* After setiv, ctr_low: 0xfffffff2 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa1\xe3\xc5\x3f", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\x41\xc3\xcb\xd7\x6e\xde\x2a\xc6\x15\x05\xc6\xba\x27\xae\xcd\x37" + "\xc0\xe5\xbf\xb9\x5c\xdc\xd6\xad\x1a\xe1\x35\x7c\xc0\x85\x85\x51" + "\x8c\x98\x06\xc0\x72\x43\x71\x7a\x2d\x7c\x81\x3c\xe7\xd6\x32\x8e" + "\x22\x2b\x46\x95\x6a\xde\x45\x40\x56\xe9\x63\x32\x68\xbf\xb6\x78" + "\xb7\x86\x00\x9d\x2c\x9e\xed\x67\xc1\x9b\x09\x9e\xd9\x0a\x56\xcb" + "\x57\xc9\x48\x14\x23\x4e\x97\x04\xb5\x85\x25\x1d\xcb\x1a\x79\x9b" + "\x54\x06\x95\xad\x16\x81\x84\x3a\x38\xec\x41\x90\x2a\xfa\x50\xe0" + "\xb9\x20\xa6\xeb\xfe\x2e\x5c\xa1\xf6\x3c\x69\x4c\xce\xf8\x30\xe0" + "\x87\x68\xa2\x3a\x9d\xad\x75\xd4\xa5\x6b\x0a\x90\x65\xa2\x27\x64" + "\x9d\xf5\xa0\x6f\xd0\xd3\x62\xa5\x2d\xae\x02\x89\xb4\x1a\xfa\x32" + "\x9b\xa0\x44\xdd\x50\xde\xaf\x41\xa9\x89\x1e\xb0\x41\xbc\x9c\x41" + "\xb0\x35\x5e\xf1\x9a\xd9\xab\x57\x53\x21\xca\x39\xfc\x8b\xb4\xd4" + "\xb2\x19\x8a\xe9\xb2\x24\x1e\xce\x2e\x19\xb0\xd2\x93\x30\xc4\x70" + "\xe2\xf8\x6a\x8a\x99\x3b\xed\x71\x7e\x9e\x98\x99\x2a\xc6\xdd\xcf" + "\x43\x32\xdb\xfb\x27\x22\x89\xa4\xc5\xe0\xa2\x94\xe9\xcf\x9d\x48" + "\xab\x3f\xfa\x4f\x75\x63\x46\xdd\xfe\xfa\xf0\xbf\x6e\xa1\xf9\xca" + "\xb1\x77\x79\x35\x6c\x33\xe1\x57\x68\x50\xe9\x78\x4e\xe4\xe2\xf0" + "\xcf\xe4\x23\xde\xf4\xa7\x34\xb3\x44\x97\x38\xd2\xbd\x27\x44\x0e", + "\x75\x0a\x41\x3b\x87\xe3\xc7\xf6\xd6\xe3\xab\xfa\x4b\xbe\x2e\x56" }, + /* After setiv, ctr_low: 0xfffffff1 */ + { GCRY_CIPHER_AES256, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x5a\xbe\x1c\x72", + 16, + "", 0, + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00" + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + 288, + "\xf1\x3c\x7a\xa4\xa9\xaf\xe7\x49\x19\x7d\xad\x50\xc1\x6a\x84\x87" + "\xf5\x69\xe4\xe5\xc2\x0a\x90\x33\xc3\xeb\x76\x63\x5f\x9b\x1d\xf9" + "\x53\x4a\x2a\x6d\x6b\x61\xe0\x5d\xed\xcb\x98\x0d\xf2\x57\x33\x12" + "\xd1\x44\xaa\x7a\x7e\x4e\x41\x0e\xe6\xa7\x9f\x17\x92\x28\x91\xad" + "\xca\xce\xf2\xa8\x73\x4a\xad\x89\x62\x73\x0b\x9a\x68\x91\xa8\x11" + "\x44\x01\xfd\x57\xe4\xf8\x84\x55\x2b\x66\xdb\xb9\xd6\xee\x83\xe5" + "\x57\xea\x5c\x6a\x23\x87\xdd\x0a\x45\x63\xb4\x0c\x8f\xc5\x9f\x22" + "\xf3\x4f\x4e\x6f\x7b\x14\x62\xf7\x80\x59\x4a\xc5\xc8\xae\x8a\x6f" + "\x5e\xe3\x1e\xe6\xae\xec\x99\x77\x6b\x88\x14\xe3\x58\x88\x61\x74" + "\x38\x91\xa1\x32\xb8\xd2\x39\x6b\xe2\xcb\x8e\x77\xde\x92\x36\x78" + "\xad\x50\xcf\x08\xb8\xfa\x29\x59\xb4\x68\x1b\x23\x10\x57\x32\x92" + "\xf8\xec\xe1\x97\xdb\x30\x85\x22\xb5\x68\x2f\xf2\x98\xda\x06\xee" + "\x65\x02\xe7\xf9\xc8\xc1\xca\x8f\xd3\xed\x4a\x3c\x09\xdd\xde\x64" + "\xd9\x85\x17\x2c\x62\x41\x35\x24\xed\x6b\x87\x78\x1e\xb5\x7a\x9b" + "\xa3\x90\xa3\x99\xc7\x39\x51\x10\xb7\x6a\x12\x3b\x64\xfe\x32\x3c" + "\xb6\x84\x9a\x3f\x95\xd3\xcb\x22\x69\x9c\xf9\xb7\xc2\x8b\xf4\x55" + "\x68\x60\x11\x20\xc5\x3e\x0a\xc0\xba\x00\x0e\x88\x96\x66\xfa\xf0" + "\x75\xbc\x2b\x9c\xff\xc5\x33\x7b\xaf\xb2\xa6\x34\x78\x44\x9c\xa7", + "\x01\x24\x0e\x17\x17\xe5\xfc\x90\x07\xfa\x78\xd5\x5d\x66\xa3\xf5" }, }; gcry_cipher_hd_t hde, hdd; - unsigned char out[MAX_DATA_LEN]; + unsigned char out[MAX_GCM_DATA_LEN]; unsigned char tag[GCRY_GCM_BLOCK_LEN]; int i, keylen; gcry_error_t err = 0; @@ -1885,8 +2562,12 @@ check_gcm_cipher (void) _check_gcm_cipher(1); /* Split input to 7 byte buffers. */ _check_gcm_cipher(7); + /* Split input to 15 byte buffers. */ + _check_gcm_cipher(15); /* Split input to 16 byte buffers. */ _check_gcm_cipher(16); + /* Split input to 17 byte buffers. */ + _check_gcm_cipher(17); } commit c114ffd6da837e7aace318e37bbcf9325dd985b7 Author: Jussi Kivilinna Date: Sat Jan 20 21:12:12 2018 +0200 doc: fix double "See" in front of reference * doc/gcrypt.texi: Change @xref to @ref when text already has 'see' in the front. -- @xref references start with `See ...'. Use @ref instead when text already has 'see' in front. Signed-off-by: Jussi Kivilinna (cherry picked from commit bd75f0e89817b5708c57efab49e3eb4e035186e2) diff --git a/doc/gcrypt.texi b/doc/gcrypt.texi index 0dd8a18..2e89213 100644 --- a/doc/gcrypt.texi +++ b/doc/gcrypt.texi @@ -1726,7 +1726,7 @@ other cipher functions and returns a handle to it in `hd'. In case of an error, an according error code is returned. The ID of algorithm to use must be specified via @var{algo}. See - at xref{Available ciphers}, for a list of supported ciphers and the + at ref{Available ciphers}, for a list of supported ciphers and the according constants. Besides using the constants directly, the function @@ -1734,7 +1734,7 @@ Besides using the constants directly, the function an algorithm into the according numeric ID. The cipher mode to use must be specified via @var{mode}. See - at xref{Available cipher modes}, for a list of supported cipher modes + at ref{Available cipher modes}, for a list of supported cipher modes and the according constants. Note that some modes are incompatible with some algorithms - in particular, stream mode (@code{GCRY_CIPHER_MODE_STREAM}) only works with stream ciphers. @@ -3292,7 +3292,7 @@ may be given as @code{0} if the algorithms to use are later set using @code{gcry_md_enable}. @var{hd} is guaranteed to either receive a valid handle or NULL. -For a list of supported algorithms, see @xref{Available hash +For a list of supported algorithms, see @ref{Available hash algorithms}. The flags allowed for @var{mode} are: @@ -3311,7 +3311,7 @@ algorithm is not an extendable-output function. Note that the function @code{gcry_md_setkey} must be used to set the MAC key. The size of the MAC is equal to the message digest of the underlying hash algorithm. If you want CBC message authentication codes based on a cipher, -see @xref{Working with cipher handles}. +see @ref{Working with cipher handles}. @item GCRY_MD_FLAG_BUGEMU1 @cindex bug emulation @@ -3829,7 +3829,7 @@ bitwise OR of constants described below. @var{hd} is guaranteed to either receive a valid handle or NULL. @var{ctx} is context object to associate MAC object with. @var{ctx} maybe set to NULL. -For a list of supported algorithms, see @xref{Available MAC algorithms}. +For a list of supported algorithms, see @ref{Available MAC algorithms}. The flags allowed for @var{mode} are: @@ -5594,7 +5594,7 @@ self-contained functions. Due to the wide variety of parameters required by different algorithms S-expressions, as flexible way to convey these parameters, are used. There is a set of helper functions to work with these S-expressions. - at c see @xref{S-expression Subsystem Architecture}. + at c see @ref{S-expression Subsystem Architecture}. Aside of functions to register new algorithms, map algorithms names to algorithms identifiers and to lookup properties of a key, the ----------------------------------------------------------------------- Summary of changes: cipher/bufhelp.h | 14 +- cipher/cipher-gcm.c | 77 +++++- doc/gcrypt.texi | 16 +- mpi/longlong.h | 3 +- random/rndjent.c | 2 + random/rndw32.c | 4 +- src/hmac256.c | 29 ++- src/sexp.c | 2 +- tests/basic.c | 691 +++++++++++++++++++++++++++++++++++++++++++++++++++- 9 files changed, 805 insertions(+), 33 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 17:56:53 2018 From: cvs at cvs.gnupg.org (by Stephan Mueller) Date: Tue, 17 Apr 2018 17:56:53 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1.8-BRANCH, updated. libgcrypt-1.8.2-10-gbbf88f0 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1.8-BRANCH has been updated via bbf88f0e9d481486ceca079e2611e84db8d039c7 (commit) from a0e016e29409ccd78966a5eb82dea236ad44d9c9 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit bbf88f0e9d481486ceca079e2611e84db8d039c7 Author: Stephan Mueller Date: Mon Mar 12 22:24:37 2018 +0100 AES-KW: fix in-place encryption * cipher/cipher-aeswrap.c: move memmove call before KW IV setting -- In case AES-KW in-place encryption is performed, the plaintext must be moved to the correct destination location before the first semiblock of the destination buffer is modified. Without the patch, the first semiblock of the plaintext is overwritten with a6a6a6a6a6a6a6a6. Signed-off-by: Stephan Mueller (cherry picked from commit 330ec66e0babdabb658dc7d6db78f37b2a1b996e) diff --git a/cipher/cipher-aeswrap.c b/cipher/cipher-aeswrap.c index 698742d..a8d0e03 100644 --- a/cipher/cipher-aeswrap.c +++ b/cipher/cipher-aeswrap.c @@ -70,6 +70,9 @@ _gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c, a = outbuf; /* We store A directly in OUTBUF. */ b = c->u_ctr.ctr; /* B is also used to concatenate stuff. */ + /* Copy the inbuf to the outbuf. */ + memmove (r+8, inbuf, inbuflen); + /* If an IV has been set we use that IV as the Alternative Initial Value; if it has not been set we use the standard value. */ if (c->marks.iv) @@ -77,9 +80,6 @@ _gcry_cipher_aeswrap_encrypt (gcry_cipher_hd_t c, else memset (a, 0xa6, 8); - /* Copy the inbuf to the outbuf. */ - memmove (r+8, inbuf, inbuflen); - memset (t, 0, sizeof t); /* t := 0. */ for (j = 0; j <= 5; j++) ----------------------------------------------------------------------- Summary of changes: cipher/cipher-aeswrap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Tue Apr 17 20:13:19 2018 From: cvs at cvs.gnupg.org (by Jussi Kivilinna) Date: Tue, 17 Apr 2018 20:13:19 +0200 Subject: [git] GCRYPT - branch, LIBGCRYPT-1.8-BRANCH, updated. libgcrypt-1.8.2-11-g22db623 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GNU crypto library". The branch, LIBGCRYPT-1.8-BRANCH has been updated via 22db6237de00cafb85c0112073b55d0d750e6b03 (commit) from bbf88f0e9d481486ceca079e2611e84db8d039c7 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 22db6237de00cafb85c0112073b55d0d750e6b03 Author: Jussi Kivilinna Date: Sat Jan 6 20:26:52 2018 +0200 Make BMI2 inline assembly check more robust * configure.ac (gcry_cv_gcc_inline_asm_bmi2): New assembly test. -- Use actual assembly snippets from keccak.c to check that compiler has proper support for used BMI2 instructions. GnuPG-bug-id: 3408 Signed-off-by: Jussi Kivilinna (cherry picked from commit 135250e3060e79be698d4f36a819aa8a880789f8) diff --git a/configure.ac b/configure.ac index f20aa4f..5396725 100644 --- a/configure.ac +++ b/configure.ac @@ -1402,8 +1402,15 @@ AC_CACHE_CHECK([whether GCC inline assembler supports BMI2 instructions], else gcry_cv_gcc_inline_asm_bmi2=no AC_COMPILE_IFELSE([AC_LANG_SOURCE( - [[void a(void) { - __asm__("rorxl \$23, %%eax, %%edx\\n\\t":::"memory"); + [[unsigned int a(unsigned int x, unsigned int y) { + unsigned int tmp1, tmp2; + asm ("rorxl %2, %1, %0" + : "=r" (tmp1) + : "rm0" (x), "J" (32 - ((23) & 31))); + asm ("andnl %2, %1, %0" + : "=r" (tmp2) + : "r0" (x), "rm" (y)); + return tmp1 + tmp2; }]])], [gcry_cv_gcc_inline_asm_bmi2=yes]) fi]) ----------------------------------------------------------------------- Summary of changes: configure.ac | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) hooks/post-receive -- The GNU crypto library http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 18 11:20:38 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 18 Apr 2018 11:20:38 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-197-ged10528 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via ed1052842df633bc149b14c4cb17859e3c66afe4 (commit) via e69b175e8ed5430b56e2e8f3d68c16a45f0fed17 (commit) from 01435da498af9f7538d7ee810392d7eaa407957e (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit ed1052842df633bc149b14c4cb17859e3c66afe4 Author: Werner Koch Date: Wed Apr 18 11:12:46 2018 +0200 json: Add command "getmore" to gpgme-json. * src/gpgme-json.c (MIN_REPLY_CHUNK_SIZE): New const. (DEF_REPLY_CHUNK_SIZE): New const. (MAX_REPLY_CHUNK_SIZE): New const. (pending_data): New var. (add_base64_to_object): Chnage to take a plain data pointer. (get_chunksize): New. (make_data_object): New. (op_encrypt): Get chunksize and use make_data_object. (op_getmore): New. (process_request): Release pending data for all commands but "getmore" and "help". -- Native messaging has a limit on the data it may receive in one request. Thus the caller needs to watch for the "more" flag and request the remaining data using "getmore" in a loop. Signed-off-by: Werner Koch diff --git a/src/gpgme-json.c b/src/gpgme-json.c index 56d6946..576e63e 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -49,6 +49,16 @@ int main (void){fputs ("Build with Libgpg-error >= 1.28!\n", stderr);return 1;} /* We don't allow a request with more than 64 MiB. */ #define MAX_REQUEST_SIZE (64 * 1024 * 1024) +/* Minimal, default and maximum chunk size for returned data. The + * first chunk is returned directly. If the "more" flag is also + * returned, a "getmore" command needs to be used to get the next + * chunk. Right now this value covers just the value of the "data" + * element; so to cover for the other returned objects this values + * needs to be lower than the maximum allowed size of the browser. */ +#define MIN_REPLY_CHUNK_SIZE 512 +#define DEF_REPLY_CHUNK_SIZE (512 * 1024) +#define MAX_REPLY_CHUNK_SIZE (10 * 1024 * 1024) + static void xoutofcore (const char *type) GPGRT_ATTR_NORETURN; static cjson_t error_object_v (cjson_t json, const char *message, @@ -64,6 +74,16 @@ static int opt_interactive; /* True is debug mode is active. */ static int opt_debug; +/* Pending data to be returned by a getmore command. */ +static struct +{ + char *buffer; /* Malloced data or NULL if not used. */ + size_t length; /* Length of that data. */ + size_t written; /* # of already written bytes from BUFFER. */ + const char *type;/* The "type" of the data. */ + int base64; /* The "base64" flag of the data. */ +} pending_data; + /* * Helper functions and macros @@ -147,11 +167,12 @@ xjson_AddBoolToObject (cjson_t object, const char *name, int abool) return ; } -/* This is similar to cJSON_AddStringToObject but takes a gpgme DATA - * object and adds it under NAME as a base 64 encoded string to - * OBJECT. Ownership of DATA is transferred to this function. */ +/* This is similar to cJSON_AddStringToObject but takes (DATA, + * DATALEN) and adds it under NAME as a base 64 encoded string to + * OBJECT. */ static gpg_error_t -add_base64_to_object (cjson_t object, const char *name, gpgme_data_t data) +add_base64_to_object (cjson_t object, const char *name, + const void *data, size_t datalen) { #if GPGRT_VERSION_NUMBER < 0x011d00 /* 1.29 */ return gpg_error (GPG_ERR_NOT_SUPPORTED); @@ -161,7 +182,6 @@ add_base64_to_object (cjson_t object, const char *name, gpgme_data_t data) gpgrt_b64state_t state = NULL; cjson_t j_str = NULL; void *buffer = NULL; - size_t buflen; fp = es_fopenmem (0, "rwb"); if (!fp) @@ -176,20 +196,9 @@ add_base64_to_object (cjson_t object, const char *name, gpgme_data_t data) goto leave; } - gpgme_data_write (data, "", 1); /* Make sure we have a string. */ - buffer = gpgme_data_release_and_get_mem (data, &buflen); - data = NULL; - if (!buffer) - { - err = gpg_error_from_syserror (); - goto leave; - } - - err = gpgrt_b64enc_write (state, buffer, buflen); + err = gpgrt_b64enc_write (state, data, datalen); if (err) goto leave; - xfree (buffer); - buffer = NULL; err = gpgrt_b64enc_finish (state); state = NULL; @@ -227,7 +236,6 @@ add_base64_to_object (cjson_t object, const char *name, gpgme_data_t data) cJSON_Delete (j_str); gpgrt_b64enc_finish (state); es_fclose (fp); - gpgme_data_release (data); return err; #endif } @@ -355,6 +363,29 @@ get_protocol (cjson_t json, gpgme_protocol_t *r_protocol) } +/* Get the chunksize from JSON and store it at R_CHUNKSIZE. */ +static gpg_error_t +get_chunksize (cjson_t json, size_t *r_chunksize) +{ + cjson_t j_item; + + *r_chunksize = DEF_REPLY_CHUNK_SIZE; + j_item = cJSON_GetObjectItem (json, "chunksize"); + if (!j_item) + ; + else if (!cjson_is_number (j_item)) + return gpg_error (GPG_ERR_INV_VALUE); + else if ((size_t)j_item->valueint < MIN_REPLY_CHUNK_SIZE) + *r_chunksize = MIN_REPLY_CHUNK_SIZE; + else if ((size_t)j_item->valueint > MAX_REPLY_CHUNK_SIZE) + *r_chunksize = MAX_REPLY_CHUNK_SIZE; + else + *r_chunksize = (size_t)j_item->valueint; + + return 0; +} + + /* Extract the keys from the "keys" array in the JSON object. On * success a string with the keys identifiers is stored at R_KEYS. * The keys in that string are LF delimited. On failure an error code @@ -549,10 +580,80 @@ data_from_base64_string (gpgme_data_t *r_data, cjson_t json) /* - * Implementaion of the commands. + * Implementation of the commands. */ +/* Create a "data" object and the "type", "base64" and "more" flags + * from DATA and append them to RESULT. Ownership if DATA is + * transferred to this function. TYPE must be a fixed string. + * CHUNKSIZE is the chunksize requested from the caller. Note that + * op_getmore has similar code but works on PENDING_DATA which is set + * here. */ +static gpg_error_t +make_data_object (cjson_t result, gpgme_data_t data, size_t chunksize, + const char *type, int base64) +{ + gpg_error_t err; + char *buffer; + size_t buflen; + int c; + + /* Adjust the chunksize if we need to do base64 conversion. */ + if (base64) + chunksize = (chunksize / 4) * 3; + + if (!base64) /* Make sure that we really have a string. */ + gpgme_data_write (data, "", 1); + + buffer = gpgme_data_release_and_get_mem (data, &buflen); + data = NULL; + if (!buffer) + { + err = gpg_error_from_syserror (); + goto leave; + } + + + xjson_AddStringToObject (result, "type", type); + xjson_AddBoolToObject (result, "base64", base64); + + if (buflen > chunksize) + { + xjson_AddBoolToObject (result, "more", 1); + + c = buffer[chunksize]; + buffer[chunksize] = 0; + if (base64) + err = add_base64_to_object (result, "data", buffer, chunksize); + else + err = cjson_AddStringToObject (result, "data", buffer); + buffer[chunksize] = c; + if (err) + goto leave; + + pending_data.buffer = buffer; + buffer = NULL; + pending_data.length = buflen; + pending_data.written = chunksize; + pending_data.type = type; + pending_data.base64 = base64; + } + else + { + if (base64) + err = add_base64_to_object (result, "data", buffer, buflen); + else + err = cjson_AddStringToObject (result, "data", buffer); + } + + leave: + gpgme_free (buffer); + return err; +} + + + static const char hlp_encrypt[] = "op: \"encrypt\"\n" "keys: Array of strings with the fingerprints or user-ids\n" @@ -562,6 +663,7 @@ static const char hlp_encrypt[] = "\n" "Optional parameters:\n" "protocol: Either \"openpgp\" (default) or \"cms\".\n" + "chunksize: Max number of bytes in the resulting \"data\".\n" "\n" "Optional boolean flags (default is false):\n" "base64: Input data is base64 encoded.\n" @@ -578,13 +680,15 @@ static const char hlp_encrypt[] = "data: Unless armor mode is used a Base64 encoded binary\n" " ciphertext. In armor mode a string with an armored\n" " OpenPGP or a PEM message.\n" - "base64: Boolean indicating whether data is base64 encoded."; + "base64: Boolean indicating whether data is base64 encoded.\n" + "more: Optional boolean indicating that \"getmore\" is required."; static gpg_error_t op_encrypt (cjson_t request, cjson_t result) { gpg_error_t err; gpgme_ctx_t ctx = NULL; gpgme_protocol_t protocol; + size_t chunksize; int opt_base64; char *keystring = NULL; cjson_t j_input; @@ -596,6 +700,8 @@ op_encrypt (cjson_t request, cjson_t result) if ((err = get_protocol (request, &protocol))) goto leave; ctx = get_context (protocol); + if ((err = get_chunksize (request, &chunksize))) + goto leave; if ((err = get_boolean_flag (request, "base64", 0, &opt_base64))) goto leave; @@ -693,43 +799,106 @@ op_encrypt (cjson_t request, cjson_t result) gpgme_data_release (input); input = NULL; - xjson_AddStringToObject (result, "type", "ciphertext"); - /* If armoring is used we do not need to base64 the output. */ - xjson_AddBoolToObject (result, "base64", !gpgme_get_armor (ctx)); - if (gpgme_get_armor (ctx)) + /* We need to base64 if armoring has not been requested. */ + err = make_data_object (result, output, chunksize, + "ciphertext", !gpgme_get_armor (ctx)); + output = NULL; + + leave: + xfree (keystring); + release_context (ctx); + gpgme_data_release (input); + gpgme_data_release (output); + return err; +} + + + +static const char hlp_getmore[] = + "op: \"getmore\"\n" + "\n" + "Optional parameters:\n" + "chunksize: Max number of bytes in the \"data\" object.\n" + "\n" + "Response on success:\n" + "type: Type of the pending data\n" + "data: The next chunk of data\n" + "base64: Boolean indicating whether data is base64 encoded\n" + "more: Optional boolean requesting another \"getmore\"."; +static gpg_error_t +op_getmore (cjson_t request, cjson_t result) +{ + gpg_error_t err; + int c; + size_t n; + size_t chunksize; + + if ((err = get_chunksize (request, &chunksize))) + goto leave; + + /* Adjust the chunksize if we need to do base64 conversion. */ + if (pending_data.base64) + chunksize = (chunksize / 4) * 3; + + /* Do we have anything pending? */ + if (!pending_data.buffer) { - char *buffer; + err = gpg_error (GPG_ERR_NO_DATA); + error_object (result, "Operation not possible: %s", gpg_strerror (err)); + goto leave; + } - /* Make sure that we really have a string. */ - gpgme_data_write (output, "", 1); - buffer = gpgme_data_release_and_get_mem (output, NULL); - if (!buffer) - { - err = gpg_error_from_syserror (); - goto leave; - } - err = cjson_AddStringToObject (result, "data", buffer); - gpgme_free (buffer); - if (err) - goto leave; + xjson_AddStringToObject (result, "type", pending_data.type); + xjson_AddBoolToObject (result, "base64", pending_data.base64); + + if (pending_data.written >= pending_data.length) + { + /* EOF reached. This should not happen but we return an empty + * string once in case of client errors. */ + gpgme_free (pending_data.buffer); + pending_data.buffer = NULL; + xjson_AddBoolToObject (result, "more", 0); + err = cjson_AddStringToObject (result, "data", ""); } else { - err = add_base64_to_object (result, "data", output); - output = NULL; - if (err) - goto leave; + n = pending_data.length - pending_data.written; + if (n > chunksize) + { + n = chunksize; + xjson_AddBoolToObject (result, "more", 1); + } + else + xjson_AddBoolToObject (result, "more", 0); + + c = pending_data.buffer[pending_data.written + n]; + pending_data.buffer[pending_data.written + n] = 0; + if (pending_data.base64) + err = add_base64_to_object (result, "data", + (pending_data.buffer + + pending_data.written), n); + else + err = cjson_AddStringToObject (result, "data", + (pending_data.buffer + + pending_data.written)); + pending_data.buffer[pending_data.written + n] = c; + if (!err) + { + pending_data.written += n; + if (pending_data.written >= pending_data.length) + { + gpgme_free (pending_data.buffer); + pending_data.buffer = NULL; + } + } } leave: - xfree (keystring); - release_context (ctx); - gpgme_data_release (input); return err; } - + static const char hlp_help[] = "The tool expects a JSON object with the request and responds with\n" "another JSON object. Even on error a JSON object is returned. The\n" @@ -739,6 +908,7 @@ static const char hlp_help[] = "returned. To list all operations it is allowed to leave out \"op\" in\n" "help mode. Supported values for \"op\" are:\n\n" " encrypt Encrypt data.\n" + " getmore Retrieve remaining data.\n" " help Help overview."; static gpg_error_t op_help (cjson_t request, cjson_t result) @@ -761,6 +931,10 @@ op_help (cjson_t request, cjson_t result) } + +/* + * Dispatcher + */ /* Process a request and return the response. The response is a newly * allocated string or NULL in case of an error. */ @@ -774,7 +948,7 @@ process_request (const char *request) } optbl[] = { { "encrypt", op_encrypt, hlp_encrypt }, - + { "getmore", op_getmore, hlp_getmore }, { "help", op_help, hlp_help }, { NULL } }; @@ -829,6 +1003,14 @@ process_request (const char *request) { gpg_error_t err; + /* If this is not the "getmore" command and we have any + * pending data release that data. */ + if (pending_data.buffer && optbl[idx].handler != op_getmore) + { + gpgme_free (pending_data.buffer); + pending_data.buffer = NULL; + } + err = optbl[idx].handler (json, response); if (err) { commit e69b175e8ed5430b56e2e8f3d68c16a45f0fed17 Author: Werner Koch Date: Wed Apr 18 09:26:33 2018 +0200 json: Add meta command ,read to gpgme-json. * src/gpgme-json.c: Include stat.h. (get_file): New. (process_meta_commands): Implement ",read". Signed-off-by: Werner Koch diff --git a/src/gpgme-json.c b/src/gpgme-json.c index c73bebd..56d6946 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -33,6 +33,7 @@ #include #endif #include +#include #define GPGRT_ENABLE_ES_MACROS 1 #define GPGRT_ENABLE_LOG_MACROS 1 @@ -842,7 +843,6 @@ process_request (const char *request) xjson_AddStringToObject (response, "op", op); } - } } else /* Operation not supported. */ @@ -869,6 +869,48 @@ process_request (const char *request) * Driver code */ +static char * +get_file (const char *fname) +{ + gpg_error_t err; + estream_t fp; + struct stat st; + char *buf; + size_t buflen; + + fp = es_fopen (fname, "r"); + if (!fp) + { + err = gpg_error_from_syserror (); + log_error ("can't open '%s': %s\n", fname, gpg_strerror (err)); + return NULL; + } + + if (fstat (es_fileno(fp), &st)) + { + err = gpg_error_from_syserror (); + log_error ("can't stat '%s': %s\n", fname, gpg_strerror (err)); + es_fclose (fp); + return NULL; + } + + buflen = st.st_size; + buf = xmalloc (buflen+1); + if (es_fread (buf, buflen, 1, fp) != 1) + { + err = gpg_error_from_syserror (); + log_error ("error reading '%s': %s\n", fname, gpg_strerror (err)); + es_fclose (fp); + xfree (buf); + return NULL; + } + buf[buflen] = 0; + es_fclose (fp); + + return buf; +} + + /* Return a malloced line or NULL on EOF. Terminate on read * error. */ static char * @@ -935,11 +977,26 @@ process_meta_commands (const char *request) result = process_request ("{ \"op\": \"help\"," " \"interactive_help\": " "\"\\nMeta commands:\\n" + " ,read FNAME Process data from FILE\\n" " ,help This help\\n" " ,quit Terminate process\"" "}"); else if (!strncmp (request, "quit", 4) && (spacep (request+4) || !request[4])) exit (0); + else if (!strncmp (request, "read", 4) && (spacep (request+4) || !request[4])) + { + if (!request[4]) + log_info ("usage: ,read FILENAME\n"); + else + { + char *buffer = get_file (request + 5); + if (buffer) + { + result = process_request (buffer); + xfree (buffer); + } + } + } else log_info ("invalid meta command\n"); ----------------------------------------------------------------------- Summary of changes: src/gpgme-json.c | 333 +++++++++++++++++++++++++++++++++++++++++++++++-------- 1 file changed, 286 insertions(+), 47 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 18 11:42:00 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 18 Apr 2018 11:42:00 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-198-g49a617f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via 49a617f8bbff116884ca5c7238c2e0ea4e26ce59 (commit) from ed1052842df633bc149b14c4cb17859e3c66afe4 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 49a617f8bbff116884ca5c7238c2e0ea4e26ce59 Author: Werner Koch Date: Wed Apr 18 11:34:16 2018 +0200 json: Improve help meta command in gpgme-json. * src/gpgme-json.c (process_meta_commands): Add ",help CMD". Signed-off-by: Werner Koch diff --git a/src/gpgme-json.c b/src/gpgme-json.c index 576e63e..f63f196 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -1156,13 +1156,23 @@ process_meta_commands (const char *request) request++; if (!strncmp (request, "help", 4) && (spacep (request+4) || !request[4])) - result = process_request ("{ \"op\": \"help\"," - " \"interactive_help\": " - "\"\\nMeta commands:\\n" - " ,read FNAME Process data from FILE\\n" - " ,help This help\\n" - " ,quit Terminate process\"" - "}"); + { + if (request[4]) + { + char *buf = xstrconcat ("{ \"help\":true, \"op\":\"", request+5, + "\" }", NULL); + result = process_request (buf); + xfree (buf); + } + else + result = process_request ("{ \"op\": \"help\"," + " \"interactive_help\": " + "\"\\nMeta commands:\\n" + " ,read FNAME Process data from FILE\\n" + " ,help CMD Print help for a command\\n" + " ,quit Terminate process\"" + "}"); + } else if (!strncmp (request, "quit", 4) && (spacep (request+4) || !request[4])) exit (0); else if (!strncmp (request, "read", 4) && (spacep (request+4) || !request[4])) ----------------------------------------------------------------------- Summary of changes: src/gpgme-json.c | 24 +++++++++++++++++------- 1 file changed, 17 insertions(+), 7 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 18 15:32:40 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 18 Apr 2018 15:32:40 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-201-ge5273fc Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via e5273fc4431dfb597a2d9cf4af5172572476a2de (commit) via 65479fe7b871ad6237d5a8959b73afcc7db784da (commit) via 23177e4410d05d590c0f2e1675dc645bbb4ad62c (commit) from 49a617f8bbff116884ca5c7238c2e0ea4e26ce59 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit e5273fc4431dfb597a2d9cf4af5172572476a2de Author: Werner Koch Date: Wed Apr 18 15:24:42 2018 +0200 json: Add command "decrypt" to gpgme-json. * src/gpgme-json.c (make_data_object): Enable auto-detection of base-64. (op_encrypt): Support a 'mime' flag. (op_decrypt): New. (process_request): Add command "encrypt". Signed-off-by: Werner Koch diff --git a/src/gpgme-json.c b/src/gpgme-json.c index f63f196..e7aa228 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -587,7 +587,9 @@ data_from_base64_string (gpgme_data_t *r_data, cjson_t json) /* Create a "data" object and the "type", "base64" and "more" flags * from DATA and append them to RESULT. Ownership if DATA is * transferred to this function. TYPE must be a fixed string. - * CHUNKSIZE is the chunksize requested from the caller. Note that + * CHUNKSIZE is the chunksize requested from the caller. If BASE64 is + * -1 the need for base64 encoding is determined by the content of + * DATA, all other values are take as rtue or false. Note that * op_getmore has similar code but works on PENDING_DATA which is set * here. */ static gpg_error_t @@ -599,11 +601,7 @@ make_data_object (cjson_t result, gpgme_data_t data, size_t chunksize, size_t buflen; int c; - /* Adjust the chunksize if we need to do base64 conversion. */ - if (base64) - chunksize = (chunksize / 4) * 3; - - if (!base64) /* Make sure that we really have a string. */ + if (!base64 || base64 == -1) /* Make sure that we really have a string. */ gpgme_data_write (data, "", 1); buffer = gpgme_data_release_and_get_mem (data, &buflen); @@ -614,6 +612,23 @@ make_data_object (cjson_t result, gpgme_data_t data, size_t chunksize, goto leave; } + if (base64 == -1) + { + base64 = 0; + if (!buflen) + log_fatal ("Appended Nul byte got lost\n"); + if (memchr (buffer, 0, buflen-1)) + { + buflen--; /* Adjust for the extra nul byte. */ + base64 = 1; + } + /* Fixme: We might want to do more advanced heuristics than to + * only look for a Nul. */ + } + + /* Adjust the chunksize if we need to do base64 conversion. */ + if (base64) + chunksize = (chunksize / 4) * 3; xjson_AddStringToObject (result, "type", type); xjson_AddBoolToObject (result, "base64", base64); @@ -667,6 +682,7 @@ static const char hlp_encrypt[] = "\n" "Optional boolean flags (default is false):\n" "base64: Input data is base64 encoded.\n" + "mime: Indicate that data is a MIME object.\n" "armor: Request output in armored format.\n" "always-trust: Request --always-trust option.\n" "no-encrypt-to: Do not use a default recipient.\n" @@ -690,6 +706,7 @@ op_encrypt (cjson_t request, cjson_t result) gpgme_protocol_t protocol; size_t chunksize; int opt_base64; + int opt_mime; char *keystring = NULL; cjson_t j_input; gpgme_data_t input = NULL; @@ -705,6 +722,8 @@ op_encrypt (cjson_t request, cjson_t result) if ((err = get_boolean_flag (request, "base64", 0, &opt_base64))) goto leave; + if ((err = get_boolean_flag (request, "mime", 0, &opt_mime))) + goto leave; if ((err = get_boolean_flag (request, "armor", 0, &abool))) goto leave; @@ -777,6 +796,9 @@ op_encrypt (cjson_t request, cjson_t result) goto leave; } } + if (opt_mime) + gpgme_data_set_encoding (input, GPGME_DATA_ENCODING_MIME); + /* Create an output data object. */ err = gpgme_data_new (&output); @@ -814,6 +836,116 @@ op_encrypt (cjson_t request, cjson_t result) +static const char hlp_decrypt[] = + "op: \"decrypt\"\n" + "data: The encrypted data.\n" + "\n" + "Optional parameters:\n" + "protocol: Either \"openpgp\" (default) or \"cms\".\n" + "chunksize: Max number of bytes in the resulting \"data\".\n" + "\n" + "Optional boolean flags (default is false):\n" + "base64: Input data is base64 encoded.\n" + "\n" + "Response on success:\n" + "type: \"plaintext\"\n" + "data: The decrypted data. This may be base64 encoded.\n" + "base64: Boolean indicating whether data is base64 encoded.\n" + "mime: A Boolean indicating whether the data is a MIME object.\n" + "info: An optional object with extra information.\n" + "more: Optional boolean indicating that \"getmore\" is required."; +static gpg_error_t +op_decrypt (cjson_t request, cjson_t result) +{ + gpg_error_t err; + gpgme_ctx_t ctx = NULL; + gpgme_protocol_t protocol; + size_t chunksize; + int opt_base64; + cjson_t j_input; + gpgme_data_t input = NULL; + gpgme_data_t output = NULL; + gpgme_decrypt_result_t decrypt_result; + + if ((err = get_protocol (request, &protocol))) + goto leave; + ctx = get_context (protocol); + if ((err = get_chunksize (request, &chunksize))) + goto leave; + + if ((err = get_boolean_flag (request, "base64", 0, &opt_base64))) + goto leave; + + /* Get the data. Note that INPUT is a shallow data object with the + * storage hold in REQUEST. */ + j_input = cJSON_GetObjectItem (request, "data"); + if (!j_input) + { + err = gpg_error (GPG_ERR_NO_DATA); + goto leave; + } + if (!cjson_is_string (j_input)) + { + err = gpg_error (GPG_ERR_INV_VALUE); + goto leave; + } + if (opt_base64) + { + err = data_from_base64_string (&input, j_input); + if (err) + { + error_object (result, "Error decoding Base-64 encoded 'data': %s", + gpg_strerror (err)); + goto leave; + } + } + else + { + err = gpgme_data_new_from_mem (&input, j_input->valuestring, + strlen (j_input->valuestring), 0); + if (err) + { + error_object (result, "Error getting 'data': %s", gpg_strerror (err)); + goto leave; + } + } + + /* Create an output data object. */ + err = gpgme_data_new (&output); + if (err) + { + error_object (result, "Error creating output data object: %s", + gpg_strerror (err)); + goto leave; + } + + /* Decrypt. */ + err = gpgme_op_decrypt_ext (ctx, GPGME_DECRYPT_VERIFY, + input, output); + decrypt_result = gpgme_op_decrypt_result (ctx); + if (err) + { + error_object (result, "Decryption failed: %s", gpg_strerror (err)); + goto leave; + } + gpgme_data_release (input); + input = NULL; + + if (decrypt_result->is_mime) + xjson_AddBoolToObject (result, "mime", 1); + + err = make_data_object (result, output, chunksize, "plaintext", -1); + output = NULL; + + leave: + release_context (ctx); + gpgme_data_release (input); + gpgme_data_release (output); + return err; +} + + + static const char hlp_getmore[] = "op: \"getmore\"\n" "\n" @@ -947,7 +1079,7 @@ process_request (const char *request) const char * const helpstr; } optbl[] = { { "encrypt", op_encrypt, hlp_encrypt }, - + { "decrypt", op_decrypt, hlp_decrypt }, { "getmore", op_getmore, hlp_getmore }, { "help", op_help, hlp_help }, { NULL } commit 65479fe7b871ad6237d5a8959b73afcc7db784da Author: Werner Koch Date: Wed Apr 18 15:20:35 2018 +0200 core: Add 'is_mime' flags to the verify and decrypt results. * src/op-support.c (_gpgme_parse_plaintext): Add arg r_mime. * src/decrypt.c (_gpgme_decrypt_status_handler): Ser mime flag. * src/verify.c (_gpgme_verify_status_handler): Ditto. * src/gpgme.h.in (gpgme_op_verify_result_t): Append fields 'is_mime' and '_unused'. (gpgme_op_decrypt_result_t): New field 'is_mime'. Shrink '_unused'. * tests/run-decrypt.c (print_result): Print MIME flag. * tests/run-verify.c (print_result): Ditto. -- Note that this flag (Liternal Data packet's 'm' mode) is only specified in RFC-4880bis. To use it you currently need to add "rfc4880bis" to the the gpg.conf. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index 92a9673..be3111c 100644 --- a/NEWS +++ b/NEWS @@ -12,6 +12,8 @@ Noteworthy changes in version 1.10.1 (unreleased) GPGME_ENCRYPT_WANT_ADDRESS NEW. gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys'. gpgme_decrypt_result_t EXTENDED: New field 'symkey_algo'. + gpgme_decrypt_result_t EXTENDED: New field 'is_mime'. + gpgme_verify_result_t EXTENDED: New field 'is_mime'. cpp: Key::locate NEW. cpp: Data::toString NEW. cpp: ImportResult::numV3KeysSkipped NEW. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 5a09ea0..83348dd 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -5284,7 +5284,7 @@ if @var{cipher} or @var{plain} is not a valid pointer. @since{1.8.0} The function @code{gpgme_op_decrypt_ext} is the same as - at code{gpgme_op_decrypt_ext} but has an additional argument + at code{gpgme_op_decrypt} but has an additional argument @var{flags}. If @var{flags} is 0 both function behave identically. The value in @var{flags} is a bitwise-or combination of one or diff --git a/src/decrypt.c b/src/decrypt.c index e4de6e4..155e18e 100644 --- a/src/decrypt.c +++ b/src/decrypt.c @@ -409,9 +409,14 @@ _gpgme_decrypt_status_handler (void *priv, gpgme_status_code_t code, break; case GPGME_STATUS_PLAINTEXT: - err = _gpgme_parse_plaintext (args, &opd->result.file_name); - if (err) - return err; + { + int mime = 0; + err = _gpgme_parse_plaintext (args, &opd->result.file_name, &mime); + if (err) + return err; + gpgrt_log_debug ("decrypt.c setting mime to %d\n", mime); + opd->result.is_mime = !!mime; + } break; case GPGME_STATUS_INQUIRE_MAXLEN: diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 202859c..c81e882 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1356,8 +1356,11 @@ struct _gpgme_op_decrypt_result * mode. */ unsigned int is_de_vs : 1; + /* The message claims that the content is a MIME object. */ + unsigned int is_mime : 1; + /* Internal to GPGME, do not use. */ - int _unused : 30; + int _unused : 29; gpgme_recipient_t recipients; @@ -1572,6 +1575,12 @@ struct _gpgme_op_verify_result /* The original file name of the plaintext message, if available. */ char *file_name; + + /* The message claims that the content is a MIME object. */ + unsigned int is_mime : 1; + + /* Internal to GPGME; do not use. */ + unsigned int _unused : 31; }; typedef struct _gpgme_op_verify_result *gpgme_verify_result_t; diff --git a/src/op-support.c b/src/op-support.c index e55875f..03f274c 100644 --- a/src/op-support.c +++ b/src/op-support.c @@ -358,7 +358,7 @@ _gpgme_parse_key_considered (const char *args, /* Parse the PLAINTEXT status line in ARGS and return the result in FILENAMEP. */ gpgme_error_t -_gpgme_parse_plaintext (char *args, char **filenamep) +_gpgme_parse_plaintext (char *args, char **filenamep, int *r_mime) { char *tail; @@ -367,7 +367,9 @@ _gpgme_parse_plaintext (char *args, char **filenamep) if (*args == '\0') return 0; - /* First argument is file type. */ + /* First argument is file type (a one byte uppercase hex value). */ + if (args[0] == '6' && args[1] == 'D') + *r_mime = 1; while (*args != ' ' && *args != '\0') args++; while (*args == ' ') diff --git a/src/ops.h b/src/ops.h index cc61dc4..5955454 100644 --- a/src/ops.h +++ b/src/ops.h @@ -68,8 +68,8 @@ gpgme_error_t _gpgme_parse_inv_recp (char *args, int for_signing, gpgme_invalid_key_t *key); /* Parse the PLAINTEXT status line in ARGS and return the result in - FILENAMEP. */ -gpgme_error_t _gpgme_parse_plaintext (char *args, char **filenamep); + FILENAMEP and R_MIME. */ +gpgme_error_t _gpgme_parse_plaintext (char *args, char **filenamep,int *r_mime); /* Parse a FAILURE status line and return the error code. ARGS is modified to contain the location part. */ diff --git a/src/verify.c b/src/verify.c index c3afdef..bd437c9 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1091,9 +1091,14 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) case GPGME_STATUS_PLAINTEXT: if (++opd->plaintext_seen > 1) return gpg_error (GPG_ERR_BAD_DATA); - err = _gpgme_parse_plaintext (args, &opd->result.file_name); - if (err) - return err; + { + int mime = 0; + err = _gpgme_parse_plaintext (args, &opd->result.file_name, &mime); + if (err) + return err; + gpgrt_log_debug ("verify.c: setting mime to %d\n", mime); + opd->result.is_mime = !!mime; + } break; case GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE: diff --git a/tests/run-decrypt.c b/tests/run-decrypt.c index 8eb6ba0..69de139 100644 --- a/tests/run-decrypt.c +++ b/tests/run-decrypt.c @@ -53,20 +53,21 @@ print_result (gpgme_decrypt_result_t result) gpgme_recipient_t recp; int count = 0; - printf ("Original file name: %s\n", nonnull(result->file_name)); - printf ("Wrong key usage: %i\n", result->wrong_key_usage); - printf ("Unsupported algorithm: %s\n", - nonnull(result->unsupported_algorithm)); - if (result->session_key) - printf ("Session key: %s\n", result->session_key); - printf ("Symmetric algorithm: %s\n", result->symkey_algo); + printf ("Original file name .: %s\n", nonnull(result->file_name)); + printf ("Wrong key usage ....: %s\n", result->wrong_key_usage? "yes":"no"); + printf ("Compliance de-vs ...: %s\n", result->is_de_vs? "yes":"no"); + printf ("MIME flag ..........: %s\n", result->is_mime? "yes":"no"); + printf ("Unsupported algo ...: %s\n", nonnull(result->unsupported_algorithm)); + printf ("Session key ........: %s\n", nonnull (result->session_key)); + printf ("Symmetric algorithm : %s\n", result->symkey_algo); for (recp = result->recipients; recp && recp->next; recp = recp->next) { - printf ("recipient %d\n", count++); + printf ("Recipient ...: %d\n", count++); printf (" status ....: %s\n", gpgme_strerror (recp->status)); - printf (" keyid: %s\n", nonnull (recp->keyid)); - printf (" algo ...: %s\n", gpgme_pubkey_algo_name (recp->pubkey_algo)); + printf (" keyid .....: %s\n", nonnull (recp->keyid)); + printf (" algo ......: %s\n", + gpgme_pubkey_algo_name (recp->pubkey_algo)); } } diff --git a/tests/run-verify.c b/tests/run-verify.c index 699bfd1..4a6c960 100644 --- a/tests/run-verify.c +++ b/tests/run-verify.c @@ -136,10 +136,11 @@ print_result (gpgme_verify_result_t result) gpgme_tofu_info_t ti; int count = 0; - printf ("Original file name: %s\n", nonnull(result->file_name)); + printf ("Original file name .: %s\n", nonnull(result->file_name)); + printf ("MIME flag ..........: %s\n", result->is_mime? "yes":"no"); for (sig = result->signatures; sig; sig = sig->next) { - printf ("Signature %d\n", count++); + printf ("Signature ...: %d\n", count++); printf (" status ....: %s\n", gpgme_strerror (sig->status)); printf (" summary ...:"); print_summary (sig->summary); putchar ('\n'); printf (" fingerprint: %s\n", nonnull (sig->fpr)); @@ -167,7 +168,7 @@ print_result (gpgme_verify_result_t result) { printf (" notation ..: '%s'\n", nt->name); if (strlen (nt->name) != nt->name_len) - printf (" warning : name larger (%d)\n", nt->name_len); + printf (" warning .: name larger (%d)\n", nt->name_len); printf (" flags ...:%s%s (0x%02x)\n", nt->critical? " critical":"", nt->human_readable? " human":"", @@ -180,7 +181,7 @@ print_result (gpgme_verify_result_t result) printf (" policy ....: '%s'\n", nt->value); } if ((nt->value?strlen (nt->value):0) != nt->value_len) - printf (" warning : value larger (%d)\n", nt->value_len); + printf (" warning .: value larger (%d)\n", nt->value_len); } if (sig->key) { commit 23177e4410d05d590c0f2e1675dc645bbb4ad62c Author: Werner Koch Date: Wed Apr 18 14:41:50 2018 +0200 core: Fix possible compliance mode detection error. * src/verify.c (_gpgme_verify_status_handler): Insert missing break. -- Before the insertion of the compliance status checking the break in the default clause was used by the STATUS_PLAINTEXT code. That got lost. I don't see any actual harm due to different values currently in use for the compliance status. Fixes-commit: 05fa2a9c7764b28fdac35eb72631439df948ca0e Signed-off-by: Werner Koch diff --git a/src/verify.c b/src/verify.c index 4eab902..c3afdef 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1094,6 +1094,7 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) err = _gpgme_parse_plaintext (args, &opd->result.file_name); if (err) return err; + break; case GPGME_STATUS_VERIFICATION_COMPLIANCE_MODE: PARSE_COMPLIANCE_FLAGS (args, opd->current_sig); ----------------------------------------------------------------------- Summary of changes: NEWS | 2 + doc/gpgme.texi | 2 +- src/decrypt.c | 11 ++-- src/gpgme-json.c | 146 +++++++++++++++++++++++++++++++++++++++++++++++++--- src/gpgme.h.in | 11 +++- src/op-support.c | 6 ++- src/ops.h | 4 +- src/verify.c | 12 +++-- tests/run-decrypt.c | 21 ++++---- tests/run-verify.c | 9 ++-- 10 files changed, 191 insertions(+), 33 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 18 20:34:40 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 18 Apr 2018 20:34:40 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.10.0-207-gd98f08f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via d98f08fa63e3ef7bd41c0ca812f5e753967ceb37 (commit) via 3f55c52b9adc3680c7a9fb0e598598e6ed3a2a5d (commit) via 8e34a14fe694a8c765973aaa3a8b2a2d2c3ba8b9 (commit) via 67b4dafb6d3fe2b5ab889417126ca5d509c0e3ca (commit) via 1ae83de262021d7e3676b1466c56d6ebc2ea70c8 (commit) via 55e9a94680370e584fbe5d21161a2cee3fe95744 (commit) from e5273fc4431dfb597a2d9cf4af5172572476a2de (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d98f08fa63e3ef7bd41c0ca812f5e753967ceb37 Author: Werner Koch Date: Wed Apr 18 20:27:14 2018 +0200 Post release updates -- diff --git a/NEWS b/NEWS index b7c091c..cfe5502 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,7 @@ +Noteworthy changes in version 1.11.1 (unreleased) +------------------------------------------------- + + Noteworthy changes in version 1.11.0 (2018-04-18) ------------------------------------------------- diff --git a/configure.ac b/configure.ac index a04b059..5268a69 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,6 @@ # configure.ac for GPGME # Copyright (C) 2000 Werner Koch (dd9jn) -# Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, -# 2009, 2010, 2011, 2012, 2013, 2014, 2015 g10 Code GmbH +# Copyright (C) 2001-2018 g10 Code GmbH # # This file is part of GPGME. # @@ -29,7 +28,7 @@ min_automake_version="1.14" # for the LT versions. m4_define(mym4_version_major, [1]) m4_define(mym4_version_minor, [11]) -m4_define(mym4_version_micro, [0]) +m4_define(mym4_version_micro, [1]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag commit 3f55c52b9adc3680c7a9fb0e598598e6ed3a2a5d Author: Werner Koch Date: Wed Apr 18 19:41:45 2018 +0200 Release 1.11.0 * configure.ac: Bump LT version to C31/A20/R0. For cpp to C12/A6/R0. For qt to: C10/A3/R1. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index b4488cc..b7c091c 100644 --- a/NEWS +++ b/NEWS @@ -1,4 +1,4 @@ -Noteworthy changes in version 1.10.1 (unreleased) +Noteworthy changes in version 1.11.0 (2018-04-18) ------------------------------------------------- * New encryption API to support direct key specification including @@ -6,7 +6,7 @@ Noteworthy changes in version 1.10.1 (unreleased) allows to enforce the use of a subkey. * New encryption flag for the new API to enforce the use of plain - mail address (addr-spec). + mail addresses (addr-spec). * The import API can now tell whether v3 keys are skipped. These old and basically broken keys are not anymore supported by GnuPG 2.1. @@ -57,6 +57,8 @@ Noteworthy changes in version 1.10.1 (unreleased) cpp: Data::toString NEW. cpp: ImportResult::numV3KeysSkipped NEW. + [c=C31/A20/R0 cpp=C12/A6/R0 qt=C10/A3/R1] + Noteworthy changes in version 1.10.0 (2017-12-12) ------------------------------------------------- diff --git a/configure.ac b/configure.ac index e42f178..a04b059 100644 --- a/configure.ac +++ b/configure.ac @@ -28,8 +28,8 @@ min_automake_version="1.14" # commit and push so that the git magic is able to work. See below # for the LT versions. m4_define(mym4_version_major, [1]) -m4_define(mym4_version_minor, [10]) -m4_define(mym4_version_micro, [1]) +m4_define(mym4_version_minor, [11]) +m4_define(mym4_version_micro, [0]) # Below is m4 magic to extract and compute the revision number, the # decimalized short revision number, a beta version string, and a flag @@ -55,20 +55,20 @@ AC_INIT([gpgme],[mym4_full_version],[http://bugs.gnupg.org]) # (Interfaces added: AGE++) # (Interfaces removed/changed: AGE=0) # -LIBGPGME_LT_CURRENT=30 -LIBGPGME_LT_AGE=19 +LIBGPGME_LT_CURRENT=31 +LIBGPGME_LT_AGE=20 LIBGPGME_LT_REVISION=0 # If there is an ABI break in gpgmepp or qgpgme also bump the # version in IMPORTED_LOCATION in the GpgmeppConfig-w32.cmake.in.in -LIBGPGMEPP_LT_CURRENT=11 -LIBGPGMEPP_LT_AGE=5 +LIBGPGMEPP_LT_CURRENT=12 +LIBGPGMEPP_LT_AGE=6 LIBGPGMEPP_LT_REVISION=0 LIBQGPGME_LT_CURRENT=10 LIBQGPGME_LT_AGE=3 -LIBQGPGME_LT_REVISION=0 +LIBQGPGME_LT_REVISION=1 # If the API is changed in an incompatible way: increment the next counter. GPGME_CONFIG_API_VERSION=1 commit 8e34a14fe694a8c765973aaa3a8b2a2d2c3ba8b9 Author: Werner Koch Date: Wed Apr 18 20:11:27 2018 +0200 json: Add stpcpy replacement. * src/gpgme-json.c [!HAVE_STPCPY](_my_stpcpy): New. Signed-off-by: Werner Koch diff --git a/src/gpgme-json.c b/src/gpgme-json.c index 0beb78f..f1e9f25 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -114,6 +114,19 @@ static struct #define spacep(p) (*(p) == ' ' || *(p) == '\t') +#ifndef HAVE_STPCPY +static GPGRT_INLINE char * +_my_stpcpy (char *a, const char *b) +{ + while (*b) + *a++ = *b++; + *a = 0; + return a; +} +#define stpcpy(a,b) _my_stpcpy ((a), (b)) +#endif /*!HAVE_STPCPY*/ + + static void xoutofcore (const char *type) commit 67b4dafb6d3fe2b5ab889417126ca5d509c0e3ca Author: Werner Koch Date: Wed Apr 18 19:30:50 2018 +0200 doc: Update copyright years and change two URLs. -- Signed-off-by: Werner Koch diff --git a/AUTHORS b/AUTHORS index 6d2ce67..c989eff 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,5 +1,5 @@ Package: gpgme -Homepage: https://gnupg.org/related_software/gpgme/ +Homepage: https://gnupg.org/software/gpgme/ Download: https://gnupg.org/ftp/gcrypt/gpgme/ Repository: git://git.gnupg.org/gpgme.git Maintainer: Werner Koch @@ -19,7 +19,7 @@ List of Copyright holders Copyright (C) 1991-2013 Free Software Foundation, Inc. Copyright (C) 2000-2001 Werner Koch - Copyright (C) 2001-2017 g10 Code GmbH + Copyright (C) 2001-2018 g10 Code GmbH Copyright (C) 2002 Klar??lvdalens Datakonsult AB Copyright (C) 2004-2008 Igor Belyi Copyright (C) 2002 John Goerzen diff --git a/README b/README index f7b006f..8e031ae 100644 --- a/README +++ b/README @@ -1,7 +1,7 @@ GPGME - GnuPG Made Easy --------------------------- -Copyright 2001-2017 g10 Code GmbH +Copyright 2001-2018 g10 Code GmbH This file is free software; as a special exception the author gives unlimited permission to copy and/or distribute it, with or without diff --git a/configure.ac b/configure.ac index c6c6dc8..e42f178 100644 --- a/configure.ac +++ b/configure.ac @@ -810,7 +810,7 @@ AH_BOTTOM([ #define GPG_ERR_ENABLE_ERRNO_MACROS 1 #define CRIGHTBLURB "Copyright (C) 2000 Werner Koch\n" \ - "Copyright (C) 2001--2017 g10 Code GmbH\n" + "Copyright (C) 2001--2018 g10 Code GmbH\n" ]) diff --git a/lang/python/README b/lang/python/README index 49e8820..99da4dd 100644 --- a/lang/python/README +++ b/lang/python/README @@ -1,6 +1,6 @@ - ??????????????????????????????????????????????????????????????????????????????????????????????????? - GPG - GPGME BINDINGS FOR PYTHON - ??????????????????????????????????????????????????????????????????????????????????????????????????? + ??????????????????????????????????????????????????????????????????????????????????????????????????? + GPG - GPGME BINDINGS FOR PYTHON + ??????????????????????????????????????????????????????????????????????????????????????????????????? Table of Contents @@ -13,7 +13,7 @@ Table of Contents The "gpg" module is a python interface to the GPGME library: -[https://www.gnupg.org/related_software/gpgme/] +[https://www.gnupg.org/software/gpgme/] "gpg" offers two interfaces, one is a high-level, curated, and idiomatic interface that is implemented as a shim on top of the low-level @@ -36,8 +36,8 @@ functionality of the underlying library. 2 Bugs ?????????????????? - Please report bugs using our bug tracker using the category 'gpgme', - and topic 'python': [https://bugs.gnupg.org/gnupg/] + Please report bugs using our bug tracker [https://bugs.gnupg.org] with + tag (aka project) 'gpgme'. 3 Authors diff --git a/lang/python/README.org b/lang/python/README.org index 22e7d1f..cba9966 100644 --- a/lang/python/README.org +++ b/lang/python/README.org @@ -1,8 +1,8 @@ #+TITLE: gpg - GPGME bindings for Python - +#+OPTIONS: author:nil The "gpg" module is a python interface to the GPGME library: -https://www.gnupg.org/related_software/gpgme/ +[[https://www.gnupg.org/software/gpgme/]] "gpg" offers two interfaces, one is a high-level, curated, and idiomatic interface that is implemented as a shim on top of the @@ -21,9 +21,8 @@ https://lists.gnupg.org/mailman/listinfo/gnupg-devel * Bugs -Please report bugs using our bug tracker using the category 'gpgme', -and topic 'python': -https://bugs.gnupg.org/gnupg/ +Please report bugs using our bug tracker +[[https://bugs.gnupg.org]] with tag (aka project) 'gpgme'. * Authors diff --git a/src/gpgme.h.in b/src/gpgme.h.in index 84516f9..49fafb9 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -1,6 +1,6 @@ /* gpgme.h - Public interface to GnuPG Made Easy. -*- c -*- * Copyright (C) 2000 Werner Koch (dd9jn) - * Copyright (C) 2001-2017 g10 Code GmbH + * Copyright (C) 2001-2018 g10 Code GmbH * * This file is part of GPGME. * @@ -16,6 +16,7 @@ * * You should have received a copy of the GNU Lesser General Public * License along with this program; if not, see . + * SPDX-License-Identifier: LGPL-2.1+ * * Generated from gpgme.h.in for @GPGME_CONFIG_HOST at . */ diff --git a/src/versioninfo.rc.in b/src/versioninfo.rc.in index 2b1cc81..88b662e 100644 --- a/src/versioninfo.rc.in +++ b/src/versioninfo.rc.in @@ -39,7 +39,7 @@ BEGIN VALUE "FileDescription", "GPGME - GnuPG Made Easy\0" VALUE "FileVersion", "@LIBGPGME_LT_CURRENT at .@LIBGPGME_LT_AGE at .@LIBGPGME_LT_REVISION at .@BUILD_REVISION@\0" VALUE "InternalName", "gpgme\0" - VALUE "LegalCopyright", "Copyright ? 2001-2017 g10 Code GmbH\0" + VALUE "LegalCopyright", "Copyright ? 2001-2018 g10 Code GmbH\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "gpgme.dll\0" VALUE "PrivateBuild", "\0" commit 1ae83de262021d7e3676b1466c56d6ebc2ea70c8 Author: Werner Koch Date: Wed Apr 18 19:28:51 2018 +0200 doc: Unify comment style in gpgme.h -- Signed-off-by: Werner Koch diff --git a/src/gpgme.h.in b/src/gpgme.h.in index e3a2eea..84516f9 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -37,14 +37,14 @@ extern "C" { /* The version of this header should match the one of the library. Do - not use this symbol in your application, use gpgme_check_version - instead. The purpose of this macro is to let autoconf (using the - AM_PATH_GPGME macro) check that this header matches the installed - library. */ + * not use this symbol in your application, use gpgme_check_version + * instead. The purpose of this macro is to let autoconf (using the + * AM_PATH_GPGME macro) check that this header matches the installed + * library. */ #define GPGME_VERSION "@PACKAGE_VERSION@" /* The version number of this header. It may be used to handle minor - API incompatibilities. */ + * API incompatibilities. */ #define GPGME_VERSION_NUMBER @VERSION_NUMBER@ @@ -87,7 +87,7 @@ extern "C" { /* The macro _GPGME_DEPRECATED_OUTSIDE_GPGME suppresses warnings for - fields we must access in GPGME for ABI compatibility. */ + * fields we must access in GPGME for ABI compatibility. */ #ifdef _GPGME_IN_GPGME #define _GPGME_DEPRECATED_OUTSIDE_GPGME(a,b) #else @@ -113,7 +113,7 @@ extern "C" { */ /* The context holds some global state and configuration options, as - well as the results of a crypto operation. */ + * well as the results of a crypto operation. */ struct gpgme_context; typedef struct gpgme_context *gpgme_ctx_t; @@ -124,7 +124,8 @@ typedef struct gpgme_data *gpgme_data_t; /* - * Wrappers for the libgpg-error library. + * Wrappers for the libgpg-error library. They are generally not + * needed and the gpg-error versions may be used instead. */ typedef gpg_error_t gpgme_error_t; @@ -140,7 +141,7 @@ gpgme_err_make (gpgme_err_source_t source, gpgme_err_code_t code) /* The user can define GPGME_ERR_SOURCE_DEFAULT before including this - file to specify a default source for gpgme_error. */ + * file to specify a default source for gpgme_error. */ #ifndef GPGME_ERR_SOURCE_DEFAULT #define GPGME_ERR_SOURCE_DEFAULT GPG_ERR_SOURCE_USER_1 #endif @@ -167,45 +168,46 @@ gpgme_err_source (gpgme_error_t err) /* Return a pointer to a string containing a description of the error - code in the error value ERR. This function is not thread safe. */ + * code in the error value ERR. This function is not thread safe. */ const char *gpgme_strerror (gpgme_error_t err); /* Return the error string for ERR in the user-supplied buffer BUF of - size BUFLEN. This function is, in contrast to gpg_strerror, - thread-safe if a thread-safe strerror_r() function is provided by - the system. If the function succeeds, 0 is returned and BUF - contains the string describing the error. If the buffer was not - large enough, ERANGE is returned and BUF contains as much of the - beginning of the error string as fits into the buffer. */ + * size BUFLEN. This function is, in contrast to gpg_strerror, + * thread-safe if a thread-safe strerror_r() function is provided by + * the system. If the function succeeds, 0 is returned and BUF + * contains the string describing the error. If the buffer was not + * large enough, ERANGE is returned and BUF contains as much of the + * beginning of the error string as fits into the buffer. */ int gpgme_strerror_r (gpg_error_t err, char *buf, size_t buflen); /* Return a pointer to a string containing a description of the error - source in the error value ERR. */ + * source in the error value ERR. */ const char *gpgme_strsource (gpgme_error_t err); /* Retrieve the error code for the system error ERR. This returns - GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report - this). */ + * GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped (report + * this). */ gpgme_err_code_t gpgme_err_code_from_errno (int err); /* Retrieve the system error for the error code CODE. This returns 0 - if CODE is not a system error code. */ + * if CODE is not a system error code. */ int gpgme_err_code_to_errno (gpgme_err_code_t code); /* Retrieve the error code directly from the ERRNO variable. This - returns GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped - (report this) and GPG_ERR_MISSING_ERRNO if ERRNO has the value 0. */ + * returns GPG_ERR_UNKNOWN_ERRNO if the system error is not mapped + * (report this) and GPG_ERR_MISSING_ERRNO if ERRNO has the value 0. */ gpgme_err_code_t gpgme_err_code_from_syserror (void); /* Set the ERRNO variable. This function is the preferred way to set - ERRNO due to peculiarities on WindowsCE. */ + * ERRNO due to peculiarities on WindowsCE. */ void gpgme_err_set_errno (int err); /* Return an error value with the error source SOURCE and the system - error ERR. FIXME: Should be inline. */ + * error ERR. FIXME: Should be inline. */ gpgme_error_t gpgme_err_make_from_errno (gpgme_err_source_t source, int err); -/* Return an error value with the system error ERR. FIXME: Should be inline. */ +/* Return an error value with the system error ERR. + * inline. */ gpgme_error_t gpgme_error_from_errno (int err); @@ -419,7 +421,7 @@ struct _gpgme_sig_notation struct _gpgme_sig_notation *next; /* If NAME is a null pointer, then VALUE contains a policy URL - rather than a notation. */ + * rather than a notation. */ char *name; /* The value of the notation data. */ @@ -634,10 +636,10 @@ struct _gpgme_key_sig /* Same as in gpgme_signature_t. */ gpgme_error_t status; + /* Deprecated; use SIG_CLASS instead. */ #ifdef __cplusplus unsigned int _obsolete_class _GPGME_DEPRECATED(0,4); #else - /* Must be set to SIG_CLASS below. */ unsigned int class _GPGME_DEPRECATED_OUTSIDE_GPGME(0,4); #endif @@ -876,10 +878,10 @@ gpgme_error_t gpgme_set_protocol (gpgme_ctx_t ctx, gpgme_protocol_t proto); gpgme_protocol_t gpgme_get_protocol (gpgme_ctx_t ctx); /* Set the crypto protocol to be used by CTX to PROTO. - gpgme_set_protocol actually sets the backend engine. This sets the - crypto protocol used in engines that support more than one crypto - prococol (for example, an UISERVER can support OpenPGP and CMS). - This is reset to the default with gpgme_set_protocol. */ + * gpgme_set_protocol actually sets the backend engine. This sets the + * crypto protocol used in engines that support more than one crypto + * prococol (for example, an UISERVER can support OpenPGP and CMS). + * This is reset to the default with gpgme_set_protocol. */ gpgme_error_t gpgme_set_sub_protocol (gpgme_ctx_t ctx, gpgme_protocol_t proto); @@ -931,47 +933,47 @@ gpgme_error_t gpgme_set_pinentry_mode (gpgme_ctx_t ctx, gpgme_pinentry_mode_t gpgme_get_pinentry_mode (gpgme_ctx_t ctx); /* Set the passphrase callback function in CTX to CB. HOOK_VALUE is - passed as first argument to the passphrase callback function. */ + * passed as first argument to the passphrase callback function. */ void gpgme_set_passphrase_cb (gpgme_ctx_t ctx, gpgme_passphrase_cb_t cb, void *hook_value); /* Get the current passphrase callback function in *CB and the current - hook value in *HOOK_VALUE. */ + * hook value in *HOOK_VALUE. */ void gpgme_get_passphrase_cb (gpgme_ctx_t ctx, gpgme_passphrase_cb_t *cb, void **hook_value); /* Set the progress callback function in CTX to CB. HOOK_VALUE is - passed as first argument to the progress callback function. */ + * passed as first argument to the progress callback function. */ void gpgme_set_progress_cb (gpgme_ctx_t c, gpgme_progress_cb_t cb, void *hook_value); /* Get the current progress callback function in *CB and the current - hook value in *HOOK_VALUE. */ + * hook value in *HOOK_VALUE. */ void gpgme_get_progress_cb (gpgme_ctx_t ctx, gpgme_progress_cb_t *cb, void **hook_value); /* Set the status callback function in CTX to CB. HOOK_VALUE is - passed as first argument to the status callback function. */ + * passed as first argument to the status callback function. */ void gpgme_set_status_cb (gpgme_ctx_t c, gpgme_status_cb_t cb, void *hook_value); /* Get the current status callback function in *CB and the current - hook value in *HOOK_VALUE. */ + * hook value in *HOOK_VALUE. */ void gpgme_get_status_cb (gpgme_ctx_t ctx, gpgme_status_cb_t *cb, void **hook_value); /* This function sets the locale for the context CTX, or the default - locale if CTX is a null pointer. */ + * locale if CTX is a null pointer. */ gpgme_error_t gpgme_set_locale (gpgme_ctx_t ctx, int category, const char *value); /* Get the information about the configured engines. A pointer to the - first engine in the statically allocated linked list is returned. - The returned data is valid until the next gpgme_ctx_set_engine_info. */ + * first engine in the statically allocated linked list is returned. + * The returned data is valid until the next gpgme_ctx_set_engine_info. */ gpgme_engine_info_t gpgme_ctx_get_engine_info (gpgme_ctx_t ctx); /* Set the engine info for the context CTX, protocol PROTO, to the - file name FILE_NAME and the home directory HOME_DIR. */ + * file name FILE_NAME and the home directory HOME_DIR. */ gpgme_error_t gpgme_ctx_set_engine_info (gpgme_ctx_t ctx, gpgme_protocol_t proto, const char *file_name, @@ -993,10 +995,10 @@ gpgme_key_t gpgme_signers_enum (const gpgme_ctx_t ctx, int seq); void gpgme_sig_notation_clear (gpgme_ctx_t ctx); /* Add the human-readable notation data with name NAME and value VALUE - to the context CTX, using the flags FLAGS. If NAME is NULL, then - VALUE should be a policy URL. The flag - GPGME_SIG_NOTATION_HUMAN_READABLE is forced to be true for notation - data, and false for policy URLs. */ + * to the context CTX, using the flags FLAGS. If NAME is NULL, then + * VALUE should be a policy URL. The flag + * GPGME_SIG_NOTATION_HUMAN_READABLE is forced to be true for notation + * data, and false for policy URLs. */ gpgme_error_t gpgme_sig_notation_add (gpgme_ctx_t ctx, const char *name, const char *value, gpgme_sig_notation_flags_t flags); @@ -1020,17 +1022,17 @@ const char *gpgme_get_sender (gpgme_ctx_t ctx); typedef gpgme_error_t (*gpgme_io_cb_t) (void *data, int fd); /* The type of a function that can register FNC as the I/O callback - function for the file descriptor FD with direction dir (0: for writing, - 1: for reading). FNC_DATA should be passed as DATA to FNC. The - function should return a TAG suitable for the corresponding - gpgme_remove_io_cb_t, and an error value. */ + * function for the file descriptor FD with direction dir (0: for writing, + * 1: for reading). FNC_DATA should be passed as DATA to FNC. The + * function should return a TAG suitable for the corresponding + * gpgme_remove_io_cb_t, and an error value. */ typedef gpgme_error_t (*gpgme_register_io_cb_t) (void *data, int fd, int dir, gpgme_io_cb_t fnc, void *fnc_data, void **tag); /* The type of a function that can remove a previously registered I/O - callback function given TAG as returned by the register - function. */ + * callback function given TAG as returned by the register + * function. */ typedef void (*gpgme_remove_io_cb_t) (void *tag); typedef enum @@ -1045,7 +1047,7 @@ gpgme_event_io_t; struct gpgme_io_event_done_data { /* A fatal IPC error or an operational error in state-less - protocols. */ + * protocols. */ gpgme_error_t err; /* An operational errors in session-based protocols. */ @@ -1054,7 +1056,7 @@ struct gpgme_io_event_done_data typedef struct gpgme_io_event_done_data *gpgme_io_event_done_data_t; /* The type of a function that is called when a context finished an - operation. */ + * operation. */ typedef void (*gpgme_event_io_cb_t) (void *data, gpgme_event_io_t type, void *type_data); @@ -1075,13 +1077,13 @@ void gpgme_set_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs); void gpgme_get_io_cbs (gpgme_ctx_t ctx, gpgme_io_cbs_t io_cbs); /* Wrappers around the internal I/O functions for use with - gpgme_passphrase_cb_t and gpgme_interact_cb_t. */ + * gpgme_passphrase_cb_t and gpgme_interact_cb_t. */ @API__SSIZE_T@ gpgme_io_read (int fd, void *buffer, size_t count); @API__SSIZE_T@ gpgme_io_write (int fd, const void *buffer, size_t count); int gpgme_io_writen (int fd, const void *buffer, size_t count); /* Process the pending operation and, if HANG is non-zero, wait for - the pending operation to finish. */ + * the pending operation to finish. */ gpgme_ctx_t gpgme_wait (gpgme_ctx_t ctx, gpgme_error_t *status, int hang); gpgme_ctx_t gpgme_wait_ext (gpgme_ctx_t ctx, gpgme_error_t *status, @@ -1100,21 +1102,21 @@ gpgme_error_t gpgme_cancel_async (gpgme_ctx_t ctx); */ /* Read up to SIZE bytes into buffer BUFFER from the data object with - the handle HANDLE. Return the number of characters read, 0 on EOF - and -1 on error. If an error occurs, errno is set. */ + * the handle HANDLE. Return the number of characters read, 0 on EOF + * and -1 on error. If an error occurs, errno is set. */ typedef @API__SSIZE_T@ (*gpgme_data_read_cb_t) (void *handle, void *buffer, size_t size); /* Write up to SIZE bytes from buffer BUFFER to the data object with - the handle HANDLE. Return the number of characters written, or -1 - on error. If an error occurs, errno is set. */ + * the handle HANDLE. Return the number of characters written, or -1 + * on error. If an error occurs, errno is set. */ typedef @API__SSIZE_T@ (*gpgme_data_write_cb_t) (void *handle, const void *buffer, size_t size); /* Set the current position from where the next read or write starts - in the data object with the handle HANDLE to OFFSET, relativ to - WHENCE. Returns the new offset in bytes from the beginning of the - data object. */ + * in the data object with the handle HANDLE to OFFSET, relativ to + * WHENCE. Returns the new offset in bytes from the beginning of the + * data object. */ typedef @API__OFF_T@ (*gpgme_data_seek_cb_t) (void *handle, @API__OFF_T@ offset, int whence); @@ -1131,19 +1133,19 @@ struct gpgme_data_cbs typedef struct gpgme_data_cbs *gpgme_data_cbs_t; /* Read up to SIZE bytes into buffer BUFFER from the data object with - the handle DH. Return the number of characters read, 0 on EOF and - -1 on error. If an error occurs, errno is set. */ + * the handle DH. Return the number of characters read, 0 on EOF and + * -1 on error. If an error occurs, errno is set. */ @API__SSIZE_T@ gpgme_data_read (gpgme_data_t dh, void *buffer, size_t size); /* Write up to SIZE bytes from buffer BUFFER to the data object with - the handle DH. Return the number of characters written, or -1 on - error. If an error occurs, errno is set. */ + * the handle DH. Return the number of characters written, or -1 on + * error. If an error occurs, errno is set. */ @API__SSIZE_T@ gpgme_data_write (gpgme_data_t dh, const void *buffer, size_t size); /* Set the current position from where the next read or write starts - in the data object with the handle DH to OFFSET, relativ to WHENCE. - Returns the new offset in bytes from the beginning of the data - object. */ + * in the data object with the handle DH to OFFSET, relativ to WHENCE. + * Returns the new offset in bytes from the beginning of the data + * object. */ @API__OFF_T@ gpgme_data_seek (gpgme_data_t dh, @API__OFF_T@ offset, int whence); /* Create a new data buffer and return it in R_DH. */ @@ -1153,19 +1155,19 @@ gpgme_error_t gpgme_data_new (gpgme_data_t *r_dh); void gpgme_data_release (gpgme_data_t dh); /* Create a new data buffer filled with SIZE bytes starting from - BUFFER. If COPY is zero, copying is delayed until necessary, and - the data is taken from the original location when needed. */ + * BUFFER. If COPY is zero, copying is delayed until necessary, and + * the data is taken from the original location when needed. */ gpgme_error_t gpgme_data_new_from_mem (gpgme_data_t *r_dh, const char *buffer, size_t size, int copy); /* Destroy the data buffer DH and return a pointer to its content. - The memory has be to released with gpgme_free() by the user. It's - size is returned in R_LEN. */ + * The memory has be to released with gpgme_free() by the user. It's + * size is returned in R_LEN. */ char *gpgme_data_release_and_get_mem (gpgme_data_t dh, size_t *r_len); /* Release the memory returned by gpgme_data_release_and_get_mem() and - some other functions. */ + * some other functions. */ void gpgme_free (void *buffer); gpgme_error_t gpgme_data_new_from_cbs (gpgme_data_t *dh, @@ -1184,11 +1186,11 @@ gpgme_error_t gpgme_data_set_encoding (gpgme_data_t dh, gpgme_data_encoding_t enc); /* Get the file name associated with the data object with handle DH, or - NULL if there is none. */ + * NULL if there is none. */ char *gpgme_data_get_file_name (gpgme_data_t dh); /* Set the file name associated with the data object with handle DH to - FILE_NAME. */ + * FILE_NAME. */ gpgme_error_t gpgme_data_set_file_name (gpgme_data_t dh, const char *file_name); @@ -1201,15 +1203,15 @@ gpgme_data_type_t gpgme_data_identify (gpgme_data_t dh, int reserved); /* Create a new data buffer filled with the content of file FNAME. - COPY must be non-zero. For delayed read, please use - gpgme_data_new_from_fd or gpgme_data_new_from_stream instead. */ + * COPY must be non-zero. For delayed read, please use + * gpgme_data_new_from_fd or gpgme_data_new_from_stream instead. */ gpgme_error_t gpgme_data_new_from_file (gpgme_data_t *r_dh, const char *fname, int copy); /* Create a new data buffer filled with LENGTH bytes starting from - OFFSET within the file FNAME or stream FP (exactly one must be - non-zero). */ + * OFFSET within the file FNAME or stream FP (exactly one must be + * non-zero). */ gpgme_error_t gpgme_data_new_from_filepart (gpgme_data_t *r_dh, const char *fname, FILE *fp, @API__OFF_T@ offset, size_t length); @@ -1224,7 +1226,7 @@ gpgme_error_t gpgme_data_rewind (gpgme_data_t dh); */ /* Get the key with the fingerprint FPR from the crypto backend. If - SECRET is true, get the secret key. */ + * SECRET is true, get the secret key. */ gpgme_error_t gpgme_get_key (gpgme_ctx_t ctx, const char *fpr, gpgme_key_t *r_key, int secret); @@ -1235,7 +1237,7 @@ gpgme_error_t gpgme_key_from_uid (gpgme_key_t *key, const char *name); void gpgme_key_ref (gpgme_key_t key); /* Release a reference to KEY. If this was the last one the key is - destroyed. */ + * destroyed. */ void gpgme_key_unref (gpgme_key_t key); void gpgme_key_release (gpgme_key_t key); @@ -1274,7 +1276,7 @@ typedef enum gpgme_encrypt_flags_t; /* Encrypt plaintext PLAIN within CTX for the recipients RECP and - store the resulting ciphertext in CIPHER. */ + * store the resulting ciphertext in CIPHER. */ gpgme_error_t gpgme_op_encrypt_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, gpgme_data_t plain, @@ -1295,8 +1297,8 @@ gpgme_error_t gpgme_op_encrypt_ext (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_data_t cipher); /* Encrypt plaintext PLAIN within CTX for the recipients RECP and - store the resulting ciphertext in CIPHER. Also sign the ciphertext - with the signers in CTX. */ + * store the resulting ciphertext in CIPHER. Also sign the ciphertext + * with the signers in CTX. */ gpgme_error_t gpgme_op_encrypt_sign_start (gpgme_ctx_t ctx, gpgme_key_t recp[], gpgme_encrypt_flags_t flags, @@ -1344,6 +1346,7 @@ struct _gpgme_recipient }; typedef struct _gpgme_recipient *gpgme_recipient_t; + /* An object to return results from a decryption operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ @@ -1367,22 +1370,24 @@ struct _gpgme_op_decrypt_result gpgme_recipient_t recipients; /* The original file name of the plaintext message, if - available. */ + * available. */ char *file_name; /* A textual representation of the session key used to decrypt the * message, if available */ char *session_key; - /* A string with the symmetric encryption algorithm and mode using - * the format ".". */ + /* A string with the symmetric encryption algorithm and mode using + * the format ".". */ char *symkey_algo; }; typedef struct _gpgme_op_decrypt_result *gpgme_decrypt_result_t; + /* Retrieve a pointer to the result of the decrypt operation. */ gpgme_decrypt_result_t gpgme_op_decrypt_result (gpgme_ctx_t ctx); + /* The valid decryption flags. */ typedef enum { @@ -1391,15 +1396,16 @@ typedef enum } gpgme_decrypt_flags_t; + /* Decrypt ciphertext CIPHER within CTX and store the resulting - plaintext in PLAIN. */ + * plaintext in PLAIN. */ gpgme_error_t gpgme_op_decrypt_start (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); gpgme_error_t gpgme_op_decrypt (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); /* Decrypt ciphertext CIPHER and make a signature verification within - CTX and store the resulting plaintext in PLAIN. */ + * CTX and store the resulting plaintext in PLAIN. */ gpgme_error_t gpgme_op_decrypt_verify_start (gpgme_ctx_t ctx, gpgme_data_t cipher, gpgme_data_t plain); @@ -1441,7 +1447,7 @@ struct _gpgme_new_signature gpgme_hash_algo_t hash_algo; /* Internal to GPGME, do not use. Must be set to the same value as - CLASS below. */ + * CLASS below. */ unsigned long _obsolete_class; /* Signature creation time. */ @@ -1450,10 +1456,10 @@ struct _gpgme_new_signature /* The fingerprint of the signature. */ char *fpr; + /* Deprecated; use SIG_CLASS instead. */ #ifdef __cplusplus unsigned int _obsolete_class_2; #else - /* Must be set to SIG_CLASS below. */ unsigned int class _GPGME_DEPRECATED_OUTSIDE_GPGME(0,4); #endif @@ -1474,6 +1480,7 @@ struct _gpgme_op_sign_result }; typedef struct _gpgme_op_sign_result *gpgme_sign_result_t; + /* Retrieve a pointer to the result of the signing operation. */ gpgme_sign_result_t gpgme_op_sign_result (gpgme_ctx_t ctx); @@ -1567,6 +1574,7 @@ struct _gpgme_signature }; typedef struct _gpgme_signature *gpgme_signature_t; + /* An object to return the results of a verify operation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ @@ -1586,6 +1594,7 @@ struct _gpgme_op_verify_result }; typedef struct _gpgme_op_verify_result *gpgme_verify_result_t; + /* Retrieve a pointer to the result of the verify operation. */ gpgme_verify_result_t gpgme_op_verify_result (gpgme_ctx_t ctx); @@ -1630,6 +1639,7 @@ struct _gpgme_import_status }; typedef struct _gpgme_import_status *gpgme_import_status_t; + /* Import result object. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ @@ -1685,6 +1695,7 @@ struct _gpgme_op_import_result }; typedef struct _gpgme_op_import_result *gpgme_import_result_t; + /* Retrieve a pointer to the result of the import operation. */ gpgme_import_result_t gpgme_op_import_result (gpgme_ctx_t ctx); @@ -1742,6 +1753,7 @@ gpgme_error_t gpgme_op_export_keys (gpgme_ctx_t ctx, #define GPGME_CREATE_FORCE (1 << 12) /* Force creation. */ #define GPGME_CREATE_NOEXPIRE (1 << 13) /* Create w/o expiration. */ + /* An object to return result from a key generation. * This structure shall be considered read-only and an application * must not allocate such a structure on its own. */ @@ -1772,9 +1784,10 @@ struct _gpgme_op_genkey_result }; typedef struct _gpgme_op_genkey_result *gpgme_genkey_result_t; + /* Generate a new keypair and add it to the keyring. PUBKEY and - SECKEY should be null for now. PARMS specifies what keys should be - generated. */ + * SECKEY should be null for now. PARMS specifies what keys should be + * generated. */ gpgme_error_t gpgme_op_genkey_start (gpgme_ctx_t ctx, const char *parms, gpgme_data_t pubkey, gpgme_data_t seckey); gpgme_error_t gpgme_op_genkey (gpgme_ctx_t ctx, const char *parms, @@ -1840,7 +1853,7 @@ gpgme_genkey_result_t gpgme_op_genkey_result (gpgme_ctx_t ctx); /* Delete KEY from the keyring. If ALLOW_SECRET is non-zero, secret - keys are also deleted. */ + * keys are also deleted. */ gpgme_error_t gpgme_op_delete_start (gpgme_ctx_t ctx, const gpgme_key_t key, int allow_secret); gpgme_error_t gpgme_op_delete (gpgme_ctx_t ctx, const gpgme_key_t key, @@ -1959,7 +1972,7 @@ gpgme_error_t gpgme_op_keylist_end (gpgme_ctx_t ctx); */ /* Change the passphrase for KEY. FLAGS is reserved for future use - and must be passed as 0. */ + * and must be passed as 0. */ gpgme_error_t gpgme_op_passwd_start (gpgme_ctx_t ctx, gpgme_key_t key, unsigned int flags); gpgme_error_t gpgme_op_passwd (gpgme_ctx_t ctx, gpgme_key_t key, @@ -2024,7 +2037,7 @@ gpgme_error_t gpgme_op_trustlist_end (gpgme_ctx_t ctx); void gpgme_trust_item_ref (gpgme_trust_item_t item); /* Release a reference to ITEM. If this was the last one the trust - item is destroyed. */ + * item is destroyed. */ void gpgme_trust_item_unref (gpgme_trust_item_t item); @@ -2054,8 +2067,8 @@ gpgme_error_t gpgme_op_getauditlog (gpgme_ctx_t ctx, gpgme_data_t output, /* Run the command FILE with the arguments in ARGV. Connect stdin to - DATAIN, stdout to DATAOUT, and STDERR to DATAERR. If one the data - streams is NULL, connect to /dev/null instead. */ + * DATAIN, stdout to DATAOUT, and STDERR to DATAERR. If one the data + * streams is NULL, connect to /dev/null instead. */ gpgme_error_t gpgme_op_spawn_start (gpgme_ctx_t ctx, const char *file, const char *argv[], gpgme_data_t datain, @@ -2071,6 +2084,7 @@ gpgme_error_t gpgme_op_spawn (gpgme_ctx_t ctx, /* * Low-level Assuan protocol access. */ + typedef gpgme_error_t (*gpgme_assuan_data_cb_t) (void *opaque, const void *data, size_t datalen); @@ -2082,7 +2096,7 @@ typedef gpgme_error_t (*gpgme_assuan_status_cb_t) (void *opaque, const char *status, const char *args); /* Send the Assuan COMMAND and return results via the callbacks. - Asynchronous variant. */ + * Asynchronous variant. */ gpgme_error_t gpgme_op_assuan_transact_start (gpgme_ctx_t ctx, const char *command, gpgme_assuan_data_cb_t data_cb, @@ -2093,7 +2107,7 @@ gpgme_error_t gpgme_op_assuan_transact_start (gpgme_ctx_t ctx, void *stat_cb_value); /* Send the Assuan COMMAND and return results via the callbacks. - Synchronous variant. */ + * Synchronous variant. */ gpgme_error_t gpgme_op_assuan_transact_ext (gpgme_ctx_t ctx, const char *command, gpgme_assuan_data_cb_t data_cb, @@ -2121,8 +2135,8 @@ typedef struct _gpgme_op_vfs_mount_result *gpgme_vfs_mount_result_t; gpgme_vfs_mount_result_t gpgme_op_vfs_mount_result (gpgme_ctx_t ctx); /* The container is automatically unmounted when the context is reset - or destroyed. Transmission errors are returned directly, - operational errors are returned in OP_ERR. */ + * or destroyed. Transmission errors are returned directly, + * operational errors are returned in OP_ERR. */ gpgme_error_t gpgme_op_vfs_mount (gpgme_ctx_t ctx, const char *container_file, const char *mount_dir, unsigned int flags, gpgme_error_t *op_err); @@ -2137,8 +2151,8 @@ gpgme_error_t gpgme_op_vfs_create (gpgme_ctx_t ctx, gpgme_key_t recp[], */ /* The expert level at which a configuration option or group of - options should be displayed. See the gpgconf(1) documentation for - more details. */ + * options should be displayed. See the gpgconf(1) documentation for + * more details. */ typedef enum { GPGME_CONF_BASIC = 0, @@ -2151,7 +2165,7 @@ gpgme_conf_level_t; /* The data type of a configuration option argument. See the gpgconf(1) - documentation for more details. */ + * documentation for more details. */ typedef enum { /* Basic types. */ @@ -2175,7 +2189,7 @@ gpgme_conf_type_t; /* This represents a single argument for a configuration option. - Which of the members of value is used depends on the ALT_TYPE. */ + * Which of the members of value is used depends on the ALT_TYPE. */ typedef struct gpgme_conf_arg { struct gpgme_conf_arg *next; @@ -2192,7 +2206,7 @@ typedef struct gpgme_conf_arg /* The flags of a configuration option. See the gpgconf - documentation for details. */ + * documentation for details. */ #define GPGME_CONF_GROUP (1 << 0) #define GPGME_CONF_OPTIONAL (1 << 1) #define GPGME_CONF_LIST (1 << 2) @@ -2204,7 +2218,7 @@ typedef struct gpgme_conf_arg /* The representation of a single configuration option. See the - gpg-conf documentation for details. */ + * gpg-conf documentation for details. */ typedef struct gpgme_conf_opt { struct gpgme_conf_opt *next; @@ -2249,7 +2263,7 @@ typedef struct gpgme_conf_opt /* The representation of a component that can be configured. See the - gpg-conf documentation for details. */ + * gpg-conf documentation for details. */ typedef struct gpgme_conf_comp { struct gpgme_conf_comp *next; @@ -2272,9 +2286,9 @@ typedef struct gpgme_conf_comp /* Allocate a new gpgme_conf_arg_t. If VALUE is NULL, a "no arg - default" is prepared. If type is a string type, VALUE should point - to the string. Else, it should point to an unsigned or signed - integer respectively. */ + * default" is prepared. If type is a string type, VALUE should point + * to the string. Else, it should point to an unsigned or signed + * integer respectively. */ gpgme_error_t gpgme_conf_arg_new (gpgme_conf_arg_t *arg_p, gpgme_conf_type_t type, const void *value); @@ -2282,10 +2296,10 @@ gpgme_error_t gpgme_conf_arg_new (gpgme_conf_arg_t *arg_p, void gpgme_conf_arg_release (gpgme_conf_arg_t arg, gpgme_conf_type_t type); /* Register a change for the value of OPT to ARG. If RESET is 1 (do - not use any values but 0 or 1), ARG is ignored and the option is - not changed (reverting a previous change). Otherwise, if ARG is - NULL, the option is cleared or reset to its default. The change - is done with gpgconf's --runtime option to immediately take effect. */ + * not use any values but 0 or 1), ARG is ignored and the option is + * not changed (reverting a previous change). Otherwise, if ARG is + * NULL, the option is cleared or reset to its default. The change + * is done with gpgconf's --runtime option to immediately take effect. */ gpgme_error_t gpgme_conf_opt_change (gpgme_conf_opt_t opt, int reset, gpgme_conf_arg_t arg); @@ -2376,16 +2390,17 @@ gpgme_query_swdb_result_t gpgme_op_query_swdb_result (gpgme_ctx_t ctx); int gpgme_set_global_flag (const char *name, const char *value); /* Check that the library fulfills the version requirement. Note: - This is here only for the case where a user takes a pointer from - the old version of this function. The new version and macro for - run-time checks are below. */ + * This is here only for the case where a user takes a pointer from + * the old version of this function. The new version and macro for + * run-time checks are below. */ const char *gpgme_check_version (const char *req_version); -/* Check that the library fulfills the version requirement and check - for struct layout mismatch involving bitfields. */ +/* Do not call this directly; use the macro below. */ const char *gpgme_check_version_internal (const char *req_version, size_t offset_sig_validity); +/* Check that the library fulfills the version requirement and check + * for struct layout mismatch involving bitfields. */ #define gpgme_check_version(req_version) \ gpgme_check_version_internal (req_version, \ offsetof (struct _gpgme_signature, validity)) @@ -2394,19 +2409,19 @@ const char *gpgme_check_version_internal (const char *req_version, const char *gpgme_get_dirinfo (const char *what); /* Get the information about the configured and installed engines. A - pointer to the first engine in the statically allocated linked list - is returned in *INFO. If an error occurs, it is returned. The - returned data is valid until the next gpgme_set_engine_info. */ + * pointer to the first engine in the statically allocated linked list + * is returned in *INFO. If an error occurs, it is returned. The + * returned data is valid until the next gpgme_set_engine_info. */ gpgme_error_t gpgme_get_engine_info (gpgme_engine_info_t *engine_info); /* Set the default engine info for the protocol PROTO to the file name - FILE_NAME and the home directory HOME_DIR. */ + * FILE_NAME and the home directory HOME_DIR. */ gpgme_error_t gpgme_set_engine_info (gpgme_protocol_t proto, const char *file_name, const char *home_dir); /* Verify that the engine implementing PROTO is installed and - available. */ + * available. */ gpgme_error_t gpgme_engine_check_version (gpgme_protocol_t proto); @@ -2415,15 +2430,15 @@ void gpgme_result_ref (void *result); void gpgme_result_unref (void *result); /* Return a public key algorithm string (e.g. "rsa2048"). Caller must - free using gpgme_free. */ + * free using gpgme_free. */ char *gpgme_pubkey_algo_string (gpgme_subkey_t subkey); /* Return a statically allocated string with the name of the public - key algorithm ALGO, or NULL if that name is not known. */ + * key algorithm ALGO, or NULL if that name is not known. */ const char *gpgme_pubkey_algo_name (gpgme_pubkey_algo_t algo); /* Return a statically allocated string with the name of the hash - algorithm ALGO, or NULL if that name is not known. */ + * algorithm ALGO, or NULL if that name is not known. */ const char *gpgme_hash_algo_name (gpgme_hash_algo_t algo); /* Return the addr-spec from a user id. Caller must free the result @@ -2575,7 +2590,7 @@ gpgme_error_t gpgme_op_card_edit (gpgme_ctx_t ctx, gpgme_key_t key, _GPGME_DEPRECATED(1,7); /* The possible signature stati. Deprecated, use error value in sig - status. */ + * status. */ typedef enum { GPGME_SIG_STAT_NONE = 0, @@ -2592,7 +2607,7 @@ _gpgme_sig_stat_t; typedef _gpgme_sig_stat_t gpgme_sig_stat_t _GPGME_DEPRECATED(0,4); /* The available key and signature attributes. Deprecated, use the - individual result structures instead. */ + * individual result structures instead. */ typedef enum { GPGME_ATTR_KEYID = 1, @@ -2632,18 +2647,18 @@ _gpgme_attr_t; typedef _gpgme_attr_t gpgme_attr_t _GPGME_DEPRECATED(0,4); /* Retrieve the signature status of signature IDX in CTX after a - successful verify operation in R_STAT (if non-null). The creation - time stamp of the signature is returned in R_CREATED (if non-null). - The function returns a string containing the fingerprint. - Deprecated, use verify result directly. */ + * successful verify operation in R_STAT (if non-null). The creation + * time stamp of the signature is returned in R_CREATED (if non-null). + * The function returns a string containing the fingerprint. + * Deprecated, use verify result directly. */ const char *gpgme_get_sig_status (gpgme_ctx_t ctx, int idx, _gpgme_sig_stat_t *r_stat, time_t *r_created) _GPGME_DEPRECATED(0,4); /* Retrieve certain attributes of a signature. IDX is the index - number of the signature after a successful verify operation. WHAT - is an attribute where GPGME_ATTR_EXPIRE is probably the most useful - one. WHATIDX is to be passed as 0 for most attributes . */ + * number of the signature after a successful verify operation. WHAT + * is an attribute where GPGME_ATTR_EXPIRE is probably the most useful + * one. WHATIDX is to be passed as 0 for most attributes . */ unsigned long gpgme_get_sig_ulong_attr (gpgme_ctx_t c, int idx, _gpgme_attr_t what, int whatidx) _GPGME_DEPRECATED(0,4); @@ -2653,13 +2668,13 @@ const char *gpgme_get_sig_string_attr (gpgme_ctx_t c, int idx, /* Get the key used to create signature IDX in CTX and return it in - R_KEY. */ + * R_KEY. */ gpgme_error_t gpgme_get_sig_key (gpgme_ctx_t ctx, int idx, gpgme_key_t *r_key) _GPGME_DEPRECATED(0,4); /* Create a new data buffer which retrieves the data from the callback - function READ_CB. Deprecated, please use gpgme_data_new_from_cbs - instead. */ + * function READ_CB. Deprecated, please use gpgme_data_new_from_cbs + * instead. */ gpgme_error_t gpgme_data_new_with_read_cb (gpgme_data_t *r_dh, int (*read_cb) (void*,char *, size_t,size_t*), @@ -2667,34 +2682,34 @@ gpgme_error_t gpgme_data_new_with_read_cb (gpgme_data_t *r_dh, _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of KEY, which has to be - representable by a string. IDX specifies the sub key or user ID - for attributes related to sub keys or user IDs. Deprecated, use - key structure directly instead. */ + * representable by a string. IDX specifies the sub key or user ID + * for attributes related to sub keys or user IDs. Deprecated, use + * key structure directly instead. */ const char *gpgme_key_get_string_attr (gpgme_key_t key, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of KEY, which has to be - representable by an unsigned integer. IDX specifies the sub key or - user ID for attributes related to sub keys or user IDs. - Deprecated, use key structure directly instead. */ + * representable by an unsigned integer. IDX specifies the sub key or + * user ID for attributes related to sub keys or user IDs. + * Deprecated, use key structure directly instead. */ unsigned long gpgme_key_get_ulong_attr (gpgme_key_t key, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of a signature on user ID - UID_IDX in KEY, which has to be representable by a string. IDX - specifies the signature. Deprecated, use key structure directly - instead. */ + * UID_IDX in KEY, which has to be representable by a string. IDX + * specifies the signature. Deprecated, use key structure directly + * instead. */ const char *gpgme_key_sig_get_string_attr (gpgme_key_t key, int uid_idx, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of a signature on user ID - UID_IDX in KEY, which has to be representable by an unsigned - integer string. IDX specifies the signature. Deprecated, use key - structure directly instead. */ + * UID_IDX in KEY, which has to be representable by an unsigned + * integer string. IDX specifies the signature. Deprecated, use key + * structure directly instead. */ unsigned long gpgme_key_sig_get_ulong_attr (gpgme_key_t key, int uid_idx, _gpgme_attr_t what, const void *reserved, int idx) @@ -2705,21 +2720,21 @@ gpgme_error_t gpgme_op_import_ext (gpgme_ctx_t ctx, gpgme_data_t keydata, int *nr) _GPGME_DEPRECATED(0,4); /* Release the trust item ITEM. Deprecated, use - gpgme_trust_item_unref. */ + * gpgme_trust_item_unref. */ void gpgme_trust_item_release (gpgme_trust_item_t item) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of ITEM, which has to be - representable by a string. Deprecated, use trust item structure - directly. */ + * representable by a string. Deprecated, use trust item structure + * directly. */ const char *gpgme_trust_item_get_string_attr (gpgme_trust_item_t item, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); /* Return the value of the attribute WHAT of KEY, which has to be - representable by an integer. IDX specifies a running index if the - attribute appears more than once in the key. Deprecated, use trust - item structure directly. */ + * representable by an integer. IDX specifies a running index if the + * attribute appears more than once in the key. Deprecated, use trust + * item structure directly. */ int gpgme_trust_item_get_int_attr (gpgme_trust_item_t item, _gpgme_attr_t what, const void *reserved, int idx) _GPGME_DEPRECATED(0,4); commit 55e9a94680370e584fbe5d21161a2cee3fe95744 Author: Werner Koch Date: Wed Apr 18 17:59:29 2018 +0200 core: New convenience constant GPGME_KEYLIST_MODE_LOCATE. * src/gpgme.h.in (GPGME_KEYLIST_MODE_LOCATE): New. Signed-off-by: Werner Koch diff --git a/NEWS b/NEWS index be3111c..b4488cc 100644 --- a/NEWS +++ b/NEWS @@ -1,7 +1,45 @@ Noteworthy changes in version 1.10.1 (unreleased) ------------------------------------------------- - * New context flag "no-symkey-cache". + * New encryption API to support direct key specification including + hidden recipients option and taking keys from a file. This also + allows to enforce the use of a subkey. + + * New encryption flag for the new API to enforce the use of plain + mail address (addr-spec). + + * The import API can now tell whether v3 keys are skipped. These old + and basically broken keys are not anymore supported by GnuPG 2.1. + + * The decrypt and verify API will now return the MIME flag as + specified by RFC-4880bis. + + * The offline mode now has an effect on gpg by disabling all network + access. [#3831] + + * A failed OpenPGP verification how returns the fingerprint of the + intended key if a recent gpg version was used for signature + creation. + + * New tool gpgme-json as native messaging server for web browsers. + As of now public key encryption and decryption is supported. + Requires Libgpg-error 1.29. + + * New context flag "request-origin" which has an effect when used + with GnuPG 2.2.6 or later. + + * New context flag "no-symkey-cache" which has an effect when used + with GnuPG 2.2.7 or later. + + * New convenience constant GPGME_KEYLIST_MODE_LOCATE. + + * Improved the Python documentation. + + * Fixed a potential regression with GnuPG 2.2.6 or later. + + * Fixed a crash in the Python bindings on 32 bit platforms. [#3892] + + * Various minor fixes. * Interface changes relative to the 1.10.0 release: ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ @@ -10,6 +48,7 @@ Noteworthy changes in version 1.10.1 (unreleased) gpgme_op_encrypt_sign_ext NEW. gpgme_op_encrypt_sign_ext_start NEW. GPGME_ENCRYPT_WANT_ADDRESS NEW. + GPGME_KEYLIST_MODE_LOCATE NEW. gpgme_import_result_t EXTENDED: New field 'skipped_v3_keys'. gpgme_decrypt_result_t EXTENDED: New field 'symkey_algo'. gpgme_decrypt_result_t EXTENDED: New field 'is_mime'. diff --git a/doc/gpgme.texi b/doc/gpgme.texi index 83348dd..20bfa23 100644 --- a/doc/gpgme.texi +++ b/doc/gpgme.texi @@ -2769,6 +2769,11 @@ type of external source is dependent on the crypto engine used and whether it is combined with @code{GPGME_KEYLIST_MODE_LOCAL}. For example, it can be a remote keyserver or LDAP certificate server. + at item GPGME_KEYLIST_MODE_LOCATE +This is a shortcut for the combination of + at code{GPGME_KEYLIST_MODE_LOCAL} and @code{GPGME_KEYLIST_MODE_EXTERN} +and convenient when the --locate-key feature of OpenPGP is desired. + @item GPGME_KEYLIST_MODE_SIGS The @code{GPGME_KEYLIST_MODE_SIGS} symbol specifies that the key signatures should be included in the listed keys. diff --git a/src/gpgme-json.c b/src/gpgme-json.c index e7aa228..0beb78f 100644 --- a/src/gpgme-json.c +++ b/src/gpgme-json.c @@ -20,8 +20,7 @@ /* This is tool implements the Native Messaging protocol of web * browsers and provides the server part of it. A Javascript based - * client can be found in lang/javascript. The used data format is - * similar to the API of openpgpjs. + * client can be found in lang/javascript. */ #include diff --git a/src/gpgme.h.in b/src/gpgme.h.in index c81e882..e3a2eea 100644 --- a/src/gpgme.h.in +++ b/src/gpgme.h.in @@ -373,6 +373,8 @@ gpgme_protocol_t; #define GPGME_KEYLIST_MODE_EPHEMERAL 128 #define GPGME_KEYLIST_MODE_VALIDATE 256 +#define GPGME_KEYLIST_MODE_LOCATE (1|2) + typedef unsigned int gpgme_keylist_mode_t; ----------------------------------------------------------------------- Summary of changes: AUTHORS | 4 +- NEWS | 49 ++++++- README | 2 +- configure.ac | 17 ++- doc/gpgme.texi | 5 + lang/python/README | 12 +- lang/python/README.org | 9 +- src/gpgme-json.c | 16 ++- src/gpgme.h.in | 340 ++++++++++++++++++++++++++----------------------- src/versioninfo.rc.in | 2 +- 10 files changed, 267 insertions(+), 189 deletions(-) hooks/post-receive -- GnuPG Made Easy http://git.gnupg.org From cvs at cvs.gnupg.org Wed Apr 18 20:48:36 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Wed, 18 Apr 2018 20:48:36 +0200 Subject: [git] gnupg-doc - branch, master, updated. d2a0b1b4bb4fe954e83c65ca3f9a9174aca068a5 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, master has been updated via d2a0b1b4bb4fe954e83c65ca3f9a9174aca068a5 (commit) from 9e4065b60ff6f313f4b7dfc54d2dca22755916c1 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit d2a0b1b4bb4fe954e83c65ca3f9a9174aca068a5 Author: Werner Koch Date: Wed Apr 18 20:41:32 2018 +0200 swdb: Release gpgme 1.11.0 diff --git a/web/index.org b/web/index.org index af086af..7ce35e0 100644 --- a/web/index.org +++ b/web/index.org @@ -65,6 +65,11 @@ The latest release news:\\ # GnuPG's latest news are available as [[http://feedvalidator.org/check.cgi?url%3Dhttps://www.gnupg.org/news.en.rss][RSS 2.0 compliant]] feed. Just # point or paste the [[news.en.rss][RSS file]] into your aggregator. +** GnuPG Made Easy 1.11.0 released (2018-04-18) + +[[file:software/gpgme/index.org][GPGME]] is a library that allows to add support for cryptography to a +program. {[[https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000422.html][more]]} + ** GnuPG 2.2.6 released (2018-04-09) We are pleased to announce the availability of GnuPG version 2.2.6. @@ -72,7 +77,7 @@ This is a maintenance release fixing a few problems. {[[https://lists.gnupg.org/ Update (2018-04-16): In case you run into problems with [[file:software/gpgme/index.org][GPGME]] and this or a later version of GnuPG, please apply this [[https://lists.gnupg.org/pipermail/gnupg-users/attachments/20180413/e2c8e5d5/attachment-0001.patch][patch]] to GPGME or use -GPGME version 1.11 which will soon be released. +GPGME version 1.11.0 which will soon be released. ** GnuPG 2.2.5 released (2018-02-22) diff --git a/web/swdb.mac b/web/swdb.mac index 6f352a8..2e91d61 100644 --- a/web/swdb.mac +++ b/web/swdb.mac @@ -87,11 +87,11 @@ # # GPGME # -#+macro: gpgme_ver 1.10.0 -#+macro: gpgme_date 2017-12-12 -#+macro: gpgme_size 1338k -#+macro: gpgme_sha1 77d3390887da25ed70b7ac04392360efbdca501f -#+macro: gpgme_sha2 1a8fed1197c3b99c35f403066bb344a26224d292afc048cfdfc4ccd5690a0693 +#+macro: gpgme_ver 1.11.0 +#+macro: gpgme_date 2018-04-18 +#+macro: gpgme_size 1381k +#+macro: gpgme_sha1 17772bf86eef70ab0c77cbb6df0b90f002af0030 +#+macro: gpgme_sha2 5b03adbafadab74474ded30b74c882de28d3c5c3b9ee3016ef24023d4c35d492 # ----------------------------------------------------------------------- Summary of changes: web/index.org | 7 ++++++- web/swdb.mac | 10 +++++----- 2 files changed, 11 insertions(+), 6 deletions(-) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 19 09:02:10 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 19 Apr 2018 09:02:10 +0200 Subject: [git] gnupg-doc - branch, preview, updated. dd7a6a3a9a28883397018124975afcc033128579 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, preview has been updated via dd7a6a3a9a28883397018124975afcc033128579 (commit) via d2a0b1b4bb4fe954e83c65ca3f9a9174aca068a5 (commit) via 9e4065b60ff6f313f4b7dfc54d2dca22755916c1 (commit) via 90dab4d9c1bea664c92ee2b30f8cac4c0234aecb (commit) via b17c7d1ff35e55da6f4450dec241e6f49b17940b (commit) via 57ef28a1cda058e4489f150724786a039691bd84 (commit) via 0ab16972dc62edd7e610248f5d9859e273113183 (commit) via e033305a5b7c3cc79d35af8f4baff9c1346bb48f (commit) via a739fddfe19ab96e9681dd11353bffc52082d9ad (commit) via 824d1bba2627a14b3e8fe284c4c3fb642a41e329 (commit) via da16bd25fc9461cda562504de4e80cfcf75ecf37 (commit) via dc9ddd844590d9ad4986203c56fcb6449088bca0 (commit) via 2094fc1631aca2659732e0b28e03012e2dc67127 (commit) via 377a56b4db99d4c3efa9df4ffc615640f3d76532 (commit) via 58c0da6fc6ed19fbce053f50231cd048ff7b9071 (commit) via bfe16208c988dc61fee827c5c11f92018c4a3a77 (commit) via ce7ba56dfdd69f431af32a0638b2a108a02c663b (commit) via 8cf29941c754d386f1d81fc4a52450cd2a9e0f7b (commit) via 89ca96b83eadb31171b750a3bfd31da009a20db4 (commit) via 8aaa4d783f38be7ad5d72df0451a8208b0712dbd (commit) via f9098f2c036f638b1ccb82ee2ba29c91dd1e98ae (commit) via 14956d3f716f04ae455ab020641e168f3b20b1a2 (commit) via da754fde9eb98da8ef28b33315f50057f5540785 (commit) via b276fa44402fa3e80bfc5b65229cd2a219f5195a (commit) via 94c69b9eee9d51c2e8c36b3ac9c16a113055c682 (commit) via d658ab86b59ab9264dcab3f3d4ac00e645aec949 (commit) via d63d03e1289246239448dfcac77218d5e38439f4 (commit) via 2a64c8aae45257527c6c838f8e5e9737f1414fd8 (commit) via e29664284846ba6921d24233f868c6167ab2c8f2 (commit) via 0ae9c247d49a48f915661442b8505378c6f19b5a (commit) via e7b053a6252173c0c4b35d8dfb04947a62d0ff65 (commit) via a4264f4d8f709aad34c14543037a83c1ca724b59 (commit) via c4373a5b93983cabe0d3ae7e731b73e8a369823c (commit) via 4b1a80cab6a49a7a5830b185bad10db8e9944b9b (commit) via bf7e10c84df91122161de0cb96640564ad489603 (commit) via 838ed25349c148ae85336f533b13bb5cf587764b (commit) via cc0a8f080e16dbdb2afc43c72f89e24b11567c4e (commit) via 81898d2cf872b0d059590b651abf6eefcf27412c (commit) via 4c38a248f204cd3a55b3bd97790dfc9e4731502c (commit) via 5227081f8bc0d221e261a0553f4353b697068cd7 (commit) via e88b83be6c386d0579a0c8bdb141f5104bb88b69 (commit) via 25761b4696f65c72692edd0100fc188cabc441c6 (commit) via f8a54305c4e3354fba02f9b2da5b9683d92a6c4c (commit) via 76802d1db0d7ef9bf9376907d86e75b5edd78ba2 (commit) via 3fe91c68480c1c11a66b7a9931450f5f9c9e3701 (commit) via 43cbf5c1aeaa00e54f5bbbd7030a60fa881a2738 (commit) via 7794c9fb38882b5e6d60226695887c804b9aaf62 (commit) via ed7296a3bd46a46352630d772a8b9753083441b2 (commit) via f7156272064eb08432fe39280d23f2ac4b0810b5 (commit) via b02c609919cf523f0e09aba7ea08d06ca4c12ce1 (commit) via 31395cff13e055cce19af7d47eb53c6a9d7ea704 (commit) via 2f320018cc0c255a11e15609632b7e1b4d381d2f (commit) via 4e3196a2172dc037fe8889bd21d50115e5a02663 (commit) via ba965893ef6c946c6be318f63f1f1b41e2eaeaaf (commit) via 8e51ad1b7ab043e5e83f743dc091d987d720af03 (commit) from e72def2e66614c9fe90024556716b31809cc2fb2 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit dd7a6a3a9a28883397018124975afcc033128579 Merge: e72def2 d2a0b1b Author: Werner Koch Date: Thu Apr 19 08:54:35 2018 +0200 Merge branch 'master' into preview ----------------------------------------------------------------------- Summary of changes: .gitignore | 4 + misc/howtos.gnupg.org/en/GPGMEpythonHOWTOen.html | 2003 ++++++++++++++++++++++ misc/id/openpgp-webkey-service/draft.org | 11 +- tools/build-website.sh | 3 +- web/copying.org | 3 +- web/documentation/howtos.org | 27 + web/faq/gnupg-faq.org | 64 +- web/faq/gpgme-faq.org | 29 + web/index.org | 173 +- web/mirrors.org | 1 - web/news.org | 131 ++ web/people/ben.png | Bin 0 -> 37886 bytes web/people/index.org | 34 +- web/service.org | 10 +- web/share/gpgweb.el | 22 +- web/share/ox-gpgweb.el | 16 +- web/swdb.mac | 103 +- web/verein/finances.org | 36 +- web/verein/index.org | 32 +- web/verein/members.org | 13 +- 20 files changed, 2438 insertions(+), 277 deletions(-) create mode 100644 misc/howtos.gnupg.org/en/GPGMEpythonHOWTOen.html create mode 100644 web/people/ben.png hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 19 09:26:20 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 19 Apr 2018 09:26:20 +0200 Subject: [git] gnupg-doc - branch, preview, updated. 36dc6837368223355d7367c717062eab3b91de49 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, preview has been updated via 36dc6837368223355d7367c717062eab3b91de49 (commit) from dd7a6a3a9a28883397018124975afcc033128579 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 36dc6837368223355d7367c717062eab3b91de49 Author: Werner Koch Date: Thu Apr 19 09:19:11 2018 +0200 web: Add pure.css files See https://purecss.io for documentation. diff --git a/web/share/grids-responsive-min.css.gz b/web/share/grids-responsive-min.css.gz new file mode 100644 index 0000000..cf941f6 Binary files /dev/null and b/web/share/grids-responsive-min.css.gz differ diff --git a/web/share/grids-responsive.css b/web/share/grids-responsive.css new file mode 100644 index 0000000..369e484 --- /dev/null +++ b/web/share/grids-responsive.css @@ -0,0 +1,861 @@ +/*! +Pure v1.0.0 +Copyright 2013 Yahoo! +Licensed under the BSD License. +https://github.com/yahoo/pure/blob/master/LICENSE.md +*/ + at media screen and (min-width: 35.5em) { + .pure-u-sm-1, + .pure-u-sm-1-1, + .pure-u-sm-1-2, + .pure-u-sm-1-3, + .pure-u-sm-2-3, + .pure-u-sm-1-4, + .pure-u-sm-3-4, + .pure-u-sm-1-5, + .pure-u-sm-2-5, + .pure-u-sm-3-5, + .pure-u-sm-4-5, + .pure-u-sm-5-5, + .pure-u-sm-1-6, + .pure-u-sm-5-6, + .pure-u-sm-1-8, + .pure-u-sm-3-8, + .pure-u-sm-5-8, + .pure-u-sm-7-8, + .pure-u-sm-1-12, + .pure-u-sm-5-12, + .pure-u-sm-7-12, + .pure-u-sm-11-12, + .pure-u-sm-1-24, + .pure-u-sm-2-24, + .pure-u-sm-3-24, + .pure-u-sm-4-24, + .pure-u-sm-5-24, + .pure-u-sm-6-24, + .pure-u-sm-7-24, + .pure-u-sm-8-24, + .pure-u-sm-9-24, + .pure-u-sm-10-24, + .pure-u-sm-11-24, + .pure-u-sm-12-24, + .pure-u-sm-13-24, + .pure-u-sm-14-24, + .pure-u-sm-15-24, + .pure-u-sm-16-24, + .pure-u-sm-17-24, + .pure-u-sm-18-24, + .pure-u-sm-19-24, + .pure-u-sm-20-24, + .pure-u-sm-21-24, + .pure-u-sm-22-24, + .pure-u-sm-23-24, + .pure-u-sm-24-24 { + display: inline-block; + *display: inline; + zoom: 1; + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; + } + + .pure-u-sm-1-24 { + width: 4.1667%; + *width: 4.1357%; + } + + .pure-u-sm-1-12, + .pure-u-sm-2-24 { + width: 8.3333%; + *width: 8.3023%; + } + + .pure-u-sm-1-8, + .pure-u-sm-3-24 { + width: 12.5000%; + *width: 12.4690%; + } + + .pure-u-sm-1-6, + .pure-u-sm-4-24 { + width: 16.6667%; + *width: 16.6357%; + } + + .pure-u-sm-1-5 { + width: 20%; + *width: 19.9690%; + } + + .pure-u-sm-5-24 { + width: 20.8333%; + *width: 20.8023%; + } + + .pure-u-sm-1-4, + .pure-u-sm-6-24 { + width: 25%; + *width: 24.9690%; + } + + .pure-u-sm-7-24 { + width: 29.1667%; + *width: 29.1357%; + } + + .pure-u-sm-1-3, + .pure-u-sm-8-24 { + width: 33.3333%; + *width: 33.3023%; + } + + .pure-u-sm-3-8, + .pure-u-sm-9-24 { + width: 37.5000%; + *width: 37.4690%; + } + + .pure-u-sm-2-5 { + width: 40%; + *width: 39.9690%; + } + + .pure-u-sm-5-12, + .pure-u-sm-10-24 { + width: 41.6667%; + *width: 41.6357%; + } + + .pure-u-sm-11-24 { + width: 45.8333%; + *width: 45.8023%; + } + + .pure-u-sm-1-2, + .pure-u-sm-12-24 { + width: 50%; + *width: 49.9690%; + } + + .pure-u-sm-13-24 { + width: 54.1667%; + *width: 54.1357%; + } + + .pure-u-sm-7-12, + .pure-u-sm-14-24 { + width: 58.3333%; + *width: 58.3023%; + } + + .pure-u-sm-3-5 { + width: 60%; + *width: 59.9690%; + } + + .pure-u-sm-5-8, + .pure-u-sm-15-24 { + width: 62.5000%; + *width: 62.4690%; + } + + .pure-u-sm-2-3, + .pure-u-sm-16-24 { + width: 66.6667%; + *width: 66.6357%; + } + + .pure-u-sm-17-24 { + width: 70.8333%; + *width: 70.8023%; + } + + .pure-u-sm-3-4, + .pure-u-sm-18-24 { + width: 75%; + *width: 74.9690%; + } + + .pure-u-sm-19-24 { + width: 79.1667%; + *width: 79.1357%; + } + + .pure-u-sm-4-5 { + width: 80%; + *width: 79.9690%; + } + + .pure-u-sm-5-6, + .pure-u-sm-20-24 { + width: 83.3333%; + *width: 83.3023%; + } + + .pure-u-sm-7-8, + .pure-u-sm-21-24 { + width: 87.5000%; + *width: 87.4690%; + } + + .pure-u-sm-11-12, + .pure-u-sm-22-24 { + width: 91.6667%; + *width: 91.6357%; + } + + .pure-u-sm-23-24 { + width: 95.8333%; + *width: 95.8023%; + } + + .pure-u-sm-1, + .pure-u-sm-1-1, + .pure-u-sm-5-5, + .pure-u-sm-24-24 { + width: 100%; + } +} + + at media screen and (min-width: 48em) { + .pure-u-md-1, + .pure-u-md-1-1, + .pure-u-md-1-2, + .pure-u-md-1-3, + .pure-u-md-2-3, + .pure-u-md-1-4, + .pure-u-md-3-4, + .pure-u-md-1-5, + .pure-u-md-2-5, + .pure-u-md-3-5, + .pure-u-md-4-5, + .pure-u-md-5-5, + .pure-u-md-1-6, + .pure-u-md-5-6, + .pure-u-md-1-8, + .pure-u-md-3-8, + .pure-u-md-5-8, + .pure-u-md-7-8, + .pure-u-md-1-12, + .pure-u-md-5-12, + .pure-u-md-7-12, + .pure-u-md-11-12, + .pure-u-md-1-24, + .pure-u-md-2-24, + .pure-u-md-3-24, + .pure-u-md-4-24, + .pure-u-md-5-24, + .pure-u-md-6-24, + .pure-u-md-7-24, + .pure-u-md-8-24, + .pure-u-md-9-24, + .pure-u-md-10-24, + .pure-u-md-11-24, + .pure-u-md-12-24, + .pure-u-md-13-24, + .pure-u-md-14-24, + .pure-u-md-15-24, + .pure-u-md-16-24, + .pure-u-md-17-24, + .pure-u-md-18-24, + .pure-u-md-19-24, + .pure-u-md-20-24, + .pure-u-md-21-24, + .pure-u-md-22-24, + .pure-u-md-23-24, + .pure-u-md-24-24 { + display: inline-block; + *display: inline; + zoom: 1; + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; + } + + .pure-u-md-1-24 { + width: 4.1667%; + *width: 4.1357%; + } + + .pure-u-md-1-12, + .pure-u-md-2-24 { + width: 8.3333%; + *width: 8.3023%; + } + + .pure-u-md-1-8, + .pure-u-md-3-24 { + width: 12.5000%; + *width: 12.4690%; + } + + .pure-u-md-1-6, + .pure-u-md-4-24 { + width: 16.6667%; + *width: 16.6357%; + } + + .pure-u-md-1-5 { + width: 20%; + *width: 19.9690%; + } + + .pure-u-md-5-24 { + width: 20.8333%; + *width: 20.8023%; + } + + .pure-u-md-1-4, + .pure-u-md-6-24 { + width: 25%; + *width: 24.9690%; + } + + .pure-u-md-7-24 { + width: 29.1667%; + *width: 29.1357%; + } + + .pure-u-md-1-3, + .pure-u-md-8-24 { + width: 33.3333%; + *width: 33.3023%; + } + + .pure-u-md-3-8, + .pure-u-md-9-24 { + width: 37.5000%; + *width: 37.4690%; + } + + .pure-u-md-2-5 { + width: 40%; + *width: 39.9690%; + } + + .pure-u-md-5-12, + .pure-u-md-10-24 { + width: 41.6667%; + *width: 41.6357%; + } + + .pure-u-md-11-24 { + width: 45.8333%; + *width: 45.8023%; + } + + .pure-u-md-1-2, + .pure-u-md-12-24 { + width: 50%; + *width: 49.9690%; + } + + .pure-u-md-13-24 { + width: 54.1667%; + *width: 54.1357%; + } + + .pure-u-md-7-12, + .pure-u-md-14-24 { + width: 58.3333%; + *width: 58.3023%; + } + + .pure-u-md-3-5 { + width: 60%; + *width: 59.9690%; + } + + .pure-u-md-5-8, + .pure-u-md-15-24 { + width: 62.5000%; + *width: 62.4690%; + } + + .pure-u-md-2-3, + .pure-u-md-16-24 { + width: 66.6667%; + *width: 66.6357%; + } + + .pure-u-md-17-24 { + width: 70.8333%; + *width: 70.8023%; + } + + .pure-u-md-3-4, + .pure-u-md-18-24 { + width: 75%; + *width: 74.9690%; + } + + .pure-u-md-19-24 { + width: 79.1667%; + *width: 79.1357%; + } + + .pure-u-md-4-5 { + width: 80%; + *width: 79.9690%; + } + + .pure-u-md-5-6, + .pure-u-md-20-24 { + width: 83.3333%; + *width: 83.3023%; + } + + .pure-u-md-7-8, + .pure-u-md-21-24 { + width: 87.5000%; + *width: 87.4690%; + } + + .pure-u-md-11-12, + .pure-u-md-22-24 { + width: 91.6667%; + *width: 91.6357%; + } + + .pure-u-md-23-24 { + width: 95.8333%; + *width: 95.8023%; + } + + .pure-u-md-1, + .pure-u-md-1-1, + .pure-u-md-5-5, + .pure-u-md-24-24 { + width: 100%; + } +} + + at media screen and (min-width: 64em) { + .pure-u-lg-1, + .pure-u-lg-1-1, + .pure-u-lg-1-2, + .pure-u-lg-1-3, + .pure-u-lg-2-3, + .pure-u-lg-1-4, + .pure-u-lg-3-4, + .pure-u-lg-1-5, + .pure-u-lg-2-5, + .pure-u-lg-3-5, + .pure-u-lg-4-5, + .pure-u-lg-5-5, + .pure-u-lg-1-6, + .pure-u-lg-5-6, + .pure-u-lg-1-8, + .pure-u-lg-3-8, + .pure-u-lg-5-8, + .pure-u-lg-7-8, + .pure-u-lg-1-12, + .pure-u-lg-5-12, + .pure-u-lg-7-12, + .pure-u-lg-11-12, + .pure-u-lg-1-24, + .pure-u-lg-2-24, + .pure-u-lg-3-24, + .pure-u-lg-4-24, + .pure-u-lg-5-24, + .pure-u-lg-6-24, + .pure-u-lg-7-24, + .pure-u-lg-8-24, + .pure-u-lg-9-24, + .pure-u-lg-10-24, + .pure-u-lg-11-24, + .pure-u-lg-12-24, + .pure-u-lg-13-24, + .pure-u-lg-14-24, + .pure-u-lg-15-24, + .pure-u-lg-16-24, + .pure-u-lg-17-24, + .pure-u-lg-18-24, + .pure-u-lg-19-24, + .pure-u-lg-20-24, + .pure-u-lg-21-24, + .pure-u-lg-22-24, + .pure-u-lg-23-24, + .pure-u-lg-24-24 { + display: inline-block; + *display: inline; + zoom: 1; + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; + } + + .pure-u-lg-1-24 { + width: 4.1667%; + *width: 4.1357%; + } + + .pure-u-lg-1-12, + .pure-u-lg-2-24 { + width: 8.3333%; + *width: 8.3023%; + } + + .pure-u-lg-1-8, + .pure-u-lg-3-24 { + width: 12.5000%; + *width: 12.4690%; + } + + .pure-u-lg-1-6, + .pure-u-lg-4-24 { + width: 16.6667%; + *width: 16.6357%; + } + + .pure-u-lg-1-5 { + width: 20%; + *width: 19.9690%; + } + + .pure-u-lg-5-24 { + width: 20.8333%; + *width: 20.8023%; + } + + .pure-u-lg-1-4, + .pure-u-lg-6-24 { + width: 25%; + *width: 24.9690%; + } + + .pure-u-lg-7-24 { + width: 29.1667%; + *width: 29.1357%; + } + + .pure-u-lg-1-3, + .pure-u-lg-8-24 { + width: 33.3333%; + *width: 33.3023%; + } + + .pure-u-lg-3-8, + .pure-u-lg-9-24 { + width: 37.5000%; + *width: 37.4690%; + } + + .pure-u-lg-2-5 { + width: 40%; + *width: 39.9690%; + } + + .pure-u-lg-5-12, + .pure-u-lg-10-24 { + width: 41.6667%; + *width: 41.6357%; + } + + .pure-u-lg-11-24 { + width: 45.8333%; + *width: 45.8023%; + } + + .pure-u-lg-1-2, + .pure-u-lg-12-24 { + width: 50%; + *width: 49.9690%; + } + + .pure-u-lg-13-24 { + width: 54.1667%; + *width: 54.1357%; + } + + .pure-u-lg-7-12, + .pure-u-lg-14-24 { + width: 58.3333%; + *width: 58.3023%; + } + + .pure-u-lg-3-5 { + width: 60%; + *width: 59.9690%; + } + + .pure-u-lg-5-8, + .pure-u-lg-15-24 { + width: 62.5000%; + *width: 62.4690%; + } + + .pure-u-lg-2-3, + .pure-u-lg-16-24 { + width: 66.6667%; + *width: 66.6357%; + } + + .pure-u-lg-17-24 { + width: 70.8333%; + *width: 70.8023%; + } + + .pure-u-lg-3-4, + .pure-u-lg-18-24 { + width: 75%; + *width: 74.9690%; + } + + .pure-u-lg-19-24 { + width: 79.1667%; + *width: 79.1357%; + } + + .pure-u-lg-4-5 { + width: 80%; + *width: 79.9690%; + } + + .pure-u-lg-5-6, + .pure-u-lg-20-24 { + width: 83.3333%; + *width: 83.3023%; + } + + .pure-u-lg-7-8, + .pure-u-lg-21-24 { + width: 87.5000%; + *width: 87.4690%; + } + + .pure-u-lg-11-12, + .pure-u-lg-22-24 { + width: 91.6667%; + *width: 91.6357%; + } + + .pure-u-lg-23-24 { + width: 95.8333%; + *width: 95.8023%; + } + + .pure-u-lg-1, + .pure-u-lg-1-1, + .pure-u-lg-5-5, + .pure-u-lg-24-24 { + width: 100%; + } +} + + at media screen and (min-width: 80em) { + .pure-u-xl-1, + .pure-u-xl-1-1, + .pure-u-xl-1-2, + .pure-u-xl-1-3, + .pure-u-xl-2-3, + .pure-u-xl-1-4, + .pure-u-xl-3-4, + .pure-u-xl-1-5, + .pure-u-xl-2-5, + .pure-u-xl-3-5, + .pure-u-xl-4-5, + .pure-u-xl-5-5, + .pure-u-xl-1-6, + .pure-u-xl-5-6, + .pure-u-xl-1-8, + .pure-u-xl-3-8, + .pure-u-xl-5-8, + .pure-u-xl-7-8, + .pure-u-xl-1-12, + .pure-u-xl-5-12, + .pure-u-xl-7-12, + .pure-u-xl-11-12, + .pure-u-xl-1-24, + .pure-u-xl-2-24, + .pure-u-xl-3-24, + .pure-u-xl-4-24, + .pure-u-xl-5-24, + .pure-u-xl-6-24, + .pure-u-xl-7-24, + .pure-u-xl-8-24, + .pure-u-xl-9-24, + .pure-u-xl-10-24, + .pure-u-xl-11-24, + .pure-u-xl-12-24, + .pure-u-xl-13-24, + .pure-u-xl-14-24, + .pure-u-xl-15-24, + .pure-u-xl-16-24, + .pure-u-xl-17-24, + .pure-u-xl-18-24, + .pure-u-xl-19-24, + .pure-u-xl-20-24, + .pure-u-xl-21-24, + .pure-u-xl-22-24, + .pure-u-xl-23-24, + .pure-u-xl-24-24 { + display: inline-block; + *display: inline; + zoom: 1; + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; + } + + .pure-u-xl-1-24 { + width: 4.1667%; + *width: 4.1357%; + } + + .pure-u-xl-1-12, + .pure-u-xl-2-24 { + width: 8.3333%; + *width: 8.3023%; + } + + .pure-u-xl-1-8, + .pure-u-xl-3-24 { + width: 12.5000%; + *width: 12.4690%; + } + + .pure-u-xl-1-6, + .pure-u-xl-4-24 { + width: 16.6667%; + *width: 16.6357%; + } + + .pure-u-xl-1-5 { + width: 20%; + *width: 19.9690%; + } + + .pure-u-xl-5-24 { + width: 20.8333%; + *width: 20.8023%; + } + + .pure-u-xl-1-4, + .pure-u-xl-6-24 { + width: 25%; + *width: 24.9690%; + } + + .pure-u-xl-7-24 { + width: 29.1667%; + *width: 29.1357%; + } + + .pure-u-xl-1-3, + .pure-u-xl-8-24 { + width: 33.3333%; + *width: 33.3023%; + } + + .pure-u-xl-3-8, + .pure-u-xl-9-24 { + width: 37.5000%; + *width: 37.4690%; + } + + .pure-u-xl-2-5 { + width: 40%; + *width: 39.9690%; + } + + .pure-u-xl-5-12, + .pure-u-xl-10-24 { + width: 41.6667%; + *width: 41.6357%; + } + + .pure-u-xl-11-24 { + width: 45.8333%; + *width: 45.8023%; + } + + .pure-u-xl-1-2, + .pure-u-xl-12-24 { + width: 50%; + *width: 49.9690%; + } + + .pure-u-xl-13-24 { + width: 54.1667%; + *width: 54.1357%; + } + + .pure-u-xl-7-12, + .pure-u-xl-14-24 { + width: 58.3333%; + *width: 58.3023%; + } + + .pure-u-xl-3-5 { + width: 60%; + *width: 59.9690%; + } + + .pure-u-xl-5-8, + .pure-u-xl-15-24 { + width: 62.5000%; + *width: 62.4690%; + } + + .pure-u-xl-2-3, + .pure-u-xl-16-24 { + width: 66.6667%; + *width: 66.6357%; + } + + .pure-u-xl-17-24 { + width: 70.8333%; + *width: 70.8023%; + } + + .pure-u-xl-3-4, + .pure-u-xl-18-24 { + width: 75%; + *width: 74.9690%; + } + + .pure-u-xl-19-24 { + width: 79.1667%; + *width: 79.1357%; + } + + .pure-u-xl-4-5 { + width: 80%; + *width: 79.9690%; + } + + .pure-u-xl-5-6, + .pure-u-xl-20-24 { + width: 83.3333%; + *width: 83.3023%; + } + + .pure-u-xl-7-8, + .pure-u-xl-21-24 { + width: 87.5000%; + *width: 87.4690%; + } + + .pure-u-xl-11-12, + .pure-u-xl-22-24 { + width: 91.6667%; + *width: 91.6357%; + } + + .pure-u-xl-23-24 { + width: 95.8333%; + *width: 95.8023%; + } + + .pure-u-xl-1, + .pure-u-xl-1-1, + .pure-u-xl-5-5, + .pure-u-xl-24-24 { + width: 100%; + } +} \ No newline at end of file diff --git a/web/share/pure-min.css.gz b/web/share/pure-min.css.gz new file mode 100644 index 0000000..937de82 Binary files /dev/null and b/web/share/pure-min.css.gz differ diff --git a/web/share/pure.css b/web/share/pure.css new file mode 100644 index 0000000..1b03d4c --- /dev/null +++ b/web/share/pure.css @@ -0,0 +1,1508 @@ +/*! +Pure v1.0.0 +Copyright 2013 Yahoo! +Licensed under the BSD License. +https://github.com/yahoo/pure/blob/master/LICENSE.md +*/ +/*! +normalize.css v^3.0 | MIT License | git.io/normalize +Copyright (c) Nicolas Gallagher and Jonathan Neal +*/ +/*! normalize.css v3.0.3 | MIT License | github.com/necolas/normalize.css */ + +/** + * 1. Set default font family to sans-serif. + * 2. Prevent iOS and IE text size adjust after device orientation change, + * without disabling user zoom. + */ + +html { + font-family: sans-serif; /* 1 */ + -ms-text-size-adjust: 100%; /* 2 */ + -webkit-text-size-adjust: 100%; /* 2 */ +} + +/** + * Remove default margin. + */ + +body { + margin: 0; +} + +/* HTML5 display definitions + ========================================================================== */ + +/** + * Correct `block` display not defined for any HTML5 element in IE 8/9. + * Correct `block` display not defined for `details` or `summary` in IE 10/11 + * and Firefox. + * Correct `block` display not defined for `main` in IE 11. + */ + +article, +aside, +details, +figcaption, +figure, +footer, +header, +hgroup, +main, +menu, +nav, +section, +summary { + display: block; +} + +/** + * 1. Correct `inline-block` display not defined in IE 8/9. + * 2. Normalize vertical alignment of `progress` in Chrome, Firefox, and Opera. + */ + +audio, +canvas, +progress, +video { + display: inline-block; /* 1 */ + vertical-align: baseline; /* 2 */ +} + +/** + * Prevent modern browsers from displaying `audio` without controls. + * Remove excess height in iOS 5 devices. + */ + +audio:not([controls]) { + display: none; + height: 0; +} + +/** + * Address `[hidden]` styling not present in IE 8/9/10. + * Hide the `template` element in IE 8/9/10/11, Safari, and Firefox < 22. + */ + +[hidden], +template { + display: none; +} + +/* Links + ========================================================================== */ + +/** + * Remove the gray background color from active links in IE 10. + */ + +a { + background-color: transparent; +} + +/** + * Improve readability of focused elements when they are also in an + * active/hover state. + */ + +a:active, +a:hover { + outline: 0; +} + +/* Text-level semantics + ========================================================================== */ + +/** + * Address styling not present in IE 8/9/10/11, Safari, and Chrome. + */ + +abbr[title] { + border-bottom: 1px dotted; +} + +/** + * Address style set to `bolder` in Firefox 4+, Safari, and Chrome. + */ + +b, +strong { + font-weight: bold; +} + +/** + * Address styling not present in Safari and Chrome. + */ + +dfn { + font-style: italic; +} + +/** + * Address variable `h1` font-size and margin within `section` and `article` + * contexts in Firefox 4+, Safari, and Chrome. + */ + +h1 { + font-size: 2em; + margin: 0.67em 0; +} + +/** + * Address styling not present in IE 8/9. + */ + +mark { + background: #ff0; + color: #000; +} + +/** + * Address inconsistent and variable font size in all browsers. + */ + +small { + font-size: 80%; +} + +/** + * Prevent `sub` and `sup` affecting `line-height` in all browsers. + */ + +sub, +sup { + font-size: 75%; + line-height: 0; + position: relative; + vertical-align: baseline; +} + +sup { + top: -0.5em; +} + +sub { + bottom: -0.25em; +} + +/* Embedded content + ========================================================================== */ + +/** + * Remove border when inside `a` element in IE 8/9/10. + */ + +img { + border: 0; +} + +/** + * Correct overflow not hidden in IE 9/10/11. + */ + +svg:not(:root) { + overflow: hidden; +} + +/* Grouping content + ========================================================================== */ + +/** + * Address margin not present in IE 8/9 and Safari. + */ + +figure { + margin: 1em 40px; +} + +/** + * Address differences between Firefox and other browsers. + */ + +hr { + box-sizing: content-box; + height: 0; +} + +/** + * Contain overflow in all browsers. + */ + +pre { + overflow: auto; +} + +/** + * Address odd `em`-unit font size rendering in all browsers. + */ + +code, +kbd, +pre, +samp { + font-family: monospace, monospace; + font-size: 1em; +} + +/* Forms + ========================================================================== */ + +/** + * Known limitation: by default, Chrome and Safari on OS X allow very limited + * styling of `select`, unless a `border` property is set. + */ + +/** + * 1. Correct color not being inherited. + * Known issue: affects color of disabled elements. + * 2. Correct font properties not being inherited. + * 3. Address margins set differently in Firefox 4+, Safari, and Chrome. + */ + +button, +input, +optgroup, +select, +textarea { + color: inherit; /* 1 */ + font: inherit; /* 2 */ + margin: 0; /* 3 */ +} + +/** + * Address `overflow` set to `hidden` in IE 8/9/10/11. + */ + +button { + overflow: visible; +} + +/** + * Address inconsistent `text-transform` inheritance for `button` and `select`. + * All other form control elements do not inherit `text-transform` values. + * Correct `button` style inheritance in Firefox, IE 8/9/10/11, and Opera. + * Correct `select` style inheritance in Firefox. + */ + +button, +select { + text-transform: none; +} + +/** + * 1. Avoid the WebKit bug in Android 4.0.* where (2) destroys native `audio` + * and `video` controls. + * 2. Correct inability to style clickable `input` types in iOS. + * 3. Improve usability and consistency of cursor style between image-type + * `input` and others. + */ + +button, +html input[type="button"], /* 1 */ +input[type="reset"], +input[type="submit"] { + -webkit-appearance: button; /* 2 */ + cursor: pointer; /* 3 */ +} + +/** + * Re-set default cursor for disabled elements. + */ + +button[disabled], +html input[disabled] { + cursor: default; +} + +/** + * Remove inner padding and border in Firefox 4+. + */ + +button::-moz-focus-inner, +input::-moz-focus-inner { + border: 0; + padding: 0; +} + +/** + * Address Firefox 4+ setting `line-height` on `input` using `!important` in + * the UA stylesheet. + */ + +input { + line-height: normal; +} + +/** + * It's recommended that you don't attempt to style these elements. + * Firefox's implementation doesn't respect box-sizing, padding, or width. + * + * 1. Address box sizing set to `content-box` in IE 8/9/10. + * 2. Remove excess padding in IE 8/9/10. + */ + +input[type="checkbox"], +input[type="radio"] { + box-sizing: border-box; /* 1 */ + padding: 0; /* 2 */ +} + +/** + * Fix the cursor style for Chrome's increment/decrement buttons. For certain + * `font-size` values of the `input`, it causes the cursor style of the + * decrement button to change from `default` to `text`. + */ + +input[type="number"]::-webkit-inner-spin-button, +input[type="number"]::-webkit-outer-spin-button { + height: auto; +} + +/** + * 1. Address `appearance` set to `searchfield` in Safari and Chrome. + * 2. Address `box-sizing` set to `border-box` in Safari and Chrome. + */ + +input[type="search"] { + -webkit-appearance: textfield; /* 1 */ + box-sizing: content-box; /* 2 */ +} + +/** + * Remove inner padding and search cancel button in Safari and Chrome on OS X. + * Safari (but not Chrome) clips the cancel button when the search input has + * padding (and `textfield` appearance). + */ + +input[type="search"]::-webkit-search-cancel-button, +input[type="search"]::-webkit-search-decoration { + -webkit-appearance: none; +} + +/** + * Define consistent border, margin, and padding. + */ + +fieldset { + border: 1px solid #c0c0c0; + margin: 0 2px; + padding: 0.35em 0.625em 0.75em; +} + +/** + * 1. Correct `color` not being inherited in IE 8/9/10/11. + * 2. Remove padding so people aren't caught out if they zero out fieldsets. + */ + +legend { + border: 0; /* 1 */ + padding: 0; /* 2 */ +} + +/** + * Remove default vertical scrollbar in IE 8/9/10/11. + */ + +textarea { + overflow: auto; +} + +/** + * Don't inherit the `font-weight` (applied by a rule above). + * NOTE: the default cannot safely be changed in Chrome and Safari on OS X. + */ + +optgroup { + font-weight: bold; +} + +/* Tables + ========================================================================== */ + +/** + * Remove most spacing between table cells. + */ + +table { + border-collapse: collapse; + border-spacing: 0; +} + +td, +th { + padding: 0; +} + +/*csslint important:false*/ + +/* ========================================================================== + Pure Base Extras + ========================================================================== */ + +/** + * Extra rules that Pure adds on top of Normalize.css + */ + +/** + * Always hide an element when it has the `hidden` HTML attribute. + */ + +.hidden, +[hidden] { + display: none !important; +} + +/** + * Add this class to an image to make it fit within it's fluid parent wrapper while maintaining + * aspect ratio. + */ +.pure-img { + max-width: 100%; + height: auto; + display: block; +} + +/*csslint regex-selectors:false, known-properties:false, duplicate-properties:false*/ + +.pure-g { + letter-spacing: -0.31em; /* Webkit: collapse white-space between units */ + *letter-spacing: normal; /* reset IE < 8 */ + *word-spacing: -0.43em; /* IE < 8: collapse white-space between units */ + text-rendering: optimizespeed; /* Webkit: fixes text-rendering: optimizeLegibility */ + + /* + Sets the font stack to fonts known to work properly with the above letter + and word spacings. See: https://github.com/yahoo/pure/issues/41/ + + The following font stack makes Pure Grids work on all known environments. + + * FreeSans: Ships with many Linux distros, including Ubuntu + + * Arimo: Ships with Chrome OS. Arimo has to be defined before Helvetica and + Arial to get picked up by the browser, even though neither is available + in Chrome OS. + + * Droid Sans: Ships with all versions of Android. + + * Helvetica, Arial, sans-serif: Common font stack on OS X and Windows. + */ + font-family: FreeSans, Arimo, "Droid Sans", Helvetica, Arial, sans-serif; + + /* Use flexbox when possible to avoid `letter-spacing` side-effects. */ + display: -webkit-box; + display: -webkit-flex; + display: -ms-flexbox; + display: flex; + -webkit-flex-flow: row wrap; + -ms-flex-flow: row wrap; + flex-flow: row wrap; + + /* Prevents distributing space between rows */ + -webkit-align-content: flex-start; + -ms-flex-line-pack: start; + align-content: flex-start; +} + +/* IE10 display: -ms-flexbox (and display: flex in IE 11) does not work inside a table; fall back to block and rely on font hack */ + at media all and (-ms-high-contrast: none), (-ms-high-contrast: active) { + table .pure-g { + display: block; + } +} + +/* Opera as of 12 on Windows needs word-spacing. + The ".opera-only" selector is used to prevent actual prefocus styling + and is not required in markup. +*/ +.opera-only :-o-prefocus, +.pure-g { + word-spacing: -0.43em; +} + +.pure-u { + display: inline-block; + *display: inline; /* IE < 8: fake inline-block */ + zoom: 1; + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; +} + +/* +Resets the font family back to the OS/browser's default sans-serif font, +this the same font stack that Normalize.css sets for the `body`. +*/ +.pure-g [class *= "pure-u"] { + font-family: sans-serif; +} + +.pure-u-1, +.pure-u-1-1, +.pure-u-1-2, +.pure-u-1-3, +.pure-u-2-3, +.pure-u-1-4, +.pure-u-3-4, +.pure-u-1-5, +.pure-u-2-5, +.pure-u-3-5, +.pure-u-4-5, +.pure-u-5-5, +.pure-u-1-6, +.pure-u-5-6, +.pure-u-1-8, +.pure-u-3-8, +.pure-u-5-8, +.pure-u-7-8, +.pure-u-1-12, +.pure-u-5-12, +.pure-u-7-12, +.pure-u-11-12, +.pure-u-1-24, +.pure-u-2-24, +.pure-u-3-24, +.pure-u-4-24, +.pure-u-5-24, +.pure-u-6-24, +.pure-u-7-24, +.pure-u-8-24, +.pure-u-9-24, +.pure-u-10-24, +.pure-u-11-24, +.pure-u-12-24, +.pure-u-13-24, +.pure-u-14-24, +.pure-u-15-24, +.pure-u-16-24, +.pure-u-17-24, +.pure-u-18-24, +.pure-u-19-24, +.pure-u-20-24, +.pure-u-21-24, +.pure-u-22-24, +.pure-u-23-24, +.pure-u-24-24 { + display: inline-block; + *display: inline; + zoom: 1; + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; +} + +.pure-u-1-24 { + width: 4.1667%; + *width: 4.1357%; +} + +.pure-u-1-12, +.pure-u-2-24 { + width: 8.3333%; + *width: 8.3023%; +} + +.pure-u-1-8, +.pure-u-3-24 { + width: 12.5000%; + *width: 12.4690%; +} + +.pure-u-1-6, +.pure-u-4-24 { + width: 16.6667%; + *width: 16.6357%; +} + +.pure-u-1-5 { + width: 20%; + *width: 19.9690%; +} + +.pure-u-5-24 { + width: 20.8333%; + *width: 20.8023%; +} + +.pure-u-1-4, +.pure-u-6-24 { + width: 25%; + *width: 24.9690%; +} + +.pure-u-7-24 { + width: 29.1667%; + *width: 29.1357%; +} + +.pure-u-1-3, +.pure-u-8-24 { + width: 33.3333%; + *width: 33.3023%; +} + +.pure-u-3-8, +.pure-u-9-24 { + width: 37.5000%; + *width: 37.4690%; +} + +.pure-u-2-5 { + width: 40%; + *width: 39.9690%; +} + +.pure-u-5-12, +.pure-u-10-24 { + width: 41.6667%; + *width: 41.6357%; +} + +.pure-u-11-24 { + width: 45.8333%; + *width: 45.8023%; +} + +.pure-u-1-2, +.pure-u-12-24 { + width: 50%; + *width: 49.9690%; +} + +.pure-u-13-24 { + width: 54.1667%; + *width: 54.1357%; +} + +.pure-u-7-12, +.pure-u-14-24 { + width: 58.3333%; + *width: 58.3023%; +} + +.pure-u-3-5 { + width: 60%; + *width: 59.9690%; +} + +.pure-u-5-8, +.pure-u-15-24 { + width: 62.5000%; + *width: 62.4690%; +} + +.pure-u-2-3, +.pure-u-16-24 { + width: 66.6667%; + *width: 66.6357%; +} + +.pure-u-17-24 { + width: 70.8333%; + *width: 70.8023%; +} + +.pure-u-3-4, +.pure-u-18-24 { + width: 75%; + *width: 74.9690%; +} + +.pure-u-19-24 { + width: 79.1667%; + *width: 79.1357%; +} + +.pure-u-4-5 { + width: 80%; + *width: 79.9690%; +} + +.pure-u-5-6, +.pure-u-20-24 { + width: 83.3333%; + *width: 83.3023%; +} + +.pure-u-7-8, +.pure-u-21-24 { + width: 87.5000%; + *width: 87.4690%; +} + +.pure-u-11-12, +.pure-u-22-24 { + width: 91.6667%; + *width: 91.6357%; +} + +.pure-u-23-24 { + width: 95.8333%; + *width: 95.8023%; +} + +.pure-u-1, +.pure-u-1-1, +.pure-u-5-5, +.pure-u-24-24 { + width: 100%; +} +.pure-button { + /* Structure */ + display: inline-block; + zoom: 1; + line-height: normal; + white-space: nowrap; + vertical-align: middle; + text-align: center; + cursor: pointer; + -webkit-user-drag: none; + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + user-select: none; + box-sizing: border-box; +} + +/* Firefox: Get rid of the inner focus border */ +.pure-button::-moz-focus-inner { + padding: 0; + border: 0; +} + +/* Inherit .pure-g styles */ +.pure-button-group { + letter-spacing: -0.31em; /* Webkit: collapse white-space between units */ + *letter-spacing: normal; /* reset IE < 8 */ + *word-spacing: -0.43em; /* IE < 8: collapse white-space between units */ + text-rendering: optimizespeed; /* Webkit: fixes text-rendering: optimizeLegibility */ +} + +.opera-only :-o-prefocus, +.pure-button-group { + word-spacing: -0.43em; +} + +.pure-button-group .pure-button { + letter-spacing: normal; + word-spacing: normal; + vertical-align: top; + text-rendering: auto; +} + +/*csslint outline-none:false*/ + +.pure-button { + font-family: inherit; + font-size: 100%; + padding: 0.5em 1em; + color: #444; /* rgba not supported (IE 8) */ + color: rgba(0, 0, 0, 0.80); /* rgba supported */ + border: 1px solid #999; /*IE 6/7/8*/ + border: none rgba(0, 0, 0, 0); /*IE9 + everything else*/ + background-color: #E6E6E6; + text-decoration: none; + border-radius: 2px; +} + +.pure-button-hover, +.pure-button:hover, +.pure-button:focus { + /* csslint ignore:start */ + filter: alpha(opacity=90); + /* csslint ignore:end */ + background-image: -webkit-linear-gradient(transparent, rgba(0,0,0, 0.05) 40%, rgba(0,0,0, 0.10)); + background-image: linear-gradient(transparent, rgba(0,0,0, 0.05) 40%, rgba(0,0,0, 0.10)); +} +.pure-button:focus { + outline: 0; +} +.pure-button-active, +.pure-button:active { + box-shadow: 0 0 0 1px rgba(0,0,0, 0.15) inset, 0 0 6px rgba(0,0,0, 0.20) inset; + border-color: #000\9; +} + +.pure-button[disabled], +.pure-button-disabled, +.pure-button-disabled:hover, +.pure-button-disabled:focus, +.pure-button-disabled:active { + border: none; + background-image: none; + /* csslint ignore:start */ + filter: alpha(opacity=40); + /* csslint ignore:end */ + opacity: 0.40; + cursor: not-allowed; + box-shadow: none; + pointer-events: none; +} + +.pure-button-hidden { + display: none; +} + +.pure-button-primary, +.pure-button-selected, +a.pure-button-primary, +a.pure-button-selected { + background-color: rgb(0, 120, 231); + color: #fff; +} + +/* Button Groups */ +.pure-button-group .pure-button { + margin: 0; + border-radius: 0; + border-right: 1px solid #111; /* fallback color for rgba() for IE7/8 */ + border-right: 1px solid rgba(0, 0, 0, 0.2); + +} + +.pure-button-group .pure-button:first-child { + border-top-left-radius: 2px; + border-bottom-left-radius: 2px; +} +.pure-button-group .pure-button:last-child { + border-top-right-radius: 2px; + border-bottom-right-radius: 2px; + border-right: none; +} + +/*csslint box-model:false*/ +/* +Box-model set to false because we're setting a height on select elements, which +also have border and padding. This is done because some browsers don't render +the padding. We explicitly set the box-model for select elements to border-box, +so we can ignore the csslint warning. +*/ + +.pure-form input[type="text"], +.pure-form input[type="password"], +.pure-form input[type="email"], +.pure-form input[type="url"], +.pure-form input[type="date"], +.pure-form input[type="month"], +.pure-form input[type="time"], +.pure-form input[type="datetime"], +.pure-form input[type="datetime-local"], +.pure-form input[type="week"], +.pure-form input[type="number"], +.pure-form input[type="search"], +.pure-form input[type="tel"], +.pure-form input[type="color"], +.pure-form select, +.pure-form textarea { + padding: 0.5em 0.6em; + display: inline-block; + border: 1px solid #ccc; + box-shadow: inset 0 1px 3px #ddd; + border-radius: 4px; + vertical-align: middle; + box-sizing: border-box; +} + +/* +Need to separate out the :not() selector from the rest of the CSS 2.1 selectors +since IE8 won't execute CSS that contains a CSS3 selector. +*/ +.pure-form input:not([type]) { + padding: 0.5em 0.6em; + display: inline-block; + border: 1px solid #ccc; + box-shadow: inset 0 1px 3px #ddd; + border-radius: 4px; + box-sizing: border-box; +} + + +/* Chrome (as of v.32/34 on OS X) needs additional room for color to display. */ +/* May be able to remove this tweak as color inputs become more standardized across browsers. */ +.pure-form input[type="color"] { + padding: 0.2em 0.5em; +} + + +.pure-form input[type="text"]:focus, +.pure-form input[type="password"]:focus, +.pure-form input[type="email"]:focus, +.pure-form input[type="url"]:focus, +.pure-form input[type="date"]:focus, +.pure-form input[type="month"]:focus, +.pure-form input[type="time"]:focus, +.pure-form input[type="datetime"]:focus, +.pure-form input[type="datetime-local"]:focus, +.pure-form input[type="week"]:focus, +.pure-form input[type="number"]:focus, +.pure-form input[type="search"]:focus, +.pure-form input[type="tel"]:focus, +.pure-form input[type="color"]:focus, +.pure-form select:focus, +.pure-form textarea:focus { + outline: 0; + border-color: #129FEA; +} + +/* +Need to separate out the :not() selector from the rest of the CSS 2.1 selectors +since IE8 won't execute CSS that contains a CSS3 selector. +*/ +.pure-form input:not([type]):focus { + outline: 0; + border-color: #129FEA; +} + +.pure-form input[type="file"]:focus, +.pure-form input[type="radio"]:focus, +.pure-form input[type="checkbox"]:focus { + outline: thin solid #129FEA; + outline: 1px auto #129FEA; +} +.pure-form .pure-checkbox, +.pure-form .pure-radio { + margin: 0.5em 0; + display: block; +} + +.pure-form input[type="text"][disabled], +.pure-form input[type="password"][disabled], +.pure-form input[type="email"][disabled], +.pure-form input[type="url"][disabled], +.pure-form input[type="date"][disabled], +.pure-form input[type="month"][disabled], +.pure-form input[type="time"][disabled], +.pure-form input[type="datetime"][disabled], +.pure-form input[type="datetime-local"][disabled], +.pure-form input[type="week"][disabled], +.pure-form input[type="number"][disabled], +.pure-form input[type="search"][disabled], +.pure-form input[type="tel"][disabled], +.pure-form input[type="color"][disabled], +.pure-form select[disabled], +.pure-form textarea[disabled] { + cursor: not-allowed; + background-color: #eaeded; + color: #cad2d3; +} + +/* +Need to separate out the :not() selector from the rest of the CSS 2.1 selectors +since IE8 won't execute CSS that contains a CSS3 selector. +*/ +.pure-form input:not([type])[disabled] { + cursor: not-allowed; + background-color: #eaeded; + color: #cad2d3; +} +.pure-form input[readonly], +.pure-form select[readonly], +.pure-form textarea[readonly] { + background-color: #eee; /* menu hover bg color */ + color: #777; /* menu text color */ + border-color: #ccc; +} + +.pure-form input:focus:invalid, +.pure-form textarea:focus:invalid, +.pure-form select:focus:invalid { + color: #b94a48; + border-color: #e9322d; +} +.pure-form input[type="file"]:focus:invalid:focus, +.pure-form input[type="radio"]:focus:invalid:focus, +.pure-form input[type="checkbox"]:focus:invalid:focus { + outline-color: #e9322d; +} +.pure-form select { + /* Normalizes the height; padding is not sufficient. */ + height: 2.25em; + border: 1px solid #ccc; + background-color: white; +} +.pure-form select[multiple] { + height: auto; +} +.pure-form label { + margin: 0.5em 0 0.2em; +} +.pure-form fieldset { + margin: 0; + padding: 0.35em 0 0.75em; + border: 0; +} +.pure-form legend { + display: block; + width: 100%; + padding: 0.3em 0; + margin-bottom: 0.3em; + color: #333; + border-bottom: 1px solid #e5e5e5; +} + +.pure-form-stacked input[type="text"], +.pure-form-stacked input[type="password"], +.pure-form-stacked input[type="email"], +.pure-form-stacked input[type="url"], +.pure-form-stacked input[type="date"], +.pure-form-stacked input[type="month"], +.pure-form-stacked input[type="time"], +.pure-form-stacked input[type="datetime"], +.pure-form-stacked input[type="datetime-local"], +.pure-form-stacked input[type="week"], +.pure-form-stacked input[type="number"], +.pure-form-stacked input[type="search"], +.pure-form-stacked input[type="tel"], +.pure-form-stacked input[type="color"], +.pure-form-stacked input[type="file"], +.pure-form-stacked select, +.pure-form-stacked label, +.pure-form-stacked textarea { + display: block; + margin: 0.25em 0; +} + +/* +Need to separate out the :not() selector from the rest of the CSS 2.1 selectors +since IE8 won't execute CSS that contains a CSS3 selector. +*/ +.pure-form-stacked input:not([type]) { + display: block; + margin: 0.25em 0; +} +.pure-form-aligned input, +.pure-form-aligned textarea, +.pure-form-aligned select, +/* NOTE: pure-help-inline is deprecated. Use .pure-form-message-inline instead. */ +.pure-form-aligned .pure-help-inline, +.pure-form-message-inline { + display: inline-block; + *display: inline; + *zoom: 1; + vertical-align: middle; +} +.pure-form-aligned textarea { + vertical-align: top; +} + +/* Aligned Forms */ +.pure-form-aligned .pure-control-group { + margin-bottom: 0.5em; +} +.pure-form-aligned .pure-control-group label { + text-align: right; + display: inline-block; + vertical-align: middle; + width: 10em; + margin: 0 1em 0 0; +} +.pure-form-aligned .pure-controls { + margin: 1.5em 0 0 11em; +} + +/* Rounded Inputs */ +.pure-form input.pure-input-rounded, +.pure-form .pure-input-rounded { + border-radius: 2em; + padding: 0.5em 1em; +} + +/* Grouped Inputs */ +.pure-form .pure-group fieldset { + margin-bottom: 10px; +} +.pure-form .pure-group input, +.pure-form .pure-group textarea { + display: block; + padding: 10px; + margin: 0 0 -1px; + border-radius: 0; + position: relative; + top: -1px; +} +.pure-form .pure-group input:focus, +.pure-form .pure-group textarea:focus { + z-index: 3; +} +.pure-form .pure-group input:first-child, +.pure-form .pure-group textarea:first-child { + top: 1px; + border-radius: 4px 4px 0 0; + margin: 0; +} +.pure-form .pure-group input:first-child:last-child, +.pure-form .pure-group textarea:first-child:last-child { + top: 1px; + border-radius: 4px; + margin: 0; +} +.pure-form .pure-group input:last-child, +.pure-form .pure-group textarea:last-child { + top: -2px; + border-radius: 0 0 4px 4px; + margin: 0; +} +.pure-form .pure-group button { + margin: 0.35em 0; +} + +.pure-form .pure-input-1 { + width: 100%; +} +.pure-form .pure-input-3-4 { + width: 75%; +} +.pure-form .pure-input-2-3 { + width: 66%; +} +.pure-form .pure-input-1-2 { + width: 50%; +} +.pure-form .pure-input-1-3 { + width: 33%; +} +.pure-form .pure-input-1-4 { + width: 25%; +} + +/* Inline help for forms */ +/* NOTE: pure-help-inline is deprecated. Use .pure-form-message-inline instead. */ +.pure-form .pure-help-inline, +.pure-form-message-inline { + display: inline-block; + padding-left: 0.3em; + color: #666; + vertical-align: middle; + font-size: 0.875em; +} + +/* Block help for forms */ +.pure-form-message { + display: block; + color: #666; + font-size: 0.875em; +} + + at media only screen and (max-width : 480px) { + .pure-form button[type="submit"] { + margin: 0.7em 0 0; + } + + .pure-form input:not([type]), + .pure-form input[type="text"], + .pure-form input[type="password"], + .pure-form input[type="email"], + .pure-form input[type="url"], + .pure-form input[type="date"], + .pure-form input[type="month"], + .pure-form input[type="time"], + .pure-form input[type="datetime"], + .pure-form input[type="datetime-local"], + .pure-form input[type="week"], + .pure-form input[type="number"], + .pure-form input[type="search"], + .pure-form input[type="tel"], + .pure-form input[type="color"], + .pure-form label { + margin-bottom: 0.3em; + display: block; + } + + .pure-group input:not([type]), + .pure-group input[type="text"], + .pure-group input[type="password"], + .pure-group input[type="email"], + .pure-group input[type="url"], + .pure-group input[type="date"], + .pure-group input[type="month"], + .pure-group input[type="time"], + .pure-group input[type="datetime"], + .pure-group input[type="datetime-local"], + .pure-group input[type="week"], + .pure-group input[type="number"], + .pure-group input[type="search"], + .pure-group input[type="tel"], + .pure-group input[type="color"] { + margin-bottom: 0; + } + + .pure-form-aligned .pure-control-group label { + margin-bottom: 0.3em; + text-align: left; + display: block; + width: 100%; + } + + .pure-form-aligned .pure-controls { + margin: 1.5em 0 0 0; + } + + /* NOTE: pure-help-inline is deprecated. Use .pure-form-message-inline instead. */ + .pure-form .pure-help-inline, + .pure-form-message-inline, + .pure-form-message { + display: block; + font-size: 0.75em; + /* Increased bottom padding to make it group with its related input element. */ + padding: 0.2em 0 0.8em; + } +} + +/*csslint adjoining-classes: false, box-model:false*/ +.pure-menu { + box-sizing: border-box; +} + +.pure-menu-fixed { + position: fixed; + left: 0; + top: 0; + z-index: 3; +} + +.pure-menu-list, +.pure-menu-item { + position: relative; +} + +.pure-menu-list { + list-style: none; + margin: 0; + padding: 0; +} + +.pure-menu-item { + padding: 0; + margin: 0; + height: 100%; +} + +.pure-menu-link, +.pure-menu-heading { + display: block; + text-decoration: none; + white-space: nowrap; +} + +/* HORIZONTAL MENU */ +.pure-menu-horizontal { + width: 100%; + white-space: nowrap; +} + +.pure-menu-horizontal .pure-menu-list { + display: inline-block; +} + +/* Initial menus should be inline-block so that they are horizontal */ +.pure-menu-horizontal .pure-menu-item, +.pure-menu-horizontal .pure-menu-heading, +.pure-menu-horizontal .pure-menu-separator { + display: inline-block; + *display: inline; + zoom: 1; + vertical-align: middle; +} + +/* Submenus should still be display: block; */ +.pure-menu-item .pure-menu-item { + display: block; +} + +.pure-menu-children { + display: none; + position: absolute; + left: 100%; + top: 0; + margin: 0; + padding: 0; + z-index: 3; +} + +.pure-menu-horizontal .pure-menu-children { + left: 0; + top: auto; + width: inherit; +} + +.pure-menu-allow-hover:hover > .pure-menu-children, +.pure-menu-active > .pure-menu-children { + display: block; + position: absolute; +} + +/* Vertical Menus - show the dropdown arrow */ +.pure-menu-has-children > .pure-menu-link:after { + padding-left: 0.5em; + content: "\25B8"; + font-size: small; +} + +/* Horizontal Menus - show the dropdown arrow */ +.pure-menu-horizontal .pure-menu-has-children > .pure-menu-link:after { + content: "\25BE"; +} + +/* scrollable menus */ +.pure-menu-scrollable { + overflow-y: scroll; + overflow-x: hidden; +} + +.pure-menu-scrollable .pure-menu-list { + display: block; +} + +.pure-menu-horizontal.pure-menu-scrollable .pure-menu-list { + display: inline-block; +} + +.pure-menu-horizontal.pure-menu-scrollable { + white-space: nowrap; + overflow-y: hidden; + overflow-x: auto; + -ms-overflow-style: none; + -webkit-overflow-scrolling: touch; + /* a little extra padding for this style to allow for scrollbars */ + padding: .5em 0; +} + +.pure-menu-horizontal.pure-menu-scrollable::-webkit-scrollbar { + display: none; +} + +/* misc default styling */ + +.pure-menu-separator, +.pure-menu-horizontal .pure-menu-children .pure-menu-separator { + background-color: #ccc; + height: 1px; + margin: .3em 0; +} + +.pure-menu-horizontal .pure-menu-separator { + width: 1px; + height: 1.3em; + margin: 0 .3em ; +} + +/* Need to reset the separator since submenu is vertical */ +.pure-menu-horizontal .pure-menu-children .pure-menu-separator { + display: block; + width: auto; +} + +.pure-menu-heading { + text-transform: uppercase; + color: #565d64; +} + +.pure-menu-link { + color: #777; +} + +.pure-menu-children { + background-color: #fff; +} + +.pure-menu-link, +.pure-menu-disabled, +.pure-menu-heading { + padding: .5em 1em; +} + +.pure-menu-disabled { + opacity: .5; +} + +.pure-menu-disabled .pure-menu-link:hover { + background-color: transparent; +} + +.pure-menu-active > .pure-menu-link, +.pure-menu-link:hover, +.pure-menu-link:focus { + background-color: #eee; +} + +.pure-menu-selected .pure-menu-link, +.pure-menu-selected .pure-menu-link:visited { + color: #000; +} + +.pure-table { + /* Remove spacing between table cells (from Normalize.css) */ + border-collapse: collapse; + border-spacing: 0; + empty-cells: show; + border: 1px solid #cbcbcb; +} + +.pure-table caption { + color: #000; + font: italic 85%/1 arial, sans-serif; + padding: 1em 0; + text-align: center; +} + +.pure-table td, +.pure-table th { + border-left: 1px solid #cbcbcb;/* inner column border */ + border-width: 0 0 0 1px; + font-size: inherit; + margin: 0; + overflow: visible; /*to make ths where the title is really long work*/ + padding: 0.5em 1em; /* cell padding */ +} + +/* Consider removing this next declaration block, as it causes problems when +there's a rowspan on the first cell. Case added to the tests. issue#432 */ +.pure-table td:first-child, +.pure-table th:first-child { + border-left-width: 0; +} + +.pure-table thead { + background-color: #e0e0e0; + color: #000; + text-align: left; + vertical-align: bottom; +} + +/* +striping: + even - #fff (white) + odd - #f2f2f2 (light gray) +*/ +.pure-table td { + background-color: transparent; +} +.pure-table-odd td { + background-color: #f2f2f2; +} + +/* nth-child selector for modern browsers */ +.pure-table-striped tr:nth-child(2n-1) td { + background-color: #f2f2f2; +} + +/* BORDERED TABLES */ +.pure-table-bordered td { + border-bottom: 1px solid #cbcbcb; +} +.pure-table-bordered tbody > tr:last-child > td { + border-bottom-width: 0; +} + + +/* HORIZONTAL BORDERED TABLES */ + +.pure-table-horizontal td, +.pure-table-horizontal th { + border-width: 0 0 1px 0; + border-bottom: 1px solid #cbcbcb; +} +.pure-table-horizontal tbody > tr:last-child > td { + border-bottom-width: 0; +} ----------------------------------------------------------------------- Summary of changes: web/share/grids-responsive-min.css.gz | Bin 0 -> 1399 bytes web/share/grids-responsive.css | 861 +++++++++++++++++++ web/share/pure-min.css.gz | Bin 0 -> 3974 bytes web/share/pure.css | 1508 +++++++++++++++++++++++++++++++++ 4 files changed, 2369 insertions(+) create mode 100644 web/share/grids-responsive-min.css.gz create mode 100644 web/share/grids-responsive.css create mode 100644 web/share/pure-min.css.gz create mode 100644 web/share/pure.css hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 19 09:44:11 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 19 Apr 2018 09:44:11 +0200 Subject: [git] gnupg-doc - branch, preview, updated. 93291e2229ea18acb1c12ca9a0ecab3036ba8214 Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "The GnuPG website and other docs". The branch, preview has been updated via 93291e2229ea18acb1c12ca9a0ecab3036ba8214 (commit) from 36dc6837368223355d7367c717062eab3b91de49 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit 93291e2229ea18acb1c12ca9a0ecab3036ba8214 Author: Werner Koch Date: Thu Apr 19 09:37:05 2018 +0200 web: Let's try to use a grid diff --git a/web/index.org b/web/index.org index 610be3a..1208e5c 100644 --- a/web/index.org +++ b/web/index.org @@ -3,6 +3,8 @@ #+SETUPFILE: "share/setup.inc" #+GPGWEB-NEED-SWDB #+HTML_HEAD_EXTRA: +#+HTML_HEAD_EXTRA: +#+HTML_HEAD_EXTRA: * The GNU Privacy Guard #+index: GnuPG @@ -30,7 +32,14 @@ page for other maintained versions. crypto manager, and an Outlook plugin to send and receive standard PGP/MIME mails. The current version of Gpg4win is {{{gpg4win_ver}}}. +**

:html:virtual: + + + * Reconquer your privacy + :PROPERTIES: + :HTML_CONTAINER_CLASS: pure-u-1 pure-u-md-1-2 + :END: #+begin_quote Arguing that you don't care about the right to privacy @@ -50,6 +59,9 @@ printed leaflets check out [[https://fsfe.org/contribute/spreadtheword.html#gnup * News + :PROPERTIES: + :HTML_CONTAINER_CLASS: pure-u-1 pure-u-md-1-2 + :END: #+index: News The latest blog entries: @@ -129,6 +141,8 @@ GnuPG release: version 2.2.0. Read {[[https://lists.gnupg.org/pipermail/gnupg-an This release marks the start of a new long term support series to replace the 2.0.x series which will reach end-of-life on 2017-12-31. +**

:html:virtual: + * COMMENT This is the publishing info used for the GnuPG pages ----------------------------------------------------------------------- Summary of changes: web/index.org | 14 ++++++++++++++ 1 file changed, 14 insertions(+) hooks/post-receive -- The GnuPG website and other docs http://git.gnupg.org From cvs at cvs.gnupg.org Thu Apr 19 10:43:20 2018 From: cvs at cvs.gnupg.org (by Werner Koch) Date: Thu, 19 Apr 2018 10:43:20 +0200 Subject: [git] GPGME - branch, master, updated. gpgme-1.11.0-3-gb52a91f Message-ID: This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "GnuPG Made Easy". The branch, master has been updated via b52a91f5a6818db6b3dd7ce86c01b5d5f6700d0d (commit) via 3d8e5c07511938a0b30b4626530822338abd9ec0 (commit) from d98f08fa63e3ef7bd41c0ca812f5e753967ceb37 (commit) Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below. - Log ----------------------------------------------------------------- commit b52a91f5a6818db6b3dd7ce86c01b5d5f6700d0d Author: Werner Koch Date: Thu Apr 19 10:34:32 2018 +0200 core: Remove leftover debug output. * src/verify.c (_gpgme_verify_status_handler): Remove debug output. -- Actually this is a real bug because it uses a debug function available only in the new libgpg-error versions. Time to call Jenkins back from vacation; there are rumors that he has been seen in the city looking for a new Ryzen tail coat. Signed-off-by: Werner Koch diff --git a/src/verify.c b/src/verify.c index bd437c9..26b205a 100644 --- a/src/verify.c +++ b/src/verify.c @@ -1096,7 +1096,6 @@ _gpgme_verify_status_handler (void *priv, gpgme_status_code_t code, char *args) err = _gpgme_parse_plaintext (args, &opd->result.file_name, &mime); if (err) return err; - gpgrt_log_debug ("verify.c: setting mime to %d\n", mime); opd->result.is_mime = !!mime; } break; commit 3d8e5c07511938a0b30b4626530822338abd9ec0 Author: Werner Koch Date: Thu Apr 19 10:29:30 2018 +0200 tests: Fix t-verify test for GnuPG < 2.2.7. * tests/gpg/t-verify.c (check_result): Tweak for gnupg < 2.2.7. -- The not yet releases 2.2.7-beta may print a full fingerprint in the ERRSIG status. This is compliant with the dscription but the new t-verify test case did not took in account that older GnuPG versions print only a keyid. Fixes-commit: b99502274ae5efdf6df0d967900ec3d1e64373d7 GnUPG-bug-id: 3920 Signed-off-by: Werner Koch

Foo

Result data:

Browsertest