[git] GPGME - branch, master, updated. gpgme-1.11.1-291-gc569adb
by Werner Koch
cvs at cvs.gnupg.org
Wed Sep 19 12:01:20 CEST 2018
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GnuPG Made Easy".
The branch, master has been updated
via c569adb5e3e3082bd68cdc34a2d349b7c28d3768 (commit)
from 7f149586062ebae8114f64078771cb25579f5003 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit c569adb5e3e3082bd68cdc34a2d349b7c28d3768
Author: Werner Koch <wk at gnupg.org>
Date: Wed Sep 19 11:51:31 2018 +0200
json: Remove subkey-algo from createkey command.
* src/gpgme-json.c (op_createkey): Remove subkey-algo param.
(GPG_AGENT_ALLOWS_KEYGEN_TRHOUGH_BROWSER): Fix typo.
* lang/js/src/Keyring.js: Remove subkey-algo support.
* lang/js/src/permittedOperations.js: Ditto.
--
We do not want to expose details of the protocol's key generation and
thus the subkey-algo does not make sense. Right now we support only
the default and future-default algorithms. A user can configure them
anyway using new-default-key-algo in gpg.conf. Eventually we may
officially support a more flexible way of creating special structured
OpenPGP keys but right now that is not part of the API.
Signed-off-by: Werner Koch <wk at gnupg.org>
diff --git a/AUTHORS b/AUTHORS
index e0136ff..64a675e 100644
--- a/AUTHORS
+++ b/AUTHORS
@@ -25,7 +25,8 @@ List of Copyright holders
Copyright (C) 2002 John Goerzen
Copyright (C) 2014, 2015 Martin Albrecht
Copyright (C) 2015, 2018 Ben McGinnes
- Copyright (C) 2015-2016 Bundesamt für Sicherheit in der Informationstechnik
+ Copyright (C) 2015, 2016, 2018
+ Bundesamt für Sicherheit in der Informationstechnik
Copyright (C) 2016 Intevation GmbH
diff --git a/lang/js/src/Keyring.js b/lang/js/src/Keyring.js
index e223284..eec1711 100644
--- a/lang/js/src/Keyring.js
+++ b/lang/js/src/Keyring.js
@@ -387,13 +387,11 @@ export class GPGME_Keyring {
* values. If ommitted, 'default' is used.
* @param {Number} option.expires (optional) Expiration time in seconds
* from now. If not set or set to 0, expiration will be 'never'
- * @param {String} options.subkey_algo (optional) algorithm of the
- * encryption subkey. If ommited the same as algo is used.
*
* @return {Promise<Key|GPGME_Error>}
* @async
*/
- generateKey ({ userId, algo = 'default', expires= 0, subkey_algo } = {}){
+ generateKey ({ userId, algo = 'default', expires= 0 } = {}){
if (typeof userId !== 'string'
// eslint-disable-next-line no-use-before-define
|| (algo && supportedKeyAlgos.indexOf(algo) < 0 )
@@ -402,17 +400,11 @@ export class GPGME_Keyring {
return Promise.reject(gpgme_error('PARAM_WRONG'));
}
// eslint-disable-next-line no-use-before-define
- if (subkey_algo && supportedKeyAlgos.indexOf(subkey_algo) < 0){
- return Promise.reject(gpgme_error('PARAM_WRONG'));
- }
let me = this;
return new Promise(function (resolve, reject){
let msg = createMessage('createkey');
msg.setParameter('userid', userId);
msg.setParameter('algo', algo);
- if (subkey_algo) {
- msg.setParameter('subkey-algo',subkey_algo );
- }
msg.setParameter('expires', expires);
msg.post().then(function (response){
me.getKeys({
diff --git a/lang/js/src/permittedOperations.js b/lang/js/src/permittedOperations.js
index c3c72ca..09a1783 100644
--- a/lang/js/src/permittedOperations.js
+++ b/lang/js/src/permittedOperations.js
@@ -348,9 +348,6 @@ export const permittedOperations = {
algo: {
allowed: ['string']
},
- 'subkey-algo': {
- allowed: ['string']
- },
expires: {
allowed: ['number'],
}
diff --git a/src/gpgme-json.c b/src/gpgme-json.c
index 2a8f1d3..b10331b 100644
--- a/src/gpgme-json.c
+++ b/src/gpgme-json.c
@@ -2973,15 +2973,10 @@ static const char hlp_createkey[] =
"userid: The user id. E.g. \"Foo Bar <foo at bar.baz>\"\n"
"\n"
"Optional parameters:\n"
- "algo: Algo of the key as string. See doc for gpg --quick-gen-key.\n"
- "subkey-algo: Algo of the encryption subkey. If ommited the same as algo\n"
- " is used.\n"
- " Except for dsa and ed25519 where the according\n"
- " elg / cv25519 algo will be used as subkey-algo.\n"
- "\n"
- " If algo is omitted or default or future-default subkey-algo\n"
- " is ignored.\n"
- "expires: Seconds from now to expiry as Number. 0 means no expiry.\n"
+ "algo: Algo of the key as string. See doc for gpg --quick-gen-key.\n"
+ " Supported values are \"default\" and \"future-default\".\n"
+ "expires: Seconds from now to expiry as Number. 0 means no expiry.\n"
+ " The default is to use a standard expiration interval.\n"
"\n"
"Response on success:\n"
"fingerprint: The fingerprint of the created key.\n"
@@ -3000,9 +2995,8 @@ op_createkey (cjson_t request, cjson_t result)
const char *algo = "default";
const char *userid;
gpgme_genkey_result_t res;
- char *new_fpr = NULL;
-#ifdef GPG_AGENT_ALLOWS_KEYGEN_TRHOUGH_BROWSER
+#ifdef GPG_AGENT_ALLOWS_KEYGEN_THROUGH_BROWSER
/* GnuPG forbids keygen through the browser socket so for
this we create an unrestricted context.
See GnuPG-Bug-Id: T4010 for more info */
@@ -3054,79 +3048,10 @@ op_createkey (cjson_t request, cjson_t result)
goto leave;
}
- /* Dup the fpr as the result might become invalid after context reuse. */
- new_fpr = xstrdup (res->fpr);
-
- if (algo && strcmp ("default", algo) && strcmp ("future-default", algo))
- {
- /* We need to add the encryption subkey manually */
- gpgme_ctx_t keylistctx = create_onetime_context (GPGME_PROTOCOL_OpenPGP);
- gpgme_key_t new_key = NULL;
- char *subkey_algo = NULL;
-
- j_tmp = cJSON_GetObjectItem (request, "subkey_algo");
- if (j_tmp && cjson_is_string (j_tmp))
- {
- subkey_algo = xstrdup (j_tmp->valuestring);
- }
-
- if (!subkey_algo)
- {
- subkey_algo = strdup (algo);
- if (!strncmp ("dsa", subkey_algo, 3))
- {
- subkey_algo[0] = 'e';
- subkey_algo[1] = 'l';
- subkey_algo[2] = 'g';
- }
- if (!strcmp ("ed25519", subkey_algo))
- {
- strcpy (subkey_algo, "cv25519");
- }
- }
-
- err = gpgme_get_key (keylistctx, new_fpr, &new_key, 1);
- release_onetime_context (keylistctx);
- if (err || !new_key)
- {
- gpg_error_object (result, err, "Error finding created key: %s",
- gpg_strerror (err));
- xfree (subkey_algo);
- goto leave;
- }
-
- err = gpgme_op_createsubkey (ctx, new_key, subkey_algo,
- 0, expires, flags |= GPGME_CREATE_ENCR);
- xfree (subkey_algo);
- if (err)
- {
- /* This can happen for example if the user cancels the
- * pinentry to unlock the primary key when adding the
- * subkey. To avoid an artifact of a pimary key without
- * an encryption capable subkey we delete the created
- * key and treat the whole operation as failed. */
- gpgme_error_t err2;
- gpg_error_object (result, err, "Error creating subkey: %s",
- gpg_strerror (err));
- log_info ("Deleting primary key after keygen failure.\n");
- err2 = gpgme_op_delete_ext (ctx, new_key, GPGME_DELETE_FORCE |
- GPGME_DELETE_ALLOW_SECRET);
- if (err2)
- {
- log_error ("Error deleting primary key: %s",
- gpg_strerror (err));
- }
- gpgme_key_unref (new_key);
- goto leave;
- }
- gpgme_key_unref (new_key);
- }
-
- xjson_AddStringToObject0 (result, "fingerprint", new_fpr);
+ xjson_AddStringToObject0 (result, "fingerprint", res->fpr);
leave:
- xfree (new_fpr);
-#ifdef GPG_AGENT_ALLOWS_KEYGEN_TRHOUGH_BROWSER
+#ifdef GPG_AGENT_ALLOWS_KEYGEN_THROUGH_BROWSER
release_context (ctx);
#else
gpgme_release (ctx);
-----------------------------------------------------------------------
Summary of changes:
AUTHORS | 3 +-
lang/js/src/Keyring.js | 10 +----
lang/js/src/permittedOperations.js | 3 --
src/gpgme-json.c | 89 +++-----------------------------------
4 files changed, 10 insertions(+), 95 deletions(-)
hooks/post-receive
--
GnuPG Made Easy
http://git.gnupg.org
More information about the Gnupg-commits
mailing list