gpgme 0.3.3 questions

[Stephane Corthesy]

Hi,

I have a few questions about gpgme 0.3.3, and gpg in general.

About gpg:

- Can subkeys have fingerprints?

- How are two keys equal? Can we compare them using fingerprint?  
What makes them unique?


About gpgme:

- How are two GpgmeTrustItem equal? Can we compare them using their  
GPGME_ATTR_KEYID attribute?

- What is the GPGME_ATTR_TYPE of a gpgme_trust_item? What does it  
stand for?

- Which GpgmeData types can be read/written?

- GpgmeData read callback: can the callback return no data, but  
without being at EOF?

- gpgme_data_read(_data, NULL, 0, &aReadLength): "Returns the number  
of bytes available and does not move the read pointer.".
  - Does aReadLength return the total number of bytes it can read,  
or the number of bytes it read, or the number of bytes still to be  
read?
  - Can it return Gpgme_EOF_error?

- gpgme_release_context() "releases all resources": what are these  
resources? Keys, trustItems, datas?

- GpgmeContext passphrase callback: can we expect to always have  
description on three lines? "TRY_AGAIN" or "ENTER", userID or "[User  
ID hint missing]" (does it mean that keyID was not included?), ???  
(what is it?) or "[passphrase info missing]", always unlocalized.

- GpgmeContext progress callback: what is the type parameter? When  
is the callback used? On key generation only?

- gpgme_strerror(): is it meant to be localized in future versions?

- After gpgme_op_import(), how can we get imported keys?

- Does gpgme_op_trustlist_next() really return GPGME_EOF when it has  
finished enumeration?


Some remarks on the current implementation of gpgme:

- GpgmeKey misses GPGME_ATTR_EXPIRE attribute

- GpgmeKey misses two functions: gpgme_key_subkeys_count() and  
gpgme_key_userids_count(). We cannot base counts on results returned  
by gpgme_key_get_ulong_attr() or gpgme_key_get_string_attr(), because  
0 and NULL can be valid values, depending on the attribute.

- Can subkeys be secret? If YES, then gpgme_key_get_ulong_attr() and  
gpgme_key_get_string_attr() return only main key secretness.

- GpgmeData: currently there is no way to get data without it to be  
released (gpgme_data_release_and_get_mem()).

- gpgme_set_textmode(): comment is outdated, because RFC2015 is no  
longer valid, and has been replaced by RFC3156, in which you no  
longer need to use textmode.

- gpgme misses a way to edit keys

- It would be nice to be able to give other options to gpg with  
gpgme, like throwKeyID, etc. (important for mails with BCC)

- What is the roadmap for future versions of gpgme? I really like it!!


After playing with it, I suspect some bugs (I can't confirm them  
yet, I'll check this later; maybe these are bugs in my code):

- When asking a GpgmeKey for one of its sub-userIDs (index > 0)  
GPGME_ATTR_EMAIL attribute, it returns the name + email, whereas for  
the main (index = 0) userID it returns only the email.

- When returning a GpgmeKey GPGME_ATTR_COMMENT attribute, characters  
like ":" are not un-escaped, they are returned as \x3a

- When asking a GpgmeKey its main userID (index = 0), it returns the  
last userID it was asked (can be a sub, or the main).


Finally, I needed to patch a file to make gpgme run tests: modify  
tests/mkdemodirs:

<     [ -d $name ] && rm -r $name
>    [ -d $name ] && rm -r $name || true

On MacOS X Server (a BSD 4.3 bastard...), the mkdemodirs returns  
with status -1 if directory does not exist.


Stephane Corthesy

GPGME - an Objective-C framework based on gpgme
http://macgpg.sourceforge.net/