From wk at gnupg.org Tue Jul 4 17:12:12 2023
From: wk at gnupg.org (Werner Koch)
Date: Tue, 04 Jul 2023 17:12:12 +0200
Subject: [Announce] GnuPG 2.4.3 released
Message-ID: <87fs63emnn.fsf@wheatstone.g10code.de>
Hello!
We are pleased to announce the availability of a new stable GnuPG
release: version 2.4.3. This version fixes some minor bugs and
improves the performance on Windows. See below for details.
What is GnuPG
=============
The GNU Privacy Guard (GnuPG, GPG) is a complete and free implementation
of the OpenPGP and S/MIME standards.
GnuPG allows to encrypt and sign data and communication, features a
versatile key management system as well as access modules for public key
directories. GnuPG itself is a command line tool with features for easy
integration with other applications. The separate library GPGME provides
a uniform API to use the GnuPG engine by software written in common
programming languages. A wealth of frontend applications and libraries
making use of GnuPG are available. As an universal crypto engine GnuPG
provides support for S/MIME and Secure Shell in addition to OpenPGP.
GnuPG is Free Software (meaning that it respects your freedom). It can
be freely used, modified and distributed under the terms of the GNU
General Public License.
Noteworthy changes in version 2.4.3
===================================
* gpg: Set default expiration date to 3 years. [T2701]
* gpg: Add --list-filter properties "key_expires" and
"key_expires_d". [T6529]
* gpg: Emit status line and proper diagnostics for write errors.
[T6528]
* gpg: Make progress work for large files on Windows. [T6534]
* gpg: New option --no-compress as alias for -z0.
* gpgsm: Print PROGRESS status lines. Add new --input-size-hint.
[T6534]
* gpgsm: Support SENDCERT_SKI for --call-dirmngr. [rG701a8b30f0]
* gpgsm: Major rewrite of the PKCS#12 parser. [T6536]
* gpgtar: New option --no-compress.
* dirmngr: Extend the AD_QUERY command. [rG207c99567c]
* dirmngr: Disable the HTTP redirect rewriting. [T6477]
* dirmngr: New option --compatibility-flags. [rGbf04b07327]
* dirmngr: New option --ignore-crl-extensions. [T6545]
* wkd: Use export-clean for gpg-wks-client's --mirror and --create
commands. [rG2c7f7a5a27]
* wkd: Make --add-revocs the default in gpg-wks-client. New option
--no-add-revocs. [rG10c937ee68]
* scd: Make signing work for Nexus cards. [rGb83d86b988]
* scd: Fix authentication with Administration Key for PIV.
[rG25b59cf6ce]
Release-info: https://dev.gnupg.org/T6509
Getting the Software
====================
Please follow the instructions found at or
read on:
GnuPG may be downloaded from one of the GnuPG mirror sites or direct
from its primary FTP server. The list of mirrors can be found at
. Note that GnuPG is not
available at ftp.gnu.org.
The GnuPG source code compressed using BZIP2 and its OpenPGP signature
are available here:
https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.3.tar.bz2 (7179k)
https://gnupg.org/ftp/gcrypt/gnupg/gnupg-2.4.3.tar.bz2.sig
An installer for Windows without any graphical frontend except for a
very minimal Pinentry tool is available here:
https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.3_20230704.exe (5324k)
https://gnupg.org/ftp/gcrypt/binary/gnupg-w32-2.4.3_20230704.exe.sig
The source used to build this Windows installer can be found in the same
directory with a ".tar.xz" suffix.
A new release of Gpg4win including this version of GnuPG will soon be
announced via the usual channels.
Checking the Integrity
======================
In order to check that the version of GnuPG which you are going to
install is an original and unmodified one, you can do it in one of
the following ways:
* If you already have a version of GnuPG installed, you can simply
verify the supplied signature. For example to verify the signature
of the file gnupg-2.4.3.tar.bz2 you would use this command:
gpg --verify gnupg-2.4.3.tar.bz2.sig gnupg-2.4.3.tar.bz2
This checks whether the signature file matches the source file.
You should see a message indicating that the signature is good and
made by one or more of the release signing keys. Make sure that
this is a valid key, either by matching the shown fingerprint
against a trustworthy list of valid release signing keys or by
checking that the key has been signed by trustworthy other keys.
See the end of this mail for information on the signing keys.
* If you are not able to use an existing version of GnuPG, you have
to verify the SHA-1 checksum. On Unix systems the command to do
this is either "sha1sum" or "shasum". Assuming you downloaded the
file gnupg-2.4.3.tar.bz2, you run the command like this:
sha1sum gnupg-2.4.3.tar.bz2
and check that the output matches the next line:
79a60c8e415e3daaa33d0546398174252a56f7ac gnupg-2.4.3.tar.bz2
d1e689712c7b1e0959fc3e1282198bfd35688bd4 gnupg-w32-2.4.3_20230704.tar.xz
677527d18ed95b1ba2476efbfbfdb43703bb26ca gnupg-w32-2.4.3_20230704.exe
Internationalization
====================
This version of GnuPG has support for 26 languages with Chinese
(traditional and simplified), Czech, French, German, Italian,
Japanese, Norwegian, Polish, Russian, Turkish, and Ukrainian
being almost completely translated.
Documentation and Support
=========================
The file gnupg.info has the complete reference manual of the system.
Separate man pages are included as well but they miss some of the
details available only in the manual. The manual is also available
online at
https://gnupg.org/documentation/manuals/gnupg/
or can be downloaded as PDF at
https://gnupg.org/documentation/manuals/gnupg.pdf
You may also want to search the GnuPG mailing list archives or ask on
the gnupg-users mailing list for advise on how to solve problems. Most
of the new features are around for several years and thus enough public
experience is available. https://wiki.gnupg.org has user contributed
information around GnuPG and relate software.
In case of build problems specific to this release please first check
https://dev.gnupg.org/T6509 for updated information.
Please consult the archive of the gnupg-users mailing list before
reporting a bug: https://gnupg.org/documentation/mailing-lists.html.
We suggest to send bug reports for a new release to this list in favor
of filing a bug at https://bugs.gnupg.org. If you need commercial
support go to https://gnupg.com or https://gnupg.org/service.html.
If you are a developer and you need a certain feature for your project,
please do not hesitate to bring it to the gnupg-devel mailing list for
discussion.
Job Opportunity
===============
We are looking for an experienced technical person for the g10 Code
office in Erkrath. Your duties would be help with system administration
and to extend our technical support team. Although we are running
completely on free software, most of our customers are running Windows;
thus experience with Windows management will be of advantage as well as
a reasonable proficiency in German. If you are interested in a full
time employment please contact us my mail.
Thanks
======
Since 2001 maintenance and development of GnuPG is done by g10 Code GmbH
and has mostly been financed by donations. Several full-time employed
developers and contractors are working exclusively on GnuPG and closely
related software like Libgcrypt, GPGME, Kleopatra and Gpg4win.
Fortunately, and this is still not common with free software, we have
established a way of financing the development while keeping all our
software free and freely available for everyone. Our model is similar
to the way RedHat manages RHEL and Fedora: Except for the actual binary
of the MSI installer for Windows and client specific configuration
files, all the software is available under the GNU GPL and other Open
Source licenses. Thus customers may even build and distribute their own
version of the software as long as they do not use our trademarks
GnuPG Desktop? or GnuPG VS-Desktop?.
We like to thank all the nice people who are helping the GnuPG project,
be it testing, coding, translating, suggesting, auditing, administering
the servers, spreading the word, answering questions on the mailing
lists, or helped with donations.
*Thank you all*
Your GnuPG hackers
p.s.
This is an announcement only mailing list. Please send replies only to
the gnupg-users at gnupg.org mailing list.
List of Release Signing Keys:
To guarantee that a downloaded GnuPG version has not been tampered by
malicious entities we provide signature files for all tarballs and
binary versions. The keys are also signed by the long term keys of
their respective owners. Current releases are signed by one or more
of these four keys:
rsa3072 2017-03-17 [expires: 2027-03-15]
5B80 C575 4298 F0CB 55D8 ED6A BCEF 7E29 4B09 2E28
Andre Heinecke (Release Signing Key)
ed25519 2020-08-24 [expires: 2030-06-30]
6DAA 6E64 A76D 2840 571B 4902 5288 97B8 2640 3ADA
Werner Koch (dist signing 2020)
ed25519 2021-05-19 [expires: 2027-04-04]
AC8E 115B F73E 2D8D 47FA 9908 E98E 9B2D 19C6 C8BD
Niibe Yutaka (GnuPG Release Key)
brainpoolP256r1 2021-10-15 [expires: 2029-12-31]
02F3 8DFF 731F F97C B039 A1DA 549E 695E 905B A208
GnuPG.com (Release Signing Key 2021)
The keys are available at https://gnupg.org/signature_key.html and
in any recently released GnuPG tarball in the file g10/distsigkey.gpg .
Note that this mail has been signed by a different key.
--
Arguing that you don't care about the right to privacy because you have
nothing to hide is no different from saying you don't care about free
speech because you have nothing to say. - Edward Snowden
-------------- next part --------------
A non-text attachment was scrubbed...
Name: openpgp-digital-signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL:
-------------- next part --------------
_______________________________________________
Gnupg-announce mailing list
Gnupg-announce at gnupg.org
http://lists.gnupg.org/mailman/listinfo/gnupg-announce
From ralph at ml.seichter.de Tue Jul 4 18:29:34 2023
From: ralph at ml.seichter.de (Ralph Seichter)
Date: Tue, 04 Jul 2023 18:29:34 +0200
Subject: [Announce] GnuPG for OS X 2.4.3
Message-ID: <87o7krtzbl.fsf@ra.horus-it.com>
GnuPG for OS X / macOS release 2.4.3 is now available for download via
https://sourceforge.net/p/gpgosx/docu/Download/ .
The disk image signature key is available via public keyservers, and it
can also be downloaded from https://www.seichter.de/pgp/gpgosx-signing.asc .
pub ed25519/FD56297D9833FF7F 2022-07-07 [SC] [expires: 2027-07-06]
Key fingerprint = EAB0 FE4F F793 D9E7 028E C8E2 FD56 297D 9833 FF7F
uid [ultimate] Ralph Seichter (GnuPG for OS X signing key)
GnuPG 2.4.x is installed in /usr/local/gnupg-2.4 instead of the formerly
hardcoded directory /usr/local/gnupg-2.2. This enables installing both
stable and LTS releases of GnuPG for OS X side by side, for advanced
users' needs.
The one caveat is that the latest installation will replace existing
soft links in /usr/local/{bin,lib}. Please use absolute paths like
/usr/local/gnupg-2.2/bin/gpg2 if necessary. Enjoy.
-Ralph
From nathbappai at gmail.com Sat Jul 8 07:14:44 2023
From: nathbappai at gmail.com (nathbappai at gmail.com)
Date: Sat, 8 Jul 2023 10:44:44 +0530
Subject: [PATCH gpgme] qt: Fix DLL version in cmake config files
Message-ID: <20230708051444.13472-1-nathbappai@gmail.com>
From: Biswapriyo Nath
Signed-off-by: Biswapriyo Nath
---
lang/qt/src/QGpgmeConfig-w32.cmake.in.in | 4 ++--
lang/qt/src/QGpgmeQt6Config-w32.cmake.in.in | 4 ++--
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/lang/qt/src/QGpgmeConfig-w32.cmake.in.in b/lang/qt/src/QGpgmeConfig-w32.cmake.in.in
index b897805..a58b940 100644
--- a/lang/qt/src/QGpgmeConfig-w32.cmake.in.in
+++ b/lang/qt/src/QGpgmeConfig-w32.cmake.in.in
@@ -65,11 +65,11 @@ set_target_properties(QGpgme PROPERTIES
IMPORTED_IMPLIB_RELEASE "@resolved_libdir@/libqgpgme.dll.a"
INTERFACE_INCLUDE_DIRECTORIES "@resolved_includedir@/qgpgme;@resolved_includedir@"
INTERFACE_LINK_LIBRARIES "Gpgmepp;Qt5::Core"
- IMPORTED_LOCATION "@resolved_libdir@/libqgpgme-7.dll"
+ IMPORTED_LOCATION "@resolved_libdir@/libqgpgme-15.dll"
)
list(APPEND _IMPORT_CHECK_TARGETS QGgpme )
-list(APPEND _IMPORT_CHECK_FILES_FOR_Qgpgme "@resolved_libdir@/libqgpgme.dll.a" "@resolved_bindir@/libqgpgme-7.dll" )
+list(APPEND _IMPORT_CHECK_FILES_FOR_Qgpgme "@resolved_libdir@/libqgpgme.dll.a" "@resolved_bindir@/libqgpgme-15.dll" )
if(CMAKE_VERSION VERSION_LESS 2.8.12)
message(FATAL_ERROR "This file relies on consumers using CMake 2.8.12 or greater.")
diff --git a/lang/qt/src/QGpgmeQt6Config-w32.cmake.in.in b/lang/qt/src/QGpgmeQt6Config-w32.cmake.in.in
index 6cb8af4..8e61f35 100644
--- a/lang/qt/src/QGpgmeQt6Config-w32.cmake.in.in
+++ b/lang/qt/src/QGpgmeQt6Config-w32.cmake.in.in
@@ -65,11 +65,11 @@ set_target_properties(QGpgmeQt6 PROPERTIES
IMPORTED_IMPLIB_RELEASE "@resolved_libdir@/libqgpgmeqt6.dll.a"
INTERFACE_INCLUDE_DIRECTORIES "@resolved_includedir@/qgpgme;@resolved_includedir@"
INTERFACE_LINK_LIBRARIES "Gpgmepp;Qt6::Core"
- IMPORTED_LOCATION "@resolved_libdir@/libqgpgmeqt6-7.dll"
+ IMPORTED_LOCATION "@resolved_libdir@/libqgpgmeqt6-15.dll"
)
list(APPEND _IMPORT_CHECK_TARGETS QGpgmeQt6 )
-list(APPEND _IMPORT_CHECK_FILES_FOR_QGpgmeQt6 "@resolved_libdir@/libqgpgmeqt6.dll.a" "@resolved_bindir@/libqgpgmeqt6-7.dll" )
+list(APPEND _IMPORT_CHECK_FILES_FOR_QGpgmeQt6 "@resolved_libdir@/libqgpgmeqt6.dll.a" "@resolved_bindir@/libqgpgmeqt6-15.dll" )
if(CMAKE_VERSION VERSION_LESS 2.8.12)
message(FATAL_ERROR "This file relies on consumers using CMake 2.8.12 or greater.")
--
2.41.0
From kloecker at kde.org Sat Jul 8 16:14:54 2023
From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=)
Date: Sat, 08 Jul 2023 16:14:54 +0200
Subject: [PATCH gpgme] qt: Fix DLL version in cmake config files
In-Reply-To: <20230708051444.13472-1-nathbappai@gmail.com>
References: <20230708051444.13472-1-nathbappai@gmail.com>
Message-ID: <4498737.LvFx2qVVIh@daneel>
Hi,
Good timing! Less than one day after the release of version 1.21. :-)
On Samstag, 8. Juli 2023 07:14:44 CEST Biswapriyo Nath via Gnupg-devel wrote:
> @@ -65,11 +65,11 @@ set_target_properties(QGpgme PROPERTIES
> IMPORTED_IMPLIB_RELEASE "@resolved_libdir@/libqgpgme.dll.a"
> INTERFACE_INCLUDE_DIRECTORIES
> "@resolved_includedir@/qgpgme;@resolved_includedir@"
> INTERFACE_LINK_LIBRARIES "Gpgmepp;Qt5::Core"
> - IMPORTED_LOCATION "@resolved_libdir@/libqgpgme-7.dll"
> + IMPORTED_LOCATION "@resolved_libdir@/libqgpgme-15.dll"
I think this is still wrong because it should certainly be @resolved_bindir@
as below because the DLL is installed in bindir.
Makes me wonder when/how IMPORTED_LOCATION is used because, apparently, we
never had any problems linking libkleo and kleopatra against QGpgME with MinGW
despite IMPORTED_LOCATION pointing to a not existing file.
> list(APPEND _IMPORT_CHECK_TARGETS QGgpme )
> -list(APPEND _IMPORT_CHECK_FILES_FOR_Qgpgme
> "@resolved_libdir@/libqgpgme.dll.a" "@resolved_bindir@/libqgpgme-7.dll" )
> +list(APPEND _IMPORT_CHECK_FILES_FOR_Qgpgme
> "@resolved_libdir@/libqgpgme.dll.a" "@resolved_bindir@/libqgpgme-15.dll" )
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL:
From nathbappai at gmail.com Sat Jul 8 18:01:20 2023
From: nathbappai at gmail.com (Biswapriyo Nath)
Date: Sat, 8 Jul 2023 21:31:20 +0530
Subject: [PATCH gpgme] qt: Fix DLL version in cmake config files
In-Reply-To: <4498737.LvFx2qVVIh@daneel>
References: <20230708051444.13472-1-nathbappai@gmail.com>
<4498737.LvFx2qVVIh@daneel>
Message-ID:
> I think this is still wrong because it should certainly be @resolved_bindir@
> as below because the DLL is installed in bindir.
Yes, I was going to send that patch after this one is merged. Should I
send both fixes in one patch?
> Makes me wonder when/how IMPORTED_LOCATION is used because, apparently, we
> never had any problems linking libkleo and kleopatra against QGpgME with MinGW
> despite IMPORTED_LOCATION pointing to a not existing file.
It seems that the `find_package(QGpgme CONFIG)` call succeed if
QGpgmeConfig.cmake and QGpgmeConfigVersion.cmake file is present. The
existence of .dll or .dll.a file was not checked by cmake. I found
that using Process Monitor in Microsoft Windows OS (filter: path
contains qgpgme).
From kloecker at kde.org Sat Jul 8 21:53:34 2023
From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=)
Date: Sat, 08 Jul 2023 21:53:34 +0200
Subject: [PATCH gpgme] qt: Fix DLL version in cmake config files
In-Reply-To:
References: <20230708051444.13472-1-nathbappai@gmail.com>
<4498737.LvFx2qVVIh@daneel>
Message-ID: <10305021.nUPlyArG6x@daneel>
On Samstag, 8. Juli 2023 18:01:20 CEST Biswapriyo Nath wrote:
> > I think this is still wrong because it should certainly be
> > @resolved_bindir@ as below because the DLL is installed in bindir.
>
> Yes, I was going to send that patch after this one is merged. Should I
> send both fixes in one patch?
Okay. I have committed your patch and also fixed the path. Thanks!
> > Makes me wonder when/how IMPORTED_LOCATION is used because, apparently, we
> > never had any problems linking libkleo and kleopatra against QGpgME with
> > MinGW despite IMPORTED_LOCATION pointing to a not existing file.
>
> It seems that the `find_package(QGpgme CONFIG)` call succeed if
> QGpgmeConfig.cmake and QGpgmeConfigVersion.cmake file is present. The
> existence of .dll or .dll.a file was not checked by cmake.
Indeed. At least, when using Qt 5. It wasn't checked because of typos in the
variable names which made the loop that should have checked the files an empty
loop. I have fixed this and also avoided the duplication of the file paths.
Regards,
Ingo
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL:
From nathbappai at gmail.com Sun Jul 9 04:03:43 2023
From: nathbappai at gmail.com (Biswapriyo Nath)
Date: Sun, 9 Jul 2023 07:33:43 +0530
Subject: [PATCH gpgme] qt: Fix DLL version in cmake config files
In-Reply-To: <10305021.nUPlyArG6x@daneel>
References: <20230708051444.13472-1-nathbappai@gmail.com>
<4498737.LvFx2qVVIh@daneel>
<10305021.nUPlyArG6x@daneel>
Message-ID:
> Indeed. At least, when using Qt 5. It wasn't checked because of typos in the
> variable names which made the loop that should have checked the files an empty
> loop. I have fixed this and also avoided the duplication of the file paths.
The typo was hard to notice. Thank you.
From bernhard at intevation.de Thu Jul 13 17:42:14 2023
From: bernhard at intevation.de (Bernhard Reiter)
Date: Thu, 13 Jul 2023 17:42:14 +0200
Subject: [PATCH libgcrypt] configure: fix minor typo in warning message
Message-ID: <202307131742.14575.bernhard@intevation.de>
Signed-off-by: Bernhard Reiter
---
configure.ac | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/configure.ac b/configure.ac
index 8ddba0e8..e00c0445 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3811,7 +3811,7 @@ fi
if test "$gcry_cv_gcc_attribute_aligned" != "yes" ; then
cat <
From bernhard at intevation.de Thu Jul 13 17:15:15 2023
From: bernhard at intevation.de (Bernhard Reiter)
Date: Thu, 13 Jul 2023 17:15:15 +0200
Subject: [PATCH scute] Add configure enable argument to build tests
In-Reply-To: <20230630171746.61a06019@gentoo.home>
References: <20230629234114.38bb2c5a@gentoo.home>
<87cz1dggxq.fsf@wheatstone.g10code.de> <20230630171746.61a06019@gentoo.home>
Message-ID: <202307131715.23780.bernhard@intevation.de>
Hi Jernej,
Am Freitag 30 Juni 2023 17:17:46 schrieb Jernej Jakob via Gnupg-devel:
> Regarding doc/HACKING, I already read it before submitting the patches,
> is there a particular problem in them that I need to fix?
had a brief look: What about the one line summary
and the DCO?
Regards,
Bernhard
--
https://intevation.de/~bernhard ? +49 541 33 508 3-3
Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998
Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL:
From jernej.jakob at gmail.com Thu Jul 13 18:45:47 2023
From: jernej.jakob at gmail.com (Jernej Jakob)
Date: Thu, 13 Jul 2023 18:45:47 +0200
Subject: [PATCH scute] Add configure enable argument to build tests
In-Reply-To: <202307131715.23780.bernhard@intevation.de>
References: <20230629234114.38bb2c5a@gentoo.home>
<87cz1dggxq.fsf@wheatstone.g10code.de>
<20230630171746.61a06019@gentoo.home>
<202307131715.23780.bernhard@intevation.de>
Message-ID: <20230713184547.58377092@gentoo.home>
On Thu, 13 Jul 2023 17:15:15 +0200
Bernhard Reiter wrote:
> Hi Jernej,
>
> Am Freitag 30 Juni 2023 17:17:46 schrieb Jernej Jakob via Gnupg-devel:
> > Regarding doc/HACKING, I already read it before submitting the patches,
> > is there a particular problem in them that I need to fix?
>
> had a brief look: What about the one line summary
> and the DCO?
I sent this patch, the DCO and another patch for scute on the same day.
I thought those other two mails were still waiting for manual approval
because I never saw them on the mailing list archives. Maybe they got
caught by spam filters?
Is "Add configure enable argument to build tests" the one-line summary
you mean? I put that in the message subject, I should have put it in the
message body too.
>
> Regards,
> Bernhard
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL:
From gniibe at fsij.org Fri Jul 14 04:21:19 2023
From: gniibe at fsij.org (NIIBE Yutaka)
Date: Fri, 14 Jul 2023 11:21:19 +0900
Subject: [PATCH libgcrypt] configure: fix minor typo in warning message
In-Reply-To: <202307131742.14575.bernhard@intevation.de>
References: <202307131742.14575.bernhard@intevation.de>
Message-ID: <87sf9rp71c.fsf@akagi.fsij.org>
Bernhard Reiter wrote:
> @@ -3811,7 +3811,7 @@ fi
>
> if test "$gcry_cv_gcc_attribute_aligned" != "yes" ; then
> cat < - Please not that your compiler does not support the GCC style
> + Please note that your compiler does not support the GCC style
> aligned attribute. Using this software may evoke bus errors.
>
> G10EOF
Thank you. Applied to master and 1.10 branch.
BTW, with Clang 16, it works well (no alignment issue) for me.
I wonder if it's newer Clang.
--
From bernhard at intevation.de Fri Jul 14 09:13:51 2023
From: bernhard at intevation.de (Bernhard Reiter)
Date: Fri, 14 Jul 2023 09:13:51 +0200
Subject: [PATCH scute] Add configure enable argument to build tests
In-Reply-To: <20230713184547.58377092@gentoo.home>
References: <20230629234114.38bb2c5a@gentoo.home>
<202307131715.23780.bernhard@intevation.de>
<20230713184547.58377092@gentoo.home>
Message-ID: <202307140913.59663.bernhard@intevation.de>
Am Donnerstag 13 Juli 2023 18:45:47 schrieb Jernej Jakob via Gnupg-devel:
> > had a brief look: What about the one line summary
> > and the DCO?
>
> I sent this patch, the DCO and another patch for scute on the same day.
> I thought those other two mails were still waiting for manual approval
> because I never saw them on the mailing list archives. Maybe they got
> caught by spam filters?
I also didn't see these emails on the list, so maybe they were caught
in moderation. You could try to send them again. Maybe you did use a different
From: by accident
Note that it sometimes takes a long while until a submitted patch will be
evaluated. It is okay to ask about the status once in a while, e.g. after a
months or so, depending on the importance of the patch.
> Is "Add configure enable argument to build tests" the one-line summary
> you mean? I put that in the message subject, I should have put it in the
> message body too.
Good question, maybe it was fine, but could have been more specific.
I'm just trying to guess what Werner was referring to.
Best,
Bernhard
--
https://intevation.de/~bernhard ? +49 541 33 508 3-3
Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998
Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL:
From bernhard at intevation.de Fri Jul 14 09:18:26 2023
From: bernhard at intevation.de (Bernhard Reiter)
Date: Fri, 14 Jul 2023 09:18:26 +0200
Subject: [PATCH libgcrypt] configure: fix minor typo in warning message
In-Reply-To: <87sf9rp71c.fsf@akagi.fsij.org>
References: <202307131742.14575.bernhard@intevation.de>
<87sf9rp71c.fsf@akagi.fsij.org>
Message-ID: <202307140918.27250.bernhard@intevation.de>
Am Freitag 14 Juli 2023 04:21:19 schrieb NIIBE Yutaka:
> Applied to master and 1.10 branch.
Thanks!
> BTW, with Clang 16, it works well (no alignment issue) for me.
> I wonder if it's newer Clang.
It was a discussion of gnupg-devel, where somebody saw this warning.
Is this a spurious warning, if it works?
--
https://intevation.de/~bernhard ? +49 541 33 508 3-3
Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998
Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL:
From James.Bottomley at HansenPartnership.com Sun Jul 16 17:55:37 2023
From: James.Bottomley at HansenPartnership.com (James Bottomley)
Date: Sun, 16 Jul 2023 11:55:37 -0400
Subject: [PATCH v2] agent: fix tpm2d keytotpm handling
Message-ID: <1a531df6c5ae6c6e8a4a9a5530733055948e5283.camel@HansenPartnership.com>
commit: 2783b786a ("agent: Do not overwrite a key file by a shadow key
file.") broke keytotpm because you can no longer overwrite a
non-shadowed secret key, now you must first delete it. Fix KEYTOTPM
by deleting the key before writing it.
Signed-off-by: James Bottomley
---
v2: update the logic around replacing the private key to actually do
the replacement.
agent/divert-tpm2.c | 33 ++++++++++++++++++++++++++++-----
1 file changed, 28 insertions(+), 5 deletions(-)
diff --git a/agent/divert-tpm2.c b/agent/divert-tpm2.c
index b2f884f93..e7c6a8aae 100644
--- a/agent/divert-tpm2.c
+++ b/agent/divert-tpm2.c
@@ -26,9 +26,10 @@ divert_tpm2_pksign (ctrl_t ctrl,
static gpg_error_t
agent_write_tpm2_shadow_key (ctrl_t ctrl, const unsigned char *grip,
- unsigned char *shadow_info)
+ unsigned char *shadow_info,
+ gcry_sexp_t s_key)
{
- gpg_error_t err;
+ gpg_error_t err, err1;
unsigned char *shdkey;
unsigned char *pkbuf;
size_t len;
@@ -44,7 +45,14 @@ agent_write_tpm2_shadow_key (ctrl_t ctrl, const
unsigned char *grip,
xfree (pkbuf);
if (err)
{
- log_error ("shadowing the key failed: %s\n", gpg_strerror
(err));
+ log_error ("shadowing the tpm key failed: %s\n", gpg_strerror
(err));
+ return err;
+ }
+
+ err = agent_delete_key (ctrl, NULL, grip, 1, 0);
+ if (err)
+ {
+ log_error ("failed to delete unshadowed key: %s\n", gpg_strerror
(err));
return err;
}
@@ -53,7 +61,22 @@ agent_write_tpm2_shadow_key (ctrl_t ctrl, const
unsigned char *grip,
NULL, NULL, NULL, 0);
xfree (shdkey);
if (err)
- log_error ("error writing key: %s\n", gpg_strerror (err));
+ {
+ log_error ("error writing tpm key: %s\n", gpg_strerror (err));
+
+ len = gcry_sexp_sprint(s_key, GCRYSEXP_FMT_CANON, NULL, 0);
+ pkbuf = xtrymalloc(len);
+ if (!pkbuf)
+ return GPG_ERR_ENOMEM;
+
+ gcry_sexp_sprint(s_key, GCRYSEXP_FMT_CANON, pkbuf, len);
+ err1 = agent_write_private_key (grip, pkbuf, len, 1 /*force*/,
+ NULL, NULL, NULL, 0);
+ xfree(pkbuf);
+ if (err1)
+ log_error ("error trying to restore private key: %s\n",
+ gpg_strerror (err1));
+ }
return err;
}
@@ -68,7 +91,7 @@ divert_tpm2_writekey (ctrl_t ctrl, const unsigned
char *grip,
ret = agent_tpm2d_writekey(ctrl, &shadow_info, s_skey);
if (!ret) {
- ret = agent_write_tpm2_shadow_key (ctrl, grip, shadow_info);
+ ret = agent_write_tpm2_shadow_key (ctrl, grip, shadow_info,
s_skey);
xfree (shadow_info);
}
return ret;
--
2.35.3
From jcb62281 at gmail.com Sat Jul 15 04:38:07 2023
From: jcb62281 at gmail.com (Jacob Bachmeyer)
Date: Fri, 14 Jul 2023 21:38:07 -0500
Subject: [PATCH libgcrypt] configure: fix minor typo in warning message
In-Reply-To: <202307140918.27250.bernhard@intevation.de>
References: <202307131742.14575.bernhard@intevation.de>
<87sf9rp71c.fsf@akagi.fsij.org> <202307140918.27250.bernhard@intevation.de>
Message-ID: <64B2068F.3060003@gmail.com>
Bernhard Reiter wrote:
> Am Freitag 14 Juli 2023 04:21:19 schrieb NIIBE Yutaka:
>
> [...]
>> BTW, with Clang 16, it works well (no alignment issue) for me.
>> I wonder if it's newer Clang.
>>
>
> It was a discussion of gnupg-devel, where somebody saw this warning.
> Is this a spurious warning, if it works?
The problem is that the most common architectures right now (x86) do not
enforce alignment, although they do perform better with aligned data.
If that issue is not policed, code could slip in that will work until
someone builds on a less-common RISC architecture that /does/ enforce
alignment, then they get a program that crashes with SIGBUS.
In short, it is a portability issue.
-- Jacob
From jernej.jakob at gmail.com Mon Jul 17 17:17:49 2023
From: jernej.jakob at gmail.com (Jernej Jakob)
Date: Mon, 17 Jul 2023 15:17:49 -0000
Subject: DCO
Message-ID: <20230628155639.14869c41@gentoo.home>
GnuPG Developer's Certificate of Origin. Version 1.0
=====================================================
By making a contribution to the GnuPG project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the free software license
indicated in the file; or
(b) The contribution is based upon previous work that, to the
best of my knowledge, is covered under an appropriate free
software license and I have the right under that license to
submit that work with modifications, whether created in whole
or in part by me, under the same free software license
(unless I am permitted to submit under a different license),
as indicated in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including
all personal information I submit with it, including my
sign-off) is maintained indefinitely and may be redistributed
consistent with this project or the free software license(s)
involved.
Signed-off-by: Jernej Jakob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL:
From jernej.jakob at gmail.com Sun Jul 16 07:19:03 2023
From: jernej.jakob at gmail.com (Jernej Jakob)
Date: Sun, 16 Jul 2023 07:19:03 +0200
Subject: [PATCH scute] doc: yat2m-stamp should depend on version.texi
Message-ID: <20230716071903.2594c8cf@gentoo.home>
doc: yat2m-stamp should depend on version.texi
* doc/Makefile.am (yat2m-stamp): depend on version.texi
--
Fixes "yat2m: can't open include file './version.texi': No such
file or directory"
https://lists.gnupg.org/pipermail/gnupg-devel/2018-April/033612.html
See-commit: 8ef76d9373db16f1ca176f9c87c8dac2758c8b85
Signed-off-by: Jernej Jakob
---
doc/Makefile.am | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/doc/Makefile.am b/doc/Makefile.am
index 42dfdd0..ed7c194 100644
--- a/doc/Makefile.am
+++ b/doc/Makefile.am
@@ -50,7 +50,7 @@ myman_pages = scute.7
man_MANS = $(myman_pages)
-yat2m-stamp: $(myman_sources)
+yat2m-stamp: $(myman_sources) $(srcdir)/version.texi
@rm -f yat2m-stamp.tmp
@touch yat2m-stamp.tmp
for file in $(myman_sources) ; do \
--
2.39.3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL:
From bernhard at intevation.de Wed Jul 19 16:56:55 2023
From: bernhard at intevation.de (Bernhard Reiter)
Date: Wed, 19 Jul 2023 16:56:55 +0200
Subject: [PATCH libgcrypt] configure: fix minor typo in warning message
In-Reply-To: <64B2068F.3060003@gmail.com>
References: <202307131742.14575.bernhard@intevation.de>
<202307140918.27250.bernhard@intevation.de> <64B2068F.3060003@gmail.com>
Message-ID: <202307191657.15660.bernhard@intevation.de>
Am Samstag 15 Juli 2023 04:38:07 schrieb Jacob Bachmeyer via Gnupg-devel:
> code could slip in that will work until
> someone builds on a less-common RISC architecture that /does/ enforce
> alignment, then they get a program that crashes with SIGBUS.
But shouldn't a configure test during build time on on of these platforms
find out, if there is a problem? And only warn if it is.
--
https://intevation.de/~bernhard ? +49 541 33 508 3-3
Intevation GmbH, Osnabr?ck, DE; Amtsgericht Osnabr?ck, HRB 18998
Gesch?ftsf?hrer Frank Koormann, Bernhard Reiter
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: This is a digitally signed message part.
URL:
From James.Bottomley at HansenPartnership.com Sat Jul 22 14:24:03 2023
From: James.Bottomley at HansenPartnership.com (James Bottomley)
Date: Sat, 22 Jul 2023 08:24:03 -0400
Subject: Problems with Elliptic Curve Key Importing
Message-ID: <92eee48ef7fd81b1566b0949e2554f5473a2262b.camel@HansenPartnership.com>
There are times when you need to import external keys into gpg so you
can attach them to your public key. The most common case is ssh
authentication keys. The traditional way to do this is with the pkcs12
importer and then use the addkey expert command to bind it to your
public key. However, this seems to fail when you try to import an
Elliptic Curve key. The reason seems to be that gnupg doesn't have a
single type for EC keys, it has multiple types:
PUBKEY_ALGO_ECDH, PUBKEY_ALGO_ECDSA, PUBKEY_ALGO_EDDSA
whereas libgcrypt has a single key type: GCRY_PK_ECC
What happens is that gnupg maps GCRY_PK_ECC to PUBKEY_ALGO_ECDH, which
means an imported EC ssh key can only be used for encryption (not
authentication or signing). There is special code in the card handling
to fix this (g10/keygen.c for the cardkey case), but it doesn't work
for the type 13 keygrip case. There also seems to be special code in
ask_algo() for this, but it doesn't work because current is zero for
keys added by grip. The way I solved this to import my key is
attached, but I'm not sure it's the right solution.
James
---
From: James Bottomley
Subject: [PATCH] g10: allow ECC added keys for authentication and signing
Signed-off-by: James Bottomley
---
common/sexputil.c | 18 ++++++++++++++++--
g10/keygen.c | 9 ++++++++-
2 files changed, 24 insertions(+), 3 deletions(-)
diff --git a/common/sexputil.c b/common/sexputil.c
index c7471be85..ecee217db 100644
--- a/common/sexputil.c
+++ b/common/sexputil.c
@@ -1048,12 +1048,26 @@ int
get_pk_algo_from_canon_sexp (const unsigned char *keydata, size_t keydatalen)
{
gcry_sexp_t sexp;
- int algo;
+ enum gcry_pk_algos algo;
+ char *algostr;
if (gcry_sexp_sscan (&sexp, NULL, keydata, keydatalen))
return 0;
- algo = get_pk_algo_from_key (sexp);
+ algostr = pubkey_algo_string (sexp, &algo);
+ if (algo == GCRY_PK_ECC)
+ {
+ if (!strcmp (algostr, "ed25519"))
+ algo = PUBKEY_ALGO_EDDSA;
+ else if (!strcmp (algostr, "ed448"))
+ algo = PUBKEY_ALGO_EDDSA;
+ else if (!strcmp (algostr, "cv25519"))
+ algo = PUBKEY_ALGO_ECDH;
+ else if (!strcmp (algostr, "cv448"))
+ algo = PUBKEY_ALGO_ECDH;
+ /* cannot determine other ECC keys without knowing usage */
+ }
+ xfree (algostr);
gcry_sexp_release (sexp);
return algo;
}
diff --git a/g10/keygen.c b/g10/keygen.c
index 1605bff89..145218b62 100644
--- a/g10/keygen.c
+++ b/g10/keygen.c
@@ -2257,7 +2257,14 @@ ask_algo (ctrl_t ctrl, int addmode, int *r_subkey_algo, unsigned int *r_usage,
xfree (keygrip);
keygrip = answer;
answer = NULL;
- *r_usage = ask_key_flags (algo, addmode, 0);
+ if (algo == GCRY_PK_ECC)
+ {
+ *r_usage = ask_key_flags (algo, addmode, ~0);
+ if (*r_usage & (PUBKEY_USAGE_SIG | PUBKEY_USAGE_AUTH))
+ algo = PUBKEY_ALGO_ECDSA;
+ }
+ else
+ *r_usage = ask_key_flags (algo, addmode, 0);
break;
}
else if ((algo == 14 || !strcmp (answer, "cardkey")) && r_keygrip)
--
2.35.3
From carl.schwan at gnupg.com Tue Jul 25 17:40:58 2023
From: carl.schwan at gnupg.com (Carl Schwan)
Date: Tue, 25 Jul 2023 17:40:58 +0200
Subject: [PATCH gpgme] cpp: Expose gpgme_decrypt_result_t.is_mime through cpp
API
Message-ID: <20230725154058.257400-1-carl.schwan@gnupg.com>
* lang/cpp/src/descriptionresult.cpp (DescriptionResult::isMime): New.
* lang/cpp/src/descriptionresult.h: Update accordingly.
* NEWS: Mention this.
--
This exposes the is_mime metadata from a decryption result to users
of the C++ library.
Signed-off-by: Carl Schwan
---
lang/cpp/src/decryptionresult.cpp | 5 +++++
lang/cpp/src/decryptionresult.h | 1 +
2 files changed, 6 insertions(+)
diff --git a/lang/cpp/src/decryptionresult.cpp b/lang/cpp/src/decryptionresult.cpp
index f78cf1d3..ad1d1cb6 100644
--- a/lang/cpp/src/decryptionresult.cpp
+++ b/lang/cpp/src/decryptionresult.cpp
@@ -122,6 +122,11 @@ bool GpgME::DecryptionResult::isDeVs() const
return d && d->res.is_de_vs;
}
+bool GpgME::DecryptionResult::isMime() const
+{
+ return d && d->res.is_mime;
+}
+
const char *GpgME::DecryptionResult::fileName() const
{
return d ? d->res.file_name : nullptr ;
diff --git a/lang/cpp/src/decryptionresult.h b/lang/cpp/src/decryptionresult.h
index 84026d39..316d0413 100644
--- a/lang/cpp/src/decryptionresult.h
+++ b/lang/cpp/src/decryptionresult.h
@@ -75,6 +75,7 @@ public:
}
bool isWrongKeyUsage() const;
bool isDeVs() const;
+ bool isMime() const;
const char *fileName() const;
--
2.41.0
From gniibe at fsij.org Wed Jul 26 04:05:40 2023
From: gniibe at fsij.org (NIIBE Yutaka)
Date: Wed, 26 Jul 2023 11:05:40 +0900
Subject: [PATCH scute] doc: yat2m-stamp should depend on version.texi
In-Reply-To: <20230716071903.2594c8cf@gentoo.home>
References: <20230716071903.2594c8cf@gentoo.home>
Message-ID: <87lef3pguj.fsf@akagi.fsij.org>
Hello,
Jernej Jakob wrote:
> doc: yat2m-stamp should depend on version.texi
Thank you. Applied.
--
From carl.schwan at gnupg.com Fri Jul 28 10:16:02 2023
From: carl.schwan at gnupg.com (Carl Schwan)
Date: Fri, 28 Jul 2023 10:16:02 +0200
Subject: [PATCH gpgme] qt: Add setInputEncoding to QGpgMe::EncryptJob
Message-ID: <20230728081602.1126820-1-carl.schwan@gnupg.com>
* lang/qt/src/encryptjob.h, lang/qt/src/qgpgmeencryptjob.cpp,
lang/qt/src/qgpgmeencryptjob.h: Add setInputEncoding to EncryptJob
--
This allows applications like KMail to set the input encoding of the
encrypted content, which simplify and improve the performance of
identify the content type then decrypting it.
GnuPG-bug-id: 6616
Signed-off-by: Carl Schwan
---
lang/qt/src/encryptjob.h | 4 ++++
lang/qt/src/qgpgmeencryptjob.cpp | 20 +++++++++++++++-----
lang/qt/src/qgpgmeencryptjob.h | 5 +++++
3 files changed, 24 insertions(+), 5 deletions(-)
diff --git a/lang/qt/src/encryptjob.h b/lang/qt/src/encryptjob.h
index 8135053e..7d4b3049 100644
--- a/lang/qt/src/encryptjob.h
+++ b/lang/qt/src/encryptjob.h
@@ -38,6 +38,7 @@
#define __KLEO_ENCRYPTJOB_H__
#include "job.h"
+#include "data.h"
#include
#include
@@ -119,6 +120,9 @@ public:
*/
virtual void setOutputIsBase64Encoded(bool) = 0;
+ /** Set the input encoding */
+ virtual void setInputEncoding(GpgME::Data::Encoding) = 0;
+
/** Like start but with an additional argument for EncryptionFlags for
* more flexibility. */
virtual void start(const std::vector &recipients,
diff --git a/lang/qt/src/qgpgmeencryptjob.cpp b/lang/qt/src/qgpgmeencryptjob.cpp
index 5ea6162c..cf43d7cb 100644
--- a/lang/qt/src/qgpgmeencryptjob.cpp
+++ b/lang/qt/src/qgpgmeencryptjob.cpp
@@ -88,7 +88,8 @@ private:
QGpgMEEncryptJob::QGpgMEEncryptJob(Context *context)
: mixin_type(context),
- mOutputIsBase64Encoded(false)
+ mOutputIsBase64Encoded(false),
+ mInputEncoding(Data::Encoding::AutoEncoding)
{
setJobPrivate(this, std::unique_ptr{new QGpgMEEncryptJobPrivate{this}});
lateInitialization();
@@ -101,12 +102,18 @@ void QGpgMEEncryptJob::setOutputIsBase64Encoded(bool on)
mOutputIsBase64Encoded = on;
}
+void QGpgMEEncryptJob::setInputEncoding(Data::Encoding encoding)
+{
+ mInputEncoding = encoding;
+}
+
static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
const std::vector &recipients,
const std::weak_ptr &plainText_,
const std::weak_ptr &cipherText_,
const Context::EncryptionFlags eflags,
bool outputIsBsse64Encoded,
+ Data::Encoding inputEncoding,
const QString &fileName)
{
@@ -118,6 +125,8 @@ static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
QGpgME::QIODeviceDataProvider in(plainText);
Data indata(&in);
+ indata.setEncoding(inputEncoding);
+
if (!plainText->isSequential()) {
indata.setSizeHint(plainText->size());
}
@@ -155,20 +164,20 @@ static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
}
-static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx, const std::vector &recipients, const QByteArray &plainText, const Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, const QString &fileName)
+static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx, const std::vector &recipients, const QByteArray &plainText, const Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, Data::Encoding inputEncoding, const QString &fileName)
{
const std::shared_ptr buffer(new QBuffer);
buffer->setData(plainText);
if (!buffer->open(QIODevice::ReadOnly)) {
assert(!"This should never happen: QBuffer::open() failed");
}
- return encrypt(ctx, nullptr, recipients, buffer, std::shared_ptr(), eflags, outputIsBsse64Encoded, fileName);
+ return encrypt(ctx, nullptr, recipients, buffer, std::shared_ptr(), eflags, outputIsBsse64Encoded, inputEncoding, fileName);
}
Error QGpgMEEncryptJob::start(const std::vector &recipients, const QByteArray &plainText, bool alwaysTrust)
{
run(std::bind(&encrypt_qba, std::placeholders::_1, recipients, plainText,
- alwaysTrust ? Context::AlwaysTrust : Context::None, mOutputIsBase64Encoded, fileName()));
+ alwaysTrust ? Context::AlwaysTrust : Context::None, mOutputIsBase64Encoded, mInputEncoding, fileName()));
return Error();
}
@@ -181,6 +190,7 @@ void QGpgMEEncryptJob::start(const std::vector &recipients, const std::shar
std::placeholders::_3, std::placeholders::_4,
eflags,
mOutputIsBase64Encoded,
+ mInputEncoding,
fileName()),
plainText, cipherText);
}
@@ -188,7 +198,7 @@ void QGpgMEEncryptJob::start(const std::vector &recipients, const std::shar
EncryptionResult QGpgMEEncryptJob::exec(const std::vector &recipients, const QByteArray &plainText,
const Context::EncryptionFlags eflags, QByteArray &cipherText)
{
- const result_type r = encrypt_qba(context(), recipients, plainText, eflags, mOutputIsBase64Encoded, fileName());
+ const result_type r = encrypt_qba(context(), recipients, plainText, eflags, mOutputIsBase64Encoded, mInputEncoding, fileName());
cipherText = std::get<1>(r);
resultHook(r);
return mResult;
diff --git a/lang/qt/src/qgpgmeencryptjob.h b/lang/qt/src/qgpgmeencryptjob.h
index 07b05f8f..a32b70cf 100644
--- a/lang/qt/src/qgpgmeencryptjob.h
+++ b/lang/qt/src/qgpgmeencryptjob.h
@@ -38,6 +38,7 @@
#include "encryptjob.h"
#include "threadedjobmixin.h"
+#include "data.h"
#ifdef BUILDING_QGPGME
# include "encryptionresult.h"
@@ -97,11 +98,15 @@ public:
/* from EncryptJob */
void setOutputIsBase64Encoded(bool on) override;
+ /* from EncryptJob */
+ void setInputEncoding(GpgME::Data::Encoding encoding) override;
+
/* from ThreadedJobMixin */
void resultHook(const result_type &r) override;
private:
bool mOutputIsBase64Encoded;
+ GpgME::Data::Encoding mInputEncoding;
GpgME::EncryptionResult mResult;
};
--
2.41.0
From kloecker at kde.org Fri Jul 28 10:38:57 2023
From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=)
Date: Fri, 28 Jul 2023 10:38:57 +0200
Subject: [PATCH gpgme] qt: Add setInputEncoding to QGpgMe::EncryptJob
In-Reply-To: <20230728081602.1126820-1-carl.schwan@gnupg.com>
References: <20230728081602.1126820-1-carl.schwan@gnupg.com>
Message-ID: <3252101.44csPzL39Z@daneel>
Compared to reviews on GitLab this is really painful.
On Freitag, 28. Juli 2023 10:16:02 CEST Carl Schwan via Gnupg-devel wrote:
> * lang/qt/src/encryptjob.h, lang/qt/src/qgpgmeencryptjob.cpp,
> lang/qt/src/qgpgmeencryptjob.h: Add setInputEncoding to EncryptJob
> --
>
> This allows applications like KMail to set the input encoding of the
> encrypted content, which simplify and improve the performance of
> identify the content type then decrypting it.
>
> GnuPG-bug-id: 6616
> Signed-off-by: Carl Schwan
> ---
> lang/qt/src/encryptjob.h | 4 ++++
> lang/qt/src/qgpgmeencryptjob.cpp | 20 +++++++++++++++-----
> lang/qt/src/qgpgmeencryptjob.h | 5 +++++
> 3 files changed, 24 insertions(+), 5 deletions(-)
>
> diff --git a/lang/qt/src/encryptjob.h b/lang/qt/src/encryptjob.h
> index 8135053e..7d4b3049 100644
> --- a/lang/qt/src/encryptjob.h
> +++ b/lang/qt/src/encryptjob.h
> @@ -38,6 +38,7 @@
> #define __KLEO_ENCRYPTJOB_H__
>
> #include "job.h"
> +#include "data.h"
>
> #include
> #include
> @@ -119,6 +120,9 @@ public:
> */
> virtual void setOutputIsBase64Encoded(bool) = 0;
>
> + /** Set the input encoding */
> + virtual void setInputEncoding(GpgME::Data::Encoding) = 0;
> +
Usually, adding virtuals before other virtuals will cause crashes. I did this
in a past GpgME release and we had to do a patch release to fix this. I'm
not sure whether adding a pure virtual is okay because it doesn't change
the vtable of the public EncryptJob. I use abidiff to check that I didn't
break ABI. Using a non-virtual setter as setFileName() would save us any
worrying about ABI breakage.
> /** Like start but with an additional argument for EncryptionFlags for
> * more flexibility. */
> virtual void start(const std::vector &recipients,
> diff --git a/lang/qt/src/qgpgmeencryptjob.cpp
> b/lang/qt/src/qgpgmeencryptjob.cpp index 5ea6162c..cf43d7cb 100644
> --- a/lang/qt/src/qgpgmeencryptjob.cpp
> +++ b/lang/qt/src/qgpgmeencryptjob.cpp
> @@ -88,7 +88,8 @@ private:
>
> QGpgMEEncryptJob::QGpgMEEncryptJob(Context *context)
>
> : mixin_type(context),
>
> - mOutputIsBase64Encoded(false)
> + mOutputIsBase64Encoded(false),
> + mInputEncoding(Data::Encoding::AutoEncoding)
> {
> setJobPrivate(this, std::unique_ptr{new
> QGpgMEEncryptJobPrivate{this}}); lateInitialization();
> @@ -101,12 +102,18 @@ void QGpgMEEncryptJob::setOutputIsBase64Encoded(bool
> on) mOutputIsBase64Encoded = on;
> }
>
> +void QGpgMEEncryptJob::setInputEncoding(Data::Encoding encoding)
> +{
> + mInputEncoding = encoding;
> +}
> +
> static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
> const std::vector &recipients,
> const std::weak_ptr &plainText_,
> const std::weak_ptr &cipherText_,
> const Context::EncryptionFlags eflags,
> bool outputIsBsse64Encoded,
> + Data::Encoding inputEncoding,
> const QString &fileName)
> {
>
> @@ -118,6 +125,8 @@ static QGpgMEEncryptJob::result_type encrypt(Context
> *ctx, QThread *thread,
>
> QGpgME::QIODeviceDataProvider in(plainText);
> Data indata(&in);
> + indata.setEncoding(inputEncoding);
> +
> if (!plainText->isSequential()) {
> indata.setSizeHint(plainText->size());
> }
> @@ -155,20 +164,20 @@ static QGpgMEEncryptJob::result_type encrypt(Context
> *ctx, QThread *thread,
>
> }
>
> -static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx, const
> std::vector &recipients, const QByteArray &plainText, const
> Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, const QString
> &fileName) +static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx,
> const std::vector &recipients, const QByteArray &plainText, const
> Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, Data::Encoding
> inputEncoding, const QString &fileName) {
> const std::shared_ptr buffer(new QBuffer);
> buffer->setData(plainText);
> if (!buffer->open(QIODevice::ReadOnly)) {
> assert(!"This should never happen: QBuffer::open() failed");
> }
> - return encrypt(ctx, nullptr, recipients, buffer,
> std::shared_ptr(), eflags, outputIsBsse64Encoded, fileName); +
> return encrypt(ctx, nullptr, recipients, buffer,
> std::shared_ptr(), eflags, outputIsBsse64Encoded, inputEncoding,
> fileName); }
>
> Error QGpgMEEncryptJob::start(const std::vector &recipients, const
> QByteArray &plainText, bool alwaysTrust) {
> run(std::bind(&encrypt_qba, std::placeholders::_1, recipients,
> plainText, - alwaysTrust ? Context::AlwaysTrust :
> Context::None, mOutputIsBase64Encoded, fileName())); +
> alwaysTrust ? Context::AlwaysTrust : Context::None, mOutputIsBase64Encoded,
> mInputEncoding, fileName())); return Error();
> }
>
> @@ -181,6 +190,7 @@ void QGpgMEEncryptJob::start(const std::vector
> &recipients, const std::shar std::placeholders::_3, std::placeholders::_4,
> eflags,
> mOutputIsBase64Encoded,
> + mInputEncoding,
> fileName()),
> plainText, cipherText);
> }
> @@ -188,7 +198,7 @@ void QGpgMEEncryptJob::start(const std::vector
> &recipients, const std::shar EncryptionResult QGpgMEEncryptJob::exec(const
> std::vector &recipients, const QByteArray &plainText, const
> Context::EncryptionFlags eflags, QByteArray &cipherText) {
> - const result_type r = encrypt_qba(context(), recipients, plainText,
> eflags, mOutputIsBase64Encoded, fileName()); + const result_type r =
> encrypt_qba(context(), recipients, plainText, eflags,
> mOutputIsBase64Encoded, mInputEncoding, fileName()); cipherText =
> std::get<1>(r);
> resultHook(r);
> return mResult;
> diff --git a/lang/qt/src/qgpgmeencryptjob.h b/lang/qt/src/qgpgmeencryptjob.h
> index 07b05f8f..a32b70cf 100644
> --- a/lang/qt/src/qgpgmeencryptjob.h
> +++ b/lang/qt/src/qgpgmeencryptjob.h
> @@ -38,6 +38,7 @@
> #include "encryptjob.h"
>
> #include "threadedjobmixin.h"
> +#include "data.h"
>
> #ifdef BUILDING_QGPGME
> # include "encryptionresult.h"
> @@ -97,11 +98,15 @@ public:
> /* from EncryptJob */
> void setOutputIsBase64Encoded(bool on) override;
>
> + /* from EncryptJob */
> + void setInputEncoding(GpgME::Data::Encoding encoding) override;
> +
> /* from ThreadedJobMixin */
> void resultHook(const result_type &r) override;
>
> private:
> bool mOutputIsBase64Encoded;
> + GpgME::Data::Encoding mInputEncoding;
> GpgME::EncryptionResult mResult;
> };
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL:
From carl.schwan at gnupg.com Fri Jul 28 13:52:24 2023
From: carl.schwan at gnupg.com (Carl Schwan)
Date: Fri, 28 Jul 2023 13:52:24 +0200
Subject: [PATCH gpgme v2] qt: Add setInputEncoding to QGpgMe::EncryptJob
In-Reply-To: <3252101.44csPzL39Z@daneel>
References: <3252101.44csPzL39Z@daneel>
Message-ID: <20230728115224.1278029-1-carl.schwan@gnupg.com>
* lang/qt/src/encryptjob.cpp, lang/qt/src/encryptjob.h,
lang/qt/src/encryptjob_p.h: Add inputEncoding/setInputEncoding
to EncryptJob
* lang/qt/src/qgpgmeencryptjob.cpp: Use newly added inputEncoding
to set encoding hint of the encrypted content
--
This allows applications like KMail to set the input encoding of the
encrypted content, which simplify and improve the performance of
identify the content type then decrypting it.
GnuPG-bug-id: 6616
Signed-off-by: Carl Schwan
---
lang/qt/src/encryptjob.cpp | 12 ++++++++++++
lang/qt/src/encryptjob.h | 4 ++++
lang/qt/src/encryptjob_p.h | 2 ++
lang/qt/src/qgpgmeencryptjob.cpp | 12 ++++++++----
4 files changed, 26 insertions(+), 4 deletions(-)
diff --git a/lang/qt/src/encryptjob.cpp b/lang/qt/src/encryptjob.cpp
index 7b9f0f2b..48a0e24e 100644
--- a/lang/qt/src/encryptjob.cpp
+++ b/lang/qt/src/encryptjob.cpp
@@ -51,3 +51,15 @@ QString EncryptJob::fileName() const
auto d = jobPrivate(this);
return d->m_fileName;
}
+
+void EncryptJob::setInputEncoding(GpgME::Data::Encoding inputEncoding)
+{
+ auto d = jobPrivate(this);
+ d->m_inputEncoding = inputEncoding;
+}
+
+GpgME::Data::Encoding EncryptJob::inputEncoding() const
+{
+ auto d = jobPrivate(this);
+ return d->m_inputEncoding;
+}
diff --git a/lang/qt/src/encryptjob.h b/lang/qt/src/encryptjob.h
index 8135053e..ac3664fa 100644
--- a/lang/qt/src/encryptjob.h
+++ b/lang/qt/src/encryptjob.h
@@ -38,6 +38,7 @@
#define __KLEO_ENCRYPTJOB_H__
#include "job.h"
+#include "data.h"
#include
#include
@@ -85,6 +86,9 @@ public:
void setFileName(const QString &fileName);
QString fileName() const;
+ void setInputEncoding(GpgME::Data::Encoding);
+ GpgME::Data::Encoding inputEncoding() const;
+
/**
Starts the encryption operation. \a recipients is the a list of
keys to encrypt \a plainText to. Empty (null) keys are
diff --git a/lang/qt/src/encryptjob_p.h b/lang/qt/src/encryptjob_p.h
index 4a93f5b3..9bb9e952 100644
--- a/lang/qt/src/encryptjob_p.h
+++ b/lang/qt/src/encryptjob_p.h
@@ -35,6 +35,7 @@
#define __QGPGME_ENCRYPTJOB_P_H__
#include "job_p.h"
+#include "data.h"
namespace QGpgME
{
@@ -42,6 +43,7 @@ namespace QGpgME
struct EncryptJobPrivate : public JobPrivate
{
QString m_fileName;
+ GpgME::Data::Encoding m_inputEncoding;
};
}
diff --git a/lang/qt/src/qgpgmeencryptjob.cpp b/lang/qt/src/qgpgmeencryptjob.cpp
index 5ea6162c..cfb8d4ac 100644
--- a/lang/qt/src/qgpgmeencryptjob.cpp
+++ b/lang/qt/src/qgpgmeencryptjob.cpp
@@ -107,6 +107,7 @@ static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
const std::weak_ptr &cipherText_,
const Context::EncryptionFlags eflags,
bool outputIsBsse64Encoded,
+ Data::Encoding inputEncoding,
const QString &fileName)
{
@@ -118,6 +119,8 @@ static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
QGpgME::QIODeviceDataProvider in(plainText);
Data indata(&in);
+ indata.setEncoding(inputEncoding);
+
if (!plainText->isSequential()) {
indata.setSizeHint(plainText->size());
}
@@ -155,20 +158,20 @@ static QGpgMEEncryptJob::result_type encrypt(Context *ctx, QThread *thread,
}
-static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx, const std::vector &recipients, const QByteArray &plainText, const Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, const QString &fileName)
+static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx, const std::vector &recipients, const QByteArray &plainText, const Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, Data::Encoding inputEncoding, const QString &fileName)
{
const std::shared_ptr buffer(new QBuffer);
buffer->setData(plainText);
if (!buffer->open(QIODevice::ReadOnly)) {
assert(!"This should never happen: QBuffer::open() failed");
}
- return encrypt(ctx, nullptr, recipients, buffer, std::shared_ptr(), eflags, outputIsBsse64Encoded, fileName);
+ return encrypt(ctx, nullptr, recipients, buffer, std::shared_ptr(), eflags, outputIsBsse64Encoded, inputEncoding, fileName);
}
Error QGpgMEEncryptJob::start(const std::vector &recipients, const QByteArray &plainText, bool alwaysTrust)
{
run(std::bind(&encrypt_qba, std::placeholders::_1, recipients, plainText,
- alwaysTrust ? Context::AlwaysTrust : Context::None, mOutputIsBase64Encoded, fileName()));
+ alwaysTrust ? Context::AlwaysTrust : Context::None, mOutputIsBase64Encoded, inputEncoding(), fileName()));
return Error();
}
@@ -181,6 +184,7 @@ void QGpgMEEncryptJob::start(const std::vector &recipients, const std::shar
std::placeholders::_3, std::placeholders::_4,
eflags,
mOutputIsBase64Encoded,
+ inputEncoding(),
fileName()),
plainText, cipherText);
}
@@ -188,7 +192,7 @@ void QGpgMEEncryptJob::start(const std::vector &recipients, const std::shar
EncryptionResult QGpgMEEncryptJob::exec(const std::vector &recipients, const QByteArray &plainText,
const Context::EncryptionFlags eflags, QByteArray &cipherText)
{
- const result_type r = encrypt_qba(context(), recipients, plainText, eflags, mOutputIsBase64Encoded, fileName());
+ const result_type r = encrypt_qba(context(), recipients, plainText, eflags, mOutputIsBase64Encoded, inputEncoding(), fileName());
cipherText = std::get<1>(r);
resultHook(r);
return mResult;
--
2.41.0
From kloecker at kde.org Fri Jul 28 17:44:11 2023
From: kloecker at kde.org (Ingo =?ISO-8859-1?Q?Kl=F6cker?=)
Date: Fri, 28 Jul 2023 17:44:11 +0200
Subject: [PATCH gpgme v2] qt: Add setInputEncoding to QGpgMe::EncryptJob
In-Reply-To: <20230728115224.1278029-1-carl.schwan@gnupg.com>
References: <3252101.44csPzL39Z@daneel>
<20230728115224.1278029-1-carl.schwan@gnupg.com>
Message-ID: <8294369.NyiUUSuA9g@daneel>
Looks good to me.
On Freitag, 28. Juli 2023 13:52:24 CEST Carl Schwan via Gnupg-devel wrote:
> * lang/qt/src/encryptjob.cpp, lang/qt/src/encryptjob.h,
> lang/qt/src/encryptjob_p.h: Add inputEncoding/setInputEncoding
> to EncryptJob
> * lang/qt/src/qgpgmeencryptjob.cpp: Use newly added inputEncoding
> to set encoding hint of the encrypted content
> --
>
> This allows applications like KMail to set the input encoding of the
> encrypted content, which simplify and improve the performance of
> identify the content type then decrypting it.
>
> GnuPG-bug-id: 6616
> Signed-off-by: Carl Schwan
> ---
> lang/qt/src/encryptjob.cpp | 12 ++++++++++++
> lang/qt/src/encryptjob.h | 4 ++++
> lang/qt/src/encryptjob_p.h | 2 ++
> lang/qt/src/qgpgmeencryptjob.cpp | 12 ++++++++----
> 4 files changed, 26 insertions(+), 4 deletions(-)
>
> diff --git a/lang/qt/src/encryptjob.cpp b/lang/qt/src/encryptjob.cpp
> index 7b9f0f2b..48a0e24e 100644
> --- a/lang/qt/src/encryptjob.cpp
> +++ b/lang/qt/src/encryptjob.cpp
> @@ -51,3 +51,15 @@ QString EncryptJob::fileName() const
> auto d = jobPrivate(this);
> return d->m_fileName;
> }
> +
> +void EncryptJob::setInputEncoding(GpgME::Data::Encoding inputEncoding)
> +{
> + auto d = jobPrivate(this);
> + d->m_inputEncoding = inputEncoding;
> +}
> +
> +GpgME::Data::Encoding EncryptJob::inputEncoding() const
> +{
> + auto d = jobPrivate(this);
> + return d->m_inputEncoding;
> +}
> diff --git a/lang/qt/src/encryptjob.h b/lang/qt/src/encryptjob.h
> index 8135053e..ac3664fa 100644
> --- a/lang/qt/src/encryptjob.h
> +++ b/lang/qt/src/encryptjob.h
> @@ -38,6 +38,7 @@
> #define __KLEO_ENCRYPTJOB_H__
>
> #include "job.h"
> +#include "data.h"
>
> #include
> #include
> @@ -85,6 +86,9 @@ public:
> void setFileName(const QString &fileName);
> QString fileName() const;
>
> + void setInputEncoding(GpgME::Data::Encoding);
> + GpgME::Data::Encoding inputEncoding() const;
> +
> /**
> Starts the encryption operation. \a recipients is the a list of
> keys to encrypt \a plainText to. Empty (null) keys are
> diff --git a/lang/qt/src/encryptjob_p.h b/lang/qt/src/encryptjob_p.h
> index 4a93f5b3..9bb9e952 100644
> --- a/lang/qt/src/encryptjob_p.h
> +++ b/lang/qt/src/encryptjob_p.h
> @@ -35,6 +35,7 @@
> #define __QGPGME_ENCRYPTJOB_P_H__
>
> #include "job_p.h"
> +#include "data.h"
>
> namespace QGpgME
> {
> @@ -42,6 +43,7 @@ namespace QGpgME
> struct EncryptJobPrivate : public JobPrivate
> {
> QString m_fileName;
> + GpgME::Data::Encoding m_inputEncoding;
> };
>
> }
> diff --git a/lang/qt/src/qgpgmeencryptjob.cpp
> b/lang/qt/src/qgpgmeencryptjob.cpp index 5ea6162c..cfb8d4ac 100644
> --- a/lang/qt/src/qgpgmeencryptjob.cpp
> +++ b/lang/qt/src/qgpgmeencryptjob.cpp
> @@ -107,6 +107,7 @@ static QGpgMEEncryptJob::result_type encrypt(Context
> *ctx, QThread *thread, const std::weak_ptr &cipherText_,
> const Context::EncryptionFlags eflags,
> bool outputIsBsse64Encoded,
> + Data::Encoding inputEncoding,
> const QString &fileName)
> {
>
> @@ -118,6 +119,8 @@ static QGpgMEEncryptJob::result_type encrypt(Context
> *ctx, QThread *thread,
>
> QGpgME::QIODeviceDataProvider in(plainText);
> Data indata(&in);
> + indata.setEncoding(inputEncoding);
> +
> if (!plainText->isSequential()) {
> indata.setSizeHint(plainText->size());
> }
> @@ -155,20 +158,20 @@ static QGpgMEEncryptJob::result_type encrypt(Context
> *ctx, QThread *thread,
>
> }
>
> -static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx, const
> std::vector &recipients, const QByteArray &plainText, const
> Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, const QString
> &fileName) +static QGpgMEEncryptJob::result_type encrypt_qba(Context *ctx,
> const std::vector &recipients, const QByteArray &plainText, const
> Context::EncryptionFlags eflags, bool outputIsBsse64Encoded, Data::Encoding
> inputEncoding, const QString &fileName) {
> const std::shared_ptr buffer(new QBuffer);
> buffer->setData(plainText);
> if (!buffer->open(QIODevice::ReadOnly)) {
> assert(!"This should never happen: QBuffer::open() failed");
> }
> - return encrypt(ctx, nullptr, recipients, buffer,
> std::shared_ptr(), eflags, outputIsBsse64Encoded, fileName); +
> return encrypt(ctx, nullptr, recipients, buffer,
> std::shared_ptr(), eflags, outputIsBsse64Encoded, inputEncoding,
> fileName); }
>
> Error QGpgMEEncryptJob::start(const std::vector &recipients, const
> QByteArray &plainText, bool alwaysTrust) {
> run(std::bind(&encrypt_qba, std::placeholders::_1, recipients,
> plainText, - alwaysTrust ? Context::AlwaysTrust :
> Context::None, mOutputIsBase64Encoded, fileName())); +
> alwaysTrust ? Context::AlwaysTrust : Context::None, mOutputIsBase64Encoded,
> inputEncoding(), fileName())); return Error();
> }
>
> @@ -181,6 +184,7 @@ void QGpgMEEncryptJob::start(const std::vector
> &recipients, const std::shar std::placeholders::_3, std::placeholders::_4,
> eflags,
> mOutputIsBase64Encoded,
> + inputEncoding(),
> fileName()),
> plainText, cipherText);
> }
> @@ -188,7 +192,7 @@ void QGpgMEEncryptJob::start(const std::vector
> &recipients, const std::shar EncryptionResult QGpgMEEncryptJob::exec(const
> std::vector &recipients, const QByteArray &plainText, const
> Context::EncryptionFlags eflags, QByteArray &cipherText) {
> - const result_type r = encrypt_qba(context(), recipients, plainText,
> eflags, mOutputIsBase64Encoded, fileName()); + const result_type r =
> encrypt_qba(context(), recipients, plainText, eflags,
> mOutputIsBase64Encoded, inputEncoding(), fileName()); cipherText =
> std::get<1>(r);
> resultHook(r);
> return mResult;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: This is a digitally signed message part.
URL: