| Commit message (Collapse) | Author | Age |
| |
|
|
|
|
|
|
| |
When the key is known or just the signature is invalid gpgme raises
'BadSignatures'. Up to now we were not acknoledging it when using
session-keys, making impossible to open emails without the signing key.
|
|
|
|
|
|
|
|
|
|
| |
notmuch caches the OpenPGP session keys if configured to do so. See
index.decrypt on:
https://notmuchmail.org/manpages/notmuch-config-1/
Using the cached session key decryption of messages can be done without
the need of having the private OpenPGP key. There is some speed up on
decryption, mostly notable on long encrypted threads.
|
|
|
|
| |
They are not needed for python >= 3.0.
|
| |
|
|\ |
|
| |\
| | |
| | | |
crypto: Handle message that is encrypted, but the signature is invalid
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
One case of this would be not having the public key of the signer. If
the verification of the signatures fails, then use the signatures from
the error, and try to redecrypt without verification.
I have no tests yet, and this probably deserves tests.
Fixes #1157
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The crypto code shouldn't use unicode strings, it should use byte
strings. The problem with using unicode strings (and doing the
conversion internally), is that the crypto code doesn't know what the
encoding should be. We can guess but it's better to just do bytes in
bytes out, and let the calling code deal with encoding and decoding.
|
|/ /
| |
| |
| |
| |
| | |
This makes me a little nervous. I wonder if we're better off leaving the
bits that gpg works with as bytes while gpg is working with them and do
the string transformation later.
|
| |
| |
| |
| | |
It seems not to be to handle error messages of different locale than en
|
|/
|
|
|
| |
This will result in wrong behavior, gpg will prompt for a password
rather than using keys to encrypt.
|
|
|
|
|
| |
This mostly shortens lines down to <=79 chars and fixes some other small
things I found using the pep8 tool.
|
| |
|
|
|
|
|
|
|
|
|
| |
list_keys won't raise an exception if there are not keys, it will return
a generator that creates an empty list:
>>> from alot import crypto
>>> list(crypto.list_keys('doesntexist@example.com'))
[]
|
|
|
|
|
|
| |
In python3 Exception doesn't have a message attribute, the only way to
get the string output is to call str() on the Exception. This also works
in python 2.7, so go ahead and make that change.
|
|
|
|
|
|
| |
This function is always passed a key to sign with, and not passing one
leads to the first available signing key in the keyring being selected
otherwise, which is problematic if one has two signing keys.
|
|
|
|
|
|
|
|
|
|
| |
This is a missed difference between pygpgme and gpg, gpg signs by
default when encrypting with an attached signature. Since this isn't
being toggled it's bad, it's a kind of information leak, and increases
the size of the mail for no reason.
NOTE: This is the kind of signature proposed by RFC 2440, which we're
missing tests for.
|
|
|
|
|
| |
This splits the loop into a closure and a call to any, which makes it a
little bit easier to read and understand.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This converts from the now abandoned pygpgme project for wrapping gpgme,
to the upstream gpgme python bindings (which are descended from the pyme
project, before they became official).
Largely this change should not be user visible, but there are a couple
cases where the new bindings provide slightly more detailed error
messages, and alot directly presents those messages to users.
This patch has been significantly revised and updated by Dylan Baker,
but was originally authored by Daniel Kahn Gillmor.
Fixes #1069
|
|
|
|
|
|
|
|
|
| |
There are currently several problems with this docstring:
1) it says the return type is list, but it's actually an iterator
2) it says the first parameter is keyid, but it's hint
3) no types are specified.
This patch corrects that.
|
|
|
|
|
|
|
|
|
|
| |
This is a just a small refactor that makes things a little more
readable, and provides slightly more verbose messages in for signing and
encrypting failures.
Mainly this uses str.format instead of inline concatenation, but it also
rewraps and removes '+' operators from a string already wrapped in
parens
|
|
|
|
|
|
|
|
|
|
| |
gpgme.Context.verify doesn't raise an exception, instead it attaches the
error as an attribute of the return value. This means that we've been
returning that a signature is valid even when it isn't.
This patch checks the attribute instead of try/excepting. Because there
is a second bug (fixed in the next patch) signature verification will
always fail with this patch.
|
| |
|
| |
|
|
|
|
|
|
| |
- use relative imports if possible
- group imports into standard library, third party, and alot modules
- sort imports alphabetically
|
| |
|
|
|
|
|
| |
If encrypt_by_default is set to 'Valid' only keys whose email is trusted to
belong to the key are used.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
The email_as_string function, and the related RFC3156_canonicalize
function, are now used by the ForwardCommand and are not specific
anymore to the crypto routine. So we move them to the global helper
module.
fix an import removal mistake while moving email_as_string function: StringIO was not only used by email_as_string
|
|
|
|
| |
Expand docstring and explain handling of ambiguous keyid
|
|
|
|
|
|
|
|
|
| |
Previously when Context.get_key raised gpgme.ERR_AMBIGUOUS_NAME crypto.get_key
would not verify the ambiguous keys are actually valid for
signing/encryption.
Now when gpgme.get_key raises ERR_AMBIGUOUS_NAME we elimitate those invalid
keys. If there is only one valid key left we return it, otherwise re-raise
|
|
|
|
| |
Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>
|
|
|
|
| |
Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>
|
|
|
|
|
|
|
|
|
| |
Parse and decrypt OpenPGP encrypted data as specified by RFC 3156. If
such a message is detected and found to be well-formed, it is
decrypted and any MIME messages found within the plain text are
attached to the original message.
Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>
|
|
|
|
|
|
|
| |
Verify OpenPGP signatures as specified in RFC 3156. Display the result
in the header list above the message.
Signed-off-by: Justus Winter <4winter@informatik.uni-hamburg.de>
|
| |
|
|
|
|
|
| |
this way we don't have to call validate_key wherever we use get_key. And we
would have to catch exceptions twice.
|
|
|
|
|
| |
to avoid import ui stuff to crypto.py I added error codes to the GPGProblem
Exceptions. This way I can process them later, depending on the error code
|
|
|
|
|
| |
also the error catchings are mostly moved to crypto.py whcih makes everything
else a little bit cleaner
|
|
|
|
|
|
|
|
|
| |
we check whether a key is
- revoked
- expired
- invalid
- unable to encrypt
- unable to sign
|
| |
|
|
|
|
| |
We need that for auto-completion
|
|
|
|
|
| |
We use an own has function for that, since pygpgme doesn't implement __cmp__()
or similar
|
|
|
|
|
|
|
|
| |
Multiple recipient-keys can be specified. They are shown in the envelope buffer.
A new command is introduced: 'rmencrypt' do remove a key from the encryption
lsit. Unfortunately pygpgme doesn't implement __cmp__() so we have to either
write something similar on our own or use this solution (index of the key in
encryption list)
|
| |
|
|
|
|
|
| |
This function takes a plaintext string and encryptes it with a given gpg key and
returns the encrypted text
|
|
|
|
| |
cf issue #483
|