Page MenuHome GnuPG

gpgmeProject
ActivePublic

Details

Description

GnuPG Made Easy (GPGME) is a C language library that allows to add support for cryptography to a program. It is designed to make access to public key crypto engines like GnuPG or GpgSM easier for applications. GPGME provides a high-level crypto API for encryption, decryption, signing, signature verification and key management.

GPGME comes with language bindings for Common Lisp, C++, QT, Python2 and Python 3.

GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the Cryptographic Message Syntax (CMS).

Recent Activity

Today

ikloecker closed T5505: gpgme: Allow specifying an expiration date for key signatures (gpgme_op_interact) as Resolved.
Wed, Jun 23, 4:58 PM · gpgme, kleopatra, Restricted Project
ikloecker moved T5505: gpgme: Allow specifying an expiration date for key signatures (gpgme_op_interact) from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Wed, Jun 23, 4:57 PM · gpgme, kleopatra, Restricted Project

Yesterday

ikloecker moved T5505: gpgme: Allow specifying an expiration date for key signatures (gpgme_op_interact) from Restricted Project Column to Restricted Project Column on the Restricted Project board.
Tue, Jun 22, 4:39 PM · gpgme, kleopatra, Restricted Project
ikloecker triaged T5505: gpgme: Allow specifying an expiration date for key signatures (gpgme_op_interact) as Wishlist priority.
Tue, Jun 22, 4:31 PM · gpgme, kleopatra, Restricted Project

Mon, Jun 21

werner triaged T5503: Add APIs to sign (and encrypt?) with a specific subkey as Normal priority.
Mon, Jun 21, 5:16 PM · gpgme, Feature Request
ikloecker created T5500: gpgme: Test t-idiomatic.py fails with Python 3.8.
Mon, Jun 21, 10:54 AM · gpgme, Bug Report
werner updated the task description for T5225: Release GPGME 1.15.1.
Mon, Jun 21, 10:29 AM · Release Info, gpgme
werner triaged T5499: Release GPGME 1.16.0 as Normal priority.
Mon, Jun 21, 10:28 AM · Release Info, gpgme

Sat, Jun 19

Saturneric closed T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf as Resolved.
Sat, Jun 19, 2:49 PM · gpgme, Bug Report
Saturneric added a comment to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf .

The problem has been solved by me, but this and the problem are still very strange.

Sat, Jun 19, 2:48 PM · gpgme, Bug Report

Thu, Jun 17

werner added a comment to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf .

Please try the distributed binary version of gpgme from GnuPG or Gpg4win (which is usually a snapshot). As you might now, we don't support building on Windows - it may or may not work, we have no idea and don't suggest that.

Thu, Jun 17, 11:42 AM · gpgme, Bug Report

Wed, Jun 16

Saturneric added a comment to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf .

Let me explain this problem more clearly. GPGME did not correctly receive and parse the output from gpgconf. Looking at the log file, EOF was generated when 4096 bits were read. So in engine info, although the path is correct, the identification of the version number is 1.0.0, and there is only gpgconf in the protocol, but there are no protocols such as gpg, assume, etc., which just means that gpgme does not correctly identify the output of gpgconf in this environment Information to find other protocols.
At the same time, I verified whether the output in gpgconf and the path of the related configuration are correct (whether there is a corresponding tool under the path), these are all right, which is very strange.

Wed, Jun 16, 6:44 PM · gpgme, Bug Report
Saturneric added a comment to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf .

This is the log file output after the GPGME DEBUG environment variable is set.

Wed, Jun 16, 5:35 PM · gpgme, Bug Report
werner added a project to T5489: GpgME Built by mingw64 didn’t seem to correctly recognize the configuration information provided by gpgconf : gpgme.

You should run your test program with GPGME_DEBUG set. This gives some insight. The code you posted is too sparse to actually see what you are doing or want to do or what is the bug. Maybe it is better to ask the gnupg-devel ML?

Wed, Jun 16, 5:32 PM · gpgme, Bug Report

Thu, Jun 10

aheinecke added a project to T5478: Kleopatra: Performance problems decrypting and encrypting large Archives: Restricted Project.
Thu, Jun 10, 3:49 PM · Restricted Project, gpgme, kleopatra
aheinecke triaged T5478: Kleopatra: Performance problems decrypting and encrypting large Archives as High priority.
Thu, Jun 10, 1:11 PM · Restricted Project, gpgme, kleopatra

Thu, Jun 3

werner merged T5470: T5454 Continue Gpgme still shows secret flag even when the secret key content is missing into T5454: Failed to sign with subkey with a signature function using gpgme_op_keysign.
Thu, Jun 3, 9:23 PM · FAQ, Support, gpgme
Saturneric closed T5454: Failed to sign with subkey with a signature function using gpgme_op_keysign as Resolved.
Thu, Jun 3, 3:12 PM · FAQ, Support, gpgme

Mon, May 31

werner added a comment to T5454: Failed to sign with subkey with a signature function using gpgme_op_keysign.

Take care: It is not clear whether you may use a [C} subkey for certification. GnuPG currently accepts this but the RFC can also be read as primary keys needs to to do the certification.

Mon, May 31, 2:54 PM · FAQ, Support, gpgme
ikloecker added a comment to T5454: Failed to sign with subkey with a signature function using gpgme_op_keysign.

For signing (aka certifying) another key you need a (sub)key with the "certify" capability. Your signing subkey can only be used for signing data but not for certifying keys. This isn't specific to gpgme. See https://datatracker.ietf.org/doc/html/rfc4880#section-5.2.3.21.

Mon, May 31, 9:44 AM · FAQ, Support, gpgme

Fri, May 28

werner edited projects for T5454: Failed to sign with subkey with a signature function using gpgme_op_keysign, added: Support, FAQ; removed Bug Report.

Yes, you need the secret part of the primary key. gpgme has this info but it is easy to miss. Even our gpgme/tests/run-keylist.c debug tool did not show it directly. I modified it to make this more clear, see the latest gpgme commit. Here is an example for my key:

$ ./run-keylist --verbose --with-secret  63113AE866587D0A
keyid   : 63113AE866587D0A
caps    : esc
flags   : secret
upd     : 0 (0)
fpr    0: AEA84EDCF01AD86C4701C85C63113AE866587D0A
grip   0: CE5C1F1B8C96F1A078A2D1932EEE738A854ED976
curve  0: ed25519
caps   0: sc
flags  0:
fpr    1: E05BA20ED4F17768613B03C53CD7B3A055039224
grip   1: 7A1E3130C9CBDBF203A0AD8E186D9C511D5019FF
curve  1: cv25519
caps   1: e
flags  1: secret
fpr    2: 8777461F2A074EBC480D359419CC1C9E085B107A
grip   2: FF35C6E765F440145095750DC97D43D496C5ABEA
curve  2: ed25519
caps   2: s
flags  2: secret
Fri, May 28, 7:32 PM · FAQ, Support, gpgme
werner added a project to T5454: Failed to sign with subkey with a signature function using gpgme_op_keysign: gpgme.
Fri, May 28, 4:36 PM · FAQ, Support, gpgme

Thu, May 27

werner triaged T5453: gpgme docs unclear about gpgme_user_id_t.email and gpgme_user_id_t.address as Wishlist priority.
Thu, May 27, 7:53 AM · Documentation, gpgme, Bug Report
dkg created T5453: gpgme docs unclear about gpgme_user_id_t.email and gpgme_user_id_t.address.
Thu, May 27, 4:17 AM · Documentation, gpgme, Bug Report

May 23 2021

werner closed T5448: GPG_ERR_EOF didn't return by gpgme_op_keylist_next after the last key in the list had already been returned as Resolved.
May 23 2021, 9:32 PM · Support, gpgme

May 17 2021

werner triaged T5438: gpgme_op_keylist_from_data_start ignores GPGME_KEYLIST_MODE_SIGS as High priority.

Due to tax issues, we can't accept a donation as return on service. However, we will fix bugs anyway if possible,

May 17 2021, 11:50 AM · OpenPGP, Bug Report, gpgme

May 16 2021

pert created T5438: gpgme_op_keylist_from_data_start ignores GPGME_KEYLIST_MODE_SIGS.
May 16 2021, 2:25 PM · OpenPGP, Bug Report, gpgme

May 7 2021

ikloecker closed T5422: gnupg 2.3.1 breaks gpgme_op_createkey() as Resolved.

You are welcome.

May 7 2021, 12:43 PM · gpgme, Bug Report
pnirschl added a comment to T5422: gnupg 2.3.1 breaks gpgme_op_createkey().

run-genkey is working fine in my test environment as well.

May 7 2021, 9:41 AM · gpgme, Bug Report

May 6 2021

ikloecker closed T5419: gpgme: Add support for trust signatures to key list result as Resolved.
May 6 2021, 3:15 PM · kleopatra, gpgme, Restricted Project
ikloecker moved T5419: gpgme: Add support for trust signatures to key list result from Restricted Project Column to Restricted Project Column on the Restricted Project board.
May 6 2021, 3:15 PM · kleopatra, gpgme, Restricted Project
ikloecker abandoned D530: gpgme: Add support for trust signatures to key list result.

This revision was committed with rM276187f6b62a: core: Extend gpgme_key_sig_t with trust signature members.

May 6 2021, 3:15 PM · gpgme
ikloecker set the repository for D530: gpgme: Add support for trust signatures to key list result to rM GPGME.
May 6 2021, 3:13 PM · gpgme
ikloecker moved T5419: gpgme: Add support for trust signatures to key list result from Restricted Project Column to Restricted Project Column on the Restricted Project board.
May 6 2021, 3:06 PM · kleopatra, gpgme, Restricted Project
werner added a comment to D530: gpgme: Add support for trust signatures to key list result.

This is better name. My point was that if we ever use that to create such a field the developer should not assume that arbitrary REs can be used here. We need to have some practical value here and I would prefer to see only the domain name. However, OpenPGP allows for arbitrary REs and thus we may see them here. This is problematic but we can't do much about it.

May 6 2021, 10:01 AM · gpgme
ikloecker added a comment to T5422: gnupg 2.3.1 breaks gpgme_op_createkey().

Well, all I can say is that
./run-genkey --loopback "elektra testkey (gen-gpg-testkey)"
creates a key without any problems and without asking for a passphrase. Even, if I add the GPGME_CREATE_NOEXPIRE flag to the call of gpgme_op_createkey. At least, from a terminal.

May 6 2021, 9:19 AM · gpgme, Bug Report

May 5 2021

pnirschl added a comment to T5422: gnupg 2.3.1 breaks gpgme_op_createkey().

Thank you for your response! I tried out all variants of gpgme_pinentry_mode_t and implemented a passphrase callback (using gpgme_set_passphrase_cb as suggested). It turns out that the callback is not invoked at all. However, if I switch back to gnupg 2.2.27, the callback is being invoked and the key is being generated (using the passphrase specified by the callback, as expected).

May 5 2021, 9:17 PM · gpgme, Bug Report
ikloecker added a comment to T5422: gnupg 2.3.1 breaks gpgme_op_createkey().

The problem might be that gpg tries to ask for a passphrase which fails on the CI. Try setting a passphrase callback and setting the pinentry mode to loopback. See https://dev.gnupg.org/source/gpgme/browse/master/tests/run-genkey.c$435.

May 5 2021, 10:01 AM · gpgme, Bug Report
pnirschl created T5422: gnupg 2.3.1 breaks gpgme_op_createkey().
May 5 2021, 8:33 AM · gpgme, Bug Report

May 4 2021

ikloecker updated the diff for D530: gpgme: Add support for trust signatures to key list result.

Added documentation for the new fields.

May 4 2021, 3:27 PM · gpgme
ikloecker updated the diff for D530: gpgme: Add support for trust signatures to key list result.
  • Renamed trust_regexp to trust_scope.
  • Use part of _unused for storing trust_depth and trust_value.
May 4 2021, 3:11 PM · gpgme
ikloecker added inline comments to D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 3:10 PM · gpgme
werner added inline comments to D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:29 PM · gpgme
ikloecker added a task to D530: gpgme: Add support for trust signatures to key list result: T5419: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:13 PM · gpgme
ikloecker added a revision to T5419: gpgme: Add support for trust signatures to key list result: D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:13 PM · kleopatra, gpgme, Restricted Project
ikloecker requested review of D530: gpgme: Add support for trust signatures to key list result.
May 4 2021, 12:13 PM · gpgme
ikloecker triaged T5419: gpgme: Add support for trust signatures to key list result as Normal priority.
May 4 2021, 11:55 AM · kleopatra, gpgme, Restricted Project

Apr 15 2021

werner raised the priority of T5292: regression: no longer possible to get signatures from decrypt from unknown keys from Low to Normal.
Apr 15 2021, 9:16 AM · patch, Python, gpgme, Bug Report
werner triaged T5292: regression: no longer possible to get signatures from decrypt from unknown keys as Low priority.
Apr 15 2021, 9:16 AM · patch, Python, gpgme, Bug Report

Mar 22 2021

werner triaged T5353: gpgme: Implement keylist_data for gpgsm as Normal priority.
Mar 22 2021, 1:41 PM · gnupg (gpg23), gpgme, Feature Request