gpgmeProject
ActivePublic

Details

Description

GnuPG Made Easy (GPGME) is a C language library that allows to add support for cryptography to a program. It is designed to make access to public key crypto engines like GnuPG or GpgSM easier for applications. GPGME provides a high-level crypto API for encryption, decryption, signing, signature verification and key management.

GPGME comes with language bindings for Common Lisp, C++, QT, Python2 and Python 3.

GPGME uses GnuPG and GpgSM as its backends to support OpenPGP and the Cryptographic Message Syntax (CMS).

Recent Activity

Fri, May 8

aheinecke closed T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 as Resolved.

Thanks for the patch, applied!
You are correct the NEWS file states that this was added in 1.9.0

Fri, May 8, 12:35 PM · patch, Not A Bug, gpgme, Documentation
aheinecke added a commit to T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 : rM49c13854f3bf: GPGME_CREATE_NOEXPIRE is only available since 1.9.0.
Fri, May 8, 12:34 PM · patch, Not A Bug, gpgme, Documentation
werner added a commit to T4820: gpgme's json test fails with gpg 2.2.19: rM004fdf61c8b9: core: Make sure the keygrip is available in WITH_SECRET mode..
Fri, May 8, 11:33 AM · gpgme, Bug Report
aheinecke added a commit to T4820: gpgme's json test fails with gpg 2.2.19: rM5c0d1c7f76c9: tests, json: Do not check for keygrip of pubkeys.
Fri, May 8, 10:49 AM · gpgme, Bug Report
aheinecke changed the status of T4820: gpgme's json test fails with gpg 2.2.19 from Open to Testing.

I have opened T4939 to add the keylist mode with keygrip.

Fri, May 8, 10:40 AM · gpgme, Bug Report
aheinecke created T4939: GPGME: Add KEYLIST_MODE_WITH_KEYGRIP.
Fri, May 8, 10:40 AM · gpgme
aheinecke added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

To end the failures I have modified the test, that needed to be done anyway since different versions of GnuPG behave differently.

Fri, May 8, 10:37 AM · gpgme, Bug Report

Apr 30 2020

t8m added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

Any progress on this one?

Apr 30 2020, 2:25 PM · gpgme, Bug Report

Apr 25 2020

dup edited projects for T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 , added: Not A Bug, patch; removed Bug Report.
Apr 25 2020, 10:39 PM · patch, Not A Bug, gpgme, Documentation

Apr 21 2020

dup updated the task description for T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 .
Apr 21 2020, 7:54 PM · patch, Not A Bug, gpgme, Documentation
dup updated the task description for T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 .
Apr 21 2020, 7:53 PM · patch, Not A Bug, gpgme, Documentation
dup claimed T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 .
Apr 21 2020, 6:29 PM · patch, Not A Bug, gpgme, Documentation
dup added a project to T4922: GPGME_CREATE_NOEXPIRE seems not to be available since 1.8.0 : gpgme.
Apr 21 2020, 6:26 PM · patch, Not A Bug, gpgme, Documentation

Apr 20 2020

BenM added a comment to T3505: Port GPGME's Python bindings to Windows.

On further thought, it's possible that something closer to what
Bernhard wants (and incidentally more along the lines of what I was
thinking of in some of our discussions just after the initial port)
might be achievable with Cython.

Apr 20 2020, 8:00 PM · Feature Request, gpgme, Python
werner added a comment to T3505: Port GPGME's Python bindings to Windows.

FWIW, GPGME is basically C90 and we only recently started to use C99 variadic macros - they are a cpp feature, though.

Apr 20 2020, 7:29 AM · Feature Request, gpgme, Python

Apr 19 2020

BenM added a comment to T3505: Port GPGME's Python bindings to Windows.

CFFI has no real means of generating the needed bindings on the fly
like SWIG does, except via its ABI methods, but those are inferior to
what SWIG does. It also can't handle all the ifdefs (or really any of
the ifdefs) in gpgme.h.

Apr 19 2020, 7:46 PM · Feature Request, gpgme, Python

Mar 20 2020

dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

That option does the same as --disable-dirmngr which in trun has the same effect as disable-crl-checks

Mar 20 2020, 4:49 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

@werner wrote:

Mar 20 2020, 4:45 PM · Not A Bug, S/MIME, gpgme
aheinecke added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

Sample how GpgOL handles this: https://dev.gnupg.org/source/gpgol/browse/master/src/keycache.cpp;6f5f48c3d60e0af52f1a9f0e51f60ee653eeeb31$269

Mar 20 2020, 11:03 AM · Not A Bug, S/MIME, gpgme
aheinecke added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I think what you're saying that there is *no way* to use GPGME in offline mode to validate x.509 certificates, and this is by design. Am I understanding that right?

Mar 20 2020, 11:00 AM · Not A Bug, S/MIME, gpgme
werner added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

After disabling the CRL check again in gpgsm.conf

Mar 20 2020, 8:56 AM · Not A Bug, S/MIME, gpgme

Mar 19 2020

dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I see no difference between the last two example stanzas that show you running ../run-verify. Are they supposed to have different output?

Mar 19 2020, 10:58 PM · Not A Bug, S/MIME, gpgme
werner added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

That option does the same as --disable-dirmngr which in trun has the same effect as disable-crl-checks; see gnupg/sm/server.c#option_handler. If you want to check the validity of the cert you check the TRUST status lines. This is what gpgme does for you. An example is gpgme.tests/gpgsm/t-verify. You can run the tests also manually, I do this as follows:

Mar 19 2020, 6:25 PM · Not A Bug, S/MIME, gpgme
dkg added a comment to T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.

I think what you're saying that there is *no way* to use GPGME in offline mode to validate x.509 certificates, and this is by design. Am I understanding that right?

Mar 19 2020, 5:25 PM · Not A Bug, S/MIME, gpgme
werner edited projects for T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set, added: Not A Bug; removed Bug Report.

I can see no bug here. See my comment over at T4881.

Mar 19 2020, 1:06 PM · Not A Bug, S/MIME, gpgme
dkg created T4883: gpgme X.509 certificates have unknown validity in offline mode unless `disable-crl-checks` is set.
Mar 19 2020, 2:25 AM · Not A Bug, S/MIME, gpgme

Feb 28 2020

kopfuss added a comment to T4861: GPGme 1.13.1 fails at t-json.
In T4861#132936, @dkg wrote:

0005 and 0006 from the debian distribution of gpgme.

Feb 28 2020, 9:06 PM · gpgme, Bug Report
aheinecke added a comment to T4861: GPGme 1.13.1 fails at t-json.

Thanks for the report. Indeed I closed this as a duplicated. Thanks @dkg for pointing out the patches.

Feb 28 2020, 11:28 AM · gpgme, Bug Report
aheinecke merged T4861: GPGme 1.13.1 fails at t-json into T4820: gpgme's json test fails with gpg 2.2.19.
Feb 28 2020, 11:26 AM · gpgme, Bug Report
aheinecke merged task T4861: GPGme 1.13.1 fails at t-json into T4820: gpgme's json test fails with gpg 2.2.19.
Feb 28 2020, 11:26 AM · gpgme, Bug Report
werner added a project to T4861: GPGme 1.13.1 fails at t-json: gpgme.
Feb 28 2020, 8:08 AM · gpgme, Bug Report

Feb 25 2020

kloczek added a comment to T4854: gpgme 1.13.1: test suite is failing.

Latest one (gnupg 2.2.19)

Feb 25 2020, 10:37 PM · gpgme, Bug Report
werner added a comment to T4854: gpgme 1.13.1: test suite is failing.

(I stripped the report down to its core)

Feb 25 2020, 9:13 PM · gpgme, Bug Report
werner updated the task description for T4854: gpgme 1.13.1: test suite is failing.
Feb 25 2020, 9:11 PM · gpgme, Bug Report
kloczek updated the task description for T4854: gpgme 1.13.1: test suite is failing.
Feb 25 2020, 2:53 PM · gpgme, Bug Report
kloczek created T4854: gpgme 1.13.1: test suite is failing.
Feb 25 2020, 2:52 PM · gpgme, Bug Report

Feb 12 2020

aheinecke claimed T4793: New GPGME API to support card personalization.
Feb 12 2020, 11:59 AM · scd, gpgme

Feb 3 2020

werner triaged T4834: gpgme library calls gpg with --list-trust-path as Normal priority.

Funny. I looked into the history of that function: @dshaw removed the option --list-trust-path from gnupg 1.x in December 2002. He commented

Feb 3 2020, 3:28 PM · gpgme, Bug Report

Jan 29 2020

dkg closed T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times as Wontfix.

Changing back to wontfix given the wontfix resolution of T4826

Jan 29 2020, 3:44 PM · gpgme, Bug Report
werner added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

I would like to understand why this changed. T4061 might be relevant here. This has been fixed after the 2.2.19 release.

Jan 29 2020, 11:09 AM · gpgme, Bug Report
aheinecke assigned T4820: gpgme's json test fails with gpg 2.2.19 to werner.

Well thanks for reporting it ;-)

Jan 29 2020, 11:06 AM · gpgme, Bug Report
aheinecke added a commit to T4820: gpgme's json test fails with gpg 2.2.19: rMcff600f1f65a: Do not test for a bug in older GnuPG versions.
Jan 29 2020, 11:06 AM · gpgme, Bug Report
dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.

It looks like at least for OpenPGP, the layer below GPGME is also broken for expiration dates in this time window (see T4826)

Jan 29 2020, 1:01 AM · gpgme, Bug Report
dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.
-----BEGIN PGP PRIVATE KEY BLOCK-----
Jan 29 2020, 12:38 AM · gpgme, Bug Report
dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.
-----BEGIN PGP PUBLIC KEY BLOCK-----
Jan 29 2020, 12:35 AM · gpgme, Bug Report

Jan 28 2020

dkg added a comment to T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times.

I don't mind a workaround that avoids an ABI/API fix as long as it defers actual failures until 2038.

Jan 28 2020, 11:45 PM · gpgme, Bug Report
dkg reopened T4766: gpgme_signature_t relies on `unsigned long` for signature creation and expiration times as "Open".

I'm reopening this because i think users of these 32-bit platforms are going to run into issues before 2038 happens. Certs could appear expired before they are actually expired, for example, because of the wraparound time.

Jan 28 2020, 11:44 PM · gpgme, Bug Report

Jan 27 2020

dkg updated subscribers of T4820: gpgme's json test fails with gpg 2.2.19.

thanks for looking at this, @aheinecke ! if you or @werner know of any internal side effects where this does matter, it would be great to add a test that documents them.

Jan 27 2020, 6:08 PM · gpgme, Bug Report
aheinecke closed T4821: gpgme's m4/python.m4 doesn't search for python 3.8 as Resolved.

Merged into master. Thanks!

Jan 27 2020, 9:51 AM · gpgme
aheinecke added a comment to T4820: gpgme's json test fails with gpg 2.2.19.

Thanks! I would merge your commits but I'll like to talk to werner tomorrow about the always adding "--with-keygrip" I also think its useful but it might have expensive internal side effects that I am not aware of.

Jan 27 2020, 9:48 AM · gpgme, Bug Report