aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
Commit message (Collapse)AuthorAgeFilesLines
* lint: ensure errors are at least logged (errcheck)Moritz Poldrack2022-08-048-23/+59
| | | | | Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc>
* lint: apply new formatting rulesMoritz Poldrack2022-08-013-5/+4
| | | | | | | Run `make fmt`. Signed-off-by: Moritz Poldrack <git@moritz.sh> Acked-by: Robin Jarry <robin@jarry.cc>
* logging: use level-based logger functionsRobin Jarry2022-07-234-46/+9
| | | | | | | | | | | | Do not pass logger objects around anymore. Shuffle some messages to make them consistent with the new logging API. Avoid using %v when a more specific verb exists for the argument types. The loggers are completely disabled (i.e. Sprintf is not even called) by default. They are only enabled when redirecting stdout to a file. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: set a name for the attached pgp signature partRobin Jarry2022-07-181-1/+1
| | | | | | | | This makes it more explicit for non pgp compatible clients. Without this, they may show "unnamed part" or "noname". Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: fix panic when signing an unparsable messageMoritz Poldrack2022-07-021-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the following error: panic() runtime/panic.go:838 bytes.(*Buffer).ReadFrom() bytes/buffer.go:204 io.copyBuffer() io/io.go:412 io.Copy() io/io.go:385 git.sr.ht/~rjarry/aerc/lib/crypto/gpg/gpgbin.Sign() git.sr.ht/~rjarry/aerc/lib/crypto/gpg/gpgbin/sign.go:25 git.sr.ht/~rjarry/aerc/lib/crypto/gpg.(*Signer).Close() git.sr.ht/~rjarry/aerc/lib/crypto/gpg/writer.go:52 git.sr.ht/~rjarry/aerc/lib/crypto/gpg.multiCloser.Close() git.sr.ht/~rjarry/aerc/lib/crypto/gpg/writer.go:92 git.sr.ht/~rjarry/aerc/widgets.(*Composer).WriteMessage() git.sr.ht/~rjarry/aerc/widgets/compose.go:601 git.sr.ht/~rjarry/aerc/commands/compose.Send.Execute.func1() git.sr.ht/~rjarry/aerc/commands/compose/send.go:127 Fixes: https://todo.sr.ht/~rjarry/aerc/53 Signed-off-by: Moritz Poldrack <git@moritz.sh> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* gpg: fix error handling during decryptionTim Culverhouse2022-06-281-3/+5
| | | | | | | | | | | | An non-zero exit code from the execution of gpg during decryption would prevent aerc from parsing the output of gpg. The output should always be parsed. Gpg can exit with an error due to not being able to validate a signature. Aerc handles this error with the UI, and therefore all output should be parsed regardless of exit state of gpg. The parsing of stdout will find the errors and report back to aerc properly. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: don't send messages that failed encryptionTim Culverhouse2022-06-262-1/+7
| | | | | | | | | | | | Add error handling for messages that were unable to be encrypted. Previously, messages that failed encryption would be sent with no content. This patch adds error handling - when encryption fails, the user is returned to the Review screen and instructed to check the public keys for their recipients. Reported-by: Moritz Poldrack <moritz@poldrack.dev> Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: refactor tests for macos compatibilityTim Culverhouse2022-05-253-186/+156
| | | | | | | | | | | | | | Refactor lib/crypto/gpg tests to facilitate unit test runs on macos. Macos creates temporary directories with names too long to call gpg-agent (108 characters). Additionally, too many concurrent test calls created IPC errors to gpg-agent. To get around this, tests were given shorter names and refactored into subtests to create fewer concurrent tests Tested on Linux and MacOS. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Robin Jarry <robin@jarry.cc>
* gpg: do not mask errorsRobin Jarry2022-05-101-1/+1
| | | | | | | Report errors as they are printed by gpg. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* gpg: make tests more robustRobin Jarry2022-05-103-24/+27
| | | | | | | | | Skip the tests if gpg is not installed. Avoid interference with the global ~/.gnupg. Automatically delete GNUPGHOME at the end of tests. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* pgp: add attach key commandTim Culverhouse2022-05-064-1/+61
| | | | | | | | | Add compose command ("attach-key") to attach the public key associated with the sending account. Public key is attached in ascii armor format, with the mimetype set according to RFC 3156 ("application/pgp-keys"). Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Koni Marti <koni.marti@gmail.com>
* pgp: check encryption keys before sending messageTim Culverhouse2022-05-064-0/+23
| | | | | | | | | | | | | | | | Add check for public keys of all message recipients (to, cc, and bcc) before sending the message. Adds an OnFocusLost callback to header editors to facilitate a callback for checking keys whenever a new recipient is added (OnChange results in too many keyring checks). Once encryption is initially set, the callbacks are registered. If a public key is not available for any recipient, encryption is turned off. However, notably, the callbacks are still registered meaning as s soon as the user removes the recipients with missing keys, encryption is turned back on. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Koni Marti <koni.marti@gmail.com>
* pgp: fix crash on gpg decrypt failTim Culverhouse2022-05-041-0/+1
| | | | | | | | | | The gpg decrypt function was catching errors but not returning them. This patch returns errors that are caught instead of aerc panicking. Reported-by: ReK2 <rek2@hispagatos.org> Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: ReK2 <rek2@hispagatos.org> Acked-by: Robin Jarry <robin@jarry.cc>
* pgp: check for signing key before signing timeTim Culverhouse2022-05-045-0/+59
| | | | | | | | | | Check that the signing key exists when the user issues the :sign command. The signing key ID will be displayed in the security status also, allowing the user to see what key will be used to sign the message. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Jens Grassel <jens@wegtam.com>
* feat: add gpg integrationTim Culverhouse2022-04-2714-21/+1461
| | | | | | | | | | | | | | | | | | | This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc>
* refactor: refactor pgp implementationTim Culverhouse2022-04-272-0/+268
This commit refactors the internal PGP implementation to make way for GPG integration. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc>