aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
Commit message (Collapse)AuthorAgeFilesLines
* mod: drop support for go 1.17Robin Jarry2023-04-241-8/+1
| | | | | | | | | | | | | A lot of libraries are starting to use generics (introduced in go 1.18). Restricting aerc on 1.17 prevents us from updating our dependencies. Since 1.18 is a major milestone, it has a chance to remain supported for a while. Update the minimum go version to 1.18. Run go mod tidy -compat=1.18. Update our CI to run on 1.18. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Bence Ferdinandy <bence@ferdinandy.com>
* config: make various sections accessible via global varsRobin Jarry2022-12-141-2/+3
| | | | | | | | | | | | | | | | | | | | There is only one instance of AercConfig which is associated to the Aerc widget. Everywhere we need to access configuration options, we need somehow to get a reference either to the Aerc widget or to a pointer to the AercConfig instance. This makes the code cluttered. Remove the AercConfig structure and every place where it is referenced. Instead, declare global variables for every configuration section and access them directly from the `config` module. Since bindings and ui sections can be "contextual" (i.e. per account, per folder or per subject), leave most local references intact. Replacing them with config.{Ui,Binds}.For{Account,Folder,Subject} would make this patch even more unreadable. This is something that may be addressed in the future. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* pgp-provider: set default value to autoRobin Jarry2022-12-062-3/+25
| | | | | | | | | | | Change the default provider to gpg unless the internal keyring is initialized and contains one key. This should be more user friendly. Link: https://lists.sr.ht/~rjarry/aerc-discuss/%3CCO783CI3IU9F.184DBQTPMIPBS%40paul%3E Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* logging: rename package to logRobin Jarry2022-12-022-6/+6
| | | | | | | | | | Use the same name than the builtin "log" package. That way, we do not risk logging in the wrong place. Suggested-by: Tim Culverhouse <tim@timculverhouse.com> Signed-off-by: Robin Jarry <robin@jarry.cc> Tested-by: Bence Ferdinandy <bence@ferdinandy.com> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* logging: homogenize levelsRobin Jarry2022-12-022-2/+2
| | | | | | | | | | | | | | | | | | The main goal is to ensure that by default, the log file (if configured) does not grow out of proportions. Most of the logging messages in aerc are actually for debugging and/or trace purposes. Define clear rules for logging levels. Enforce these rules everywhere. After this patch, here is what the log file looks like after starting up with a single account: INFO 2022/11/24 20:26:16.147164 aerc.go:176: Starting up version 0.13.0-100-g683981479c60 (go1.18.7 amd64 linux) INFO 2022/11/24 20:26:17.546448 account.go:254: [work] connected. Signed-off-by: Robin Jarry <robin@jarry.cc> Tested-by: Bence Ferdinandy <bence@ferdinandy.com> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* pgp: enable quoted replies of encrypted messagesTim Culverhouse2022-08-311-0/+15
| | | | | | | | | | | | | | When quoting an encrypted message for reply, the quoted text is shown as "Version: 1.0". This is due to this being the first non-multipart text portion of the message, which is what the quoted reply logic looks for. Properly quote replies to encrypted messages by decrypting the message, and quoting the content. The message must be open in a message view in order to quote it (it must be decrypted, which is handled by the message viewer). Suggested-by: Moritz Poldrack <moritz@poldrack.dev> Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Jens Grassel <jens@wegtam.com>
* go: removed io/ioutilMoritz Poldrack2022-08-223-7/+4
| | | | | | | | | | Since the minimum required version of Go has been bumped to 1.16, the deprecation of io/ioutil can now be acted upon. This Commit removes the remaining dependencies on ioutil and replaces them with their io or os counterparts. Signed-off-by: Moritz Poldrack <git@moritz.sh> Acked-by: Robin Jarry <robin@jarry.cc>
* tests: fix errors after lint seriesRobin Jarry2022-08-043-19/+6
| | | | | | | | | | | | | | | | | | | Fix the following test failures: FAIL: TestMessageInfoHandledError (0.00s) parse_test.go:53: could not parse envelope: date parsing failed: unrecognized date format: FAIL: TestReader (0.07s) gpg_test.go:27: using GNUPGHOME = /tmp/TestReader2384941142/001 reader_test.go:108: Test case: Invalid Signature reader_test.go:112: gpg.Read() = gpgmail: failed to read PGP message: gpg: failed to run verification: exit status 1 Fixes: 5ca6022d007b ("lint: ensure errors are at least logged (errcheck)") Fixes: 70bfcfef4257 ("lint: work nicely with wrapped errors (errorlint)") Signed-off-by: Robin Jarry <robin@jarry.cc> Signed-off-by: Moritz Poldrack <moritz@poldrack.dev>
* lint: work nicely with wrapped errors (errorlint)Moritz Poldrack2022-08-044-17/+17
| | | | | | | | Error wrapping as introduced in Go 1.13 adds some additional logic to use for comparing errors and adding information to it. Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc>
* lint: ensure errors are at least logged (errcheck)Moritz Poldrack2022-08-048-23/+59
| | | | | Signed-off-by: Moritz Poldrack <moritz@poldrack.dev> Acked-by: Robin Jarry <robin@jarry.cc>
* lint: apply new formatting rulesMoritz Poldrack2022-08-013-5/+4
| | | | | | | Run `make fmt`. Signed-off-by: Moritz Poldrack <git@moritz.sh> Acked-by: Robin Jarry <robin@jarry.cc>
* logging: use level-based logger functionsRobin Jarry2022-07-234-46/+9
| | | | | | | | | | | | Do not pass logger objects around anymore. Shuffle some messages to make them consistent with the new logging API. Avoid using %v when a more specific verb exists for the argument types. The loggers are completely disabled (i.e. Sprintf is not even called) by default. They are only enabled when redirecting stdout to a file. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: set a name for the attached pgp signature partRobin Jarry2022-07-181-1/+1
| | | | | | | | This makes it more explicit for non pgp compatible clients. Without this, they may show "unnamed part" or "noname". Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: fix panic when signing an unparsable messageMoritz Poldrack2022-07-021-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Fix the following error: panic() runtime/panic.go:838 bytes.(*Buffer).ReadFrom() bytes/buffer.go:204 io.copyBuffer() io/io.go:412 io.Copy() io/io.go:385 git.sr.ht/~rjarry/aerc/lib/crypto/gpg/gpgbin.Sign() git.sr.ht/~rjarry/aerc/lib/crypto/gpg/gpgbin/sign.go:25 git.sr.ht/~rjarry/aerc/lib/crypto/gpg.(*Signer).Close() git.sr.ht/~rjarry/aerc/lib/crypto/gpg/writer.go:52 git.sr.ht/~rjarry/aerc/lib/crypto/gpg.multiCloser.Close() git.sr.ht/~rjarry/aerc/lib/crypto/gpg/writer.go:92 git.sr.ht/~rjarry/aerc/widgets.(*Composer).WriteMessage() git.sr.ht/~rjarry/aerc/widgets/compose.go:601 git.sr.ht/~rjarry/aerc/commands/compose.Send.Execute.func1() git.sr.ht/~rjarry/aerc/commands/compose/send.go:127 Fixes: https://todo.sr.ht/~rjarry/aerc/53 Signed-off-by: Moritz Poldrack <git@moritz.sh> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* gpg: fix error handling during decryptionTim Culverhouse2022-06-281-3/+5
| | | | | | | | | | | | An non-zero exit code from the execution of gpg during decryption would prevent aerc from parsing the output of gpg. The output should always be parsed. Gpg can exit with an error due to not being able to validate a signature. Aerc handles this error with the UI, and therefore all output should be parsed regardless of exit state of gpg. The parsing of stdout will find the errors and report back to aerc properly. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: don't send messages that failed encryptionTim Culverhouse2022-06-262-1/+7
| | | | | | | | | | | | Add error handling for messages that were unable to be encrypted. Previously, messages that failed encryption would be sent with no content. This patch adds error handling - when encryption fails, the user is returned to the Review screen and instructed to check the public keys for their recipients. Reported-by: Moritz Poldrack <moritz@poldrack.dev> Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Moritz Poldrack <moritz@poldrack.dev>
* gpg: refactor tests for macos compatibilityTim Culverhouse2022-05-253-186/+156
| | | | | | | | | | | | | | Refactor lib/crypto/gpg tests to facilitate unit test runs on macos. Macos creates temporary directories with names too long to call gpg-agent (108 characters). Additionally, too many concurrent test calls created IPC errors to gpg-agent. To get around this, tests were given shorter names and refactored into subtests to create fewer concurrent tests Tested on Linux and MacOS. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Robin Jarry <robin@jarry.cc>
* gpg: do not mask errorsRobin Jarry2022-05-101-1/+1
| | | | | | | Report errors as they are printed by gpg. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* gpg: make tests more robustRobin Jarry2022-05-103-24/+27
| | | | | | | | | Skip the tests if gpg is not installed. Avoid interference with the global ~/.gnupg. Automatically delete GNUPGHOME at the end of tests. Signed-off-by: Robin Jarry <robin@jarry.cc> Acked-by: Tim Culverhouse <tim@timculverhouse.com>
* pgp: add attach key commandTim Culverhouse2022-05-064-1/+61
| | | | | | | | | Add compose command ("attach-key") to attach the public key associated with the sending account. Public key is attached in ascii armor format, with the mimetype set according to RFC 3156 ("application/pgp-keys"). Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Koni Marti <koni.marti@gmail.com>
* pgp: check encryption keys before sending messageTim Culverhouse2022-05-064-0/+23
| | | | | | | | | | | | | | | | Add check for public keys of all message recipients (to, cc, and bcc) before sending the message. Adds an OnFocusLost callback to header editors to facilitate a callback for checking keys whenever a new recipient is added (OnChange results in too many keyring checks). Once encryption is initially set, the callbacks are registered. If a public key is not available for any recipient, encryption is turned off. However, notably, the callbacks are still registered meaning as s soon as the user removes the recipients with missing keys, encryption is turned back on. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Koni Marti <koni.marti@gmail.com>
* pgp: fix crash on gpg decrypt failTim Culverhouse2022-05-041-0/+1
| | | | | | | | | | The gpg decrypt function was catching errors but not returning them. This patch returns errors that are caught instead of aerc panicking. Reported-by: ReK2 <rek2@hispagatos.org> Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: ReK2 <rek2@hispagatos.org> Acked-by: Robin Jarry <robin@jarry.cc>
* pgp: check for signing key before signing timeTim Culverhouse2022-05-045-0/+59
| | | | | | | | | | Check that the signing key exists when the user issues the :sign command. The signing key ID will be displayed in the security status also, allowing the user to see what key will be used to sign the message. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Jens Grassel <jens@wegtam.com>
* feat: add gpg integrationTim Culverhouse2022-04-2714-21/+1461
| | | | | | | | | | | | | | | | | | | This commit adds gpg system integration. This is done through two new packages: gpgbin, which handles the system calls and parsing; and gpg which is mostly a copy of emersion/go-pgpmail with modifications to interface with package gpgbin. gpg includes tests for many cases, and by it's nature also tests package gpgbin. I separated these in case an external dependency is ever used for the gpg sys-calls/parsing (IE we mirror how go-pgpmail+openpgp currently are dependencies) Two new config options are introduced: * pgp-provider. If it is not explicitly set to "gpg", aerc will default to it's internal pgp provider * pgp-key-id: (Optionally) specify a key by short or long keyId Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc>
* refactor: refactor pgp implementationTim Culverhouse2022-04-272-0/+268
This commit refactors the internal PGP implementation to make way for GPG integration. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Acked-by: Koni Marti <koni.marti@gmail.com> Acked-by: Robin Jarry <robin@jarry.cc>