summaryrefslogtreecommitdiff
path: root/Utility/Gpg.hs
Commit message (Collapse)AuthorAge
* fix commentGravatar Joey Hess2013-09-07
|
* gpg: Force --no-textmode in case the user has it turned on in config.Gravatar Joey Hess2013-09-07
|
* fix windows buildGravatar Joey Hess2013-09-06
|
* Leverage an ambiguities between CiphersGravatar guilhem2013-09-05
| | | | | | | | | Cipher is now a datatype data Cipher = Cipher String | MacOnlyCipher String which makes more precise its interpretation MAC-only vs. MAC + used to derive a key for symmetric crypto.
* keep Utility.Gpg free of dependencies on git-annexGravatar Joey Hess2013-09-04
|
* Allow public-key encryption of file content.Gravatar guilhem2013-09-03
| | | | | | | | | | | | With the initremote parameters "encryption=pubkey keyid=788A3F4C". /!\ Adding or removing a key has NO effect on files that have already been copied to the remote. Hence using keyid+= and keyid-= with such remotes should be used with care, and make little sense unless the point is to replace a (sub-)key by another. /!\ Also, a test case has been added to ensure that the cipher and file contents are encrypted as specified by the chosen encryption scheme.
* Allow revocation of OpenPGP keys.Gravatar guilhem2013-08-29
| | | | | | | | | | | | | | | | | | | | | | | /!\ It is to be noted that revoking a key does NOT necessarily prevent the owner of its private part from accessing data on the remote /!\ The only sound use of `keyid-=` is probably to replace a (sub-)key by another, where the private part of both is owned by the same person/entity: git annex enableremote myremote keyid-=2512E3C7 keyid+=788A3F4C Reference: http://git-annex.branchable.com/bugs/Using_a_revoked_GPG_key/ * Other change introduced by this patch: New keys now need to be added with option `keyid+=`, and the scheme specified (upon initremote only) with `encryption=`. The motivation for this change is to open for new schemes, e.g., strict asymmetric encryption. git annex initremote myremote encryption=hybrid keyid=2512E3C7 git annex enableremote myremote keyid+=788A3F4C
* avoid more build warnings on WindowsGravatar Joey Hess2013-08-04
|
* Windows: Added support for encrypted special remotes.Gravatar Joey Hess2013-08-04
|
* get rid of __WINDOWS__, use mingw32_HOST_OSGravatar Joey Hess2013-08-02
| | | | | The latter is harder for me to remember, but avoids build failures in code used by the configure program.
* Allow building with gpg2.Gravatar Joey Hess2013-05-19
|
* fix the day's Windows permissions damageGravatar Joey Hess2013-05-14
|
* better error message for Windows stubGravatar Joey Hess2013-05-14
|
* fix buildGravatar Joey Hess2013-05-12
|
* fix permission damage (thanks, Windows)Gravatar Joey Hess2013-05-11
|
* clean up from windows portingGravatar Joey Hess2013-05-11
|
* fixup #if 0 stubs to use #ifndef mingw32_HOST_OSGravatar Joey Hess2013-05-10
| | | | | | That's needed in files used to build the configure program. For the other files, I'm keeping my __WINDOWS__ define, as I find that much easier to type. I may search and replace it to use the mingw32_HOST_OS thing later.
* stub out POSIX stuffGravatar Joey Hess2013-05-10
|
* Generate ciphers with a better entropy.Gravatar guilhem2013-04-06
| | | | | | | | | | Unless highRandomQuality=false (or --fast) is set, use Libgcypt's 'GCRY_VERY_STRONG_RANDOM' level by default for cipher generation, like it's done for OpenPGP key generation. On the assistant side, the random quality is left to the old (lower) level, in order not to scare the user with an enless page load due to the blocking PRNG waiting for IO actions.
* check that gpg generated as much data as we asked forGravatar Joey Hess2013-03-03
|
* improve comments and variable names WRT base64 encoded encryption keysGravatar Joey Hess2013-03-03
|
* Deal with incompatability in gpg2, which caused prompts for encryption ↵Gravatar Joey Hess2013-01-16
| | | | passphrases rather than using the supplied --passphrase-fd.
* whitespace fixesGravatar Joey Hess2012-12-13
|
* finished where indentation changesGravatar Joey Hess2012-12-13
|
* better streaming while encrypting/decryptingGravatar Joey Hess2012-11-18
| | | | | | Both the directory and webdav special remotes used to have to buffer the whole file contents before it could be decrypted, as they read from chunks. Now the chunks are streamed through gpg with no buffering.
* avoid partial !! in gpg list-keys parserGravatar Joey Hess2012-10-16
|
* fix gpg pipeline stallGravatar Joey Hess2012-09-09
| | | | | | Bug introduced in d1da9cf221aeea5c7ac8a313a18b559791a04f12, where I removed a forkProcess when feeding gpg. Feeding it from a thread solves the bug.
* Merge branch 'master' into assistantGravatar Joey Hess2012-08-17
|\ | | | | | | | | Conflicts: debian/changelog
| * Pass --use-agent to gpg when in no tty mode. Thanks, Eskild Hustvedt.Gravatar Joey Hess2012-08-17
| |
* | add back debug loggingGravatar Joey Hess2012-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | Make Utility.Process wrap the parts of System.Process that I use, and add debug logging to them. Also wrote some higher-level code that allows running an action with handles to a processes stdin or stdout (or both), and checking its exit status, all in a single function call. As a bonus, the debug logging now indicates whether the process is being run to read from it, feed it data, chat with it (writing and reading), or just call it for its side effect.
* | switch from System.Cmd.Utils to System.ProcessGravatar Joey Hess2012-07-18
|/ | | | | | | | | | | | | | | | | | Test suite now passes with -threaded! I traced back all the hangs with -threaded to System.Cmd.Utils. It seems it's just crappy/unsafe/outdated, and should not be used. System.Process seems to be the cool new thing, so converted all the code to use it instead. In the process, --debug stopped printing commands it runs. I may try to bring that back later. Note that even SafeSystem was switched to use System.Process. Since that was a modified version of code from System.Cmd.Utils, it needed to be converted too. I also got rid of nearly all calls to forkProcess, and all calls to executeFile, which I'm also doubtful about working well with -threaded.
* avoid ByteString.Char8 where not neededGravatar Joey Hess2012-06-20
| | | | | Its truncation behavior is a red flag, so avoid using it in these places where only raw ByteStrings are used, without looking at the data inside.
* Added shared cipher mode to encryptable special remotes.Gravatar Joey Hess2012-04-29
| | | | | | This option avoids gpg key distribution, at the expense of flexability, and with the requirement that all clones of the git repository be equally trusted.
* don't use GPG_AGENT_INFO to force batch mode in test suiteGravatar Joey Hess2012-01-09
| | | | | | | | Fails with gpg 2. Instead, use a different environment variable. The clean fix would instead be to add an annex.gpg-options configuration. But, that would be rather a lot of work and it's unlikely it would be useful for much else.
* Fix overbroad gpg --no-tty fix from last release.Gravatar Joey Hess2012-01-07
| | | | | | | Only set --no-tty when GPG_AGENT_INFO is set and batch mode is used. In the test suite, set GPG_AGENT_INFO to /dev/null to avoid the test suite relying on /dev/tty.
* Run gpg with --no-tty. Closes: #654721Gravatar Joey Hess2012-01-05
|
* test encrypted special remoteGravatar Joey Hess2011-12-20
| | | | | This involved adding a test harness to run gpg with a dummy key, and lots of fun.
* split out Utility.Gpg with the generic gpg interface, from CryptoGravatar Joey Hess2011-12-20
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-09 21:14:43 +0000