summaryrefslogtreecommitdiff
path: root/Utility/Gpg.hs
Commit message (Collapse)AuthorAge
* remove *>=> and >=*> ; use <$$> insteadGravatar Joey Hess2013-09-27
| | | | | | | | I forgot I had <$$> hidden away in Utility.Applicative. It allows doing the same kind of currying as does >=*> and I found using it made the code more readable for me. (*>=> was not used)
* webapp gpg key generationGravatar Joey Hess2013-09-17
| | | | | | | | | | | | | | | | | Now the webapp can generate a gpg key that is dedicated for use by git-annex. Since the key is single use, much of the complexity of generating gpg keys is avoided. Note that the key has no password, because gpg-agent is not available everywhere the assistant is installed. This is not a big security problem because the key is going to live on the same disk as the git annex repository, so an attacker with access to it can look directly in the repository to see the same files that get stored in the encrypted repository on the removable drive. There is no provision yet for backing up keys. This commit sponsored by Robert Beaty.
* gpg secret key generationGravatar Joey Hess2013-09-16
|
* gpg secret keys list parsingGravatar Joey Hess2013-09-16
| | | | | | Note that Utility.Format.prop_idempotent_deencode does not hold now that hex escaped characters are supported. quickcheck fails to notice this, so I have left it as-is for now.
* fix commentGravatar Joey Hess2013-09-07
|
* gpg: Force --no-textmode in case the user has it turned on in config.Gravatar Joey Hess2013-09-07
|
* fix windows buildGravatar Joey Hess2013-09-06
|
* Leverage an ambiguities between CiphersGravatar guilhem2013-09-05
| | | | | | | | | Cipher is now a datatype data Cipher = Cipher String | MacOnlyCipher String which makes more precise its interpretation MAC-only vs. MAC + used to derive a key for symmetric crypto.
* keep Utility.Gpg free of dependencies on git-annexGravatar Joey Hess2013-09-04
|
* Allow public-key encryption of file content.Gravatar guilhem2013-09-03
| | | | | | | | | | | | With the initremote parameters "encryption=pubkey keyid=788A3F4C". /!\ Adding or removing a key has NO effect on files that have already been copied to the remote. Hence using keyid+= and keyid-= with such remotes should be used with care, and make little sense unless the point is to replace a (sub-)key by another. /!\ Also, a test case has been added to ensure that the cipher and file contents are encrypted as specified by the chosen encryption scheme.
* Allow revocation of OpenPGP keys.Gravatar guilhem2013-08-29
| | | | | | | | | | | | | | | | | | | | | | | /!\ It is to be noted that revoking a key does NOT necessarily prevent the owner of its private part from accessing data on the remote /!\ The only sound use of `keyid-=` is probably to replace a (sub-)key by another, where the private part of both is owned by the same person/entity: git annex enableremote myremote keyid-=2512E3C7 keyid+=788A3F4C Reference: http://git-annex.branchable.com/bugs/Using_a_revoked_GPG_key/ * Other change introduced by this patch: New keys now need to be added with option `keyid+=`, and the scheme specified (upon initremote only) with `encryption=`. The motivation for this change is to open for new schemes, e.g., strict asymmetric encryption. git annex initremote myremote encryption=hybrid keyid=2512E3C7 git annex enableremote myremote keyid+=788A3F4C
* avoid more build warnings on WindowsGravatar Joey Hess2013-08-04
|
* Windows: Added support for encrypted special remotes.Gravatar Joey Hess2013-08-04
|
* get rid of __WINDOWS__, use mingw32_HOST_OSGravatar Joey Hess2013-08-02
| | | | | The latter is harder for me to remember, but avoids build failures in code used by the configure program.
* Allow building with gpg2.Gravatar Joey Hess2013-05-19
|
* fix the day's Windows permissions damageGravatar Joey Hess2013-05-14
|
* better error message for Windows stubGravatar Joey Hess2013-05-14
|
* fix buildGravatar Joey Hess2013-05-12
|
* fix permission damage (thanks, Windows)Gravatar Joey Hess2013-05-11
|
* clean up from windows portingGravatar Joey Hess2013-05-11
|
* fixup #if 0 stubs to use #ifndef mingw32_HOST_OSGravatar Joey Hess2013-05-10
| | | | | | That's needed in files used to build the configure program. For the other files, I'm keeping my __WINDOWS__ define, as I find that much easier to type. I may search and replace it to use the mingw32_HOST_OS thing later.
* stub out POSIX stuffGravatar Joey Hess2013-05-10
|
* Generate ciphers with a better entropy.Gravatar guilhem2013-04-06
| | | | | | | | | | Unless highRandomQuality=false (or --fast) is set, use Libgcypt's 'GCRY_VERY_STRONG_RANDOM' level by default for cipher generation, like it's done for OpenPGP key generation. On the assistant side, the random quality is left to the old (lower) level, in order not to scare the user with an enless page load due to the blocking PRNG waiting for IO actions.
* check that gpg generated as much data as we asked forGravatar Joey Hess2013-03-03
|
* improve comments and variable names WRT base64 encoded encryption keysGravatar Joey Hess2013-03-03
|
* Deal with incompatability in gpg2, which caused prompts for encryption ↵Gravatar Joey Hess2013-01-16
| | | | passphrases rather than using the supplied --passphrase-fd.
* whitespace fixesGravatar Joey Hess2012-12-13
|
* finished where indentation changesGravatar Joey Hess2012-12-13
|
* better streaming while encrypting/decryptingGravatar Joey Hess2012-11-18
| | | | | | Both the directory and webdav special remotes used to have to buffer the whole file contents before it could be decrypted, as they read from chunks. Now the chunks are streamed through gpg with no buffering.
* avoid partial !! in gpg list-keys parserGravatar Joey Hess2012-10-16
|
* fix gpg pipeline stallGravatar Joey Hess2012-09-09
| | | | | | Bug introduced in d1da9cf221aeea5c7ac8a313a18b559791a04f12, where I removed a forkProcess when feeding gpg. Feeding it from a thread solves the bug.
* Merge branch 'master' into assistantGravatar Joey Hess2012-08-17
|\ | | | | | | | | Conflicts: debian/changelog
| * Pass --use-agent to gpg when in no tty mode. Thanks, Eskild Hustvedt.Gravatar Joey Hess2012-08-17
| |
* | add back debug loggingGravatar Joey Hess2012-07-19
| | | | | | | | | | | | | | | | | | | | | | | | | | Make Utility.Process wrap the parts of System.Process that I use, and add debug logging to them. Also wrote some higher-level code that allows running an action with handles to a processes stdin or stdout (or both), and checking its exit status, all in a single function call. As a bonus, the debug logging now indicates whether the process is being run to read from it, feed it data, chat with it (writing and reading), or just call it for its side effect.
* | switch from System.Cmd.Utils to System.ProcessGravatar Joey Hess2012-07-18
|/ | | | | | | | | | | | | | | | | | Test suite now passes with -threaded! I traced back all the hangs with -threaded to System.Cmd.Utils. It seems it's just crappy/unsafe/outdated, and should not be used. System.Process seems to be the cool new thing, so converted all the code to use it instead. In the process, --debug stopped printing commands it runs. I may try to bring that back later. Note that even SafeSystem was switched to use System.Process. Since that was a modified version of code from System.Cmd.Utils, it needed to be converted too. I also got rid of nearly all calls to forkProcess, and all calls to executeFile, which I'm also doubtful about working well with -threaded.
* avoid ByteString.Char8 where not neededGravatar Joey Hess2012-06-20
| | | | | Its truncation behavior is a red flag, so avoid using it in these places where only raw ByteStrings are used, without looking at the data inside.
* Added shared cipher mode to encryptable special remotes.Gravatar Joey Hess2012-04-29
| | | | | | This option avoids gpg key distribution, at the expense of flexability, and with the requirement that all clones of the git repository be equally trusted.
* don't use GPG_AGENT_INFO to force batch mode in test suiteGravatar Joey Hess2012-01-09
| | | | | | | | Fails with gpg 2. Instead, use a different environment variable. The clean fix would instead be to add an annex.gpg-options configuration. But, that would be rather a lot of work and it's unlikely it would be useful for much else.
* Fix overbroad gpg --no-tty fix from last release.Gravatar Joey Hess2012-01-07
| | | | | | | Only set --no-tty when GPG_AGENT_INFO is set and batch mode is used. In the test suite, set GPG_AGENT_INFO to /dev/null to avoid the test suite relying on /dev/tty.
* Run gpg with --no-tty. Closes: #654721Gravatar Joey Hess2012-01-05
|
* test encrypted special remoteGravatar Joey Hess2011-12-20
| | | | | This involved adding a test harness to run gpg with a dummy key, and lots of fun.
* split out Utility.Gpg with the generic gpg interface, from CryptoGravatar Joey Hess2011-12-20
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-04 22:59:14 +0000