Hi all, the attached patch fixes some issues with gpg/gpgsm encryption, and tries to improve encryption in general. It also adds some other, small improvements. Note that this patch includes the one I submitted a week ago (subject “[PATCH] plug mem leak, simplifications”). (1) Bug Fixes - Due to an (undocumented) change in gpgme, S/MIME signing fails with error “not implemented” if the context is created with a passphrase callback, so never set one in this case. - Fix several mem leaks in encryption. - Do not use a forced GnuPG key ID for S/MIME (see improvements, below) (2) Crypto-related Improvements - The user identity has a field for forcing the key id used when signing GnuPG messages. Using it for S/MIME is plain wrong, though (see Bugs above), so add an extra field for forcing a S/MIME certificate. As to simplify life for the user, add buttons to display the usual key list dialogue from which the user can choose. - Simplify the key list dialogue by showing the User ID only. When the user double-clicks an entry, open a new dialogue with the full key details. - Although exchanging GnuPG keys using a key server or (since the latest gpg versions) WKS is preferred, there are situations where keys shall not be published (e.g. as to not disclose an employment of a person). For this situation, add a send message option to attach the sender's public key. - On the receiving side, import application/pgp-keys parts into a temporary gpg context, and display the keys with buttons for importing them into the main key ring. - Add subkey details (bits, type, ECC curve if applicable) to the key widget. - Make sure S/MIME signed messages always include the signer's signature (note that it does not make sense to include the whole certificate chain, as the root cert should /always/ be imported from a trustworthy source). - RFC3156, sect. 3 requires a message to be 7-bit clean. Thus, QP-encoding pure 7-bit parts is superfluous. (3) Misc Stuff - Simplify deleting a folder recursively and creating a temp folder by exclusively using glib functions (re-sent from last week's patch). - Check BALSA_DIALOG_HEADERBAR for information dialogues. As always, any feedback would be highly appreciated! Cheers, Albrecht. --- File details: - libbalsa/gmime-multipart-crypt.c: do not qp-encode 7-bit parts for encryption - libbalsa/identity.[ch]: implement separate forced signing key id's for gpg and s/mime including selection from the key list; clarify option text - libbalsa/libbalsa-gpgme-cb.c: simplify key list, show key details on double-click - libbalsa/libbalsa-gpgme-keys.[ch]: add functions for exporting and importing ascii-armoured keys; re-factor import result evaluation - libbalsa/libbalsa-gpgme-widgets.c: extend subkey details - libbalsa/libbalsa-gpgme.[ch]: fix context creation for s/mime; add helpers for configuring the gpgme context's home folder, for exporting a key to ASCII and for identifying the proper key id of a secret key; fix confusing comment - libbalsa/message.[ch]: use a reference to the sending identity instead of copying the key id - libbalsa/misc.c: re-factor deleting a folder and creating a temp folder (re-sent from last week's patch) - libbalsa/rfc3156.c: fix mem leak when encrypting a message (re-sent from last week's patch) - libbalsa/send.c: add helper for creating a gpg public key attachment and attach the key on request; fix mem leak in encryption - libbalsa/smtp-server.c: remove misleading/confusing comment (re-sent from last week's patch) - src/balsa-mime-widget-crypto.[ch]: implement display of application/pgp-keys parts and the import of the keys within them - src/balsa-mime-widget.c: call handler for application/pgp-keys parts - src/information-dialog.c: add missing dialogue flags - src/sendmsg-window.[ch], ui/sendmsg-window.ui: add user interface for attaching the GnuPG public key
Attachment:
gpg-improvements.diff.bz2
Description: application/bzip
Attachment:
pgpD76ziRDPyH.pgp
Description: PGP signature