Hi all,

the attached patch fixes some issues with gpg/gpgsm encryption, and tries to 
improve encryption in general.  It also adds some other, small improvements.  
Note that this patch includes the one I submitted a week ago (subject “[PATCH] 
plug mem leak, simplifications”).

(1) Bug Fixes
- Due to an (undocumented) change in gpgme, S/MIME signing fails with error 
“not implemented” if the context is created with a passphrase callback, so 
never set one in this case.
- Fix several mem leaks in encryption.
- Do not use a forced GnuPG key ID for S/MIME (see improvements, below)

(2) Crypto-related Improvements
- The user identity has a field for forcing the key id used when signing GnuPG 
messages.  Using it for S/MIME is plain wrong, though (see Bugs above), so add 
an extra field for forcing a S/MIME certificate.  As to simplify life for the 
user, add buttons to display the usual key list dialogue from which the user 
can choose.
- Simplify the key list dialogue by showing the User ID only.  When the user 
double-clicks an entry, open a new dialogue with the full key details.
- Although exchanging GnuPG keys using a key server or (since the latest gpg 
versions) WKS is preferred, there are situations where keys shall not be 
published (e.g. as to not disclose an employment of a person).  For this 
situation, add a send message option to attach the sender's public key.
- On the receiving side, import application/pgp-keys parts into a temporary gpg 
context, and display the keys with buttons for importing them into the main key 
- Add subkey details (bits, type, ECC curve if applicable) to the key widget.
- Make sure S/MIME signed messages always include the signer's signature (note 
that it does not make sense to include the whole certificate chain, as the root 
cert should /always/ be imported from a trustworthy source).
- RFC3156, sect. 3 requires a message to be 7-bit clean.  Thus, QP-encoding 
pure 7-bit parts is superfluous.

(3) Misc Stuff
- Simplify deleting a folder recursively and creating a temp folder by 
exclusively using glib functions (re-sent from last week's patch).
- Check BALSA_DIALOG_HEADERBAR for information dialogues.

As always, any feedback would be highly appreciated!


File details:
- libbalsa/gmime-multipart-crypt.c: do not qp-encode 7-bit parts for encryption
- libbalsa/identity.[ch]: implement separate forced signing key id's for gpg 
and s/mime including selection from the key list; clarify option text
- libbalsa/libbalsa-gpgme-cb.c: simplify key list, show key details on 
- libbalsa/libbalsa-gpgme-keys.[ch]: add functions for exporting and importing 
ascii-armoured keys; re-factor import result evaluation
- libbalsa/libbalsa-gpgme-widgets.c: extend subkey details
- libbalsa/libbalsa-gpgme.[ch]: fix context creation for s/mime; add helpers 
for configuring the gpgme context's home folder, for exporting a key to ASCII 
and for identifying the proper key id of a secret key; fix confusing comment
- libbalsa/message.[ch]: use a reference to the sending identity instead of 
copying the key id
- libbalsa/misc.c: re-factor deleting a folder and creating a temp folder 
(re-sent from last week's patch)
- libbalsa/rfc3156.c: fix mem leak when encrypting a message (re-sent from last 
week's patch)
- libbalsa/send.c: add helper for creating a gpg public key attachment and 
attach the key on request; fix mem leak in encryption
- libbalsa/smtp-server.c: remove misleading/confusing comment (re-sent from 
last week's patch)
- src/balsa-mime-widget-crypto.[ch]: implement display of application/pgp-keys 
parts and the import of the keys within them
- src/balsa-mime-widget.c: call handler for application/pgp-keys parts
- src/information-dialog.c: add missing dialogue flags
- src/sendmsg-window.[ch], ui/sendmsg-window.ui: add user interface for 
attaching the GnuPG public key

Attachment: gpg-improvements.diff.bz2
Description: application/bzip

Attachment: pgp1TTeGLJAeB.pgp
Description: PGP signature

balsa-list mailing list

Reply via email to