Andrew Engelbrecht [Fri, 28 Aug 2015 19:52:05 +0000 (15:52 -0400)]
updated link to previous version of edward
Andrew Engelbrecht [Sun, 16 Aug 2015 04:43:38 +0000 (00:43 -0400)]
mild refactoring
Andrew Engelbrecht [Sun, 16 Aug 2015 04:34:53 +0000 (00:34 -0400)]
check to see if a reply encryption key can encrypt
sometimes keys are revoked or expire. if so, they should not be
encrypted to. edward now checks to make sure a key is good before
encrypting a reply with it. if only bad keys are available, edward
complains. however the complaint edward makes is that he does not have
the user's public key. this is because there is currently no translation
set for a more accurate message.
some other refactoring has been performed as well.
Andrew Engelbrecht [Wed, 12 Aug 2015 16:50:20 +0000 (12:50 -0400)]
search for pub keys in inline signatures
these ascii-armored signature blocks are obfuscated until they are
decoded. they may contain public keys, so edward now looks inside.
Andrew Engelbrecht [Wed, 12 Aug 2015 16:49:44 +0000 (12:49 -0400)]
some whitespace changes
Andrew Engelbrecht [Wed, 12 Aug 2015 16:48:53 +0000 (12:48 -0400)]
don't complain about lack of encryption
unless the message has no signature, pub key or encryption.
Andrew Engelbrecht [Wed, 12 Aug 2015 16:09:31 +0000 (12:09 -0400)]
split up reply strings for finer control
now edward can say hello without saying that decryption was successful.
he can also say that decryption was successful without saying he will
quote the reply.
Andrew Engelbrecht [Wed, 12 Aug 2015 15:49:37 +0000 (11:49 -0400)]
don't track the en.pyc file or any .pyc file
Andrew Engelbrecht [Wed, 12 Aug 2015 03:51:41 +0000 (23:51 -0400)]
process email using byte strings
using byte strings when feeding the email into the parser helps avoid
crashes due to non-utf-8 characters placed prior to any mime part, etc.
Andrew Engelbrecht [Tue, 11 Aug 2015 20:40:44 +0000 (16:40 -0400)]
don't complain about missing signatures
the emailselfdefence guide asks users to encrypt messages without a
signature first. it would be confusing to get a message about a missing
signature before a user knows what a signature is.
Andrew Engelbrecht [Tue, 11 Aug 2015 13:41:39 +0000 (09:41 -0400)]
handle encrypted/signed i18l msgs w/o mime headers
edward was chrashing when given encrypted or signed international input
without internal mime headers. edward now defaults to utf-8 if the
character set is not specified in a mime header.
Andrew Engelbrecht [Tue, 11 Aug 2015 13:32:40 +0000 (09:32 -0400)]
added more debug output
about the contents of the reply message
Andrew Engelbrecht [Mon, 10 Aug 2015 16:15:32 +0000 (12:15 -0400)]
renamed example config file
Andrew Engelbrecht [Mon, 10 Aug 2015 00:49:11 +0000 (20:49 -0400)]
added detached signature verification test case
Andrew Engelbrecht [Sun, 9 Aug 2015 21:41:31 +0000 (17:41 -0400)]
added spanish and italian translations
these were in the old edward install, in /home/e/edward
Andrew Engelbrecht [Sun, 9 Aug 2015 21:32:36 +0000 (17:32 -0400)]
changed message generation logic; some refactoring
now edward remains silent about not receiving a public key, unless we
are not given a key and need one for verifying a signature. some
refactoring was required.
edward now complains to the user about lack of of encryption and
signatures in received emails.
i also changed the handling of newlines in email responses.
Andrew Engelbrecht [Fri, 7 Aug 2015 17:46:35 +0000 (13:46 -0400)]
improved key loading and email response code
Andrew Engelbrecht [Wed, 5 Aug 2015 01:45:40 +0000 (21:45 -0400)]
git ignore addition
Andrew Engelbrecht [Wed, 5 Aug 2015 01:44:12 +0000 (21:44 -0400)]
rename the default configuration file
so that it does not conflict with the local modified version of the
default config file.
Andrew Engelbrecht [Tue, 4 Aug 2015 22:28:39 +0000 (18:28 -0400)]
added valid detached signature test
Andrew Engelbrecht [Tue, 4 Aug 2015 21:52:38 +0000 (17:52 -0400)]
always complain about missing signature
Andrew Engelbrecht [Tue, 4 Aug 2015 21:44:49 +0000 (17:44 -0400)]
fixed test case output
the key used to sign this text is not in the git repo's gpg key store,
so the signature cannot be verified unless it is first imported.
Andrew Engelbrecht [Tue, 4 Aug 2015 21:41:33 +0000 (17:41 -0400)]
only quote message if there is a valid signature
there still needs to be work to ensure that the encryption target key is
the same as the one that was used in the first block of encrypted and
verifiably signed text.
Andrew Engelbrecht [Tue, 4 Aug 2015 21:40:49 +0000 (17:40 -0400)]
check for other types of success
sig.summary == 0 appears to be a type of signature success.
Andrew Engelbrecht [Tue, 4 Aug 2015 20:57:10 +0000 (16:57 -0400)]
check for signature validity
knowing the fingerprint that was allegedly used to sign a message is not
sufficent for validating messages.
Andrew Engelbrecht [Tue, 4 Aug 2015 18:28:49 +0000 (14:28 -0400)]
fix test cases
the input messages have good signatures, so the reply must mention the
successful signature verification.
Andrew Engelbrecht [Tue, 4 Aug 2015 18:24:26 +0000 (14:24 -0400)]
count sig/encryption block combos as signatures
Andrew Engelbrecht [Mon, 3 Aug 2015 21:19:42 +0000 (17:19 -0400)]
remove note; pubkeys in encrypted text are useable
if a new, unimported pubkey is contained in an ecrypted and signed block
of text, then that key can be used for the reply, as desired.
Andrew Engelbrecht [Mon, 3 Aug 2015 21:16:23 +0000 (17:16 -0400)]
simplify mime creation; set payload charset
Andrew Engelbrecht [Mon, 3 Aug 2015 20:12:44 +0000 (16:12 -0400)]
added international test with plaintext reply
Andrew Engelbrecht [Mon, 3 Aug 2015 19:43:18 +0000 (15:43 -0400)]
change name of test type
to avoid name collisions between tests
Andrew Engelbrecht [Mon, 3 Aug 2015 19:42:13 +0000 (15:42 -0400)]
add a newline at the end of replies
Andrew Engelbrecht [Mon, 3 Aug 2015 19:40:06 +0000 (15:40 -0400)]
don't sign unencrypted replies
writing code that creates detached mime signatures in a way that
enigmail will accept as valid is proving to be quite difficult. (i only
got it to work for mutt.) if i find a way to make messages validate i
will add that feature back into the program.
Andrew Engelbrecht [Tue, 28 Jul 2015 23:04:22 +0000 (19:04 -0400)]
can now email replies; "-p" prints repies instead
edward now uses sendmail to send email replies to messages piped in
through stdin (one at a time). the "-p" option causes edward to print
replies to stdout instead of emailing them.
Andrew Engelbrecht [Tue, 28 Jul 2015 20:39:17 +0000 (16:39 -0400)]
choose reply from address; fix language selection
Andrew Engelbrecht [Tue, 28 Jul 2015 19:24:32 +0000 (15:24 -0400)]
variable name changes
Andrew Engelbrecht [Tue, 28 Jul 2015 18:39:49 +0000 (14:39 -0400)]
prettier code re-arrangement
Andrew Engelbrecht [Tue, 28 Jul 2015 18:38:57 +0000 (14:38 -0400)]
use enums instead of strings for message type ids
Andrew Engelbrecht [Tue, 28 Jul 2015 16:46:34 +0000 (12:46 -0400)]
clarified some code
Andrew Engelbrecht [Tue, 28 Jul 2015 16:24:36 +0000 (12:24 -0400)]
fix test case result
Andrew Engelbrecht [Mon, 27 Jul 2015 22:01:51 +0000 (18:01 -0400)]
prefer pub key as a fallback key for encryption
Andrew Engelbrecht [Mon, 27 Jul 2015 21:57:13 +0000 (17:57 -0400)]
issue mentioned in comment does not require a fix
Andrew Engelbrecht [Mon, 27 Jul 2015 21:55:16 +0000 (17:55 -0400)]
don't crash with bad gpg key imports
Andrew Engelbrecht [Mon, 27 Jul 2015 21:52:55 +0000 (17:52 -0400)]
catch semi-specific errors only.
Andrew Engelbrecht [Mon, 27 Jul 2015 21:50:55 +0000 (17:50 -0400)]
don't crash when given a corrupted detached sig
Andrew Engelbrecht [Mon, 27 Jul 2015 21:46:41 +0000 (17:46 -0400)]
use the un-decoded mime part in sig verificaion
this is closer to how the OpenPGP MIME spec says it should be done.
Andrew Engelbrecht [Mon, 27 Jul 2015 20:48:04 +0000 (16:48 -0400)]
Removed clearsigning verification
Clearsigning is difficult to verify for all encodings and is not a part
of RFC 3156. Inclusion in this program would encourage its use and lead
users into issues down the road when interacting with other people using
clients that do not support this out of spec feature.
Enigmail uses PGP/MIME by default so users should have an easy time not
creating clearsigned text in their messages unless they decide to paste
clearsigned text straight into a message.
Because the email self-defence guide guides the user through the steps
of installing and setting up enigmail, I am not concerned about leaving
out this feature.
Andrew Engelbrecht [Mon, 27 Jul 2015 20:34:07 +0000 (16:34 -0400)]
changed variable name
clarified the name of the reply email generator's "To:" email address
variable
Andrew Engelbrecht [Mon, 27 Jul 2015 16:49:28 +0000 (12:49 -0400)]
pick out encryption keys from nested signed text
if signed text is then encrypted as a separate step, use the signing key
as the target for encrypting the reply.
Andrew Engelbrecht [Fri, 24 Jul 2015 23:23:33 +0000 (19:23 -0400)]
sign reply message even if not encrypting.
Andrew Engelbrecht [Fri, 24 Jul 2015 23:06:53 +0000 (19:06 -0400)]
whitespace change
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:49 +0000 (19:05 -0400)]
more documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:16 +0000 (19:05 -0400)]
removed unused function
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:17 +0000 (17:54 -0400)]
added note about a needed code fix
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:04 +0000 (17:54 -0400)]
more function documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 21:25:48 +0000 (17:25 -0400)]
removed comment
it's no longer relevant
Andrew Engelbrecht [Fri, 24 Jul 2015 21:14:52 +0000 (17:14 -0400)]
fixed bug, removed stale code
piece_type is set to "signature", not "message" if it is an armored
signature.
we shouldn't include plaintext unless we don't need further nested
signatures.
Andrew Engelbrecht [Fri, 24 Jul 2015 20:49:22 +0000 (16:49 -0400)]
more functions documented
Andrew Engelbrecht [Fri, 24 Jul 2015 18:41:22 +0000 (14:41 -0400)]
don't use doxygen quite yet.
removed the Doxyfile
Andrew Engelbrecht [Thu, 23 Jul 2015 20:22:21 +0000 (16:22 -0400)]
added Doxyfile for doxygen comment parsing
Andrew Engelbrecht [Fri, 24 Jul 2015 18:36:43 +0000 (14:36 -0400)]
Added more documentation
using python doc strings
Andrew Engelbrecht [Fri, 24 Jul 2015 00:34:03 +0000 (20:34 -0400)]
only run main() if not in interactive mode
Andrew Engelbrecht [Fri, 24 Jul 2015 00:28:29 +0000 (20:28 -0400)]
change classes format
this way, attribute names are shown by python3's help() function
Andrew Engelbrecht [Fri, 24 Jul 2015 00:24:32 +0000 (20:24 -0400)]
added comments to the classes and main()
Andrew Engelbrecht [Thu, 23 Jul 2015 20:08:16 +0000 (16:08 -0400)]
fixed a comment
Andrew Engelbrecht [Thu, 23 Jul 2015 18:34:11 +0000 (14:34 -0400)]
don't use the 'an' language
it currently has no translations, so we should default to english.
Andrew Engelbrecht [Thu, 23 Jul 2015 17:56:48 +0000 (13:56 -0400)]
don't check message block for encryption status
if it was only an armored signature, then it had its piece_type field
changed and this code would not be reached in that case.
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:52 +0000 (13:42 -0400)]
modified .gitignore
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:06 +0000 (13:42 -0400)]
updated expected test results; added more tests
Andrew Engelbrecht [Thu, 23 Jul 2015 16:47:08 +0000 (12:47 -0400)]
check unencrypted message blocks for signatures
some message blocks aren't encrypted.
Andrew Engelbrecht [Thu, 23 Jul 2015 16:21:57 +0000 (12:21 -0400)]
fixed some simple bugs
Andrew Engelbrecht [Thu, 23 Jul 2015 16:11:37 +0000 (12:11 -0400)]
the referenced issue is resolved
there is pubkey loading error handling in the get_key_from_fp function.
Andrew Engelbrecht [Thu, 23 Jul 2015 16:06:08 +0000 (12:06 -0400)]
split up prepare_for_reply_pieces
also made changes to the way message blocks are handled.
Andrew Engelbrecht [Thu, 23 Jul 2015 16:04:38 +0000 (12:04 -0400)]
updated the message flattener
it no longer prints nested layers of decrypted text.
Andrew Engelbrecht [Thu, 23 Jul 2015 15:32:54 +0000 (11:32 -0400)]
check to see if we have keys before adding them
Andrew Engelbrecht [Thu, 23 Jul 2015 15:31:33 +0000 (11:31 -0400)]
add pubkey as a fallback key
Andrew Engelbrecht [Thu, 23 Jul 2015 15:29:05 +0000 (11:29 -0400)]
a signature key should be set as a fallback key
Andrew Engelbrecht [Wed, 22 Jul 2015 23:44:17 +0000 (19:44 -0400)]
generate the encrypted mime reply
we can finally use this function again! : )
Andrew Engelbrecht [Wed, 22 Jul 2015 23:43:35 +0000 (19:43 -0400)]
only quote the message if we are going to encrypt.
Andrew Engelbrecht [Wed, 22 Jul 2015 23:42:28 +0000 (19:42 -0400)]
this belongs over here
partly because the function it was in was recursive.
Andrew Engelbrecht [Wed, 22 Jul 2015 23:38:58 +0000 (19:38 -0400)]
added a function which tries to load the pub key
Andrew Engelbrecht [Wed, 22 Jul 2015 21:39:19 +0000 (17:39 -0400)]
this will be useful later
for knowing how which nested layers of decrytion to reply with.
Andrew Engelbrecht [Wed, 22 Jul 2015 21:38:32 +0000 (17:38 -0400)]
pick out public key fingerpints from the message
this will be the key that the reply is encrypted to, if one is
available.
Andrew Engelbrecht [Wed, 22 Jul 2015 21:18:39 +0000 (17:18 -0400)]
whitespace changes
Andrew Engelbrecht [Wed, 22 Jul 2015 21:17:41 +0000 (17:17 -0400)]
return fingerprints not sig objects
Andrew Engelbrecht [Wed, 22 Jul 2015 19:59:34 +0000 (15:59 -0400)]
add signed txt, etc. if it's in an encrypted block
later there will need to be fingerprint checking to make sure that
edward can't become a decryption service for edward traffic observers.
Andrew Engelbrecht [Wed, 22 Jul 2015 19:49:37 +0000 (15:49 -0400)]
renamed variable for clarity
eddy_obj -> eddymsg_obj
Andrew Engelbrecht [Wed, 22 Jul 2015 19:47:20 +0000 (15:47 -0400)]
removed %s from end of string
it's unneeded by this version of edward.
Andrew Engelbrecht [Wed, 22 Jul 2015 19:44:02 +0000 (15:44 -0400)]
added basic mutli-language reply generation
Andrew Engelbrecht [Wed, 22 Jul 2015 19:42:03 +0000 (15:42 -0400)]
fixed detached signature verification
the indentation was wrong.
Andrew Engelbrecht [Wed, 22 Jul 2015 16:32:39 +0000 (12:32 -0400)]
some variable name changes
... to be more specific
Andrew Engelbrecht [Wed, 22 Jul 2015 16:29:02 +0000 (12:29 -0400)]
added detached sig verification
woohoo!!
Andrew Engelbrecht [Wed, 22 Jul 2015 15:50:38 +0000 (11:50 -0400)]
don't process 'None' EddyMsg objects
it would only mask bugs elsewhere in the code.
Andrew Engelbrecht [Wed, 22 Jul 2015 15:49:56 +0000 (11:49 -0400)]
don't pass back the object pointer
because it is unchanged.
Andrew Engelbrecht [Wed, 22 Jul 2015 14:02:30 +0000 (10:02 -0400)]
fixed bug
which occurred when the parsed email did not have a "To: " field.
Andrew Engelbrecht [Wed, 22 Jul 2015 13:59:55 +0000 (09:59 -0400)]
language support requires the translation files
this commit adds them.
Andrew Engelbrecht [Wed, 22 Jul 2015 01:19:03 +0000 (21:19 -0400)]
added the beginnings of language support
Andrew Engelbrecht [Wed, 22 Jul 2015 00:27:08 +0000 (20:27 -0400)]
moved function
Andrew Engelbrecht [Wed, 22 Jul 2015 00:26:22 +0000 (20:26 -0400)]
renamed function
Andrew Engelbrecht [Tue, 21 Jul 2015 23:53:03 +0000 (19:53 -0400)]
move this here