edward.git
8 years agoadded README file
Andrew Engelbrecht [Thu, 8 Oct 2015 20:20:29 +0000 (16:20 -0400)]
added README file

8 years agoadded procmailrc.example and edward-wrapper
Andrew Engelbrecht [Thu, 8 Oct 2015 20:19:45 +0000 (16:19 -0400)]
added procmailrc.example and edward-wrapper

this is useful for creating an automated setup with a .procmailrc file
in one's home directory.

8 years agoadded translation template
Andrew Engelbrecht [Thu, 8 Oct 2015 20:04:38 +0000 (16:04 -0400)]
added translation template

8 years agoupdated license info
Andrew Engelbrecht [Thu, 8 Oct 2015 20:01:41 +0000 (16:01 -0400)]
updated license info

corrected a link

8 years agoverify sigs. in emails with nested multipart mime
Andrew Engelbrecht [Thu, 8 Oct 2015 00:10:23 +0000 (20:10 -0400)]
verify sigs. in emails with nested multipart mime

sometimes a multipart mime message is part of another multipart mime
message which contains a signature of one of its subparts.

8 years agoextend testing of pubkey encryption capability
Andrew Engelbrecht [Tue, 22 Sep 2015 12:42:44 +0000 (08:42 -0400)]
extend testing of pubkey encryption capability

test whether it is expired, invalid, disabled, etc.

8 years agocheck keys for revocation status
Andrew Engelbrecht [Tue, 22 Sep 2015 12:17:27 +0000 (08:17 -0400)]
check keys for revocation status

don't use them as encryption targets if they are revoked.

8 years agoupdated link to previous version of edward
Andrew Engelbrecht [Fri, 28 Aug 2015 19:52:05 +0000 (15:52 -0400)]
updated link to previous version of edward

8 years agomild refactoring
Andrew Engelbrecht [Sun, 16 Aug 2015 04:43:38 +0000 (00:43 -0400)]
mild refactoring

8 years agocheck to see if a reply encryption key can encrypt
Andrew Engelbrecht [Sun, 16 Aug 2015 04:34:53 +0000 (00:34 -0400)]
check to see if a reply encryption key can encrypt

sometimes keys are revoked or expire. if so, they should not be
encrypted to. edward now checks to make sure a key is good before
encrypting a reply with it. if only bad keys are available, edward
complains. however the complaint edward makes is that he does not have
the user's public key. this is because there is currently no translation
set for a more accurate message.

some other refactoring has been performed as well.

8 years agosearch for pub keys in inline signatures
Andrew Engelbrecht [Wed, 12 Aug 2015 16:50:20 +0000 (12:50 -0400)]
search for pub keys in inline signatures

these ascii-armored signature blocks are obfuscated until they are
decoded. they may contain public keys, so edward now looks inside.

8 years agosome whitespace changes
Andrew Engelbrecht [Wed, 12 Aug 2015 16:49:44 +0000 (12:49 -0400)]
some whitespace changes

8 years agodon't complain about lack of encryption
Andrew Engelbrecht [Wed, 12 Aug 2015 16:48:53 +0000 (12:48 -0400)]
don't complain about lack of encryption

unless the message has no signature, pub key or encryption.

8 years agosplit up reply strings for finer control
Andrew Engelbrecht [Wed, 12 Aug 2015 16:09:31 +0000 (12:09 -0400)]
split up reply strings for finer control

now edward can say hello without saying that decryption was successful.
he can also say that decryption was successful without saying he will
quote the reply.

8 years agodon't track the en.pyc file or any .pyc file
Andrew Engelbrecht [Wed, 12 Aug 2015 15:49:37 +0000 (11:49 -0400)]
don't track the en.pyc file or any .pyc file

8 years agoprocess email using byte strings
Andrew Engelbrecht [Wed, 12 Aug 2015 03:51:41 +0000 (23:51 -0400)]
process email using byte strings

using byte strings when feeding the email into the parser helps avoid
crashes due to non-utf-8 characters placed prior to any mime part, etc.

8 years agodon't complain about missing signatures
Andrew Engelbrecht [Tue, 11 Aug 2015 20:40:44 +0000 (16:40 -0400)]
don't complain about missing signatures

the emailselfdefence guide asks users to encrypt messages without a
signature first. it would be confusing to get a message about a missing
signature before a user knows what a signature is.

8 years agohandle encrypted/signed i18l msgs w/o mime headers
Andrew Engelbrecht [Tue, 11 Aug 2015 13:41:39 +0000 (09:41 -0400)]
handle encrypted/signed i18l msgs w/o mime headers

edward was chrashing when given encrypted or signed international input
without internal mime headers. edward now defaults to utf-8 if the
character set is not specified in a mime header.

8 years agoadded more debug output
Andrew Engelbrecht [Tue, 11 Aug 2015 13:32:40 +0000 (09:32 -0400)]
added more debug output

about the contents of the reply message

8 years agorenamed example config file
Andrew Engelbrecht [Mon, 10 Aug 2015 16:15:32 +0000 (12:15 -0400)]
renamed example config file

8 years agoadded detached signature verification test case
Andrew Engelbrecht [Mon, 10 Aug 2015 00:49:11 +0000 (20:49 -0400)]
added detached signature verification test case

8 years agoadded spanish and italian translations
Andrew Engelbrecht [Sun, 9 Aug 2015 21:41:31 +0000 (17:41 -0400)]
added spanish and italian translations

these were in the old edward install, in /home/e/edward

8 years agochanged message generation logic; some refactoring
Andrew Engelbrecht [Sun, 9 Aug 2015 21:32:36 +0000 (17:32 -0400)]
changed message generation logic; some refactoring

now edward remains silent about not receiving a public key, unless we
are not given a key and need one for verifying a signature. some
refactoring was required.

edward now complains to the user about lack of of encryption and
signatures in received emails.

i also changed the handling of newlines in email responses.

8 years agoimproved key loading and email response code
Andrew Engelbrecht [Fri, 7 Aug 2015 17:46:35 +0000 (13:46 -0400)]
improved key loading and email response code

8 years agogit ignore addition
Andrew Engelbrecht [Wed, 5 Aug 2015 01:45:40 +0000 (21:45 -0400)]
git ignore addition

8 years agorename the default configuration file
Andrew Engelbrecht [Wed, 5 Aug 2015 01:44:12 +0000 (21:44 -0400)]
rename the default configuration file

so that it does not conflict with the local modified version of the
default config file.

8 years agoadded valid detached signature test
Andrew Engelbrecht [Tue, 4 Aug 2015 22:28:39 +0000 (18:28 -0400)]
added valid detached signature test

8 years agoalways complain about missing signature
Andrew Engelbrecht [Tue, 4 Aug 2015 21:52:38 +0000 (17:52 -0400)]
always complain about missing signature

8 years agofixed test case output
Andrew Engelbrecht [Tue, 4 Aug 2015 21:44:49 +0000 (17:44 -0400)]
fixed test case output

the key used to sign this text is not in the git repo's gpg key store,
so the signature cannot be verified unless it is first imported.

8 years agoonly quote message if there is a valid signature
Andrew Engelbrecht [Tue, 4 Aug 2015 21:41:33 +0000 (17:41 -0400)]
only quote message if there is a valid signature

there still needs to be work to ensure that the encryption target key is
the same as the one that was used in the first block of encrypted and
verifiably signed text.

8 years agocheck for other types of success
Andrew Engelbrecht [Tue, 4 Aug 2015 21:40:49 +0000 (17:40 -0400)]
check for other types of success

sig.summary == 0 appears to be a type of signature success.

8 years agocheck for signature validity
Andrew Engelbrecht [Tue, 4 Aug 2015 20:57:10 +0000 (16:57 -0400)]
check for signature validity

knowing the fingerprint that was allegedly used to sign a message is not
sufficent for validating messages.

8 years agofix test cases
Andrew Engelbrecht [Tue, 4 Aug 2015 18:28:49 +0000 (14:28 -0400)]
fix test cases

the input messages have good signatures, so the reply must mention the
successful signature verification.

8 years agocount sig/encryption block combos as signatures
Andrew Engelbrecht [Tue, 4 Aug 2015 18:24:26 +0000 (14:24 -0400)]
count sig/encryption block combos as signatures

8 years agoremove note; pubkeys in encrypted text are useable
Andrew Engelbrecht [Mon, 3 Aug 2015 21:19:42 +0000 (17:19 -0400)]
remove note; pubkeys in encrypted text are useable

if a new, unimported pubkey is contained in an ecrypted and signed block
of text, then that key can be used for the reply, as desired.

8 years agosimplify mime creation; set payload charset
Andrew Engelbrecht [Mon, 3 Aug 2015 21:16:23 +0000 (17:16 -0400)]
simplify mime creation; set payload charset

8 years agoadded international test with plaintext reply
Andrew Engelbrecht [Mon, 3 Aug 2015 20:12:44 +0000 (16:12 -0400)]
added international test with plaintext reply

8 years agochange name of test type
Andrew Engelbrecht [Mon, 3 Aug 2015 19:43:18 +0000 (15:43 -0400)]
change name of test type

to avoid name collisions between tests

8 years agoadd a newline at the end of replies
Andrew Engelbrecht [Mon, 3 Aug 2015 19:42:13 +0000 (15:42 -0400)]
add a newline at the end of replies

8 years agodon't sign unencrypted replies
Andrew Engelbrecht [Mon, 3 Aug 2015 19:40:06 +0000 (15:40 -0400)]
don't sign unencrypted replies

writing code that creates detached mime signatures in a way that
enigmail will accept as valid is proving to be quite difficult. (i only
got it to work for mutt.) if i find a way to make messages validate i
will add that feature back into the program.

8 years agocan now email replies; "-p" prints repies instead
Andrew Engelbrecht [Tue, 28 Jul 2015 23:04:22 +0000 (19:04 -0400)]
can now email replies; "-p" prints repies instead

edward now uses sendmail to send email replies to messages piped in
through stdin (one at a time). the "-p" option causes edward to print
replies to stdout instead of emailing them.

8 years agochoose reply from address; fix language selection
Andrew Engelbrecht [Tue, 28 Jul 2015 20:39:17 +0000 (16:39 -0400)]
choose reply from address; fix language selection

8 years agovariable name changes
Andrew Engelbrecht [Tue, 28 Jul 2015 19:24:32 +0000 (15:24 -0400)]
variable name changes

8 years agoprettier code re-arrangement
Andrew Engelbrecht [Tue, 28 Jul 2015 18:39:49 +0000 (14:39 -0400)]
prettier code re-arrangement

8 years agouse enums instead of strings for message type ids
Andrew Engelbrecht [Tue, 28 Jul 2015 18:38:57 +0000 (14:38 -0400)]
use enums instead of strings for message type ids

8 years agoclarified some code
Andrew Engelbrecht [Tue, 28 Jul 2015 16:46:34 +0000 (12:46 -0400)]
clarified some code

8 years agofix test case result
Andrew Engelbrecht [Tue, 28 Jul 2015 16:24:36 +0000 (12:24 -0400)]
fix test case result

8 years agoprefer pub key as a fallback key for encryption
Andrew Engelbrecht [Mon, 27 Jul 2015 22:01:51 +0000 (18:01 -0400)]
prefer pub key as a fallback key for encryption

8 years agoissue mentioned in comment does not require a fix
Andrew Engelbrecht [Mon, 27 Jul 2015 21:57:13 +0000 (17:57 -0400)]
issue mentioned in comment does not require a fix

8 years agodon't crash with bad gpg key imports
Andrew Engelbrecht [Mon, 27 Jul 2015 21:55:16 +0000 (17:55 -0400)]
don't crash with bad gpg key imports

8 years agocatch semi-specific errors only.
Andrew Engelbrecht [Mon, 27 Jul 2015 21:52:55 +0000 (17:52 -0400)]
catch semi-specific errors only.

8 years agodon't crash when given a corrupted detached sig
Andrew Engelbrecht [Mon, 27 Jul 2015 21:50:55 +0000 (17:50 -0400)]
don't crash when given a corrupted detached sig

8 years agouse the un-decoded mime part in sig verificaion
Andrew Engelbrecht [Mon, 27 Jul 2015 21:46:41 +0000 (17:46 -0400)]
use the un-decoded mime part in sig verificaion

this is closer to how the OpenPGP MIME spec says it should be done.

8 years agoRemoved clearsigning verification
Andrew Engelbrecht [Mon, 27 Jul 2015 20:48:04 +0000 (16:48 -0400)]
Removed clearsigning verification

Clearsigning is difficult to verify for all encodings and is not a part
of RFC 3156. Inclusion in this program would encourage its use and lead
users into issues down the road when interacting with other people using
clients that do not support this out of spec feature.

Enigmail uses PGP/MIME by default so users should have an easy time not
creating clearsigned text in their messages unless they decide to paste
clearsigned text straight into a message.

Because the email self-defence guide guides the user through the steps
of installing and setting up enigmail, I am not concerned about leaving
out this feature.

8 years agochanged variable name
Andrew Engelbrecht [Mon, 27 Jul 2015 20:34:07 +0000 (16:34 -0400)]
changed variable name

clarified the name of the reply email generator's "To:" email address
variable

8 years agopick out encryption keys from nested signed text
Andrew Engelbrecht [Mon, 27 Jul 2015 16:49:28 +0000 (12:49 -0400)]
pick out encryption keys from nested signed text

if signed text is then encrypted as a separate step, use the signing key
as the target for encrypting the reply.

8 years agosign reply message even if not encrypting.
Andrew Engelbrecht [Fri, 24 Jul 2015 23:23:33 +0000 (19:23 -0400)]
sign reply message even if not encrypting.

8 years agowhitespace change
Andrew Engelbrecht [Fri, 24 Jul 2015 23:06:53 +0000 (19:06 -0400)]
whitespace change

8 years agomore documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:49 +0000 (19:05 -0400)]
more documentation

8 years agoremoved unused function
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:16 +0000 (19:05 -0400)]
removed unused function

8 years agoadded note about a needed code fix
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:17 +0000 (17:54 -0400)]
added note about a needed code fix

8 years agomore function documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:04 +0000 (17:54 -0400)]
more function documentation

8 years agoremoved comment
Andrew Engelbrecht [Fri, 24 Jul 2015 21:25:48 +0000 (17:25 -0400)]
removed comment

it's no longer relevant

8 years agofixed bug, removed stale code
Andrew Engelbrecht [Fri, 24 Jul 2015 21:14:52 +0000 (17:14 -0400)]
fixed bug, removed stale code

piece_type is set to "signature", not "message" if it is an armored
signature.

we shouldn't include plaintext unless we don't need further nested
signatures.

8 years agomore functions documented
Andrew Engelbrecht [Fri, 24 Jul 2015 20:49:22 +0000 (16:49 -0400)]
more functions documented

8 years agodon't use doxygen quite yet.
Andrew Engelbrecht [Fri, 24 Jul 2015 18:41:22 +0000 (14:41 -0400)]
don't use doxygen quite yet.

removed the Doxyfile

8 years agoadded Doxyfile for doxygen comment parsing
Andrew Engelbrecht [Thu, 23 Jul 2015 20:22:21 +0000 (16:22 -0400)]
added Doxyfile for doxygen comment parsing

8 years agoAdded more documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 18:36:43 +0000 (14:36 -0400)]
Added more documentation

using python doc strings

8 years agoonly run main() if not in interactive mode
Andrew Engelbrecht [Fri, 24 Jul 2015 00:34:03 +0000 (20:34 -0400)]
only run main() if not in interactive mode

8 years agochange classes format
Andrew Engelbrecht [Fri, 24 Jul 2015 00:28:29 +0000 (20:28 -0400)]
change classes format

this way, attribute names are shown by python3's help() function

8 years agoadded comments to the classes and main()
Andrew Engelbrecht [Fri, 24 Jul 2015 00:24:32 +0000 (20:24 -0400)]
added comments to the classes and main()

8 years agofixed a comment
Andrew Engelbrecht [Thu, 23 Jul 2015 20:08:16 +0000 (16:08 -0400)]
fixed a comment

8 years agodon't use the 'an' language
Andrew Engelbrecht [Thu, 23 Jul 2015 18:34:11 +0000 (14:34 -0400)]
don't use the 'an' language

it currently has no translations, so we should default to english.

8 years agodon't check message block for encryption status
Andrew Engelbrecht [Thu, 23 Jul 2015 17:56:48 +0000 (13:56 -0400)]
don't check message block for encryption status

if it was only an armored signature, then it had its piece_type field
changed and this code would not be reached in that case.

8 years agomodified .gitignore
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:52 +0000 (13:42 -0400)]
modified .gitignore

8 years agoupdated expected test results; added more tests
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:06 +0000 (13:42 -0400)]
updated expected test results; added more tests

8 years agocheck unencrypted message blocks for signatures
Andrew Engelbrecht [Thu, 23 Jul 2015 16:47:08 +0000 (12:47 -0400)]
check unencrypted message blocks for signatures

some message blocks aren't encrypted.

8 years agofixed some simple bugs
Andrew Engelbrecht [Thu, 23 Jul 2015 16:21:57 +0000 (12:21 -0400)]
fixed some simple bugs

8 years agothe referenced issue is resolved
Andrew Engelbrecht [Thu, 23 Jul 2015 16:11:37 +0000 (12:11 -0400)]
the referenced issue is resolved

there is pubkey loading error handling in the get_key_from_fp function.

8 years agosplit up prepare_for_reply_pieces
Andrew Engelbrecht [Thu, 23 Jul 2015 16:06:08 +0000 (12:06 -0400)]
split up prepare_for_reply_pieces

also made changes to the way message blocks are handled.

8 years agoupdated the message flattener
Andrew Engelbrecht [Thu, 23 Jul 2015 16:04:38 +0000 (12:04 -0400)]
updated the message flattener

it no longer prints nested layers of decrypted text.

8 years agocheck to see if we have keys before adding them
Andrew Engelbrecht [Thu, 23 Jul 2015 15:32:54 +0000 (11:32 -0400)]
check to see if we have keys before adding them

8 years agoadd pubkey as a fallback key
Andrew Engelbrecht [Thu, 23 Jul 2015 15:31:33 +0000 (11:31 -0400)]
add pubkey as a fallback key

8 years agoa signature key should be set as a fallback key
Andrew Engelbrecht [Thu, 23 Jul 2015 15:29:05 +0000 (11:29 -0400)]
a signature key should be set as a fallback key

8 years agogenerate the encrypted mime reply
Andrew Engelbrecht [Wed, 22 Jul 2015 23:44:17 +0000 (19:44 -0400)]
generate the encrypted mime reply

we can finally use this function again! : )

8 years agoonly quote the message if we are going to encrypt.
Andrew Engelbrecht [Wed, 22 Jul 2015 23:43:35 +0000 (19:43 -0400)]
only quote the message if we are going to encrypt.

8 years agothis belongs over here
Andrew Engelbrecht [Wed, 22 Jul 2015 23:42:28 +0000 (19:42 -0400)]
this belongs over here

partly because the function it was in was recursive.

8 years agoadded a function which tries to load the pub key
Andrew Engelbrecht [Wed, 22 Jul 2015 23:38:58 +0000 (19:38 -0400)]
added a function which tries to load the pub key

8 years agothis will be useful later
Andrew Engelbrecht [Wed, 22 Jul 2015 21:39:19 +0000 (17:39 -0400)]
this will be useful later

for knowing how which nested layers of decrytion to reply with.

8 years agopick out public key fingerpints from the message
Andrew Engelbrecht [Wed, 22 Jul 2015 21:38:32 +0000 (17:38 -0400)]
pick out public key fingerpints from the message

this will be the key that the reply is encrypted to, if one is
available.

8 years agowhitespace changes
Andrew Engelbrecht [Wed, 22 Jul 2015 21:18:39 +0000 (17:18 -0400)]
whitespace changes

8 years agoreturn fingerprints not sig objects
Andrew Engelbrecht [Wed, 22 Jul 2015 21:17:41 +0000 (17:17 -0400)]
return fingerprints not sig objects

8 years agoadd signed txt, etc. if it's in an encrypted block
Andrew Engelbrecht [Wed, 22 Jul 2015 19:59:34 +0000 (15:59 -0400)]
add signed txt, etc. if it's in an encrypted block

later there will need to be fingerprint checking to make sure that
edward can't become a decryption service for edward traffic observers.

8 years agorenamed variable for clarity
Andrew Engelbrecht [Wed, 22 Jul 2015 19:49:37 +0000 (15:49 -0400)]
renamed variable for clarity

eddy_obj -> eddymsg_obj

8 years agoremoved %s from end of string
Andrew Engelbrecht [Wed, 22 Jul 2015 19:47:20 +0000 (15:47 -0400)]
removed %s from end of string

it's unneeded by this version of edward.

8 years agoadded basic mutli-language reply generation
Andrew Engelbrecht [Wed, 22 Jul 2015 19:44:02 +0000 (15:44 -0400)]
added basic mutli-language reply generation

8 years agofixed detached signature verification
Andrew Engelbrecht [Wed, 22 Jul 2015 19:42:03 +0000 (15:42 -0400)]
fixed detached signature verification

the indentation was wrong.

8 years agosome variable name changes
Andrew Engelbrecht [Wed, 22 Jul 2015 16:32:39 +0000 (12:32 -0400)]
some variable name changes

... to be more specific

8 years agoadded detached sig verification
Andrew Engelbrecht [Wed, 22 Jul 2015 16:29:02 +0000 (12:29 -0400)]
added detached sig verification

woohoo!!

8 years agodon't process 'None' EddyMsg objects
Andrew Engelbrecht [Wed, 22 Jul 2015 15:50:38 +0000 (11:50 -0400)]
don't process 'None' EddyMsg objects

it would only mask bugs elsewhere in the code.