edward.git
8 years agoimprove edward output
Andrew Engelbrecht [Thu, 21 Jan 2016 21:03:27 +0000 (16:03 -0500)]
improve edward output

now edward puts all the verifications of message correctness before any
quoted message. this has the benefit of making these messages more
prominent.

8 years agoremove extra space from japanese translation
Andrew Engelbrecht [Thu, 21 Jan 2016 20:59:09 +0000 (15:59 -0500)]
remove extra space from japanese translation

8 years agoverify signatures even if key is new to edward
Andrew Engelbrecht [Thu, 21 Jan 2016 20:29:39 +0000 (15:29 -0500)]
verify signatures even if key is new to edward

previously when users sent edward their gpg key and signed that message
with that key, users would not receive a message noting signature
verification success.

this commit processes emails twice so that keys are imported the first
time and signatures are verified the second time around. it is not the
most elegant method, but it works and lengthens run time very little.
for now debug output mentions imported keys twice but debug output is
not visible to users.

8 years agoperformance improvement for large emails
Andrew Engelbrecht [Thu, 21 Jan 2016 15:11:27 +0000 (10:11 -0500)]
performance improvement for large emails

very large emails around 4 MB were slowing down edward because it was
using a complex regex. parsing a 4 MB was taking 4 days.

this fix removes group matching, causing 4 MB files to be parsed in a
matter of seconds.

8 years agoreply to 'Reply-To:' address if specified
Andrew Engelbrecht [Wed, 20 Jan 2016 22:55:37 +0000 (17:55 -0500)]
reply to 'Reply-To:' address if specified

otherwise reply to 'From:' address

8 years agoonly parse header when accessing header fields
Andrew Engelbrecht [Wed, 20 Jan 2016 21:55:16 +0000 (16:55 -0500)]
only parse header when accessing header fields

this is a simple performance improvement.

8 years agofixed bug occuring when key cannot be not fetched
Andrew Engelbrecht [Wed, 20 Jan 2016 19:32:14 +0000 (14:32 -0500)]
fixed bug occuring when key cannot be not fetched

8 years agoraise error instead of sending email to no one
Andrew Engelbrecht [Thu, 10 Dec 2015 23:08:37 +0000 (18:08 -0500)]
raise error instead of sending email to no one

... when the processed email contains no from address

8 years agoadded test case
Andrew Engelbrecht [Thu, 10 Dec 2015 22:47:53 +0000 (17:47 -0500)]
added test case

it tests the encrypted and signed container of a message and public key.

8 years agodon't quote attachments
Andrew Engelbrecht [Thu, 10 Dec 2015 22:44:54 +0000 (17:44 -0500)]
don't quote attachments

this patch improve output sanitization

8 years agofixed some comments
Andrew Engelbrecht [Thu, 10 Dec 2015 21:03:49 +0000 (16:03 -0500)]
fixed some comments

8 years agocreated test case for signed mutt-like nested mime
Andrew Engelbrecht [Tue, 8 Dec 2015 18:22:14 +0000 (13:22 -0500)]
created test case for signed mutt-like nested mime

8 years agocorrected link for original edward source archive
Andrew Engelbrecht [Mon, 7 Dec 2015 18:57:52 +0000 (13:57 -0500)]
corrected link for original edward source archive

8 years agoclarified configuration step needed to run edward
Andrew Engelbrecht [Wed, 2 Dec 2015 19:19:22 +0000 (14:19 -0500)]
clarified configuration step needed to run edward

8 years agoremoved unused language file: lang/an.py
Andrew Engelbrecht [Tue, 1 Dec 2015 23:15:24 +0000 (18:15 -0500)]
removed unused language file: lang/an.py

8 years agowhitespace formatting for edward-wrapper output
Andrew Engelbrecht [Tue, 1 Dec 2015 22:54:57 +0000 (17:54 -0500)]
whitespace formatting for edward-wrapper output

insert a newline at the end of the output of the time command

8 years agoadded function docs, removed unused parameter
Andrew Engelbrecht [Tue, 1 Dec 2015 22:43:29 +0000 (17:43 -0500)]
added function docs, removed unused parameter

(the send_reply function)

8 years agoproper email sending methodology
Andrew Engelbrecht [Tue, 1 Dec 2015 22:01:34 +0000 (17:01 -0500)]
proper email sending methodology

i am now using the smtp facilities of python rather than calling
sendmail.

this resolves a bug induced by any human name in a from address
beginning with a '-' (dash). this confused sendmail, as it interpreted
the dash as an unknown command line option.

8 years agoconvert isolated <CR> or <LF> -> <CR><LF>
Andrew Engelbrecht [Mon, 30 Nov 2015 21:45:37 +0000 (16:45 -0500)]
convert isolated <CR> or <LF> -> <CR><LF>

this is for the sake of proper signature verification.

sometimes mail servers strip <CR><LF>s from the ends of lines. however
these characters are required by RFC 3156 for proper signature
verification.

8 years agoremove colon from procmailrc regex
Andrew Engelbrecht [Wed, 4 Nov 2015 21:48:02 +0000 (16:48 -0500)]
remove colon from procmailrc regex

this fixes an issue related to some messages from the mailer daemon
being treated as normal messages.

8 years agoupdated function documentation
Andrew Engelbrecht [Thu, 8 Oct 2015 20:55:05 +0000 (16:55 -0400)]
updated function documentation

8 years agoadded instructions to README file
Andrew Engelbrecht [Thu, 8 Oct 2015 20:23:23 +0000 (16:23 -0400)]
added instructions to README file

users need to configure some variables during setup.

8 years agoadded README file
Andrew Engelbrecht [Thu, 8 Oct 2015 20:20:29 +0000 (16:20 -0400)]
added README file

8 years agoadded procmailrc.example and edward-wrapper
Andrew Engelbrecht [Thu, 8 Oct 2015 20:19:45 +0000 (16:19 -0400)]
added procmailrc.example and edward-wrapper

this is useful for creating an automated setup with a .procmailrc file
in one's home directory.

8 years agoadded translation template
Andrew Engelbrecht [Thu, 8 Oct 2015 20:04:38 +0000 (16:04 -0400)]
added translation template

8 years agoupdated license info
Andrew Engelbrecht [Thu, 8 Oct 2015 20:01:41 +0000 (16:01 -0400)]
updated license info

corrected a link

8 years agoverify sigs. in emails with nested multipart mime
Andrew Engelbrecht [Thu, 8 Oct 2015 00:10:23 +0000 (20:10 -0400)]
verify sigs. in emails with nested multipart mime

sometimes a multipart mime message is part of another multipart mime
message which contains a signature of one of its subparts.

8 years agoextend testing of pubkey encryption capability
Andrew Engelbrecht [Tue, 22 Sep 2015 12:42:44 +0000 (08:42 -0400)]
extend testing of pubkey encryption capability

test whether it is expired, invalid, disabled, etc.

8 years agocheck keys for revocation status
Andrew Engelbrecht [Tue, 22 Sep 2015 12:17:27 +0000 (08:17 -0400)]
check keys for revocation status

don't use them as encryption targets if they are revoked.

8 years agoupdated link to previous version of edward
Andrew Engelbrecht [Fri, 28 Aug 2015 19:52:05 +0000 (15:52 -0400)]
updated link to previous version of edward

8 years agomild refactoring
Andrew Engelbrecht [Sun, 16 Aug 2015 04:43:38 +0000 (00:43 -0400)]
mild refactoring

8 years agocheck to see if a reply encryption key can encrypt
Andrew Engelbrecht [Sun, 16 Aug 2015 04:34:53 +0000 (00:34 -0400)]
check to see if a reply encryption key can encrypt

sometimes keys are revoked or expire. if so, they should not be
encrypted to. edward now checks to make sure a key is good before
encrypting a reply with it. if only bad keys are available, edward
complains. however the complaint edward makes is that he does not have
the user's public key. this is because there is currently no translation
set for a more accurate message.

some other refactoring has been performed as well.

8 years agosearch for pub keys in inline signatures
Andrew Engelbrecht [Wed, 12 Aug 2015 16:50:20 +0000 (12:50 -0400)]
search for pub keys in inline signatures

these ascii-armored signature blocks are obfuscated until they are
decoded. they may contain public keys, so edward now looks inside.

8 years agosome whitespace changes
Andrew Engelbrecht [Wed, 12 Aug 2015 16:49:44 +0000 (12:49 -0400)]
some whitespace changes

8 years agodon't complain about lack of encryption
Andrew Engelbrecht [Wed, 12 Aug 2015 16:48:53 +0000 (12:48 -0400)]
don't complain about lack of encryption

unless the message has no signature, pub key or encryption.

8 years agosplit up reply strings for finer control
Andrew Engelbrecht [Wed, 12 Aug 2015 16:09:31 +0000 (12:09 -0400)]
split up reply strings for finer control

now edward can say hello without saying that decryption was successful.
he can also say that decryption was successful without saying he will
quote the reply.

8 years agodon't track the en.pyc file or any .pyc file
Andrew Engelbrecht [Wed, 12 Aug 2015 15:49:37 +0000 (11:49 -0400)]
don't track the en.pyc file or any .pyc file

8 years agoprocess email using byte strings
Andrew Engelbrecht [Wed, 12 Aug 2015 03:51:41 +0000 (23:51 -0400)]
process email using byte strings

using byte strings when feeding the email into the parser helps avoid
crashes due to non-utf-8 characters placed prior to any mime part, etc.

8 years agodon't complain about missing signatures
Andrew Engelbrecht [Tue, 11 Aug 2015 20:40:44 +0000 (16:40 -0400)]
don't complain about missing signatures

the emailselfdefence guide asks users to encrypt messages without a
signature first. it would be confusing to get a message about a missing
signature before a user knows what a signature is.

8 years agohandle encrypted/signed i18l msgs w/o mime headers
Andrew Engelbrecht [Tue, 11 Aug 2015 13:41:39 +0000 (09:41 -0400)]
handle encrypted/signed i18l msgs w/o mime headers

edward was chrashing when given encrypted or signed international input
without internal mime headers. edward now defaults to utf-8 if the
character set is not specified in a mime header.

8 years agoadded more debug output
Andrew Engelbrecht [Tue, 11 Aug 2015 13:32:40 +0000 (09:32 -0400)]
added more debug output

about the contents of the reply message

8 years agorenamed example config file
Andrew Engelbrecht [Mon, 10 Aug 2015 16:15:32 +0000 (12:15 -0400)]
renamed example config file

8 years agoadded detached signature verification test case
Andrew Engelbrecht [Mon, 10 Aug 2015 00:49:11 +0000 (20:49 -0400)]
added detached signature verification test case

8 years agoadded spanish and italian translations
Andrew Engelbrecht [Sun, 9 Aug 2015 21:41:31 +0000 (17:41 -0400)]
added spanish and italian translations

these were in the old edward install, in /home/e/edward

8 years agochanged message generation logic; some refactoring
Andrew Engelbrecht [Sun, 9 Aug 2015 21:32:36 +0000 (17:32 -0400)]
changed message generation logic; some refactoring

now edward remains silent about not receiving a public key, unless we
are not given a key and need one for verifying a signature. some
refactoring was required.

edward now complains to the user about lack of of encryption and
signatures in received emails.

i also changed the handling of newlines in email responses.

8 years agoimproved key loading and email response code
Andrew Engelbrecht [Fri, 7 Aug 2015 17:46:35 +0000 (13:46 -0400)]
improved key loading and email response code

8 years agogit ignore addition
Andrew Engelbrecht [Wed, 5 Aug 2015 01:45:40 +0000 (21:45 -0400)]
git ignore addition

8 years agorename the default configuration file
Andrew Engelbrecht [Wed, 5 Aug 2015 01:44:12 +0000 (21:44 -0400)]
rename the default configuration file

so that it does not conflict with the local modified version of the
default config file.

8 years agoadded valid detached signature test
Andrew Engelbrecht [Tue, 4 Aug 2015 22:28:39 +0000 (18:28 -0400)]
added valid detached signature test

8 years agoalways complain about missing signature
Andrew Engelbrecht [Tue, 4 Aug 2015 21:52:38 +0000 (17:52 -0400)]
always complain about missing signature

8 years agofixed test case output
Andrew Engelbrecht [Tue, 4 Aug 2015 21:44:49 +0000 (17:44 -0400)]
fixed test case output

the key used to sign this text is not in the git repo's gpg key store,
so the signature cannot be verified unless it is first imported.

8 years agoonly quote message if there is a valid signature
Andrew Engelbrecht [Tue, 4 Aug 2015 21:41:33 +0000 (17:41 -0400)]
only quote message if there is a valid signature

there still needs to be work to ensure that the encryption target key is
the same as the one that was used in the first block of encrypted and
verifiably signed text.

8 years agocheck for other types of success
Andrew Engelbrecht [Tue, 4 Aug 2015 21:40:49 +0000 (17:40 -0400)]
check for other types of success

sig.summary == 0 appears to be a type of signature success.

8 years agocheck for signature validity
Andrew Engelbrecht [Tue, 4 Aug 2015 20:57:10 +0000 (16:57 -0400)]
check for signature validity

knowing the fingerprint that was allegedly used to sign a message is not
sufficent for validating messages.

8 years agofix test cases
Andrew Engelbrecht [Tue, 4 Aug 2015 18:28:49 +0000 (14:28 -0400)]
fix test cases

the input messages have good signatures, so the reply must mention the
successful signature verification.

8 years agocount sig/encryption block combos as signatures
Andrew Engelbrecht [Tue, 4 Aug 2015 18:24:26 +0000 (14:24 -0400)]
count sig/encryption block combos as signatures

8 years agoremove note; pubkeys in encrypted text are useable
Andrew Engelbrecht [Mon, 3 Aug 2015 21:19:42 +0000 (17:19 -0400)]
remove note; pubkeys in encrypted text are useable

if a new, unimported pubkey is contained in an ecrypted and signed block
of text, then that key can be used for the reply, as desired.

8 years agosimplify mime creation; set payload charset
Andrew Engelbrecht [Mon, 3 Aug 2015 21:16:23 +0000 (17:16 -0400)]
simplify mime creation; set payload charset

8 years agoadded international test with plaintext reply
Andrew Engelbrecht [Mon, 3 Aug 2015 20:12:44 +0000 (16:12 -0400)]
added international test with plaintext reply

8 years agochange name of test type
Andrew Engelbrecht [Mon, 3 Aug 2015 19:43:18 +0000 (15:43 -0400)]
change name of test type

to avoid name collisions between tests

8 years agoadd a newline at the end of replies
Andrew Engelbrecht [Mon, 3 Aug 2015 19:42:13 +0000 (15:42 -0400)]
add a newline at the end of replies

8 years agodon't sign unencrypted replies
Andrew Engelbrecht [Mon, 3 Aug 2015 19:40:06 +0000 (15:40 -0400)]
don't sign unencrypted replies

writing code that creates detached mime signatures in a way that
enigmail will accept as valid is proving to be quite difficult. (i only
got it to work for mutt.) if i find a way to make messages validate i
will add that feature back into the program.

8 years agocan now email replies; "-p" prints repies instead
Andrew Engelbrecht [Tue, 28 Jul 2015 23:04:22 +0000 (19:04 -0400)]
can now email replies; "-p" prints repies instead

edward now uses sendmail to send email replies to messages piped in
through stdin (one at a time). the "-p" option causes edward to print
replies to stdout instead of emailing them.

8 years agochoose reply from address; fix language selection
Andrew Engelbrecht [Tue, 28 Jul 2015 20:39:17 +0000 (16:39 -0400)]
choose reply from address; fix language selection

8 years agovariable name changes
Andrew Engelbrecht [Tue, 28 Jul 2015 19:24:32 +0000 (15:24 -0400)]
variable name changes

8 years agoprettier code re-arrangement
Andrew Engelbrecht [Tue, 28 Jul 2015 18:39:49 +0000 (14:39 -0400)]
prettier code re-arrangement

8 years agouse enums instead of strings for message type ids
Andrew Engelbrecht [Tue, 28 Jul 2015 18:38:57 +0000 (14:38 -0400)]
use enums instead of strings for message type ids

8 years agoclarified some code
Andrew Engelbrecht [Tue, 28 Jul 2015 16:46:34 +0000 (12:46 -0400)]
clarified some code

8 years agofix test case result
Andrew Engelbrecht [Tue, 28 Jul 2015 16:24:36 +0000 (12:24 -0400)]
fix test case result

8 years agoprefer pub key as a fallback key for encryption
Andrew Engelbrecht [Mon, 27 Jul 2015 22:01:51 +0000 (18:01 -0400)]
prefer pub key as a fallback key for encryption

8 years agoissue mentioned in comment does not require a fix
Andrew Engelbrecht [Mon, 27 Jul 2015 21:57:13 +0000 (17:57 -0400)]
issue mentioned in comment does not require a fix

8 years agodon't crash with bad gpg key imports
Andrew Engelbrecht [Mon, 27 Jul 2015 21:55:16 +0000 (17:55 -0400)]
don't crash with bad gpg key imports

8 years agocatch semi-specific errors only.
Andrew Engelbrecht [Mon, 27 Jul 2015 21:52:55 +0000 (17:52 -0400)]
catch semi-specific errors only.

8 years agodon't crash when given a corrupted detached sig
Andrew Engelbrecht [Mon, 27 Jul 2015 21:50:55 +0000 (17:50 -0400)]
don't crash when given a corrupted detached sig

8 years agouse the un-decoded mime part in sig verificaion
Andrew Engelbrecht [Mon, 27 Jul 2015 21:46:41 +0000 (17:46 -0400)]
use the un-decoded mime part in sig verificaion

this is closer to how the OpenPGP MIME spec says it should be done.

8 years agoRemoved clearsigning verification
Andrew Engelbrecht [Mon, 27 Jul 2015 20:48:04 +0000 (16:48 -0400)]
Removed clearsigning verification

Clearsigning is difficult to verify for all encodings and is not a part
of RFC 3156. Inclusion in this program would encourage its use and lead
users into issues down the road when interacting with other people using
clients that do not support this out of spec feature.

Enigmail uses PGP/MIME by default so users should have an easy time not
creating clearsigned text in their messages unless they decide to paste
clearsigned text straight into a message.

Because the email self-defence guide guides the user through the steps
of installing and setting up enigmail, I am not concerned about leaving
out this feature.

8 years agochanged variable name
Andrew Engelbrecht [Mon, 27 Jul 2015 20:34:07 +0000 (16:34 -0400)]
changed variable name

clarified the name of the reply email generator's "To:" email address
variable

8 years agopick out encryption keys from nested signed text
Andrew Engelbrecht [Mon, 27 Jul 2015 16:49:28 +0000 (12:49 -0400)]
pick out encryption keys from nested signed text

if signed text is then encrypted as a separate step, use the signing key
as the target for encrypting the reply.

8 years agosign reply message even if not encrypting.
Andrew Engelbrecht [Fri, 24 Jul 2015 23:23:33 +0000 (19:23 -0400)]
sign reply message even if not encrypting.

8 years agowhitespace change
Andrew Engelbrecht [Fri, 24 Jul 2015 23:06:53 +0000 (19:06 -0400)]
whitespace change

8 years agomore documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:49 +0000 (19:05 -0400)]
more documentation

8 years agoremoved unused function
Andrew Engelbrecht [Fri, 24 Jul 2015 23:05:16 +0000 (19:05 -0400)]
removed unused function

8 years agoadded note about a needed code fix
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:17 +0000 (17:54 -0400)]
added note about a needed code fix

8 years agomore function documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 21:54:04 +0000 (17:54 -0400)]
more function documentation

8 years agoremoved comment
Andrew Engelbrecht [Fri, 24 Jul 2015 21:25:48 +0000 (17:25 -0400)]
removed comment

it's no longer relevant

8 years agofixed bug, removed stale code
Andrew Engelbrecht [Fri, 24 Jul 2015 21:14:52 +0000 (17:14 -0400)]
fixed bug, removed stale code

piece_type is set to "signature", not "message" if it is an armored
signature.

we shouldn't include plaintext unless we don't need further nested
signatures.

8 years agomore functions documented
Andrew Engelbrecht [Fri, 24 Jul 2015 20:49:22 +0000 (16:49 -0400)]
more functions documented

8 years agodon't use doxygen quite yet.
Andrew Engelbrecht [Fri, 24 Jul 2015 18:41:22 +0000 (14:41 -0400)]
don't use doxygen quite yet.

removed the Doxyfile

8 years agoadded Doxyfile for doxygen comment parsing
Andrew Engelbrecht [Thu, 23 Jul 2015 20:22:21 +0000 (16:22 -0400)]
added Doxyfile for doxygen comment parsing

8 years agoAdded more documentation
Andrew Engelbrecht [Fri, 24 Jul 2015 18:36:43 +0000 (14:36 -0400)]
Added more documentation

using python doc strings

8 years agoonly run main() if not in interactive mode
Andrew Engelbrecht [Fri, 24 Jul 2015 00:34:03 +0000 (20:34 -0400)]
only run main() if not in interactive mode

8 years agochange classes format
Andrew Engelbrecht [Fri, 24 Jul 2015 00:28:29 +0000 (20:28 -0400)]
change classes format

this way, attribute names are shown by python3's help() function

8 years agoadded comments to the classes and main()
Andrew Engelbrecht [Fri, 24 Jul 2015 00:24:32 +0000 (20:24 -0400)]
added comments to the classes and main()

8 years agofixed a comment
Andrew Engelbrecht [Thu, 23 Jul 2015 20:08:16 +0000 (16:08 -0400)]
fixed a comment

8 years agodon't use the 'an' language
Andrew Engelbrecht [Thu, 23 Jul 2015 18:34:11 +0000 (14:34 -0400)]
don't use the 'an' language

it currently has no translations, so we should default to english.

8 years agodon't check message block for encryption status
Andrew Engelbrecht [Thu, 23 Jul 2015 17:56:48 +0000 (13:56 -0400)]
don't check message block for encryption status

if it was only an armored signature, then it had its piece_type field
changed and this code would not be reached in that case.

8 years agomodified .gitignore
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:52 +0000 (13:42 -0400)]
modified .gitignore

8 years agoupdated expected test results; added more tests
Andrew Engelbrecht [Thu, 23 Jul 2015 17:42:06 +0000 (13:42 -0400)]
updated expected test results; added more tests

8 years agocheck unencrypted message blocks for signatures
Andrew Engelbrecht [Thu, 23 Jul 2015 16:47:08 +0000 (12:47 -0400)]
check unencrypted message blocks for signatures

some message blocks aren't encrypted.

8 years agofixed some simple bugs
Andrew Engelbrecht [Thu, 23 Jul 2015 16:21:57 +0000 (12:21 -0400)]
fixed some simple bugs