2018-10-07 Jiri Kucera * configure.ac: Release 0.3.12. * configure.ac: Added `--with-python' and `--with-python3' flags. * NEWS: Update. * Makefile.am * contrib/Makefile.am * doc/Makefile.am * lib/Makefile.am * python/Makefile.am * python/python/Makefile.am * python/python3/Makefile.am * src/Makefile.am * tests/Makefile.am: Makefile.am in the top source directory was splitted to smaller parts per subdirectory as there has been conflicts in rules due to adding back the Python 2 support. * python/volume_key.i: Adding PyString_AsStringAndSize and PyString_FromStringAndSize functions/macros to resolve compatibility issues between Python 2 and Python 3 C API. * po/*.po: Update line numbers. * tests/packet_roundtrips.c * tests/packet_roundtrips.sh: Path fix. 2018-07-17 Jiri Kucera * configure.ac: Release 0.3.11. * NEWS: Update. * Makefile.am (EXTRA_DIST): Added tests for contrib/email scripts. * configure.ac: Switch to Python 3. * Makefile.am (-PYTHON_CPPFLAGS) (python__volume_key_la_{{CPP,LD}FLAGS,LIBADD}): Switch to Python 3. * contrib/email/escrow-receive * contrib/email/escrow-transit: Port to Python 3. * contrib/email/tests/test-escrow-receive * contrib/email/tests/test-escrow-transit * contrib/email/tests/utest.sh * contrib/email/tests/mailsrv.py * contrib/email/tests/sendpkt.py: Added tests for contrib/email scripts. 2018-05-16 Jiri Kucera * configure.ac: Release 0.3.10. * NEWS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * configure.ac: Specify the Python interpreter version to suppress warnings when building Fedora package. * configure.ac: Switch to gpg2. * README: Fix a typos. * docs/volume_key.8: Fix a typo. * po/*.po: Update. * po/zanata.xml: Recent Zanata does not need . * lib/crypto.c: Merged pull request #17 (Iain Lane: crypto: Set pinentry-mode to LOOPBACK); for GnuPG >= 2.1 this is needed to enable the passphrase callback mechanism in GPGME. * contrib/email/escrow-receive * contrib/email/escrow-transit: #!/usr/bin/{env python -> python2} 2017-11-07 Miloslav Trmač * lib/volume_luks.c (my_strerror): Stop using crypt_get_error as it has been removed in cryptsetup 2.0. 2017-08-24 Miloslav Trmač * lib/crypto.c (unwrap_asymmetric): Error messages emitted by CERT_FindCertByIssuerAndSN are replaced by hard-coded error string. CERT_FindCertByIssuerAndSN is not documented to set the NSPR error value, which became a source of nonsensical error messages in some cases. 2017-02-21 Miloslav Trmač * README * configure.ac * po/Makevars: Update project URL and bug reporting address. 2015-03-21 Miloslav Trmač * po/volume_key.pot: Remove autogenerated file. Unlike Transifex, Zanata does not need it. 2015-03-17 Miloslav Trmač * .tx/config: Remove. * zanata.xml: Add. To pull updated translations, run (zanata-cli pull). 2015-01-06 Vratislav Podzimek * lib/libvolume_key.h: Stop including , which we don't distribute. 2015-01-06 Miloslav Trmač * configure.ac: Update gettext version, which avoids autoconf warnings. * configure.ac: Use AM_PROG_AR to shut up automake. 2012-11-22 Miloslav Trmač * lib/crypto.c (encrypt_with_passphrase) (decrypt_with_passphrase): Add missing error handling. 2012-10-24 Miloslav Trmač * lib/kmip.c (kmip_libvk_packet_wrap_secret_symmetric): Fix a memory leak. 2012-09-22 Miloslav Trmač * configure.ac: Release 0.3.9. * NEWS: Update. * po/LINGUAS: Update. * po/*: Update. * README: Fix a typo. 2012-03-03 Miloslav Trmač * configure.ac: Release 0.3.8. * NEWS: Update. * po/*: Update. 2012-02-29 Miloslav Trmač * src/volume_key.c (yes_or_no): Fix translator comment marker. * po/volume_key.pot: Regenerate. 2011-08-24 Miloslav Trmač * COPYING: Update (new FSF address, s/Library GPL/Lesser GPL/). * configure.ac: Release 0.3.7. * NEWS: Update. * po/LINGUAS: Update. * po/*: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * po/volume_key.pot: Update. * lib/kmip.c (get_enum, kmip_decode_key_block) (kmip_decode_object_symmetric_key) (kmip_decode_object_secret_data, kmip_decode_protocol_version) (kmip_decode_libvk_packet) (kmip_libvk_packet_wrap_secret_asymmetric) (kmip_libvk_packet_unwrap_secret_asymmetric) (kmip_libvk_packet_wrap_secret_symmetric) (kmip_libvk_packet_unwrap_secret_symmetric) * lib/volume.c (volume_load_escrow_packet) * lib/volume_luks.c (luks_parse_escrow_packet): Don't use G_G*INT*_FORMAT inside xgettext-handled format strings. 2011-06-10 Miloslav Trmač * doc/volume_key.8: Fix a typo reported by Jacquelynn East . 2011-03-31 Miloslav Trmač * configure.ac: Release 0.3.6. * NEWS: Update. * po/*: Update. * po/LINGUAS: Update. 2011-03-04 Miloslav Trmač * .tx/config: New file. * po/volume_key.pot: Add for Transifex. 2011-02-04 Miloslav Trmač * python/volume_key.i (libvk_ui): Silence a compiler warning. 2010-11-24 Miloslav Trmač * configure.ac: Release 0.3.5. * NEWS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * lib/crypto.c (init_gpgme): Set context locale, as recommended by documentation. 2010-11-22 Miloslav Trmač * lib/crypto.c (init_gpgme): Placate gpgme 1.2. 2010-10-20 Miloslav Trmač * contrib/email/README * contrib/email/escrow-receive * contrib/email/escrow-transit: New files, contributed by Marko Myllynen . * Makefile.am (EXTRA_DIST): Distribute the email scripts. 2010-10-18 Miloslav Trmač * src/volume_key.c (pos_interact): Split from pos_init (). (do_save, do_reencrypt): Call pos_init () as early as possible. Use pos_interact () at the original location. * lib/volume_luks.c (luks_apply_secret) * src/volume_key.c (pos_interact): Only tell the user about an incorrect passphrase once. * src/volume_key.c (passphrase_ui_cb): Tell the user when a non-NSS passphrase is incorrect. 2010-10-08 Miloslav Trmač * src/volume_key.c (get_password): New function. (nss_password_fn, generic_ui_cb, passphrase_ui_cb): Use get_password () instead of getpass (). 2010-09-29 Miloslav Trmač * lib/SSLerrs.h: New file. * Makefile.am (lib_libvolume_key_la_SOURCES): Add lib/SSLerrs.h. * lib/nss_error.c (mapping): Use SSLerrs.h. * README * doc/volume_key.8: Clarify which block device should be passed to volume_key(8). 2010-08-27 Miloslav Trmač * configure.ac: Release 0.3.4. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. 2010-07-22 Miloslav Trmač * configure.ac: Use AC_SYS_LARGEFILE, required by gpgme. 2010-06-14 Miloslav Trmač * src/volume_key.c (generate_random_passphrase): Use a character set with 2^N characters to make sure all choices are equally likely. Use 20 characters (in groups of 5), overall increasing the passphrase strength of 120 bits instead of 31.359 bits. * src/volume_key.c (do_save): Zero the generated passphrase before freeing it. * src/volume_key.c (generate_random_passphrase): Split from do_save (). 2010-06-12 Miloslav Trmač * configure.ac: Define AC_PACKAGE_URL. * lib/kmip.h (kmip_libvk_packet_drop_secret): New declaration. * lib/kmip.c (kmip_libvk_packet_drop_secret): New function. * lib/volume_luks.h (struct luks_volume): Document that passphrase_slot can be valid without passphrase. * lib/volume_luks.c (luks_volume_dump_properties): Dump passphrase slot even if passphrase is unknown. (luks_parse_escrow_packet): Initialize passphrase slot if passphrase is unknown. Support packets that do not contain the encryption key or the passphrase. * lib/libvolume_key.h (LIBVK_ERROR_METADATA_ENCRYPTED): New error value. (libvk_packet_open_unencrypted): New declaration. * lib/libvolume_key.c (libvk_packet_open_unencrypted): New function. * python/volume_key.i (libvk_packet_open_unencrypted): Hide. (libvk_packet.open_unencrypted): New method. * src/volume_key.c (dump_unencrypted): New variable. (option_descriptions): New option `--unencrypted'. (parse_options): Validate dump_unencrypted. (do_dump): Use dump_unencrypted. * doc/volume_key.8 (--unencrypted): Document new option. 2010-06-11 Miloslav Trmač * lib/volume_luks.c (luks_load_packet): When loading a passphrase from a packet, set passphrase_slot to the slot the passphrase is physically located, regardless of the slot indicated in the packet. * lib/volume_luks.h: Beautify. 2010-06-07 Miloslav Trmač * src/volume_key.c (do_save) * doc/demo.py (do_save): Fix the random passphrase charset - add 'a', remove second 'z'. 2010-03-26 Miloslav Trmač * configure.ac: Release 0.3.3. * NEWS: Update. * po/LINGUAS: Update. 2010-03-04 Miloslav Trmač * configure.ac: Release 0.3.2. * NEWS: Update. * po/LINGUAS: Update. * configure.ac: Use xz to compress the distribution tarball. 2010-02-05 Miloslav Trmač * src/volume_key.c (pos_init): Set *error if passphrase_ui_cb () fails. 2009-12-11 Miloslav Trmač * configure.ac: Release 0.3.1. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * lib/SECerrs.h * lib/nss_error.h * lib/nss_error.c: New file. * lib/crypto.c (error_from_pr) * src/volume_key.c (error_from_pr): Use libvk_nss_error_text__ (). * Makefile.am (lib_libvolume_key_la_SOURCES): Add lib/SECerrs.h, lib/nss_error.c and lib/nss_error.h. 2009-09-30 Miloslav Trmač * configure.ac: Release 0.3. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. * python/volume_key.i (%init): Call libvk_init (). (libvk_init): New %ignore directive. * configure.ac: Use pkg-config to search for for libcryptsetup. * Makefile.am (AM_CPPFLAGS): Add $(libcryptsetup_CFLAGS). (lib_libvolume_key_la_LIBADD): Replace -lcryptsetup with $(libcryptsetup_LIBS). * lib/volume_luks.c (dummy_luks_log): Remove. (open_crypt_device): New function. (g_free_key): Replace free_key (). (luks_volume_open, luks_get_secret, luks_load_packet) (luks_apply_secret, luks_add_secret, luks_open_with_packet): Update for final libcryptsetup API. * README: Update. * Makefile.am (python__volume_key_la_LIBADD) (tests_packet_roundtrips_LDADD): Add $(glib_LIBS), $(nss_LIBS). * src/volume_key.c (output_format, output_format_string): New variables. (option_descriptions): Add --output-format. (parse_options): Handle --output-format. (write_packet): Use output_format. * doc/volume_key.8 (--output-format): Document new option. * lib/libvolume_key.h (LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_SECRET_ONLY) (LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_SECRET_ONLY) (libvk_volume_create_packet_wrap_secret_symmetric) * lib/libvolume_key.c (libvk_volume_create_packet_asymmetric) (libvk_volume_create_packet_asymmetric_with_format) (libvk_volume_create_packet_wrap_secret_symmetric) (libvk_packet_open) * python/volume_key.i (PACKET_FORMAT_ASYMMETRIC_WRAP_SECRET_ONLY) (PACKET_FORMAT_SYMMETRIC_WRAP_SECRET_ONLY) (libvk_volume_create_packet_wrap_secret_symmetric) (Volume::create_packet_assymetric_from_cert_data) (Volume::create_packet_asymmetric_from_cert_data) * src/volume_key.c (do_dump) * tests/packet_roundtrips.c (test): s/wrap_key/wrap_secret/g. * src/volume_key.c (write_packet, do_dump): s/assymetric/asymmetric/g (do_dump): Add LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY and LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY support. * python/volume_key.i (PACKET_FORMAT_ASYMMETRIC) (PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY) (PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY): New definitions. (libvk_ui_set_sym_key_cb, libvk_volume_create_packet_asymmetric) (libvk_volume_create_packet_asymmetric_with_format) (libvk_volume_create_packet_wrap_key_symmetric): New %ignore directives. (%typemap(check) enum libvk_packet_format): New typemap. (libvk_volume_create_packet_asymmetric_from_cert_data): Move to top level, add "format" parameter. (Volume::create_packet_asymmetric): New declaration. (Volume::create_packet_assymetric_from_cert_data): New method. (Volume::create_packet_asymmetric_from_cert_data): New declaration, add default format value. * tests/packet_roundtrips.sh: New test. * tests/packet_roundtrips.c * tests/packet_roundtrips_luks_passphrase * tests/packet_roundtrips_luks_symmetric: New files. * tests/crypto_roundtrips.sh * tests/crypto_roundtrips.c * tests/kmip_roundtrip.c * tests/kmip_roundtrip_luks_passphrase * tests/kmip_roundtrip_luks_symmetric: Remove. * Makefile.am (TESTS): Replace previous tests with tests/packet_roundtrips.sh. (EXTRA_DIST, check_PROGRAMS): Update for test changes. * configure.ac: Disable static libraries, they are not necessary for tests any more. * lib/libvolume_key.h (LIBVK_ERROR_KMIP_UNSUPPORTED_FORMAT) (LIBVK_ERROR_UNSUPPORTED_WRAPPING_MECHANISM): New definitions. (libvk_ui_set_sym_key_cb): New declaration. (LIBVK_PACKET_FORMAT_ASYMMETRIC) (LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY) (LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY): New definitions. (libvk_volume_create_packet_asymmetric) (libvk_volume_create_packet_asymmetric_with_format) (libvk_volume_create_packet_wrap_key_symmetric): New declarations. * lib/libvolume_key.c (packet_prepend_header): New function, use in all packet creation functions. (libvk_volume_create_packet_asymmetric): New function. (libvk_volume_create_packet_asymmetric_with_format): New function, based in part on libvk_volume_create_packet_assymetric (). (libvk_volume_create_packet_assymetric): Replace by a call to libvk_volume_create_packet_asymmetric_with_format (). (libvk_volume_create_packet_wrap_key_symmetric): New function. (libvk_packet_open): Add support for LIBVK_PACKET_FORMAT_ASYMMETRIC_WRAP_KEY_ONLY and LIBVK_PACKET_FORMAT_SYMMETRIC_WRAP_KEY_ONLY. * lib/volume.h (volume_create_escrow_packet) (volume_load_escrow_packet): Update prototypes. * lib/volume.c (volume_create_data_encryption_key_packet) (volume_create_passphrase_packet): Initialize wrapping-related fields. (volume_load_escrow_packet): Expect a decoded KMIP packet instead of raw bytes. All callers changed. (volume_create_escrow_packet): Return a KMIP packet structure instead of raw bytes. All callers changed. * lib/ui.h (struct libvk_ui): New members sym_key_cb, sym_key_data, sym_key_free_data. (ui_get_sym_key): New declaration. * lib/ui.c (libvk_ui_free): Handle sym_key_data. (libvk_ui_set_sym_key_cb, ui_get_sym_key): New function. * lib/kmip.h (KMIP_TAG_ENCRYPTION_KEY_INFO) (KMIP_TAG_IV_COUNTER_NONCE, KMIP_TAG_KEY_WRAPPING_DATA) (KMIP_TAG_UNIQUE_IDENTIFIER, KMIP_TAG_WRAPPING_METHOD) (struct kmip_encryption_key_info) (KMIP_LIBVK_IDENTIFIER_CERT_ISN_PREFIX) (KMIP_LIBVK_IDENTIFIER_SECRET_KEY): New definitions. (kmip_encryption_key_info_free): New declaration. (struct kmip_key_wrapping_data) (KMIP_WRAPPING_LIBVK_ENCRYPT_KEY_ONLY): New definitions. (kmip_key_wrapping_data_free): New declaration. (struct kmip_key_block): New members crypto_algorithm, crypto_length, wrapping. (kmip_libvk_packet_decode, kmip_libvk_packet_encode) (kmip_libvk_packet_wrap_secret_asymmetric) (kmip_libvk_packet_unwrap_secret_asymmetric) (kmip_libvk_packet_wrap_secret_symmetric) (kmip_libvk_packet_unwrap_secret_symmetric): New declarations. (kmip_encode_packet, kmip_decode_packet): Remove declarations. * lib/kmip.c (kmip_key_value_free_v): Split from kmip_key_value_free (). (kmip_key_value_set_bytes, kmip_key_value_set_symmetric_key): New functions. (kmip_encryption_key_info_free, kmip_key_wrapping_data_free) (kmip_key_block_set_clear_secret): New functions. (kmip_key_block_free): Free kmip_key_wrapping_data if present. (kmip_encode_encryption_key_info, kmip_encode_key_wrapping_data): New functions. (kmip_encode_key_block): Add support for wrapped secrets. (kmip_encode_libvk_packet): Rename from kmip_encode_packet (). Make static. (kmip_decode_encryption_key_info, kmip_decode_key_wrapping_data): New functions. (kmip_decode_key_block, kmip_decode_object_symmetric_key) (kmip_decode_object_secret_data): Add support for wrapped secrets. (kmip_decode_libvk_packet): Rename from kmip_decode_packet (). Make static. (struct mech_data, asymmetric_mechanisms, symmetric_mechanisms): New definitions. (kmip_libvk_packet_decode, kmip_libvk_packet_encode) (kmip_libvk_packet_wrap_secret_asymmetric) (kmip_libvk_packet_unwrap_secret_asymmetric) (kmip_libvk_packet_wrap_secret_symmetric) (kmip_libvk_packet_unwrap_secret_symmetric): New functions. * lib/crypto.c (encrypt_asymmetric): Rename from encrypt_assymetric (). All callers changed. (decrypt_asymmetric): Rename from decrypt_assymetric (). All callers changed. (wrap_asymmetric, unwrap_asymmetric, wrap_symmetric) (unwrap_symmetric): New functions. * lib/crypto.h (wrap_asymmetric, unwrap_asymmetric, wrap_symmetric) (unwrap_symmetric): New declarations. 2009-09-28 Miloslav Trmač * lib/kmip.h (KMIP_TAG_PADDING_METHOD): New definition. (struct kmip_crypto_params): Split from struct kmip_attribute. (KMIP_PADDING_*): New definitions. (kmip_crypto_params_free): New declaration. * lib/kmip.c (kmip_crypto_params_free, kmip_encode_crypto_params) (kmip_decode_crypto_params): New functions. (kmip_attribute_free, kmip_encode_attribute, kmip_decode_attribute): Use separate functions for crypto_params. * lib/volume_luks.c (add_attribute_luks_crypto_params): Update for split crypto_params. * lib/kmip.c (kmip_decode_attribute): Remove redundant k2.left checks. 2009-08-08 Miloslav Trmač * lib/volume.c (libvk_volume_open): Handle both "crypt_LUKS" and "crypto_LUKS" type value returned from libblkid. 2009-07-15 Miloslav Trmač * doc/demo.py (do_save): Fix passphrase generation. 2009-06-30 Miloslav Trmač * configure.ac: Release 0.2. * NEWS: Update. * po/LINGUAS: Update. * Makefile.am (lib_libvolume_key_la_LDFLAGS): Update version info. 2009-06-15 Miloslav Trmač * src/volume_key.c (yes_or_no, read_batch_string, generic_ui_cb): Use getline () and getdelim (). (pos_init): Use a more specific error message. * python/volume_key.i (struct libvk_volume::create_packet_assymetric_from_cert_data): New method. * po/POTFILES.in: Add python/volume_key.i. * doc/demo.py (PacketOutputState.__init__) (PacketOutputState.write_packet): Add assymetric encryption. * lib/libvolume_key.c (libvk_volume_create_packet_cleartext) (libvk_volume_create_packet_assymetric) (libvk_volume_create_packet_with_passphrase) (libvk_packet_get_format) * lib/volume_luks.c (luks_parse_escrow_packet): Use G_STATIC_ASSERT. * doc/demo.py (PacketOutputState.__init__): Fix failure counter. (PacketOutputState.__init__, PacketOutputState.write_packet): Add assymetric encryption. 2009-06-14 Miloslav Trmač * configure.ac: Add AC_CONFIG_MACRO_DIR. Update for libtool 2. * Makefile.am (AM_CPPFLAGS): Remove the G_* macros again, G_DISABLE_DEPRECATED is already defined by configure.ac. * Makefile.am (AM_CPPFLAGS): Define G_DISABLE_DEPRECATED and G_DISABLE_SINGLE_INCLUDES. 2009-06-05 Miloslav Trmač * python/volume_key.i (python_generic_cb, python_passphrase_cb): Remove obsolete FIXME. * po/cs.po: Update Czech translation. * python/volume_key.i: New file. * doc/demo.py: New file. * configure.ac: Add AM_PATH_PYTHON. * Makefile.am (PYTHON_CPPFLAGS): New setting. (pyexec_PYTHON, pyexec_LTLIBRARIES): New targets. Associated rules and dependency data added as well. * Makefile.as (lib_libvolume_key_la_LDFLAGS) (lib_libvolume_key_la_LIBADD): Move library references to _LIBADD. * src/volume_key.c (yes_or_no): Remove a stray nl_langinfo () call. (generic_ui_cb): Fix "echo" interpretation. (packet_matches_volume): Add missing \n. (do_reencrypt): Fix help output. * lib/libvolume_key.c (libvk_packet_open): Clear error pointer after each failed attempt. 2009-06-04 Miloslav Trmač * lib/volume_luks.c (luks_add_secret): Do not count terminating NUL in `size'. * lib/volume.c (libvk_volume_add_secret) * lib/libvolume_key.h (libvk_volume_add_secret): Update comment. * src/volume_key.c (do_save): Update. * lib/ui.c (libvk_ui_set_generic_cb, libvk_ui_set_passphrase_cb) (libvk_ui_set_nss_pwfn_arg): Free the previous data before overwriting it. * lib/libvolume_key.h: Update comments. * lib/libvolume_key.c (libvk_volume_create_packet_cleartext) (libvk_volume_create_packet_assymetric) (libvk_volume_create_packet_with_passphrase) * lib/volume.c (libvk_volume_get_secret) (libvk_volume_add_secret): Reject invalid negative enum libvk_secret values if the enum is compatible with a signed type. 2009-06-03 Miloslav Trmač * README: Write it. * po/Makevars (MSGID_BUGS_ADDRESS): Update. * configure.ac: Release 0.1. * tests/crypto_roundtrips.sh: Fix line wrapping. 2009-05-25 Miloslav Trmač * po/LINGUAS: Add "pl". 2009-05-25 Piotr Drąg * po/pl.po: New Polish translation.