From 994c0914d325b214a5f31efd282c45e3bf5441e0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Yann=20B=C3=BCchau?= Date: Thu, 15 Jun 2017 11:20:45 +0200 Subject: [PATCH] v0.0.15: add asymmetric gpg de/encryption --- configure | 98 ++++++++++++++++++- configure.ac | 2 + debian/changelog | 9 +- debian/control | 2 +- .../de/LC_MESSAGES/thunar-custom-actions.po | 87 +++++++++------- m4/tuca.m4.in | 9 +- man/man1/parse-gpg2-k.1.md | 37 +++++++ man/man1/uca-apply.1.md | 5 +- .../system-uca/gpg.xml.m4 | 56 ++++++++--- 9 files changed, 250 insertions(+), 55 deletions(-) create mode 100644 man/man1/parse-gpg2-k.1.md diff --git a/configure b/configure index 376b317..4e52c6f 100755 --- a/configure +++ b/configure @@ -588,6 +588,8 @@ ac_subst_vars='LTLIBOBJS LIBOBJS configure_vars makefile_include +gpg_agent_bin +pinentry_gtk_2_bin sha256sum_bin sha1sum_bin md5sum_bin @@ -681,7 +683,9 @@ msgfmt_bin msgmerge_bin md5sum_bin sha1sum_bin -sha256sum_bin' +sha256sum_bin +pinentry_gtk_2_bin +gpg_agent_bin' # Initialize some variables set by options. @@ -1330,6 +1334,10 @@ Some influential environment variables: sha1sum_bin path to sha1sum sha256sum_bin path to sha256sum + pinentry_gtk_2_bin + path to pinentry-gtk-2 + gpg_agent_bin + path to gpg-agent Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. @@ -2795,6 +2803,94 @@ test -n "$sha256sum_bin" || as_fn_error $? "no sha256sum (program) found" "$LINE +# Extract the first word of "pinentry-gtk-2", so it can be a program name with args. +set dummy pinentry-gtk-2; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_pinentry_gtk_2_bin+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $pinentry_gtk_2_bin in + [\\/]* | ?:[\\/]*) + ac_cv_path_pinentry_gtk_2_bin="$pinentry_gtk_2_bin" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_pinentry_gtk_2_bin="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +pinentry_gtk_2_bin=$ac_cv_path_pinentry_gtk_2_bin +if test -n "$pinentry_gtk_2_bin"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $pinentry_gtk_2_bin" >&5 +$as_echo "$pinentry_gtk_2_bin" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +test -n "$pinentry_gtk_2_bin" || as_fn_error $? "no pinentry-gtk-2 (graphical password dialog) found" "$LINENO" 5 + + + +# Extract the first word of "gpg-agent", so it can be a program name with args. +set dummy gpg-agent; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_path_gpg_agent_bin+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $gpg_agent_bin in + [\\/]* | ?:[\\/]*) + ac_cv_path_gpg_agent_bin="$gpg_agent_bin" # Let the user override the test with a path. + ;; + *) + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_path_gpg_agent_bin="$as_dir/$ac_word$ac_exec_ext" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + + ;; +esac +fi +gpg_agent_bin=$ac_cv_path_gpg_agent_bin +if test -n "$gpg_agent_bin"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gpg_agent_bin" >&5 +$as_echo "$gpg_agent_bin" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +test -n "$gpg_agent_bin" || as_fn_error $? "no gpg-agent (gnupg agent) found" "$LINENO" 5 + + + # Check for Python modules if test -z $PYTHON; diff --git a/configure.ac b/configure.ac index f4ef7d1..b2a2be9 100644 --- a/configure.ac +++ b/configure.ac @@ -47,6 +47,8 @@ REQUIRE_PROG([msgmerge],[msgmerge_bin],[program]) REQUIRE_PROG([md5sum],[md5sum_bin],[program]) REQUIRE_PROG([sha1sum],[sha1sum_bin],[program]) REQUIRE_PROG([sha256sum],[sha256sum_bin],[program]) +REQUIRE_PROG([pinentry-gtk-2],[pinentry_gtk_2_bin],[graphical password dialog]) +REQUIRE_PROG([gpg-agent],[gpg_agent_bin],[gnupg agent]) # Check for Python modules AX_PYTHON_MODULE(lxml,fatal,python3) diff --git a/debian/changelog b/debian/changelog index 7f0d5c7..b12fc83 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,10 +1,15 @@ -thunar-custom-actions (0.0.15) UNRELEASED; urgency=medium +thunar-custom-actions (0.0.15) unstable; urgency=medium * change /screen to /prepress in PDF file size shrinker (less aggressive compression) * allow creating links to directories in link creation action + * add asymmetric gpg en/decryption + * minor drawback: decrypting multiple symetrically encrypted files now + prompts for the password on every file. This was necessary to easily + integrate asymmetrical encryption. Now both can be mixed on decrypting + action. - -- Yann Büchau Wed, 14 Jun 2017 09:49:50 +0200 + -- Yann Büchau Thu, 15 Jun 2017 11:19:34 +0200 thunar-custom-actions (0.0.14) unstable; urgency=medium diff --git a/debian/control b/debian/control index 9845f29..8a96402 100644 --- a/debian/control +++ b/debian/control @@ -12,7 +12,7 @@ Package: thunar-custom-actions Architecture: all Depends: ${misc:Depends}, thunar, python3, python3-lxml, make, imagemagick, zenity, ghostscript, gnupg2, bc, xdg-utils, perl, findutils (>=4.6), - coreutils (>=8.0) + coreutils (>=8.0), pinentry-gtk2, gnupg-agent Conflicts: thunar-custom-actions Replaces: thunar-custom-actions Description: system-wide thunar custom actions diff --git a/locale/de/LC_MESSAGES/thunar-custom-actions.po b/locale/de/LC_MESSAGES/thunar-custom-actions.po index b5d2278..cad990c 100644 --- a/locale/de/LC_MESSAGES/thunar-custom-actions.po +++ b/locale/de/LC_MESSAGES/thunar-custom-actions.po @@ -6,8 +6,8 @@ msgid "" msgstr "" "Project-Id-Version: \n" "Report-Msgid-Bugs-To: \n" -"POT-Creation-Date: 2017-06-14 22:57+0200\n" -"PO-Revision-Date: 2017-06-14 22:59+0200\n" +"POT-Creation-Date: 2017-06-15 11:09+0200\n" +"PO-Revision-Date: 2017-06-15 11:09+0200\n" "Last-Translator: \n" "Language-Team: \n" "Language: de\n" @@ -18,7 +18,7 @@ msgstr "" "X-Generator: Poedit 1.8.7.1\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" -#: locale/tmp_only_uca_commands.sh:1 +#: locale/tmp_only_uca_commands.sh:1 locale/tmp_only_uca_commands.sh:2 #, sh-format msgid "Encrypting" msgstr "Verschlüssele" @@ -27,8 +27,8 @@ msgstr "Verschlüssele" #: locale/tmp_only_uca_commands.sh:3 locale/tmp_only_uca_commands.sh:4 #: locale/tmp_only_uca_commands.sh:5 locale/tmp_only_uca_commands.sh:6 #: locale/tmp_only_uca_commands.sh:7 locale/tmp_only_uca_commands.sh:8 -#: locale/tmp_only_uca_commands.sh:11 locale/tmp_only_uca_commands.sh:12 -#: locale/tmp_only_uca_commands.sh:13 +#: locale/tmp_only_uca_commands.sh:9 locale/tmp_only_uca_commands.sh:12 +#: locale/tmp_only_uca_commands.sh:13 locale/tmp_only_uca_commands.sh:14 #, sh-format msgid "overwrite $base?" msgstr "$base überschreiben?" @@ -36,137 +36,152 @@ msgstr "$base überschreiben?" #: locale/tmp_only_uca_commands.sh:1 locale/tmp_only_uca_commands.sh:2 #: locale/tmp_only_uca_commands.sh:3 locale/tmp_only_uca_commands.sh:4 #: locale/tmp_only_uca_commands.sh:5 locale/tmp_only_uca_commands.sh:6 -#: locale/tmp_only_uca_commands.sh:7 locale/tmp_only_uca_commands.sh:11 +#: locale/tmp_only_uca_commands.sh:7 locale/tmp_only_uca_commands.sh:8 #: locale/tmp_only_uca_commands.sh:12 locale/tmp_only_uca_commands.sh:13 +#: locale/tmp_only_uca_commands.sh:14 #, sh-format msgid "something went wrong copying the file $fileout over to $filefinalout." msgstr "Etwas ist beim Kopieren der Datei $fileout nach $filefinalout schiefgegangen." #: locale/tmp_only_uca_commands.sh:2 #, sh-format -msgid "Decrypting" -msgstr "Entschlüssele" +msgid "Public Key" +msgstr "Öffentlicher Schlüssel" + +#: locale/tmp_only_uca_commands.sh:2 locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:11 +#, sh-format +msgid "Name" +msgstr "Name" #: locale/tmp_only_uca_commands.sh:2 #, sh-format -msgid "Wrong Password for $filebase?" -msgstr "Falsches Passwort für $filebase?" +msgid "Email" +msgstr "Email" + +#: locale/tmp_only_uca_commands.sh:3 +#, sh-format +msgid "Decrypting" +msgstr "Entschlüssele" #: locale/tmp_only_uca_commands.sh:3 #, sh-format +msgid "Could not decrypt $filebase. Wrong password?" +msgstr "Konnte $filebase nicht entschlüsseln. Falsches Passwort?" + +#: locale/tmp_only_uca_commands.sh:4 +#, sh-format msgid "Rotating clockwise" msgstr "Drehe im Uhrzeigersinn" -#: locale/tmp_only_uca_commands.sh:4 +#: locale/tmp_only_uca_commands.sh:5 #, sh-format msgid "Rotating anti-clockwise" msgstr "Drehe gegen den Uhrzeigersinn" -#: locale/tmp_only_uca_commands.sh:5 +#: locale/tmp_only_uca_commands.sh:6 #, sh-format msgid "Converting to grayscale" msgstr "Konvertiere zu Graustufen" -#: locale/tmp_only_uca_commands.sh:6 +#: locale/tmp_only_uca_commands.sh:7 #, sh-format msgid "Filling transparency with $COLOR" msgstr "Fülle Transparenz mit $COLOR" -#: locale/tmp_only_uca_commands.sh:7 +#: locale/tmp_only_uca_commands.sh:8 #, sh-format msgid "Scale to what percentage?" msgstr "Auf wie viel Prozent der Originalgröße skalieren?" -#: locale/tmp_only_uca_commands.sh:7 +#: locale/tmp_only_uca_commands.sh:8 #, sh-format msgid "Scale to $SCALE percent" msgstr "Skaliere auf $SCALE%" -#: locale/tmp_only_uca_commands.sh:8 +#: locale/tmp_only_uca_commands.sh:9 #, sh-format msgid "Select link location" msgstr "Ort der Verknüpfung auswählen" -#: locale/tmp_only_uca_commands.sh:8 +#: locale/tmp_only_uca_commands.sh:9 #, sh-format msgid "The link name has to differ from the target name." msgstr "Der Name des Links muss von dem zu verlinkenden Ziel abweichen." -#: locale/tmp_only_uca_commands.sh:8 +#: locale/tmp_only_uca_commands.sh:9 #, sh-format msgid "Could not create link" msgstr "Konnte den Link nicht erstellen" -#: locale/tmp_only_uca_commands.sh:9 +#: locale/tmp_only_uca_commands.sh:10 #, sh-format msgid "Determining file sizes" msgstr "Ermittle Dateigrößen" -#: locale/tmp_only_uca_commands.sh:9 +#: locale/tmp_only_uca_commands.sh:10 #, sh-format msgid "Size" msgstr "Größe" -#: locale/tmp_only_uca_commands.sh:9 locale/tmp_only_uca_commands.sh:10 -#, sh-format -msgid "Name" -msgstr "Name" - -#: locale/tmp_only_uca_commands.sh:9 +#: locale/tmp_only_uca_commands.sh:10 #, sh-format msgid "Big elements" msgstr "Große Elemente" -#: locale/tmp_only_uca_commands.sh:9 +#: locale/tmp_only_uca_commands.sh:10 #, sh-format msgid "Elements sorted by size" msgstr "Elemente nach Größe sortiert" -#: locale/tmp_only_uca_commands.sh:9 locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:10 locale/tmp_only_uca_commands.sh:11 #, sh-format msgid "Double-click to open." msgstr "Doppelklick zum öffnen." -#: locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:11 #, sh-format msgid "Determining checksums" msgstr "Berechne Prüfsummen" -#: locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:11 #, sh-format msgid "MD5" msgstr "MD5" -#: locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:11 #, sh-format msgid "SHA1" msgstr "SHA1" -#: locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:11 #, sh-format msgid "SHA256" msgstr "SHA256" -#: locale/tmp_only_uca_commands.sh:10 +#: locale/tmp_only_uca_commands.sh:11 #, sh-format msgid "Checksums" msgstr "Prüfsummen" -#: locale/tmp_only_uca_commands.sh:11 +#: locale/tmp_only_uca_commands.sh:12 #, sh-format msgid "Converting to PDF" msgstr "Konvertiere zu PDF" -#: locale/tmp_only_uca_commands.sh:12 +#: locale/tmp_only_uca_commands.sh:13 #, sh-format msgid "Concatenating PDFs" msgstr "Füge PDFs zusammen" -#: locale/tmp_only_uca_commands.sh:13 +#: locale/tmp_only_uca_commands.sh:14 #, sh-format msgid "Optimizing PDF" msgstr "Optimiere PDF" +#~ msgid "Wrong Password for $filebase?" +#~ msgstr "Falsches Passwort für $filebase?" + #~ msgid "size" #~ msgstr "Größe" diff --git a/m4/tuca.m4.in b/m4/tuca.m4.in index 8301a11..9a86310 100644 --- a/m4/tuca.m4.in +++ b/m4/tuca.m4.in @@ -22,11 +22,15 @@ define(<~TUCA_GETTEXTSH~>,<~@gettextsh_bin@~>)dnl define(<~TUCA_MD5SUM~>,<~@md5sum_bin@~>)dnl define(<~TUCA_SHA1SUM~>,<~@sha1sum_bin@~>)dnl define(<~TUCA_SHA256SUM~>,<~@sha256sum_bin@~>)dnl +define(<~TUCA_PINENTRY_GTK_2~>,<~@pinentry_gtk_2_bin@~>)dnl +define(<~TUCA_GPG2K_PARSER~>,<~@bindir@/parse-gpg2-k~>) +define(<~TUCA_GPG_AGENT~>,<~@gpg_agent_bin@~>) dnl metadata from ./configure define(<~TUCA_PACKAGE_NAME~>,<~@PACKAGE_NAME@~>)dnl dnl paths from ./configure define(<~TUCA_LOCALEDIR~>,<~@localedir@~>)dnl define(<~TUCA_DATAROOTDIR~>,<~@datarootdir@~>)dnl +define(<~TUCA_BINDIR~>,<~@bindir@~>)dnl dnl define(<~TUCA_FILE_VAR~>,<~file~>)dnl define(<~TUCA_TEMP_VAR~>,<~filetmp~>)dnl @@ -107,11 +111,12 @@ define(<~TUCA_WARNING~>,<~dnl TUCA_ZENITY() --warning --text="$(echo $1)"<~~>dnl ~>)dnl dnl -dnl TUCA_PASSWORD() -dnl - ask the user for a password +dnl TUCA_PASSWORD([title]) +dnl - ask the user for a password, optionally setting window "title" dnl define(<~TUCA_PASSWORD~>,<~dnl TUCA_ZENITY() --password<~~>dnl +ifelse($2,,,<~ --title="$(echo $2)"~>)<~~>dnl ~>)dnl dnl dnl diff --git a/man/man1/parse-gpg2-k.1.md b/man/man1/parse-gpg2-k.1.md new file mode 100644 index 0000000..5df9293 --- /dev/null +++ b/man/man1/parse-gpg2-k.1.md @@ -0,0 +1,37 @@ +% parse-gpg2-k(1) | Parse gpg2 --list-public-keys output + +NAME +==== + + +**parse-gpg2-k** - Parse gpg2 --list-public-keys output + +SYNOPSIS +======== + +usage: parse-gpg2-k + +Given the output of `gpg2 --list-public-keys` on STDIN, parse it and output on +STDIN something like: + +``` +F1F7AS9F +Name of User 1 +user1@internet.com +F1F7AS9F +Name of User 1 +user1@othermailaddress.com +E7A9A15S +Name of User 2 +user2_mail@emailhost.com +... +``` + + +AUTHOR +====== + + +Yann Büchau + + diff --git a/man/man1/uca-apply.1.md b/man/man1/uca-apply.1.md index fffad29..f8dc1cb 100644 --- a/man/man1/uca-apply.1.md +++ b/man/man1/uca-apply.1.md @@ -9,14 +9,15 @@ NAME SYNOPSIS ======== -usage: uca-apply [ update | remove ] +usage: uca-apply [update|remove][-all] update: merges system-wide Thunar custom actions into the user's configuration remove: removes the system-wide Thunar custom actions from the user's configuration -When executed as root or with sudo, do this for every (human) user. +\*-all: when this suffix is appended, do this for every user. This might require +root privileges. AUTHOR ====== diff --git a/share/thunar-custom-actions/system-uca/gpg.xml.m4 b/share/thunar-custom-actions/system-uca/gpg.xml.m4 index c9bc34e..ad9f0f6 100644 --- a/share/thunar-custom-actions/system-uca/gpg.xml.m4 +++ b/share/thunar-custom-actions/system-uca/gpg.xml.m4 @@ -6,10 +6,10 @@ include(tuca.m4)dnl gcr-gnupg - symmetrisch mit GPG verschlüsseln + Symmetrisch verschlüsseln mit GPG Encrypt symmetrically with GPG TUCA_CMD(dnl - PASSWORD=$(TUCA_PASSWORD()) || exit;dnl + PASSWORD=$(TUCA_PASSWORD(TUCA_TRANSLATE(File password))) || exit;dnl TUCA_PROGRESSBAR(dnl TUCA_LOOP(dnl TUCA_CREATE_FILE(dnl @@ -32,25 +32,59 @@ include(tuca.m4)dnl gcr-gnupg - symmetrisch mit GPG entschlüsseln - Decrypt symmetrically with GPG + Asymmetrisch verschlüsseln mit GPG + Encrypt asymmetrically with GPG TUCA_CMD(dnl - PASSWORD=$(TUCA_PASSWORD()) || exit;dnl + RECIPIENT_KEY="$(TUCA_GPG2() --list-public-keys | TUCA_GPG2K_PARSER() |dnl + TUCA_ZENITY() --list --print-column=1 dnl + --column="TUCA_TRANSLATE(Public Key)" dnl + --column="TUCA_TRANSLATE(Name)" dnl + --column="TUCA_TRANSLATE(Email)")";dnl + TUCA_GPG_AGENT() --pinentry-program="TUCA_PINENTRY_GTK_2()";dnl TUCA_PROGRESSBAR(dnl TUCA_LOOP(dnl TUCA_CREATE_FILE(dnl - echo $PASSWORD | TUCA_GPG2() --batch --yes --passphrase-fd 0 --decrypt -o TUCA_OUT() TUCA_IN() || FAIL=yes;dnl - if test -n "$FAIL";then TUCA_ERROR(TUCA_TRANSLATE(Wrong Password for $TUCA_FILE_BASE_VAR()?));exit;fi,dnl + TUCA_GPG2() --batch --yes --recipient "$RECIPIENT_KEY" dnl + --encrypt --armor --trust-model always dnl + --output TUCA_OUT() TUCA_IN(),dnl TUCA_FILE(),dnl input - $(dirname TUCA_FILE())/$(basename TUCA_FILE() .asc),dnl output name + TUCA_FILE().gpg,dnl output + ),dnl + TUCA_TRANSLATE(Encrypting),dnl loop description + )dnl + )dnl + ) + Die ausgewählten Dateien werden asymmetrisch mit GPG verschlüsselt. + Each selected file is encrypted asymmetrically with GPG. + * + + + + + + + + gcr-gnupg + Entschlüsseln mit GPG + Decrypt with GPG + TUCA_CMD(dnl + TUCA_GPG_AGENT() --pinentry-program="TUCA_PINENTRY_GTK_2()";dnl + TUCA_PROGRESSBAR(dnl + TUCA_LOOP(dnl + TUCA_CREATE_FILE(dnl + TUCA_GPG2() --batch --yes --decrypt -o TUCA_OUT() TUCA_IN() || dnl + TUCA_ERROR(TUCA_TRANSLATE(Could not decrypt $TUCA_FILE_BASE_VAR(). Wrong password?));dnl + ,dnl command + TUCA_FILE(),dnl input + $(dirname TUCA_FILE())/$(basename TUCA_FILE() | TUCA_PERL() -pe 's#\.\w+<~$~>##g'),dnl output name ),dnl TUCA_TRANSLATE(Decrypting),dnl loop description )dnl )dnl ) - Die ausgewählten Dateien werden symmetrisch mit einem Password mit GPG entschlüsselt. - Each selected file is decrypted symmetrically with one given password with GPG. - *.asc + Die ausgewählten Dateien werden mit GPG entschlüsselt. + Each selected file is decrypted with GPG. + *.asc;*.pgp;*.gpg