gpgme 2.0.23 → 2.0.25

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4d6acceab7f41eb6f3921f566fc2bf394658cd2a0a42e84024e3dda8ce19c9a6
-  data.tar.gz: a2e3adb3405cecfa249173693a12a552ed5b13eaeb09c5b4ef45c7fca8af2699
+  metadata.gz: 0c7d5f64ee6914eb120fbd884d55f5f7d9decfadc4c4ca86deb663696190517a
+  data.tar.gz: c58815644c21156c37333b27cc0de594a330f34aa040f3533f44aa8b9706b83b
 SHA512:
-  metadata.gz: 7ec1990d20648deeaed5c10d1eff1737b96a3b8f9d7dbb7001c21efb8f78ead507429d7e34d1219db2556f0f2fd584bb18362a42fadeaca47fc340153a304261
-  data.tar.gz: ccd721826ffe1077351628f083ece7894fe03c4a754f53eddab814dc4c1642a314dddfeb7157fc0117d9b5ea8f1fc2aad7aba447d377eb755201c625825f92a8
+  metadata.gz: 0775b291a09719b998107266313e0aa2185ebc6b337e4f038464440ff742df705dd23097f7041ad674a0cdac87400c45427d0b3094c96491002192a2f179a4ca
+  data.tar.gz: 335c6520b7362f7f0e382ac852564065abde3a82367d299133a87c97cde3940cfb65fd37c4ff36c470b1d2c4123128f281aab14a45efdabe719828435ccd5761

data/ext/gpgme/extconf.rb

@@ -25,12 +25,12 @@ if arg_config('--clean')
 
     # clean the ports build directory
     Pathname.glob(pwd.join('tmp', '*', 'ports')) { |dir|
-      FileUtils.rm_rf(dir, { :verbose => true })
-      FileUtils.rmdir(dir.parent, { :parents => true, :verbose => true })
+      FileUtils.rm_rf(dir, verbose: true)
+      FileUtils.rmdir(dir.parent, parents: true, verbose: true)
     }
 
     # ports installation can be safely removed if statically linked.
-    FileUtils.rm_rf(root + 'ports', { :verbose => true })
+    FileUtils.rm_rf(root + 'ports', verbose: true)
   end
 
   exit
@@ -65,11 +65,11 @@ EOS
   require 'rubygems'
   require 'mini_portile2'
 
-  libgpg_error_recipe = MiniPortile.new('libgpg-error', '1.47').tap do |recipe|
+  libgpg_error_recipe = MiniPortile.new('libgpg-error', '1.55').tap do |recipe|
     recipe.target = File.join(ROOT, "ports")
     recipe.files = [{
       :url => "https://www.gnupg.org/ftp/gcrypt/#{recipe.name}/#{recipe.name}-#{recipe.version}.tar.bz2",
-      :sha256 => '9e3c670966b96ecc746c28c2c419541e3bcb787d1a73930f5e5f5e1bcbbb9bdb'
+      :sha256 => '95b178148863f07d45df0cea67e880a79b9ef71f5d230baddc0071128516ef78'
     }]
     recipe.configure_options = [
       '--enable-install-gpg-error-config',
@@ -86,11 +86,11 @@ EOS
     recipe.activate
   end
 
-  libassuan_recipe = MiniPortile.new('libassuan', '2.5.6').tap do |recipe|
+  libassuan_recipe = MiniPortile.new('libassuan', '3.0.2').tap do |recipe|
     recipe.target = File.join(ROOT, "ports")
     recipe.files = [{
       :url => "https://www.gnupg.org/ftp/gcrypt/#{recipe.name}/#{recipe.name}-#{recipe.version}.tar.bz2",
-      :sha256 => 'e9fd27218d5394904e4e39788f9b1742711c3e6b41689a31aa3380bd5aa4f426'
+      :sha256 => 'd2931cdad266e633510f9970e1a2f346055e351bb19f9b78912475b8074c36f6'
     }]
     recipe.configure_options = [
       '--disable-shared',
@@ -106,11 +106,21 @@ EOS
     recipe.activate
   end
 
-  gpgme_recipe = MiniPortile.new('gpgme', '1.21.0').tap do |recipe|
+  pkg_config_paths = [
+    File.join(libgpg_error_recipe.lib_path, 'pkgconfig'),
+    File.join(libassuan_recipe.lib_path, 'pkgconfig'),
+  ]
+
+  # Ensure that the locally-built libraries take precedence. gpgme runs
+  # `gpgrt-config libassuan` and could pull in the system libassuan
+  # if PKG_CONFIG_PATH is not set properly.
+  ENV["PKG_CONFIG_PATH"] = [*pkg_config_paths, ENV["PKG_CONFIG_PATH"]].compact.join(File::PATH_SEPARATOR)
+
+  gpgme_recipe = MiniPortile.new('gpgme', '2.0.0').tap do |recipe|
     recipe.target = File.join(ROOT, "ports")
     recipe.files = [{
       :url => "https://www.gnupg.org/ftp/gcrypt/#{recipe.name}/#{recipe.name}-#{recipe.version}.tar.bz2",
-      :sha256 => '416e174e165734d84806253f8c96bda2993fd07f258c3aad5f053a6efd463e88'
+      :sha256 => 'ddf161d3c41ff6a3fcbaf4be6c6e305ca4ef1cc3f1ecdfce0c8c2a167c0cc36d'
     }]
     recipe.configure_options = [
       '--disable-shared',
@@ -126,7 +136,7 @@ EOS
       '--disable-g13-test',
       # We only need the C API.
       '--disable-languages',
-      "CFLAGS=-fPIC #{ENV["CFLAGS"]}",
+      "CFLAGS=-D_LARGEFILE64_SOURCE -fPIC #{ENV["CFLAGS"]}",
     ]
     checkpoint = "#{recipe.target}/#{recipe.name}-#{recipe.version}-#{recipe.host}.installed"
     unless File.exist?(checkpoint)

data/ext/gpgme/gpgme_n.c

@@ -106,11 +106,13 @@
 #define UNWRAP_GPGME_KEY(vkey, key)                                \
   Data_Get_Struct(vkey, struct _gpgme_key, key)
 
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER < 0x020000
 #define WRAP_GPGME_TRUST_ITEM(item)                                          \
   Data_Wrap_Struct(cTrustItem, 0, gpgme_trust_item_unref, item)
 /* `gpgme_trust_item_t' is typedef'ed as `struct _gpgme_trust_item *'. */
 #define UNWRAP_GPGME_TRUST_ITEM(vitem, item)                        \
   Data_Get_Struct(vitem, struct _gpgme_trust_item, item)
+#endif
 
 static VALUE cEngineInfo,
   cCtx,
@@ -123,7 +125,9 @@ static VALUE cEngineInfo,
   cNewSignature,
   cSignature,
   cSigNotation,
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER < 0x020000
   cTrustItem,
+#endif
   cRecipient,
   cDecryptResult,
   cVerifyResult,
@@ -264,19 +268,19 @@ rb_s_gpgme_hash_algo_name (VALUE dummy, VALUE valgo)
 static VALUE
 rb_s_gpgme_err_code (VALUE dummy, VALUE verr)
 {
-  return INT2FIX(gpgme_err_code (NUM2LONG(verr)));
+  return INT2FIX(gpgme_err_code (NUM2UINT(verr)));
 }
 
 static VALUE
 rb_s_gpgme_err_source (VALUE dummy, VALUE verr)
 {
-  return INT2FIX(gpgme_err_source (NUM2LONG(verr)));
+  return INT2FIX(gpgme_err_source (NUM2UINT(verr)));
 }
 
 static VALUE
 rb_s_gpgme_strerror (VALUE dummy, VALUE verr)
 {
-  return rb_str_new2 (gpgme_strerror (NUM2LONG(verr)));
+  return rb_str_new2 (gpgme_strerror (NUM2UINT(verr)));
 }
 
 static VALUE
@@ -299,7 +303,7 @@ rb_s_gpgme_data_new_from_mem (VALUE dummy, VALUE rdh, VALUE vbuffer,
   size_t size = NUM2UINT(vsize);
   gpgme_error_t err;
 
-  if (RSTRING_LEN(vbuffer) < size)
+  if ((size_t)RSTRING_LEN(vbuffer) < size)
     rb_raise (rb_eArgError, "argument out of range");
 
   err = gpgme_data_new_from_mem (&dh, StringValuePtr(vbuffer), size, 1);
@@ -514,6 +518,45 @@ rb_s_gpgme_release (VALUE dummy, VALUE vctx)
   return Qnil;
 }
 
+static VALUE
+rb_s_gpgme_set_ctx_flag (VALUE dummy, VALUE vctx, VALUE vname, VALUE vstr)
+{
+  gpgme_ctx_t ctx;
+  gpgme_error_t err;
+  char* name;
+  char* str;
+
+  name = StringValueCStr(vname);
+  str = StringValueCStr(vstr);
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+
+  err = gpgme_set_ctx_flag(ctx, name, str);
+  return LONG2NUM(err);
+}
+
+static VALUE
+rb_s_gpgme_get_ctx_flag (VALUE dummy, VALUE vctx, VALUE vname)
+{
+  gpgme_ctx_t ctx;
+  const char* name;
+
+  name = StringValueCStr(vname);
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+
+  const char* result;
+  result = gpgme_get_ctx_flag(ctx, name);
+  if (result == NULL)
+    rb_raise (rb_eArgError, "incorrect ctx flag name");
+
+  return rb_str_new_cstr(result);
+}
+
 static VALUE
 rb_s_gpgme_set_protocol (VALUE dummy, VALUE vctx, VALUE vproto)
 {
@@ -566,6 +609,42 @@ rb_s_gpgme_get_armor (VALUE dummy, VALUE vctx)
   return INT2FIX(yes);
 }
 
+static VALUE
+rb_s_gpgme_set_ignore_mdc_error (VALUE dummy, VALUE vctx, VALUE vyes)
+{
+  gpgme_ctx_t ctx;
+  gpgme_error_t err;
+  int yes;
+
+  yes = NUM2INT(vyes);
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+
+  err = gpgme_set_ctx_flag(ctx, "ignore-mdc-error", yes ? "1" : "");
+  return LONG2NUM(err);
+}
+
+static VALUE
+rb_s_gpgme_get_ignore_mdc_error (VALUE dummy, VALUE vctx)
+{
+  gpgme_ctx_t ctx;
+  int yes;
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+
+  const char* result;
+  result = gpgme_get_ctx_flag(ctx, "ignore-mdc-error");
+  if (result == NULL)
+    rb_raise (rb_eArgError, "incorrect ctx flag name");
+
+  yes = (result && *result)? !!atoi (result) : 0;
+  return INT2FIX(yes);
+}
+
 static VALUE
 rb_s_gpgme_set_textmode (VALUE dummy, VALUE vctx, VALUE vyes)
 {
@@ -969,11 +1048,19 @@ save_gpgme_key_attrs (VALUE vkey, gpgme_key_t key)
       rb_iv_set (vsubkey, "@keyid", rb_str_new2 (subkey->keyid));
       if (subkey->fpr)
         rb_iv_set (vsubkey, "@fpr", rb_str_new2 (subkey->fpr));
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+      rb_iv_set (vsubkey, "@timestamp", ULONG2NUM(subkey->timestamp));
+      rb_iv_set (vsubkey, "@expires", ULONG2NUM(subkey->expires));
+#else
       rb_iv_set (vsubkey, "@timestamp", LONG2NUM(subkey->timestamp));
       rb_iv_set (vsubkey, "@expires", LONG2NUM(subkey->expires));
+#endif
 #if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x010500
       if (subkey->curve)
         rb_iv_set (vsubkey, "@curve", rb_str_new2 (subkey->curve));
+#endif
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+      rb_iv_set (vsubkey, "@subkey_match", INT2FIX(subkey->subkey_match));
 #endif
       rb_ary_push (vsubkeys, vsubkey);
     }
@@ -1004,8 +1091,13 @@ save_gpgme_key_attrs (VALUE vkey, gpgme_key_t key)
           rb_iv_set (vkey_sig, "@exportable", INT2FIX(key_sig->exportable));
           rb_iv_set (vkey_sig, "@pubkey_algo", INT2FIX(key_sig->pubkey_algo));
           rb_iv_set (vkey_sig, "@keyid", rb_str_new2 (key_sig->keyid));
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+          rb_iv_set (vkey_sig, "@timestamp", ULONG2NUM(key_sig->timestamp));
+          rb_iv_set (vkey_sig, "@expires", ULONG2NUM(key_sig->expires));
+#else
           rb_iv_set (vkey_sig, "@timestamp", LONG2NUM(key_sig->timestamp));
           rb_iv_set (vkey_sig, "@expires", LONG2NUM(key_sig->expires));
+#endif
           rb_ary_push (vsignatures, vkey_sig);
         }
       rb_ary_push (vuids, vuser_id);
@@ -1408,6 +1500,27 @@ rb_s_gpgme_op_delete (VALUE dummy, VALUE vctx, VALUE vkey, VALUE vallow_secret)
   return LONG2NUM(err);
 }
 
+/* This method was added in 1.9.1. */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x010901
+static VALUE
+rb_s_gpgme_op_delete_ext (VALUE dummy, VALUE vctx, VALUE vkey, VALUE vflags)
+{
+  gpgme_ctx_t ctx;
+  gpgme_key_t key;
+  gpgme_error_t err;
+
+  CHECK_KEYLIST_NOT_IN_PROGRESS(vctx);
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+  UNWRAP_GPGME_KEY(vkey, key);
+
+  err = gpgme_op_delete_ext (ctx, key, NUM2INT(vflags));
+  return LONG2NUM(err);
+}
+#endif
+
 static VALUE
 rb_s_gpgme_op_delete_start (VALUE dummy, VALUE vctx, VALUE vkey,
                             VALUE vallow_secret)
@@ -1557,6 +1670,7 @@ rb_s_gpgme_op_card_edit_start (VALUE dummy, VALUE vctx, VALUE vkey,
   return LONG2NUM(err);
 }
 
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER < 0x020000
 static VALUE
 rb_s_gpgme_op_trustlist_start (VALUE dummy, VALUE vctx, VALUE vpattern,
                                VALUE vmax_level)
@@ -1620,6 +1734,7 @@ rb_s_gpgme_op_trustlist_end (VALUE dummy, VALUE vctx)
   err = gpgme_op_trustlist_end (ctx);
   return LONG2NUM(err);
 }
+#endif
 
 static VALUE
 rb_s_gpgme_op_decrypt (VALUE dummy, VALUE vctx, VALUE vcipher, VALUE vplain)
@@ -1970,8 +2085,13 @@ rb_s_gpgme_op_sign_result (VALUE dummy, VALUE vctx)
                  INT2FIX(new_signature->hash_algo));
       rb_iv_set (vnew_signature, "@sig_class",
                  UINT2NUM(new_signature->sig_class));
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+      rb_iv_set (vnew_signature, "@timestamp",
+                 ULONG2NUM(new_signature->timestamp));
+#else
       rb_iv_set (vnew_signature, "@timestamp",
                  LONG2NUM(new_signature->timestamp));
+#endif
       rb_iv_set (vnew_signature, "@fpr", rb_str_new2 (new_signature->fpr));
       rb_ary_push (vsignatures, vnew_signature);
     }
@@ -2260,6 +2380,57 @@ rb_s_gpgme_op_spawn (VALUE dummy, VALUE vctx, VALUE vfile,
 }
 #endif
 
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+static VALUE
+rb_s_gpgme_op_random_bytes (VALUE dummy, VALUE vctx, VALUE vsize, VALUE vmode)
+{
+  gpgme_ctx_t ctx;
+  gpgme_error_t err;
+  size_t size;
+  char *buffer;
+  VALUE result;
+
+  CHECK_KEYLIST_NOT_IN_PROGRESS(vctx);
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+  
+  size = NUM2SIZET(vsize);
+  buffer = ALLOC_N(char, size);
+
+  err = gpgme_op_random_bytes (ctx, NUM2INT(vmode), buffer, size);
+  if (err) {
+    xfree(buffer);
+    return LONG2NUM(err);
+  }
+
+  result = rb_str_new(buffer, size);
+  xfree(buffer);
+  return result;
+}
+
+static VALUE
+rb_s_gpgme_op_random_value (VALUE dummy, VALUE vctx, VALUE vlimit)
+{
+  gpgme_ctx_t ctx;
+  size_t limit, result;
+  gpgme_error_t err;
+
+  CHECK_KEYLIST_NOT_IN_PROGRESS(vctx);
+
+  UNWRAP_GPGME_CTX(vctx, ctx);
+  if (!ctx)
+    rb_raise (rb_eArgError, "released ctx");
+
+  limit = NUM2SIZET(vlimit);
+  err = gpgme_op_random_value (ctx, limit, &result);
+  if (gpgme_err_code(err) == GPG_ERR_NO_ERROR)
+    return SIZET2NUM(result);
+  return LONG2NUM(err);
+}
+#endif
+
 void
 Init_gpgme_n (void)
 {
@@ -2326,8 +2497,10 @@ Init_gpgme_n (void)
     rb_define_class_under (mGPGME, "Signature", rb_cObject);
   cSigNotation =
     rb_define_class_under (mGPGME, "SigNotation", rb_cObject);
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER < 0x020000
   cTrustItem =
     rb_define_class_under (mGPGME, "TrustItem", rb_cObject);
+#endif
   cInvalidKey =
     rb_define_class_under (mGPGME, "InvalidKey", rb_cObject);
   cNewSignature =
@@ -2373,6 +2546,10 @@ Init_gpgme_n (void)
                              rb_s_gpgme_release, 1);
 
   /* Context Attributes */
+  rb_define_module_function (mGPGME, "gpgme_set_ctx_flag",
+                             rb_s_gpgme_set_ctx_flag, 3);
+  rb_define_module_function (mGPGME, "gpgme_get_ctx_flag",
+                             rb_s_gpgme_get_ctx_flag, 2);
   rb_define_module_function (mGPGME, "gpgme_set_protocol",
                              rb_s_gpgme_set_protocol, 2);
   rb_define_module_function (mGPGME, "gpgme_get_protocol",
@@ -2381,6 +2558,10 @@ Init_gpgme_n (void)
                              rb_s_gpgme_set_armor, 2);
   rb_define_module_function (mGPGME, "gpgme_get_armor",
                              rb_s_gpgme_get_armor, 1);
+  rb_define_module_function (mGPGME, "gpgme_set_ignore_mdc_error",
+                             rb_s_gpgme_set_ignore_mdc_error, 2);
+  rb_define_module_function (mGPGME, "gpgme_get_ignore_mdc_error",
+                             rb_s_gpgme_get_ignore_mdc_error, 1);
   rb_define_module_function (mGPGME, "gpgme_set_textmode",
                              rb_s_gpgme_set_textmode, 2);
   rb_define_module_function (mGPGME, "gpgme_get_textmode",
@@ -2463,6 +2644,8 @@ Init_gpgme_n (void)
                              rb_s_gpgme_op_import_result, 1);
   rb_define_module_function (mGPGME, "gpgme_op_delete",
                              rb_s_gpgme_op_delete, 3);
+  rb_define_module_function (mGPGME, "gpgme_op_delete_ext",
+                             rb_s_gpgme_op_delete_ext, 3);
   rb_define_module_function (mGPGME, "gpgme_op_delete_start",
                              rb_s_gpgme_op_delete_start, 3);
   rb_define_module_function (mGPGME, "gpgme_op_edit",
@@ -2475,12 +2658,14 @@ Init_gpgme_n (void)
                              rb_s_gpgme_op_card_edit_start, 5);
 
   /* Trust Item Management */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER < 0x020000
   rb_define_module_function (mGPGME, "gpgme_op_trustlist_start",
                              rb_s_gpgme_op_trustlist_start, 3);
   rb_define_module_function (mGPGME, "gpgme_op_trustlist_next",
                              rb_s_gpgme_op_trustlist_next, 2);
   rb_define_module_function (mGPGME, "gpgme_op_trustlist_end",
                              rb_s_gpgme_op_trustlist_end, 1);
+#endif
 
   /* Decrypt */
   rb_define_module_function (mGPGME, "gpgme_op_decrypt",
@@ -2542,6 +2727,14 @@ Init_gpgme_n (void)
                              rb_s_gpgme_op_spawn_start, 7);
 #endif
 
+  /* Random Number Generation */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+  rb_define_module_function (mGPGME, "gpgme_op_random_bytes",
+                             rb_s_gpgme_op_random_bytes, 3);
+  rb_define_module_function (mGPGME, "gpgme_op_random_value",
+                             rb_s_gpgme_op_random_value, 2);
+#endif
+
   /* gpgme_pubkey_algo_t */
   rb_define_const (mGPGME, "GPGME_PK_RSA", INT2FIX(GPGME_PK_RSA));
   rb_define_const (mGPGME, "GPGME_PK_DSA", INT2FIX(GPGME_PK_DSA));
@@ -2722,6 +2915,7 @@ Init_gpgme_n (void)
                    INT2FIX(GPGME_SIG_MODE_CLEAR));
 
   /* gpgme_attr_t */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER < 0x020000
   rb_define_const (mGPGME, "GPGME_ATTR_KEYID",
                    INT2FIX(GPGME_ATTR_KEYID));
   rb_define_const (mGPGME, "GPGME_ATTR_FPR",
@@ -2784,6 +2978,7 @@ Init_gpgme_n (void)
                    INT2FIX(GPGME_ATTR_ERRTOK));
   rb_define_const (mGPGME, "GPGME_ATTR_SIG_SUMMARY",
                    INT2FIX(GPGME_ATTR_SIG_SUMMARY));
+#endif
 
   /* gpgme_validity_t */
   rb_define_const (mGPGME, "GPGME_VALIDITY_UNKNOWN",
@@ -3029,6 +3224,26 @@ Init_gpgme_n (void)
                    INT2FIX(GPGME_ENCRYPT_NO_ENCRYPT_TO));
 #endif
 
+  /* Random number generation mode flags added in 2.0.0 */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+  rb_define_const (mGPGME, "GPGME_RANDOM_MODE_NORMAL",
+                   INT2FIX(GPGME_RANDOM_MODE_NORMAL));
+  rb_define_const (mGPGME, "GPGME_RANDOM_MODE_ZBASE32",
+                   INT2FIX(GPGME_RANDOM_MODE_ZBASE32));
+#endif
+
+  /* Decrypt flags added in 2.0.0 */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+  rb_define_const (mGPGME, "GPGME_DECRYPT_LISTONLY",
+                   INT2FIX(GPGME_DECRYPT_LISTONLY));
+#endif
+
+  /* Key generation flags added in 2.0.0 */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x020000
+  rb_define_const (mGPGME, "GPGME_CREATE_GROUP",
+                   INT2FIX(GPGME_CREATE_GROUP));
+#endif
+
   /* These flags were added in 1.4.0. */
 #if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x010400
   rb_define_const (mGPGME, "GPGME_PINENTRY_MODE_DEFAULT",
@@ -3072,4 +3287,13 @@ Init_gpgme_n (void)
   rb_define_const (mGPGME, "GPGME_EXPORT_MODE_PKCS12",
                    INT2FIX(GPGME_EXPORT_MODE_PKCS12));
 #endif
+
+/* These flags were added in 1.9.1. */
+#if defined(GPGME_VERSION_NUMBER) && GPGME_VERSION_NUMBER >= 0x010901
+  rb_define_const (mGPGME, "GPGME_DELETE_ALLOW_SECRET",
+                   INT2FIX(GPGME_DELETE_ALLOW_SECRET));
+  rb_define_const (mGPGME, "GPGME_DELETE_FORCE",
+                   INT2FIX(GPGME_DELETE_FORCE));
+#endif
 }
+

data/lib/gpgme/constants.rb

@@ -1,36 +1,98 @@
 module GPGME
 
-  ATTR_ALGO = GPGME_ATTR_ALGO
-  ATTR_CAN_CERTIFY = GPGME_ATTR_CAN_CERTIFY
-  ATTR_CAN_ENCRYPT = GPGME_ATTR_CAN_ENCRYPT
-  ATTR_CAN_SIGN = GPGME_ATTR_CAN_SIGN
-  ATTR_CHAINID = GPGME_ATTR_CHAINID
-  ATTR_COMMENT = GPGME_ATTR_COMMENT
-  ATTR_CREATED = GPGME_ATTR_CREATED
-  ATTR_EMAIL = GPGME_ATTR_EMAIL
-  ATTR_ERRTOK = GPGME_ATTR_ERRTOK
-  ATTR_EXPIRE = GPGME_ATTR_EXPIRE
-  ATTR_FPR = GPGME_ATTR_FPR
-  ATTR_ISSUER = GPGME_ATTR_ISSUER
-  ATTR_IS_SECRET = GPGME_ATTR_IS_SECRET
-  ATTR_KEYID = GPGME_ATTR_KEYID
-  ATTR_KEY_CAPS = GPGME_ATTR_KEY_CAPS
-  ATTR_KEY_DISABLED = GPGME_ATTR_KEY_DISABLED
-  ATTR_KEY_EXPIRED = GPGME_ATTR_KEY_EXPIRED
-  ATTR_KEY_INVALID = GPGME_ATTR_KEY_INVALID
-  ATTR_KEY_REVOKED = GPGME_ATTR_KEY_REVOKED
-  ATTR_LEN = GPGME_ATTR_LEN
-  ATTR_LEVEL = GPGME_ATTR_LEVEL
-  ATTR_NAME = GPGME_ATTR_NAME
-  ATTR_OTRUST = GPGME_ATTR_OTRUST
-  ATTR_SERIAL = GPGME_ATTR_SERIAL
-  ATTR_SIG_STATUS = GPGME_ATTR_SIG_STATUS
-  ATTR_SIG_SUMMARY = GPGME_ATTR_SIG_SUMMARY
-  ATTR_TYPE = GPGME_ATTR_TYPE
-  ATTR_UID_INVALID = GPGME_ATTR_UID_INVALID
-  ATTR_UID_REVOKED = GPGME_ATTR_UID_REVOKED
-  ATTR_USERID = GPGME_ATTR_USERID
-  ATTR_VALIDITY = GPGME_ATTR_VALIDITY
+  if defined?(GPGME_ATTR_ALGO)
+    ATTR_ALGO = GPGME_ATTR_ALGO
+  end
+  if defined?(GPGME_ATTR_CAN_CERTIFY)
+    ATTR_CAN_CERTIFY = GPGME_ATTR_CAN_CERTIFY
+  end
+  if defined?(GPGME_ATTR_CAN_ENCRYPT)
+    ATTR_CAN_ENCRYPT = GPGME_ATTR_CAN_ENCRYPT
+  end
+  if defined?(GPGME_ATTR_CAN_SIGN)
+    ATTR_CAN_SIGN = GPGME_ATTR_CAN_SIGN
+  end
+  if defined?(GPGME_ATTR_CHAINID)
+    ATTR_CHAINID = GPGME_ATTR_CHAINID
+  end
+  if defined?(GPGME_ATTR_COMMENT)
+    ATTR_COMMENT = GPGME_ATTR_COMMENT
+  end
+  if defined?(GPGME_ATTR_CREATED)
+    ATTR_CREATED = GPGME_ATTR_CREATED
+  end
+  if defined?(GPGME_ATTR_EMAIL)
+    ATTR_EMAIL = GPGME_ATTR_EMAIL
+  end
+  if defined?(GPGME_ATTR_ERRTOK)
+    ATTR_ERRTOK = GPGME_ATTR_ERRTOK
+  end
+  if defined?(GPGME_ATTR_EXPIRE)
+    ATTR_EXPIRE = GPGME_ATTR_EXPIRE
+  end
+  if defined?(GPGME_ATTR_FPR)
+    ATTR_FPR = GPGME_ATTR_FPR
+  end
+  if defined?(GPGME_ATTR_ISSUER)
+    ATTR_ISSUER = GPGME_ATTR_ISSUER
+  end
+  if defined?(GPGME_ATTR_IS_SECRET)
+    ATTR_IS_SECRET = GPGME_ATTR_IS_SECRET
+  end
+  if defined?(GPGME_ATTR_KEYID)
+    ATTR_KEYID = GPGME_ATTR_KEYID
+  end
+  if defined?(GPGME_ATTR_KEY_CAPS)
+    ATTR_KEY_CAPS = GPGME_ATTR_KEY_CAPS
+  end
+  if defined?(GPGME_ATTR_KEY_DISABLED)
+    ATTR_KEY_DISABLED = GPGME_ATTR_KEY_DISABLED
+  end
+  if defined?(GPGME_ATTR_KEY_EXPIRED)
+    ATTR_KEY_EXPIRED = GPGME_ATTR_KEY_EXPIRED
+  end
+  if defined?(GPGME_ATTR_KEY_INVALID)
+    ATTR_KEY_INVALID = GPGME_ATTR_KEY_INVALID
+  end
+  if defined?(GPGME_ATTR_KEY_REVOKED)
+    ATTR_KEY_REVOKED = GPGME_ATTR_KEY_REVOKED
+  end
+  if defined?(GPGME_ATTR_LEN)
+    ATTR_LEN = GPGME_ATTR_LEN
+  end
+  if defined?(GPGME_ATTR_LEVEL)
+    ATTR_LEVEL = GPGME_ATTR_LEVEL
+  end
+  if defined?(GPGME_ATTR_NAME)
+    ATTR_NAME = GPGME_ATTR_NAME
+  end
+  if defined?(GPGME_ATTR_OTRUST)
+    ATTR_OTRUST = GPGME_ATTR_OTRUST
+  end
+  if defined?(GPGME_ATTR_SERIAL)
+    ATTR_SERIAL = GPGME_ATTR_SERIAL
+  end
+  if defined?(GPGME_ATTR_SIG_STATUS)
+    ATTR_SIG_STATUS = GPGME_ATTR_SIG_STATUS
+  end
+  if defined?(GPGME_ATTR_SIG_SUMMARY)
+    ATTR_SIG_SUMMARY = GPGME_ATTR_SIG_SUMMARY
+  end
+  if defined?(GPGME_ATTR_TYPE)
+    ATTR_TYPE = GPGME_ATTR_TYPE
+  end
+  if defined?(GPGME_ATTR_UID_INVALID)
+    ATTR_UID_INVALID = GPGME_ATTR_UID_INVALID
+  end
+  if defined?(GPGME_ATTR_UID_REVOKED)
+    ATTR_UID_REVOKED = GPGME_ATTR_UID_REVOKED
+  end
+  if defined?(GPGME_ATTR_USERID)
+    ATTR_USERID = GPGME_ATTR_USERID
+  end
+  if defined?(GPGME_ATTR_VALIDITY)
+    ATTR_VALIDITY = GPGME_ATTR_VALIDITY
+  end
   DATA_ENCODING_ARMOR = GPGME_DATA_ENCODING_ARMOR
   DATA_ENCODING_BASE64 = GPGME_DATA_ENCODING_BASE64
   DATA_ENCODING_BINARY = GPGME_DATA_ENCODING_BINARY
@@ -265,4 +327,31 @@ module GPGME
     VALIDITY_FULL       => :full,
     VALIDITY_ULTIMATE   => :ultimate
   }
+
+  if defined?(GPGME_DELETE_ALLOW_SECRET)
+    DELETE_ALLOW_SECRET = GPGME_DELETE_ALLOW_SECRET
+  end
+
+  if defined?(GPGME_DELETE_FORCE)
+    DELETE_FORCE = GPGME_DELETE_FORCE
+  end
+
+  # Random number generation mode flags added in 2.0.0
+  if defined?(GPGME_RANDOM_MODE_NORMAL)
+    RANDOM_MODE_NORMAL = GPGME_RANDOM_MODE_NORMAL
+  end
+
+  if defined?(GPGME_RANDOM_MODE_ZBASE32)
+    RANDOM_MODE_ZBASE32 = GPGME_RANDOM_MODE_ZBASE32
+  end
+
+  # Decrypt flags added in 2.0.0
+  if defined?(GPGME_DECRYPT_LISTONLY)
+    DECRYPT_LISTONLY = GPGME_DECRYPT_LISTONLY
+  end
+
+  # Key generation flags added in 2.0.0
+  if defined?(GPGME_CREATE_GROUP)
+    CREATE_GROUP = GPGME_CREATE_GROUP
+  end
 end

data/lib/gpgme/ctx.rb

@@ -49,12 +49,13 @@ module GPGME
       raise exc if exc
       ctx = rctx[0]
 
-      ctx.protocol      = options[:protocol]      if options[:protocol]
-      ctx.armor         = options[:armor]         if options[:armor]
-      ctx.textmode      = options[:textmode]      if options[:textmode]
-      ctx.keylist_mode  = options[:keylist_mode]  if options[:keylist_mode]
-      ctx.pinentry_mode = options[:pinentry_mode] if options[:pinentry_mode]
-      ctx.offline       = options[:offline]       if options[:offline]
+      ctx.protocol          = options[:protocol]          if options[:protocol]
+      ctx.armor             = options[:armor]             if options[:armor]
+      ctx.textmode          = options[:textmode]          if options[:textmode]
+      ctx.keylist_mode      = options[:keylist_mode]      if options[:keylist_mode]
+      ctx.pinentry_mode     = options[:pinentry_mode]     if options[:pinentry_mode]
+      ctx.offline           = options[:offline]           if options[:offline]
+      ctx.ignore_mdc_error  = options[:ignore_mdc_error]  if options[:ignore_mdc_error]
 
       if options[:password]
         ctx.set_passphrase_callback GPGME::Ctx.method(:pass_function),
@@ -103,6 +104,43 @@ module GPGME
     # Getters and setters
     ##
 
+    # Get the value of the Ctx flag with the given name.
+    #
+    # Allowed flag names may include:
+    # - 'redraw'
+    # - 'full-status'
+    # - 'raw-description'
+    # - 'export-session-key'
+    # - 'override-session-key'
+    # - 'include-key-block'
+    # - 'auto-key-import'
+    # - 'auto-key-retrieve'
+    # - 'request-origin'
+    # - 'no-symkey-cache'
+    # - 'ignore-mdc-error'
+    # - 'auto-key-locate'
+    # - 'trust-model'
+    # - 'extended-edit'
+    # - 'cert-expire'
+    # - 'key-origin'
+    # - 'import-filter'
+    # - 'no-auto-check-trustdb'
+    #
+    # Please consult the GPGPME documentation for more details
+    #
+    def get_ctx_flag(flag_name)
+      GPGME::gpgme_get_ctx_flag(self, flag_name.to_s)
+    end
+
+    # Set the Ctx flag with the given name
+    # to the given value.
+    def set_ctx_flag(flag_name, val)
+      err = GPGME::gpgme_set_ctx_flag(self, flag_name.to_s, val.to_s)
+      exc = GPGME::error_to_exception(err)
+      raise exc if exc
+      val
+    end
+
     # Set the +protocol+ used within this context. See {GPGME::Ctx.new} for
     # possible values.
     def protocol=(proto)
@@ -128,6 +166,22 @@ module GPGME
       GPGME::gpgme_get_armor(self) == 1 ? true : false
     end
 
+    # This option ignores a MDC integrity protection failure.
+    # It is required to decrypt old messages which did not use an MDC.
+    # It may also be useful if a message is partially garbled,
+    # but it is necessary to get as much data as possible out of that garbled message.
+    # Be aware that a missing or failed MDC can be an indication of an attack.
+    # Use with great caution.
+    def ignore_mdc_error=(yes)
+      GPGME::gpgme_set_ignore_mdc_error(self, yes ? 1 : 0)
+      yes
+    end
+
+    # Return true if the MDC integrity protection is disabled.
+    def ignore_mdc_error
+      GPGME::gpgme_get_ignore_mdc_error(self) == 1 ? true : false
+    end
+
     # Tell whether canonical text mode should be used.
     def textmode=(yes)
       GPGME::gpgme_set_textmode(self, yes ? 1 : 0)
@@ -393,8 +447,17 @@ module GPGME
     # Delete the key from the key ring.
     # If allow_secret is false, only public keys are deleted,
     # otherwise secret keys are deleted as well.
-    def delete_key(key, allow_secret = false)
-      err = GPGME::gpgme_op_delete(self, key, allow_secret ? 1 : 0)
+    # If force is true, the confirmation dialog will not be displayed.
+    def delete_key(key, allow_secret = false, force = false)
+      err = nil
+      if defined?(GPGME::gpgme_op_delete_ext)
+        flag = 0
+        flag ^= GPGME::DELETE_ALLOW_SECRET if allow_secret
+        flag ^= GPGME::DELETE_FORCE if force
+        err = GPGME::gpgme_op_delete_ext(self, key, flag)
+      else
+        err = GPGME::gpgme_op_delete(self, key, allow_secret ? 1 : 0)
+      end
       exc = GPGME::error_to_exception(err)
       raise exc if exc
     end
@@ -507,6 +570,39 @@ module GPGME
       raise exc if exc
     end
 
+    # Generate cryptographically strong random bytes.
+    # Available since GPGME 2.0.0.
+    #
+    # @param [Integer] size Number of bytes to generate
+    # @param [Integer] mode Random generation mode (RANDOM_MODE_NORMAL or RANDOM_MODE_ZBASE32)
+    # @return [String] Random bytes as a binary string
+    def random_bytes(size, mode = GPGME::RANDOM_MODE_NORMAL)
+      result = GPGME::gpgme_op_random_bytes(self, size, mode)
+      if result.is_a?(String)
+        result
+      else
+        exc = GPGME::error_to_exception(result)
+        raise exc if exc
+        result
+      end
+    end
+
+    # Generate a cryptographically strong random unsigned integer value.
+    # Available since GPGME 2.0.0.
+    #
+    # @param [Integer] limit Upper limit for the random value (exclusive)
+    # @return [Integer] Random unsigned integer value in range [0, limit)
+    def random_value(limit)
+      result = GPGME::gpgme_op_random_value(self, limit)
+      if result.is_a?(Integer) && result >= 0
+        result
+      else
+        exc = GPGME::error_to_exception(result)
+        raise exc if exc
+        result
+      end
+    end
+
     def inspect
       "#<#{self.class} protocol=#{PROTOCOL_NAMES[protocol] || protocol}, \
 armor=#{armor}, textmode=#{textmode}, \

data/lib/gpgme/key.rb

@@ -156,10 +156,11 @@ module GPGME
 
     ##
     # Delete this key. If it's public, and has a secret one it will fail unless
-    # +allow_secret+ is specified as true.
-    def delete!(allow_secret = false)
+    # +allow_secret+ is specified as true. Suppress the confirmation dialog, if
+    # +force+ is specified as true.
+    def delete!(allow_secret = false, force = false)
       GPGME::Ctx.new do |ctx|
-        ctx.delete_key self, allow_secret
+        ctx.delete_key self, allow_secret, force
       end
     end
 

data/lib/gpgme/version.rb

@@ -1,4 +1,4 @@
 module GPGME
   # The version of GPGME ruby binding you are using
-  VERSION = "2.0.23"
+  VERSION = "2.0.25"
 end

data/lib/gpgme.rb

@@ -1,5 +1,3 @@
-$:.push File.expand_path("../..", __FILE__) # C extension is in the root
-
 require 'gpgme_n'
 
 # TODO without this call one can't GPGME::Ctx.new, find out why

data/test/crypto_test.rb

@@ -90,7 +90,7 @@ describe GPGME::Crypto do
       encrypted   = crypto.encrypt TEXT[:plain], :sign => true
       signatures  = 0
 
-      crypto.verify(encrypted) do |signature|
+      crypto.decrypt(encrypted) do |signature|
         assert_instance_of GPGME::Signature, signature
         signatures += 1
       end
@@ -103,7 +103,7 @@ describe GPGME::Crypto do
       encrypted   = crypto.encrypt TEXT[:plain], :sign => true, :signers => KEYS.map{|k| k[:sha]}
       signatures  = 0
 
-      crypto.verify(encrypted) do |signature|
+      crypto.decrypt(encrypted) do |signature|
         assert_instance_of GPGME::Signature, signature
         signatures += 1
       end

data/test/ctx_test.rb

@@ -81,6 +81,70 @@ describe GPGME::Ctx do
     end
   end
 
+  describe :get_ctx_flag do
+    it "reads flags with getters and setters" do
+      ctx = GPGME::Ctx.new
+
+      refute ctx.ignore_mdc_error
+      assert_equal "", ctx.get_ctx_flag("ignore-mdc-error")
+
+      ctx.ignore_mdc_error = true
+
+      assert ctx.ignore_mdc_error
+      assert_equal "1", ctx.get_ctx_flag("ignore-mdc-error")
+    end
+
+    it "can get flags without getters and setters" do
+      ctx = GPGME::Ctx.new
+
+      assert_equal "", ctx.get_ctx_flag("auto-key-locate")
+      ctx.set_ctx_flag("auto-key-locate", "cert")
+      assert_equal "cert", ctx.get_ctx_flag("auto-key-locate")
+    end
+
+    it "raises an error when a flag doesn't exist" do
+      ctx = GPGME::Ctx.new
+
+      assert_raises ArgumentError do
+        ctx.get_ctx_flag("foo")
+      end
+    end
+  end
+
+  describe :set_ctx_flag do
+    it "sets the value for a flag with a getter" do
+      ctx = GPGME::Ctx.new
+      refute ctx.ignore_mdc_error
+
+      ctx.set_ctx_flag("ignore-mdc-error", "1")
+      assert ctx.ignore_mdc_error
+    end
+
+    it "unsets the value for a flag with a getter" do
+      ctx = GPGME::Ctx.new(ignore_mdc_error: true)
+      assert ctx.ignore_mdc_error
+
+      ctx.set_ctx_flag("ignore-mdc-error", "0")
+      refute ctx.ignore_mdc_error
+    end
+
+    it "can set flags without getters and setters" do
+      ctx = GPGME::Ctx.new
+
+      assert_equal "", ctx.get_ctx_flag("auto-key-locate")
+      ctx.set_ctx_flag("auto-key-locate", "cert")
+      assert_equal "cert", ctx.get_ctx_flag("auto-key-locate")
+    end
+
+    it "raises an error when a flag doesn't exist" do
+      ctx = GPGME::Ctx.new
+
+      assert_raises GPGME::Error do
+        ctx.set_ctx_flag("foo", "bar")
+      end
+    end
+  end
+
   describe :armor do
     it "sets false by default" do
       ctx = GPGME::Ctx.new
@@ -101,6 +165,36 @@ describe GPGME::Ctx do
     end
   end
 
+  describe :ignore_mdc_error do
+    it "sets false by default" do
+      ctx = GPGME::Ctx.new
+      refute ctx.ignore_mdc_error
+    end
+
+    it "can set" do
+      ctx = GPGME::Ctx.new
+
+      ctx.ignore_mdc_error = true
+      assert ctx.ignore_mdc_error
+    end
+
+    it "can unset" do
+      ctx = GPGME::Ctx.new(ignore_mdc_error: true)
+      assert ctx.ignore_mdc_error
+
+      ctx.ignore_mdc_error = false
+      refute ctx.ignore_mdc_error
+    end
+
+    it "can set and get in constructor" do
+      ctx = GPGME::Ctx.new(:ignore_mdc_error => false)
+      refute ctx.ignore_mdc_error
+
+      ctx = GPGME::Ctx.new(:ignore_mdc_error => true)
+      assert ctx.ignore_mdc_error
+    end
+  end
+
   describe :protocol do
     it "sets 0 by default" do
       ctx = GPGME::Ctx.new

data/test/data_test.rb

@@ -25,14 +25,14 @@ describe GPGME::Data do
     it "creates a data from a file" do
       # magic fromfile
       data = GPGME::Data.new(File.open(__FILE__))
-      assert_match /magic fromfile/, data.read
+      assert_match(/magic fromfile/, data.read)
     end
 
     it "creates a data from file descriptor" do
       # magic filedescriptor
       File.open(__FILE__) do |f|
         data = GPGME::Data.new(f.fileno)
-        assert_match /magic filedescriptor/, data.read
+        assert_match(/magic filedescriptor/, data.read)
       end
     end
   end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: gpgme
 version: !ruby/object:Gem::Version
-  version: 2.0.23
+  version: 2.0.25
 platform: ruby
 authors:
 - Daiki Ueno
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-08-16 00:00:00.000000000 Z
+date: 2025-07-26 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: mini_portile2
@@ -131,9 +131,9 @@ files:
 - lib/gpgme/sub_key.rb
 - lib/gpgme/user_id.rb
 - lib/gpgme/version.rb
-- ports/archives/gpgme-1.21.0.tar.bz2
-- ports/archives/libassuan-2.5.6.tar.bz2
-- ports/archives/libgpg-error-1.47.tar.bz2
+- ports/archives/gpgme-2.0.0.tar.bz2
+- ports/archives/libassuan-3.0.2.tar.bz2
+- ports/archives/libgpg-error-1.55.tar.bz2
 - test/crypto_test.rb
 - test/ctx_test.rb
 - test/data_test.rb
@@ -167,7 +167,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.4.10
+rubygems_version: 3.5.22
 signing_key:
 specification_version: 4
 summary: Ruby binding of GPGME.