Updated crontab to install bw cli

added rclone example
Updated to python usage and crontab example
2024-09-02 15:11:35 +00:00 · 2024-08-23 18:53:01 +00:00 · 2024-08-23 18:51:09 +00:00 · 2024-04-15 19:25:56 +00:00 · 2024-04-15 19:19:28 +00:00 · 2023-11-11 13:45:24 -05:00
96 changed files with 848 additions and 8436 deletions
--- a/.gitignore
+++ b/.gitignore
@@ -1,9 +1,138 @@
 # ---> Python
 # Byte-compiled / optimized / DLL files
 __pycache__/
 *.py[cod]
 *$py.class
 # C extensions
 *.so
 # Distribution / packaging
 .Python
 build/
 develop-eggs/
 dist/
 downloads/
 eggs/
 .eggs/
 parts/
 sdist/
 var/
 wheels/
 *.egg-info/
 .installed.cfg
 *.egg
 MANIFEST
 # PyInstaller
 #  Usually these files are written by a python script from a template
 #  before PyInstaller builds the exe, so as to inject date/other infos into it.
 *.manifest
 *.spec
 # Installer logs
 pip-log.txt
 pip-delete-this-directory.txt
 # Unit test / coverage reports
 htmlcov/
 .tox/
 .nox/
 .coverage
 .coverage.*
 .cache
 nosetests.xml
 coverage.xml
 *.cover
 .hypothesis/
 .pytest_cache/
 # Translations
 *.mo
 *.pot
 # Django stuff:
 *.log
 local_settings.py
 db.sqlite3
 # Flask stuff:
 instance/
 .webassets-cache
 # Scrapy stuff:
 .scrapy
 # Sphinx documentation
 docs/_build/
 # PyBuilder
 target/
 # Jupyter Notebook
 .ipynb_checkpoints
 # IPython
 profile_default/
 ipython_config.py
 # pyenv
 .python-version
 # celery beat schedule file
 celerybeat-schedule
 # SageMath parsed files
 *.sage.py
 # Environments
 .env
 .venv
 env/
 venv/
 ENV/
 env.bak/
 venv.bak/
 # Spyder project settings
 .spyderproject
 .spyproject
 # Rope project settings
 .ropeproject
 # mkdocs documentation
 /site
 # mypy
 .mypy_cache/
 .dmypy.json
 dmypy.json
 # Pyre type checker
 .pyre/
 # config file
 *config.yml
 *config.py
 *config.ini
 *config.json
 # config/secret/certs files
 *.key
 *.crt
 *secrets.ini
 *client.conf
 *.config
 # GPG files #
 *.gpg
 *.asc
 *.pgp
 *.age
 *.csv
 *.json
 *.zip
 attachments/
 lib/gpg/home/
 working/
 exports/
--- a/README.md
+++ b/README.md
@@ -1,13 +1,34 @@
 # Bitwarden Backup
-This project uses bw cli, gpg, and sdelete.  It will export the vault and any organizations to both json and csv files. It also downloads all attachments into folders.  You can zip the export together or gpg encrypt the export as well, the encryption is symmetric and uses your bitwarden vault password.
+This project uses bw cli, gpg, and sdelete/srm.  It will export the vault and any organizations to both json and csv files. It also downloads all attachments into folders.  You can zip the export together or gpg encrypt the export as well, the encryption is symmetric and uses your bitwarden vault password.
 # Usage
 ```
-Usage:
+usage: bitwardenBackup.py [options]
    bitwardenBackup.ps1 [-zip] [-encrypt] [-verbose]
-Options:
+Run Bitwarden backup operation. This will produce an encrypted zip/tar with exported CSV, JSON, and attachements.
-    -zip            Zips the export/attachements into a zip
+
-    -encrypt        Encrypts the zip file with gpg symmetric encryption using your vault password
+options:
-    -verbose        Show verbose information
+  -h, --help            show this help message and exit
  -a ACCOUNTS_TO_BACKUP [ACCOUNTS_TO_BACKUP ...], --accounts ACCOUNTS_TO_BACKUP [ACCOUNTS_TO_BACKUP ...]
                        Accounts to backup instead of all accounts.
  -c, --config          Edit Bitwarden account configuration.
  -t, --test            Test Bitwarden account login and unlock.
  -v, --verbose         Output debug/verbose info to the console for troubleshooting.
  --no-encryption       Will only zip up export and will NOT encrypt anything.
 ```
 # Example crontab
 ```
 # Command to run everything at 22:00 (10PM) on the 2nd and 17th of the month.  Will backup all configured bitwarden accounts and upload to seafile
 20 2,17 * * /usr/bin/apt update; /usr/bin/apt upgrade -y; /usr/bin/wget -O /tmp/bw.zip "https://vault.bitwarden.com/download/?app=cli&platform=linux"; /usr/bin/unzip -o -d /tmp/ /tmp/bw.zip; /usr/bin/chmod +x /tmp/bw; /usr/bin/mv /tmp/bw /usr/bin/bw; /usr/bin/python3 /opt/bitwardenbackup/bitwardenBackup.py; /usr/bin/curl https://rclone.org/install.sh | bash; /usr/bin/rclone move /opt/bitwardenbackup/exports seafile: --include "*.gpg"; /sbin/shutdown -P now
 ```
 # Example Rclone config file
 ```
 [seafile]
 type = webdav
 url = https://gaunt.cloud/seafdav/Bitwarden%20Backups/
 vendor = other
 user = bitwardenbackup@gaunt.cloud
 pass = *****
 ```
--- a/bitwardenBackup.ps1
+++ b/bitwardenBackup.ps1
@@ -6,93 +6,154 @@ param (
 # Verbose output
 if ($verbose) {
    $oldverbose = $VerbosePreference
    $VerbosePreference = "continue"
 }
 # get the date/time for the back filename
-$dateTime = get-date -format ("yyyyMMdd-HHmmss")
+$dateTime = Get-Date -format ("yyyyMMdd-HHmmss")
-$env:Path += ";$PSScriptRoot\lib;$PSScriptRoot\lib\gpg\bin;$PSScriptRoot\lib\age"
+# set the binaries path, do not rely on the path variables as they are not hashed
 $bw = "$PSScriptRoot\lib\bw.exe"
 $gpg = "$PSScriptRoot\lib\gpg\bin\gpg.exe"
 $sdelete = "$PSScriptRoot\lib\sdelete.exe"
-bw config server https://bitwarden.johnhgaunt.com
+# set bitwarden server to my self hosted instance
 #& $bw config server https://bitwarden.johnhgaunt.com
 # begin while loop to login, if login is incorrect, ask user again
 while ($true) {
-    $username = Read-Host "Please enter your bitwarden email"
+    # ask for api client id/secret and password
-    $password = Read-Host -assecurestring "Please enter your bitwarden password"
+    $clientID = Read-Host "Please enter your Bitwarden API client_id"
    $env:BW_CLIENTID = "$clientID"
    $clientSecret = Read-Host -assecurestring "Please enter your bitwarden API client_secret"
    $clientSecret = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($clientSecret))
    $env:BW_CLIENTSECRET = "$clientSecret"
    # test login
    & $bw login --apikey --raw
    $bwStatus = $(ConvertFrom-Json $(& $bw status))
    if ($bwStatus."Status" -eq "locked") {
        # Authentication was successful 
        # start new loop for password unlock
        while ($true) {
            $password = Read-Host -assecurestring "Please enter your Bitwarden password"
            $password = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($password))
-    $code = Read-Host "Please enter your 2fa code (hit enter if not used)"
+            $sessionKey = $(& $bw unlock $password --raw --nointeraction)
-    if ($code -eq "") {
+            # get the bw status to see if the login was successfull and inform user
-        $sessionKey = $(bw login $username $password --raw --nointeraction)
+            $bwStatus = $(ConvertFrom-Json $(& $bw status --session $sessionKey))
            if ($bwStatus."Status" -eq "unlocked") {
                $username = $bwStatus."userEmail"
                break
            } else {
        $sessionKey = $(bw login $username $password --method 0 --code $code --raw --nointeraction)
    }
    $bwStatus = $(ConvertFrom-Json $(bw status))
    if ($bwStatus.Status -ne "locked") {
                # just writing a new line
                Write-Host " "
-        Write-Warning "Unable to login, please try agian."
+                Write-Warning "Unable to unlock your vault, please try agian."
-    } else {
+            }
        }
        break
    } else {
        Write-Host " "
        Write-Warning "Unable to authenticate, please try agian."
    }  
 }
-
+# Export the vault to both CSV and JSON files, this allows best compatibility to import again or switch managers.
 Write-Host "Exporting vault to both CSV and JSON files."
 Write-Verbose "Exporting vault to CSV."
-bw export $password --output "$PSScriptRoot\Bitwarden User $username Export $dateTime.csv" --format csv --session $sessionKey
+& $bw export $password --output "$PSScriptRoot\Bitwarden User $username Export $dateTime.csv" --format csv --session $sessionKey
 # just writing a new line
 Write-Host " "
 Write-Verbose "Exporting vault to JSON."
-bw export $password --output "$PSScriptRoot\Bitwarden User $username Export $dateTime.json" --format json --session $sessionKey
+& $bw export $password --output "$PSScriptRoot\Bitwarden User $username Export $dateTime.json" --format json --session $sessionKey
 # just writing a new line
 Write-Host " "
 # look for organizations
 Write-Host "Looking for Organizations..."
-$organizations = $(ConvertFrom-Json $(bw list organizations --session $sessionKey))
+$organizations = $(ConvertFrom-Json $(& $bw list organizations --session $sessionKey))
-Write-Host "Found $(($organizations | measure).count) Organiztaions."
+Write-Host "Found $(($organizations | Measure-Object).count) Organiztaions."
-$organizations | foreach {
+# loop through the found organizations and again export both as CSV and JSON for best compatibility
 $organizations | ForEach-Object {
    Write-Host "Exporting organization $($_.name) vault to both CSV and JSON files."
    Write-Verbose "Exporting organization vault to CSV."
-    bw export $password --organizationid $_.id --output "$PSScriptRoot\Bitwarden Organization $($_.name) Export $dateTime.csv" --format csv --session $sessionKey
+    & $bw export $password --organizationid $_.id --output "$PSScriptRoot\Bitwarden Organization $($_.name) Export $dateTime.csv" --format csv --session $sessionKey
    # just writing a new line
    Write-Host " "
    Write-Verbose "Exporting organization vault to JSON."
-    bw export $password --organizationid $_.id --output "$PSScriptRoot\Bitwarden Organization $($_.name) Export $dateTime.json" --format json --session $sessionKey
+    & $bw export $password --organizationid $_.id --output "$PSScriptRoot\Bitwarden Organization $($_.name) Export $dateTime.json" --format json --session $sessionKey
    # just writing a new line
    Write-Host " "
 }
 # find all items with attachments
 Write-Host "Looking for items with attachments..."
-$itemsWithAttachments = $((ConvertFrom-Json $(bw list items --session $sessionKey)) | Where-Object attachments)
+$itemsWithAttachments = $((ConvertFrom-Json $(& $bw list items --session $sessionKey)) | Where-Object attachments)
-Write-Host "Found $(($itemsWithAttachments | measure).count) items with attachments."
+Write-Host "Found $(($itemsWithAttachments | Measure-Object).count) items with attachments."
 # loop through all the items with attachments and download them into a folder with the name of the item
 Write-Host "Downloading attachments..."
-$itemsWithAttachments | foreach {
+$itemsWithAttachments | ForEach-Object {
    Write-Verbose "Working on item $($_.name) ($($_.id))."
    $folder="$PSScriptRoot\attachments\$($_.name)"
    $itemID=$_.id
-    $_.attachments | foreach {
+    $_.attachments | ForEach-Object {
        Write-Verbose "Downloading attachment ($($_.id)) with name $($_.fileName) to $folder."
-        bw get attachment $_.id --itemid $itemID --output "$folder\$($_.fileName)" --session $sessionKey
+        & $bw get attachment $_.id --itemid $itemID --output "$folder\$($_.fileName)" --session $sessionKey
        # just writing a new line
        Write-Host " "
-        sleep -Milliseconds 500 
+        Start-Sleep -Milliseconds 500 
    }
 }
 # zip file name used below
 $zipFilename = "Bitwarden Backup $dateTime.zip"
 # if the user wants the export zipped or encrypted
 if ($zip -or $encrypt) {
    # zip the export
    Write-Host "Zipping the backup together..."
    Compress-Archive -Path $PSScriptRoot\*.csv, $PSScriptRoot\*.json, $PSScriptRoot\attachments -DestinationPath "$PSScriptRoot\$zipFilename"
    # securely delete the export items with sdelete
    Write-Host "Securely deleting the exports and attachments..."
-    sdelete64.exe -s -p 25 $PSScriptRoot\*.csv $PSScriptRoot\*.json $PSScriptRoot\attachments
+    & $sdelete -s -p 25 $PSScriptRoot\*.csv $PSScriptRoot\*.json $PSScriptRoot\attachments
    # if encrypting the export
    if ($encrypt) {
        # encrypt the zip export with gpg
        Write-Host "Encrypting the backup zip with your bitwarden password..."
-        gpg.exe --batch --passphrase "$password" --symmetric --cipher-algo AES256 --digest-algo SHA512 --compression-algo Uncompressed --output "$PSScriptRoot\$zipFilename.gpg" "$PSScriptRoot\$zipFilename"
+        & $gpg --no-options --batch --passphrase "$password" --symmetric --cipher-algo AES256 --digest-algo SHA512 --compression-algo Uncompressed --output "$PSScriptRoot\$zipFilename.gpg" "$PSScriptRoot\$zipFilename"
        # securely delete the zip export with sdelete
        Write-Host "Securely deleting the zip file..."
-        sdelete64.exe -p 25 "$PSScriptRoot\$zipFilename"
+        & $sdelete -p 25 "$PSScriptRoot\$zipFilename"
    }
 }
-
+# logout of bitwaren to ensure the session is destroyed
 & $bw logout
 # remove all the variables
 Remove-Variable -Name * -ErrorAction SilentlyContinue
-bw logout
+
 <#
 # Restore of attachements
 cd C:\users\jgaunt\Git\bitwardenbackup\attachments
 bw status
 $folders = Get-childItem -Directory
 $items = bw list items | convertfrom-json
 $array = @()
 foreach ($folder in $folders) {
    foreach ($item in $items) {
        if ($folder.name -eq $item.name -and $item.type -gt 1) {
            #$array += bw get item $item.id | convertfrom-json
            $attachements = Get-ChildItem $folder
            foreach ($attachement in $attachements) {
                bw create attachment --file "$($attachement.FullName)" --itemid $item.id   
            }
            Remove-Item -Recurse $folder
        }
    }
 } 
 #>
--- a/bitwardenBackup.py
+++ b/bitwardenBackup.py
@@ -0,0 +1,577 @@
 # library needed
 import sys
 import os
 import subprocess
 import platform
 import json
 import getpass
 import logging
 import secrets
 import base64
 import argparse
 import hmac as pyhmac
 import datetime
 import time
 import shutil
 from kmip.core import enums
 from kmip.pie import client
 def build_logger(level):
    logger = logging.getLogger()
    logger.setLevel(level)
    formatter = logging.Formatter(
        '%(asctime)s - %(levelname)s - %(message)s'
    )
    # log to file
    fileHandler = logging.FileHandler(log_file)
    fileHandler.setFormatter(formatter)
    logger.addHandler(fileHandler)
    # log to console
    consoleHandler = logging.StreamHandler()
    consoleHandler.setFormatter(formatter)
    logger.addHandler(consoleHandler)
    return logger
 def write_config_file(array, config_file):
    logger.debug("Starting to write config file and encrypt contents")
    logger.debug("Using config file: {}".format(config_file))
    logger.debug("Converting config from array to json")
    array_json = json.dumps(array)
    logger.debug("Encrypting config json")
    encrypted_array_json = encrypt(array_json)
    logger.debug("Attempting to write encrypted config to file")
    try:
        f = open(config_file, "w")
        f.write(encrypted_array_json)
        f.close()
        logger.debug("Successfully wrote encrypted config to file")
    except Exception as e:
        logger.error("Unable to write encrypted config to file. Error: {}".format(e))
        sys.exit(-1)
    logger.debug("Finshed writing config file and encrypting contents")
 def read_config_file(config_file):
    logger.debug("Starting to read config file and decrypt contents")
    logger.debug("Using config file: {}".format(config_file))
    logger.debug("Attempting to read encrypted config from file")
    try:
        with open(config_file) as f:
            config = f.read()
        logger.debug("Successfully read encrypted config from file")
    except Exception as e:
        logger.error("Unable to read encrypted config from file. Error: {}".format(e))
        sys.exit(-1)
    logger.debug("Decrypting config contents")
    decrypted_array_json = decrypt(config)
    logger.debug("Convert config from json to array")
    array = json.loads(decrypted_array_json)
    logger.debug("Finished reading config file and decrypting contents")
    return array
 def ask_for_confirmation(question):
    logger.debug("Asking user for confirmation")
    logger.debug("Question: {}".format(question))
    print(question)
    while True:
        confirmation = input("y/n> ")
        logger.debug("User answered: {}".format(confirmation))
        if confirmation.casefold() == "y":
            return True
        elif confirmation.casefold() == "n":
            return False
        else:
           print("This value must be one of the following characters: y, n.") 
 def create_encryption_key():
    # Create an encryption key.
    try:
        key_id = client.create(
            enums.CryptographicAlgorithm.AES,
            256,
            cryptographic_usage_mask=[
                enums.CryptographicUsageMask.ENCRYPT,
                enums.CryptographicUsageMask.DECRYPT
            ]
        )
        logger.debug("Successfully created a new encryption key.")
        logger.debug("Encryption Key ID: {}".format(key_id))
    except Exception as e:
        logger.error("Unable to create encryption key. Error: {}".format(e))
        sys.exit(-1)
    # Activate the encryption key so that it can be used.
    try:
        client.activate(key_id)
        logger.debug("Successfully activated the encryption key.")
        return key_id
    except Exception as e:
        logger.error("Unable to activate encryption key. Error: {}".format(e))
        sys.exit(-1)
 def create_hmac_key():
    # Create an encryption key.
    try:
        key_id = client.create(
            enums.CryptographicAlgorithm.AES,
            256,
            cryptographic_usage_mask=[
                enums.CryptographicUsageMask.MAC_GENERATE,
                enums.CryptographicUsageMask.MAC_VERIFY
            ]
        )
        logger.debug("Successfully created a new HMAC key.")
        logger.debug("HMAC Key ID: {}".format(key_id))
    except Exception as e:
        logger.error("Unable to create hmac key. Error: {}".format(e))
        sys.exit(-1)
    # Activate the HMAC key so that it can be used.
    try:
        client.activate(key_id)
        logger.debug("Successfully activated the HMAC key.")
        return key_id
    except Exception as e:
        logger.error("Unable to activate hmac key. Error: {}".format(e))
        sys.exit(-1)
 def encrypt(data):
    try:
        data = data.encode('UTF-8')
        key_id = create_encryption_key()
        iv = secrets.token_bytes(16)
        cipher_text, autogenerated_iv = client.encrypt(
            data,
            uid=key_id,
            cryptographic_parameters={
                'cryptographic_algorithm':
                    enums.CryptographicAlgorithm.AES,
                'block_cipher_mode': enums.BlockCipherMode.CBC,
                'padding_method': enums.PaddingMethod.ANSI_X923
            },
            iv_counter_nonce=(
                iv
            )
        )
        hmac_key_id, hmac = client.mac(
            key_id.encode() + iv + cipher_text,
            uid = create_hmac_key(),
            algorithm = enums.CryptographicAlgorithm.HMAC_SHA512
        )
        logger.debug("Successfully encrypted the data.")
        array = dict()
        array['version'] = 1
        array['cipher_key_id'] = key_id
        array['cipher_text'] = base64.b64encode(cipher_text).decode()
        array['iv'] = base64.b64encode(iv).decode()
        array['hmac_key_id'] = hmac_key_id
        array['hmac'] = base64.b64encode(hmac).decode()
        logger.debug("Dict of info: {}".format(array))
        array_json = json.dumps(array)
        array_json_b64 = base64.b64encode(array_json.encode('utf-8')).decode()
        return array_json_b64
    except Exception as e:
        logger.error("Unable to encrypt data. Error: {}".format(e))
        sys.exit(-1)
 def decrypt(data):
    array_json = base64.b64decode(data)
    array = json.loads(array_json)
    if array['version'] == 1:
        return decrypt_v1(array)
    else:
        logger.error("Unable to detemine encryption version.")
        return False
 def decrypt_v1(array):
    try:
        logger.debug("Dict of info: {}".format(array))
        key_id = array['cipher_key_id']
        iv = base64.b64decode(array['iv'])
        cipher_text = base64.b64decode(array['cipher_text'])
        hmac_key_id = array['hmac_key_id']
        hmac = base64.b64decode(array['hmac'])
        hmac_key_id_test, hmac_test = client.mac(
            key_id.encode() + iv + cipher_text,
            uid = hmac_key_id,
            algorithm = enums.CryptographicAlgorithm.HMAC_SHA512
        )
        if pyhmac.compare_digest(hmac, hmac_test):
            logger.debug("HMAC matches.")
        else:
            logger.error("HMAC does not match, data is corrupted/tampered.")
            sys.exit(-1) 
        plain_text = client.decrypt(
            cipher_text,
            uid=key_id,
            cryptographic_parameters={
                'cryptographic_algorithm':
                    enums.CryptographicAlgorithm.AES,
                'block_cipher_mode': enums.BlockCipherMode.CBC,
                'padding_method': enums.PaddingMethod.ANSI_X923
            },
            iv_counter_nonce=(
                iv
            )
        )
        logger.debug("Successfully decrypted the data.")
        plain_text = plain_text.decode('utf-8')
        return plain_text
    except Exception as e:
        logger.error("Unable to decrypt data. Error: {}".format(e))
        sys.exit(-1)
 def new_account_details():
    print("Requesting account details to add to config.")
    account_email_address = input("Please enter Bitwarden account email address: ")
    account_api_client_id = input("Please enter Bitwarden account API client ID: ")
    while True:
        account_api_secret = getpass.getpass("Please enter Bitwarden account API secret: ")
        account_api_secret2 = getpass.getpass("Please confirm Bitwarden account API secret: ")
        if account_api_secret == account_api_secret2:
            break
        else:
            print("The Bitwarden account API secrets do not match, please try again.")
    while True:
        account_vault_password = getpass.getpass("Please enter Bitwarden account vault password: ")
        account_vault_password2 = getpass.getpass("Please confirm Bitwarden account vault password: ")
        if account_vault_password == account_vault_password2:
            break
        else:
            print("The Bitwarden account vault passwords do not match, please try again.")
    array = dict()
    array[account_email_address] = dict()
    array[account_email_address]["account_api_client_id"] = account_api_client_id
    array[account_email_address]["account_api_secret"] = account_api_secret
    array[account_email_address]["account_vault_password"] = account_vault_password
    return array
 def edit_account_details(accounts, email):
    if ask_for_confirmation("Would you like to edit the Bitwarden account email address?\nCurrent Value: {}".format(email)):
        account_email_address = input("Please enter Bitwarden account email address: ")
    else:
        account_email_address = email
    if ask_for_confirmation("Would you like to edit the Bitwarden account API client ID?\nCurrent Value: {}".format(accounts[email]['account_api_client_id'])):
        account_api_client_id = input("Please enter Bitwarden account API client ID: ")
    else:
        account_api_client_id = accounts[email]['account_api_client_id']
    if ask_for_confirmation("Would you like to edit the Bitwarden account API secret?"):
        while True:
            account_api_secret = getpass.getpass("Please enter Bitwarden account API secret: ")
            account_api_secret2 = getpass.getpass("Please confirm Bitwarden account API secret: ")
            if account_api_secret == account_api_secret2:
                break
            else:
                print("The Bitwarden account API secrets do not match, please try again.")
    else:
        account_api_secret = accounts[email]['account_api_secret']
    if ask_for_confirmation("Would you like to edit the Bitwarden account vault password?"):
        while True:
            account_vault_password = getpass.getpass("Please enter Bitwarden account vault password: ")
            account_vault_password2 = getpass.getpass("Please confirm Bitwarden account vault password: ")
            if account_vault_password == account_vault_password2:
                break
            else:
                print("The Bitwarden account vault passwords do not match, please try again.")
    else:
        account_vault_password = accounts[email]['account_vault_password']
    array = dict()
    array[account_email_address] = dict()
    array[account_email_address]["account_api_client_id"] = account_api_client_id
    array[account_email_address]["account_api_secret"] = account_api_secret
    array[account_email_address]["account_vault_password"] = account_vault_password
    return array
 def select_account(accounts, wording = "edit"):
    print("Which account would you like to {}:".format(wording))
    print(" ")
    emails = list(accounts)
    for i in range(0, len(accounts)):
        pretty_number = i + 1
        print("{}) {}".format(pretty_number, emails[i]))
    print(" ")
    while True:
        account_to_modify = int(input("Please enter number relating to the account you wish to {}: ".format(wording))) - 1
        try:
            return emails[account_to_modify]
        except IndexError as error:
            print("you entered a number out of range, please try again")
 if __name__ == "__main__":
    # Build and parse arguments
    parser = argparse.ArgumentParser(
        usage="{} [options]".format(os.path.basename(__file__)),
        description="Run Bitwarden backup opteration.  This will produce an encrypted zip/tar with exported CSV, JSON, and attachements.")
    parser.add_argument (
        "-a",
        "--accounts",
        nargs="+",
        dest="accounts_to_backup",
        help="Accounts to backup instead of all accounts."
    )
    parser.add_argument (
        "-c",
        "--config",
        action="store_true",
        dest="config",
        help="Edit Bitwarden account configuration."
    )
    parser.add_argument (
        "-t",
        "--test",
        action="store_true",
        dest="test",
        help="Test Bitwarden account login and unlock."
    )
    parser.add_argument (
        "-v",
        "--verbose",
        action="store_true",
        dest="debug",
        help="Output debug/verbose info to the console for troubleshooting."
    )
    parser.add_argument (
        "--no-encryption",
        action="store_true",
        dest="no_encrypt",
        help="Will only zip up export and will NOT encrypt anything."
    )
    opts = parser.parse_args()
    os_detected = platform.system()
    script_directory = os.path.dirname(os.path.realpath(__file__))
    working_directory = os.path.join(script_directory, "working")
    exports_directory = os.path.join(script_directory, "exports")
    script_name = os.path.basename(__file__)
    secrets_config_file = os.path.join(script_directory, "secrets.config")
    pykmip_client_config_file = os.path.join(script_directory, "conf", "client.conf")
    log_file = os.path.join(script_directory, "log.log")
    datetime_string = datetime.datetime.now().strftime("%Y%m%d-%H%M%S")
    if opts.debug:
        logger = build_logger(logging.DEBUG)
    else:
        logger = build_logger(logging.INFO)
    if os_detected == "Windows":
        bitwarden_cli_executable = "bw.exe"
        gpg_executable = "gpg.exe"
        secure_delete_executable = "sdelete.exe"
    elif os_detected == "Linux":
        bitwarden_cli_executable = "bw"
        gpg_executable = "gpg"
        secure_delete_executable = "srm"
    #elif os_detected == "macOS":
    #    bitwarden_cli_executable = os.path.join(script_directory, "lib", "Bitwarden CLI", "bw_macOS")
    else:
        print("Your OS is not supported. Only Windows, Linux, and macOS are supported. Those are the only three supported OSes for the Bitwarden CLI.")
        print("Detected OS: {0}".format(os_detected))
        sys.exit(1)
    # check if required programs are installed
    if not shutil.which(bitwarden_cli_executable):
        print("Bitwarden CLI ({}) cannot be found. Please make sure it is installed and executable.".format(bitwarden_cli_executable))
        sys.exit(1)
    elif not shutil.which(gpg_executable):
        print("GPG ({}) cannot be found. Please make sure it is installed and executable.".format(gpg_executable))
        sys.exit(1)
    elif not shutil.which(secure_delete_executable):
        print("SRM/sdelete.exe ({}) cannot be found. Please make sure it is installed and executable.".format(secure_delete_executable))
        sys.exit(1)
    client = client.ProxyKmipClient(config_file=pykmip_client_config_file)
    client.open()    
    if opts.config:
        while True:
            if not os.path.exists(secrets_config_file):
                print("No Bitwarden accounts found, do you want to make a new one?")
                print(" ")
                print("n) New account")
                print("q) Quit config")
                while True:
                    user_input = input("n/q> ")
                    if user_input.casefold() == "n":
                        account_details = new_account_details()
                        write_config_file(account_details, secrets_config_file)
                        break
                    elif user_input.casefold() == "q":
                        sys.exit(0)
                    else:
                        print("This value must be one of the following characters: n, q.")
            accounts = read_config_file(secrets_config_file)
            print("Current Bitwarden accounts:")
            print(" ")
            for account in accounts:
                print(account)
            print(" ")
            print("e) Edit account")
            print("n) New account")
            print("d) Delete account")
            print("q) Quit config")
            while True:
                user_input = input("e/n/d/q> ")
                # Editing an account
                if user_input.casefold() == "e":
                    account_to_edit = select_account(accounts)
                    account_details = edit_account_details(accounts, account_to_edit)
                    del accounts[account_to_edit]
                    accounts.update(account_details)
                    write_config_file(accounts, secrets_config_file)
                    break
                # Createing a new account
                elif user_input.casefold() == "n":
                    account_details = new_account_details()
                    accounts.update(account_details)
                    write_config_file(accounts, secrets_config_file)
                    break
                # Deleting an account
                elif user_input.casefold() == "d":
                    account_to_delete = select_account(accounts, "delete")
                    if not ask_for_confirmation("Are you sure you wish to delete {} account? ".format(account_to_delete)):
                        break
                    del accounts[account_to_delete]
                    if len(accounts) == 0:
                        # no more accounts, remove secrets file
                        os.remove(secrets_config_file)
                    else:
                        write_config_file(accounts, secrets_config_file)
                    break
                # Quit the config
                elif user_input.casefold() == "q":
                    sys.exit(0)
                # Catch all for non-valid characters
                else:
                    print("This value must be one of the following characters: e, n, d, q.")    
    #json.loads((subprocess.check_output(['bw.exe','status'])).decode())['status']
    if not os.path.exists(secrets_config_file):
        print("No configuration file found. Please run {} -c to configure your accounts.".format(script_name))
        sys.exit(-1)
    accounts = read_config_file(secrets_config_file)
    emails_from_config_file = list(accounts)
    if opts.accounts_to_backup:
        emails_to_backup = list()
        for email in opts.accounts_to_backup:
            if email in emails_from_config_file:
                emails_to_backup.append(email)
        if len(emails_to_backup) > 0:
            emails = emails_to_backup
        else:
            logger.error("None of the emails passed in are in the config file.")
            sys.exit(1)
    else:
        emails = emails_from_config_file
    logger.debug("Logging out of any Bitwarden account to start fresh")
    logger.debug((subprocess.run([bitwarden_cli_executable, 'logout'], capture_output=True).stdout).decode())
    for email in emails:
        vault_password = accounts[email]['account_vault_password']
        os.environ["BW_CLIENTID"] = accounts[email]['account_api_client_id']
        os.environ["BW_CLIENTSECRET"] = accounts[email]['account_api_secret']
        # login to Bitwarden
        logger.info("Trying to login to Bitwarden as {}".format(email))
        bitwarden_login_output = subprocess.run([bitwarden_cli_executable, 'login', '--apikey', '--raw'], capture_output=True)
        logger.debug((bitwarden_login_output.stdout).decode())
        bitwarden_status = json.loads(((subprocess.run([bitwarden_cli_executable, 'status'], capture_output=True)).stdout).decode())
        logger.debug("Bitwarden Status: {}".format(bitwarden_status))
        if bitwarden_status['status'] == "locked":
            logger.info("Successfully Logged in")
            bitwarden_unlock_output = subprocess.run([bitwarden_cli_executable, 'unlock', vault_password, '--raw', '--nointeraction'], capture_output=True)
            bitwarden_session_key = (bitwarden_unlock_output.stdout).decode()
            if bitwarden_session_key:
                # logger.debug("Session key: {}".format(bitwarden_session_key))
                logger.info("Successfully unlocked vault")
                if not opts.test:
                    os.environ["BW_SESSION"] = bitwarden_session_key
                    # export to csv and json
                    logger.info("Exporting vault to both CSV and JSON files")
                    logger.debug("Exporting vault to CSV")
                    file_name = 'Bitwarden {} Export {}'.format(email, datetime_string)
                    logger.debug((subprocess.run([bitwarden_cli_executable, 'export', '--output', os.path.join(working_directory, '{}.csv'.format(file_name)) , '--format', 'csv'], capture_output=True).stdout).decode())
                    time.sleep(1)
                    logger.debug("Exporting vault to JSON")
                    logger.debug((subprocess.run([bitwarden_cli_executable, 'export', '--output', os.path.join(working_directory, '{}.json'.format(file_name)), '--format', 'json'], capture_output=True).stdout).decode())
                    time.sleep(1)
                    # looking for Organizations
                    # look for organizations
                    logger.info("Looking for Organizations")
                    bitwarden_organizations = json.loads(((subprocess.run([bitwarden_cli_executable, 'list', 'organizations'], capture_output=True)).stdout).decode())
                    logger.info("Found {} Organiztaions.".format(len(bitwarden_organizations)))
                    for organization in bitwarden_organizations:
                        logger.info("Exporting organization {} vault to both CSV and JSON files".format(organization['name']))
                        logger.debug("Exporting organization vault to CSV")
                        file_name = 'Bitwarden Organization {} Export {}'.format(organization['name'], datetime_string)
                        logger.debug((subprocess.run([bitwarden_cli_executable, 'export', '--organizationid', '{}'.format(organization['id']), '--output', os.path.join(working_directory, '{}.csv'.format(file_name)), '--format', 'csv'], capture_output=True).stdout).decode())
                        time.sleep(1)
                        logger.debug("Exporting organization vault to JSON")
                        logger.debug((subprocess.run([bitwarden_cli_executable, 'export', '--organizationid', '{}'.format(organization['id']), '--output', os.path.join(working_directory, '{}.json'.format(file_name)), '--format', 'json'], capture_output=True).stdout).decode())
                        time.sleep(1)
                    logger.info("Downlading attachments...")
                    bitwarden_items = json.loads(((subprocess.run([bitwarden_cli_executable, 'list', 'items'], capture_output=True)).stdout).decode())
                    for item in bitwarden_items:
                        logger.debug("Working on item {} ({})".format(item['name'], item['id']))
                        if "attachments" in item:
                            logger.debug("Found {} attachments".format(len(item['attachments'])))
                            attachment_folder_name = os.path.join(working_directory, "attachments", item['name'])
                            for attachment in item['attachments']:
                                logger.debug("Downloading attachment ({}) with name {} to folder {}".format(attachment['id'], attachment['fileName'], attachment_folder_name))
                                logger.info((subprocess.run([bitwarden_cli_executable, 'get', 'attachment', attachment['id'], '--itemid', item['id'], '--output',  os.path.join(attachment_folder_name, attachment['fileName'])], capture_output=True).stdout).decode())
                                time.sleep(1)
                        else:
                            logger.debug("Item has no attachments")
                    logger.info("Done downloading attachments")
                    logger.info("Zipping everything together...")
                    zip_filename = os.path.join(exports_directory, email,"Bitwarden Backup {} {}".format(email, datetime_string))
                    shutil.make_archive(zip_filename, format="zip", root_dir=working_directory)
                    if not opts.no_encrypt:
                        logger.info("Encrypting zip file...")
                        logger.debug((subprocess.run([gpg_executable, '--no-options', '--batch', '--passphrase', vault_password, '--symmetric', '--cipher-algo', 'AES256', '--digest-algo', 'SHA512', '--compression-algo', 'Uncompressed', '--output', zip_filename + '.zip.gpg', zip_filename + '.zip'], capture_output=True).stdout).decode())
                    else:
                        logger.warning("You passed in --no-encryption option, not encrypting zip file")
            else:
                logger.error((bitwarden_unlock_output.stderr).decode())
        else:
            logger.error("Unable to login to account, please check API credentials")
            #logger.error((bitwarden_login_output.stderr).decode())
        if not opts.test:
            logger.info("Securely deleting files")
            if os_detected == "Windows":
                # sdelete.exe .\working\ -p 5 -s
                logger.debug(
                    (subprocess.run([secure_delete_executable, '-p', '5', '-s', working_directory], capture_output=True).stdout).decode())
                if not opts.no_encrypt:
                    logger.debug((subprocess.run([secure_delete_executable, '-p', '5', zip_filename + ".zip"], capture_output=True).stdout).decode())
            elif os_detected == "Linux":
                logger.debug((subprocess.run([secure_delete_executable, '-r', '-l', '-z', '-v', working_directory], capture_output=True).stdout).decode())
                if not opts.no_encrypt:
                    logger.debug((subprocess.run([secure_delete_executable, '-r', '-l', '-z', '-v', zip_filename + '.zip'], capture_output=True).stdout).decode())
        del vault_password
        del os.environ['BW_CLIENTID']
        del os.environ['BW_CLIENTSECRET']
        if "BW_SESSION" in os.environ:
            del os.environ["BW_SESSION"] 
        logger.info("Logging out of your Bitwarden account")
        logger.debug((subprocess.run([bitwarden_cli_executable, 'logout'], capture_output=True).stdout).decode())
    del accounts
    del emails_from_config_file
    client.close()
    sys.exit(0)
--- a/conf/client.conf.sample
+++ b/conf/client.conf.sample
@@ -0,0 +1,11 @@
 # THIS IS A SAMPLE FILE, PLEASE COPY IT AND EDIT THE COPY
 [client]
 host=127.0.0.1
 port=5696
 certfile=kmip.crt
 keyfile=kmip.key
 ca_certs=kmip.crt
 cert_reqs=CERT_REQUIRED
 ssl_version=PROTOCOL_TLS
 do_handshake_on_connect=True
 suppress_ragged_eofs=True
--- a/lib/7za.exe
+++ b/lib/7za.exe
--- a/lib/age/LICENSE
+++ b/lib/age/LICENSE
@@ -1,57 +0,0 @@
 Copyright 2019 Google LLC
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
   * Redistributions of source code must retain the above copyright
 notice, this list of conditions and the following disclaimer.
   * Redistributions in binary form must reproduce the above
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
   * Neither the name of Google LLC nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 ---
 Copyright (c) 2009 The Go Authors. All rights reserved.
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are
 met:
   * Redistributions of source code must retain the above copyright
 notice, this list of conditions and the following disclaimer.
   * Redistributions in binary form must reproduce the above
 copyright notice, this list of conditions and the following disclaimer
 in the documentation and/or other materials provided with the
 distribution.
   * Neither the name of Google Inc. nor the names of its
 contributors may be used to endorse or promote products derived from
 this software without specific prior written permission.
 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
--- a/lib/age/age-keygen.exe
+++ b/lib/age/age-keygen.exe
--- a/lib/age/age.exe
+++ b/lib/age/age.exe
--- a/lib/bw.exe
+++ b/lib/bw.exe
--- a/lib/gpg/VERSION
+++ b/lib/gpg/VERSION
@@ -1,2 +0,0 @@
 gnupg
 2.2.28
--- a/lib/gpg/bin/dirmngr.exe
+++ b/lib/gpg/bin/dirmngr.exe
--- a/lib/gpg/bin/gpg-agent.exe
+++ b/lib/gpg/bin/gpg-agent.exe
--- a/lib/gpg/bin/gpg-connect-agent.exe
+++ b/lib/gpg/bin/gpg-connect-agent.exe
--- a/lib/gpg/bin/gpg-preset-passphrase.exe
+++ b/lib/gpg/bin/gpg-preset-passphrase.exe
--- a/lib/gpg/bin/gpg-wks-client.exe
+++ b/lib/gpg/bin/gpg-wks-client.exe
--- a/lib/gpg/bin/gpg.exe
+++ b/lib/gpg/bin/gpg.exe
--- a/lib/gpg/bin/gpgconf.ctl
+++ b/lib/gpg/bin/gpgconf.ctl
@@ -1,4 +0,0 @@
 # The presence of this file switches GnuPG into portable mode.
 #
 # Install type is: vanilla
 # (created by mkportable version 1.0)
--- a/lib/gpg/bin/gpgconf.exe
+++ b/lib/gpg/bin/gpgconf.exe
--- a/lib/gpg/bin/gpgme-w32spawn.exe
+++ b/lib/gpg/bin/gpgme-w32spawn.exe
--- a/lib/gpg/bin/gpgsm.exe
+++ b/lib/gpg/bin/gpgsm.exe
--- a/lib/gpg/bin/gpgtar.exe
+++ b/lib/gpg/bin/gpgtar.exe
--- a/lib/gpg/bin/gpgv.exe
+++ b/lib/gpg/bin/gpgv.exe
--- a/lib/gpg/bin/libassuan-0.dll
+++ b/lib/gpg/bin/libassuan-0.dll
--- a/lib/gpg/bin/libgcrypt-20.dll
+++ b/lib/gpg/bin/libgcrypt-20.dll
--- a/lib/gpg/bin/libgpg-error-0.dll
+++ b/lib/gpg/bin/libgpg-error-0.dll
--- a/lib/gpg/bin/libgpgme-11.dll
+++ b/lib/gpg/bin/libgpgme-11.dll
--- a/lib/gpg/bin/libksba-8.dll
+++ b/lib/gpg/bin/libksba-8.dll
--- a/lib/gpg/bin/libnpth-0.dll
+++ b/lib/gpg/bin/libnpth-0.dll
--- a/lib/gpg/bin/libsqlite3-0.dll
+++ b/lib/gpg/bin/libsqlite3-0.dll
--- a/lib/gpg/bin/pinentry-basic.exe
+++ b/lib/gpg/bin/pinentry-basic.exe
--- a/lib/gpg/bin/scdaemon.exe
+++ b/lib/gpg/bin/scdaemon.exe
--- a/lib/gpg/bin/zlib1.dll
+++ b/lib/gpg/bin/zlib1.dll
--- a/lib/gpg/include/assuan.h
+++ b/lib/gpg/include/assuan.h
@@ -1,702 +0,0 @@
 /* assuan.h - Definitions for the Assuan IPC library             -*- c -*-
 * Copyright (C) 2001-2013 Free Software Foundation, Inc.
 * Copyright (C) 2001-2021 g10 Code GmbH
 *
 * This file is part of Assuan.
 *
 * Assuan is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * Assuan is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this program; if not, see <http://www.gnu.org/licenses/>.
 * SPDX-License-Identifier: LGPL-2.1-or-later
 *
 * Do not edit.  Generated from assuan.h.in by mkheader for mingw32.
 */
 /* Compile time configuration:
 *
 * #define _ASSUAN_NO_SOCKET_WRAPPER
 *
 * Do not include the definitions for the socket wrapper feature.
 */
 #ifndef ASSUAN_H
 #define ASSUAN_H
 #include <stdio.h>
 #include <sys/types.h>
 #include <unistd.h>
 #include <stdarg.h>
 #ifndef _ASSUAN_NO_SOCKET_WRAPPER
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #endif /*!_ASSUAN_NO_SOCKET_WRAPPER*/
 typedef void *assuan_msghdr_t;
 #ifdef _MSC_VER
  typedef long ssize_t;
  typedef int  pid_t;
 #endif
 #include <gpg-error.h>
 #ifdef __cplusplus
 extern "C"
 {
 #if 0
 }
 #endif
 #endif
 /* The version of this header should match the one of the library.  Do
 * not use this symbol in your application; use assuan_check_version
 * instead.  */
 #define ASSUAN_VERSION "2.5.5"
 /* The version number of this header.  It may be used to handle minor
 * API incompatibilities.  */
 #define ASSUAN_VERSION_NUMBER 0x020505
 /* Check for compiler features.  */
 #if __GNUC__
 #define _ASSUAN_GCC_VERSION (__GNUC__ * 10000 \
                            + __GNUC_MINOR__ * 100 \
                            + __GNUC_PATCHLEVEL__)
 #if _ASSUAN_GCC_VERSION > 30100
 #define _ASSUAN_DEPRECATED  __attribute__ ((__deprecated__))
 #endif
 #endif
 #ifndef _ASSUAN_DEPRECATED
 #define _ASSUAN_DEPRECATED
 #endif
 #define ASSUAN_LINELENGTH 1002 /* 1000 + [CR,]LF */
 struct assuan_context_s;
 typedef struct assuan_context_s *assuan_context_t;
 /* Because we use system handles and not libc low level file
   descriptors on W32, we need to declare them as HANDLE (which
   actually is a plain pointer).  This is required to eventually
   support 64 bit Windows systems.  */
 typedef void *assuan_fd_t;
 #define ASSUAN_INVALID_FD ((void*)(-1))
 #define ASSUAN_INVALID_PID ((pid_t) -1)
 #if GPGRT_HAVE_PRAGMA_GCC_PUSH
 # pragma GCC push_options
 # pragma GCC diagnostic ignored "-Wbad-function-cast"
 #endif
 static GPG_ERR_INLINE assuan_fd_t
 assuan_fd_from_posix_fd (int fd)
 {
  if (fd < 0)
    return ASSUAN_INVALID_FD;
  else
    return (assuan_fd_t) _get_osfhandle (fd);
 }
 #if GPGRT_HAVE_PRAGMA_GCC_PUSH
 # pragma GCC pop_options
 #endif
 assuan_fd_t assuan_fdopen (int fd);
 /* Assuan features an emulation of Unix domain sockets based on local
   TCP connections.  To implement access permissions based on file
   permissions a nonce is used which is expected by the server as the
   first bytes received.  This structure is used by the server to save
   the nonce created initially by bind.  */
 struct assuan_sock_nonce_s
 {
  size_t length;
  char nonce[16];
 };
 typedef struct assuan_sock_nonce_s assuan_sock_nonce_t;
 /* Define the Unix domain socket structure for Windows.  */
 #ifndef _ASSUAN_NO_SOCKET_WRAPPER
 # ifndef AF_LOCAL
 #  define AF_LOCAL AF_UNIX
 # endif
 # ifndef EADDRINUSE
 #  define EADDRINUSE WSAEADDRINUSE
 # endif
 struct sockaddr_un
 {
  short          sun_family;
  unsigned short sun_port;
  struct         in_addr sun_addr;
  char           sun_path[108-2-4];
 };
 #endif
 /*
 * Global interface.
 */
 struct assuan_malloc_hooks
 {
  void *(*malloc) (size_t cnt);
  void *(*realloc) (void *ptr, size_t cnt);
  void (*free) (void *ptr);
 };
 typedef struct assuan_malloc_hooks *assuan_malloc_hooks_t;
 /* Categories for log messages.  */
 #define ASSUAN_LOG_INIT 1
 #define ASSUAN_LOG_CTX 2
 #define ASSUAN_LOG_ENGINE 3
 #define ASSUAN_LOG_DATA 4
 #define ASSUAN_LOG_SYSIO 5
 #define ASSUAN_LOG_CONTROL 8
 /* If MSG is NULL, return true/false depending on if this category is
 * logged.  This is used to probe before expensive log message
 * generation (buffer dumps).  */
 typedef int (*assuan_log_cb_t) (assuan_context_t ctx, void *hook,
 				unsigned int cat, const char *msg);
 /* Return or check the version number.  */
 const char *assuan_check_version (const char *req_version);
 /* Set the default gpg error source.  */
 void assuan_set_gpg_err_source (gpg_err_source_t errsource);
 /* Get the default gpg error source.  */
 gpg_err_source_t assuan_get_gpg_err_source (void);
 /* Set the default malloc hooks.  */
 void assuan_set_malloc_hooks (assuan_malloc_hooks_t malloc_hooks);
 /* Get the default malloc hooks.  */
 assuan_malloc_hooks_t assuan_get_malloc_hooks (void);
 /* Set the default log callback handler.  */
 void assuan_set_log_cb (assuan_log_cb_t log_cb, void *log_cb_data);
 /* Get the default log callback handler.  */
 void assuan_get_log_cb (assuan_log_cb_t *log_cb, void **log_cb_data);
 /* Create a new Assuan context.  The initial parameters are all needed
 * in the creation of the context.  */
 gpg_error_t assuan_new_ext (assuan_context_t *ctx, gpg_err_source_t errsource,
 			    assuan_malloc_hooks_t malloc_hooks,
 			    assuan_log_cb_t log_cb, void *log_cb_data);
 /* Create a new context with default arguments.  */
 gpg_error_t assuan_new (assuan_context_t *ctx);
 /* Release all resources associated with the given context.  */
 void assuan_release (assuan_context_t ctx);
 /* Release the memory at PTR using the allocation handler of the
 * context CTX.  This is a convenience function.  */
 void assuan_free (assuan_context_t ctx, void *ptr);
 /* Set user-data in a context.  */
 void assuan_set_pointer (assuan_context_t ctx, void *pointer);
 /* Get user-data in a context.  */
 void *assuan_get_pointer (assuan_context_t ctx);
 /* Definitions of flags for assuan_set_flag().  */
 typedef unsigned int assuan_flag_t;
 /* When using a pipe server, by default Assuan will wait for the
 * forked process to die in assuan_release.  In certain cases this
 * is not desirable.  By setting this flag, the waitpid will be
 * skipped and the caller is responsible to cleanup a forked
 * process. */
 #define ASSUAN_NO_WAITPID 1
 /* This flag indicates whether Assuan logging is in confidential mode.
   You can use assuan_{begin,end}_condidential to change the mode.  */
 #define ASSUAN_CONFIDENTIAL 2
 /* This flag suppresses fix up of signal handlers for pipes.  */
 #define ASSUAN_NO_FIXSIGNALS 3
 /* This flag changes assuan_transact to return comment lines via the
 * status callback.  The default is to skip comment lines.  */
 #define ASSUAN_CONVEY_COMMENTS 4
 /* This flag disables logging for one context.  */
 #define ASSUAN_NO_LOGGING 5
 /* This flag forces a connection close.  */
 #define ASSUAN_FORCE_CLOSE 6
 /* For context CTX, set the flag FLAG to VALUE.  Values for flags
 * are usually 1 or 0 but certain flags might allow for other values;
 * see the description of the type assuan_flag_t for details.  */
 void assuan_set_flag (assuan_context_t ctx, assuan_flag_t flag, int value);
 /* Return the VALUE of FLAG in context CTX.  */
 int assuan_get_flag (assuan_context_t ctx, assuan_flag_t flag);
 /* Same as assuan_set_flag (ctx, ASSUAN_CONFIDENTIAL, 1).  */
 void assuan_begin_confidential (assuan_context_t ctx);
 /* Same as assuan_set_flag (ctx, ASSUAN_CONFIDENTIAL, 0).  */
 void assuan_end_confidential (assuan_context_t ctx);
 /* Direction values for assuan_set_io_monitor.  */
 #define ASSUAN_IO_FROM_PEER 0
 #define ASSUAN_IO_TO_PEER 1
 /* Return flags of I/O monitor.  */
 #define ASSUAN_IO_MONITOR_NOLOG 1
 #define ASSUAN_IO_MONITOR_IGNORE 2
 /* The IO monitor gets to see all I/O on the context, and can return
 * ASSUAN_IO_MONITOR_* bits to control actions on it.  */
 typedef unsigned int (*assuan_io_monitor_t) (assuan_context_t ctx, void *hook,
 					     int inout, const char *line,
 					     size_t linelen);
 /* Set the IO monitor function.  */
 void assuan_set_io_monitor (assuan_context_t ctx,
 			    assuan_io_monitor_t io_monitor, void *hook_data);
 /* The system hooks.  See assuan_set_system_hooks et al. */
 #define ASSUAN_SYSTEM_HOOKS_VERSION 2
 #define ASSUAN_SPAWN_DETACHED 128
 struct assuan_system_hooks
 {
  /* Always set to ASSUAN_SYTEM_HOOKS_VERSION.  */
  int version;
  /* Sleep for the given number of microseconds.  */
  void (*usleep) (assuan_context_t ctx, unsigned int usec);
  /* Create a pipe with an inheritable end.  */
  int (*pipe) (assuan_context_t ctx, assuan_fd_t fd[2], int inherit_idx);
 /* Close the given file descriptor, created with _assuan_pipe or one
   of the socket functions.  */
  int (*close) (assuan_context_t ctx, assuan_fd_t fd);
  ssize_t (*read) (assuan_context_t ctx, assuan_fd_t fd, void *buffer,
 		   size_t size);
  ssize_t (*write) (assuan_context_t ctx, assuan_fd_t fd,
 		    const void *buffer, size_t size);
  int (*recvmsg) (assuan_context_t ctx, assuan_fd_t fd, assuan_msghdr_t msg,
 		  int flags);
  int (*sendmsg) (assuan_context_t ctx, assuan_fd_t fd,
 		  const assuan_msghdr_t msg, int flags);
  /* If NAME is NULL, don't exec, just fork.  FD_CHILD_LIST is
     modified to reflect the value of the FD in the peer process (on
     Windows).  */
  int (*spawn) (assuan_context_t ctx, pid_t *r_pid, const char *name,
 		const char **argv,
 		assuan_fd_t fd_in, assuan_fd_t fd_out,
 		assuan_fd_t *fd_child_list,
 		void (*atfork) (void *opaque, int reserved),
 		void *atforkvalue, unsigned int flags);
  /* If action is 0, like waitpid.  If action is 1, just release the PID?  */
  pid_t (*waitpid) (assuan_context_t ctx, pid_t pid,
 		    int action, int *status, int options);
  int (*socketpair) (assuan_context_t ctx, int _namespace, int style,
 		     int protocol, assuan_fd_t filedes[2]);
  int (*socket) (assuan_context_t ctx, int _namespace, int style, int protocol);
  int (*connect) (assuan_context_t ctx, int sock, struct sockaddr *addr, socklen_t length);
 };
 typedef struct assuan_system_hooks *assuan_system_hooks_t;
 /*
 * Configuration of the default log handler.
 */
 /* Set the prefix to be used at the start of a line emitted by assuan
 * on the log stream.  The default is the empty string.  Note, that
 * this function is not thread-safe and should in general be used
 * right at startup. */
 void assuan_set_assuan_log_prefix (const char *text);
 /* Return a prefix to be used at the start of a line emitted by assuan
 * on the log stream.  The default implementation returns the empty
 * string, i.e. "".  */
 const char *assuan_get_assuan_log_prefix (void);
 /* Global default log stream.  */
 void assuan_set_assuan_log_stream (FILE *fp);
 /* Set the per context log stream for the default log handler.  */
 void assuan_set_log_stream (assuan_context_t ctx, FILE *fp);
 /* The type for assuan command handlers.  */
 typedef gpg_error_t (*assuan_handler_t) (assuan_context_t, char *);
 /*-- assuan-handler.c --*/
 gpg_error_t assuan_register_command (assuan_context_t ctx,
 				     const char *cmd_string,
 				     assuan_handler_t handler,
                                     const char *help_string);
 gpg_error_t assuan_register_pre_cmd_notify (assuan_context_t ctx,
                                          gpg_error_t (*fnc)(assuan_context_t,
                                                             const char *cmd));
 gpg_error_t assuan_register_post_cmd_notify (assuan_context_t ctx,
 					     void (*fnc)(assuan_context_t,
                                                         gpg_error_t));
 gpg_error_t assuan_register_bye_notify (assuan_context_t ctx,
 					assuan_handler_t handler);
 gpg_error_t assuan_register_reset_notify (assuan_context_t ctx,
 					  assuan_handler_t handler);
 gpg_error_t assuan_register_cancel_notify (assuan_context_t ctx,
 					   assuan_handler_t handler);
 gpg_error_t assuan_register_input_notify (assuan_context_t ctx,
 					  assuan_handler_t handler);
 gpg_error_t assuan_register_output_notify (assuan_context_t ctx,
 					   assuan_handler_t handler);
 gpg_error_t assuan_register_option_handler (assuan_context_t ctx,
 					    gpg_error_t (*fnc)(assuan_context_t,
 							       const char*,
                                                               const char*));
 gpg_error_t assuan_process (assuan_context_t ctx);
 gpg_error_t assuan_process_next (assuan_context_t ctx, int *done);
 gpg_error_t assuan_process_done (assuan_context_t ctx, gpg_error_t rc);
 int assuan_get_active_fds (assuan_context_t ctx, int what,
                           assuan_fd_t *fdarray, int fdarraysize);
 const char *assuan_get_command_name (assuan_context_t ctx);
 FILE *assuan_get_data_fp (assuan_context_t ctx);
 gpg_error_t assuan_set_okay_line (assuan_context_t ctx, const char *line);
 gpg_error_t assuan_write_status (assuan_context_t ctx,
 				 const char *keyword, const char *text);
 /* Negotiate a file descriptor.  If LINE contains "FD=N", returns N
 * assuming a local file descriptor.  If LINE contains "FD" reads a
 * file descriptor via CTX and stores it in *RDF (the CTX must be
 * capable of passing file descriptors).  Under Windows the returned
 * FD is a libc-type one.  */
 gpg_error_t assuan_command_parse_fd (assuan_context_t ctx, char *line,
                                        assuan_fd_t *rfd);
 /*-- assuan-listen.c --*/
 gpg_error_t assuan_set_hello_line (assuan_context_t ctx, const char *line);
 gpg_error_t assuan_accept (assuan_context_t ctx);
 assuan_fd_t assuan_get_input_fd (assuan_context_t ctx);
 assuan_fd_t assuan_get_output_fd (assuan_context_t ctx);
 gpg_error_t assuan_close_input_fd (assuan_context_t ctx);
 gpg_error_t assuan_close_output_fd (assuan_context_t ctx);
 /*-- assuan-pipe-server.c --*/
 gpg_error_t assuan_init_pipe_server (assuan_context_t ctx,
 				     assuan_fd_t filedes[2]);
 /*-- assuan-socket-server.c --*/
 #define ASSUAN_SOCKET_SERVER_FDPASSING 1
 #define ASSUAN_SOCKET_SERVER_ACCEPTED 2
 gpg_error_t assuan_init_socket_server (assuan_context_t ctx,
 				       assuan_fd_t listen_fd,
 				       unsigned int flags);
 void assuan_set_sock_nonce (assuan_context_t ctx, assuan_sock_nonce_t *nonce);
 /*-- assuan-pipe-connect.c --*/
 #define ASSUAN_PIPE_CONNECT_FDPASSING 1
 #define ASSUAN_PIPE_CONNECT_DETACHED 128
 gpg_error_t assuan_pipe_connect (assuan_context_t ctx,
 				 const char *name,
 				 const char *argv[],
 				 assuan_fd_t *fd_child_list,
 				 void (*atfork) (void *, int),
 				 void *atforkvalue,
 				 unsigned int flags);
 /*-- assuan-socket-connect.c --*/
 #define ASSUAN_SOCKET_CONNECT_FDPASSING 1
 gpg_error_t assuan_socket_connect (assuan_context_t ctx, const char *name,
 				   pid_t server_pid, unsigned int flags);
 /*-- assuan-socket-connect.c --*/
 gpg_error_t assuan_socket_connect_fd (assuan_context_t ctx, int fd,
 				   unsigned int flags);
 /*-- context.c --*/
 pid_t assuan_get_pid (assuan_context_t ctx);
 struct _assuan_peercred
 {
 #ifdef _WIN32
  /* Empty struct not allowed on some compilers, so, put this (not valid).  */
  pid_t pid;
 #else
  pid_t pid;
  uid_t uid;
  gid_t gid;
 #endif
 };
 typedef struct _assuan_peercred *assuan_peercred_t;
 gpg_error_t assuan_get_peercred (assuan_context_t ctx,
 				 assuan_peercred_t *peercred);
 /*
 * Client interface.
 */
 /* Client response codes.  */
 #define ASSUAN_RESPONSE_ERROR 0
 #define ASSUAN_RESPONSE_OK 1
 #define ASSUAN_RESPONSE_DATA 2
 #define ASSUAN_RESPONSE_INQUIRE 3
 #define ASSUAN_RESPONSE_STATUS 4
 #define ASSUAN_RESPONSE_END 5
 #define ASSUAN_RESPONSE_COMMENT 6
 typedef int assuan_response_t;
 /* This already de-escapes data lines.  */
 gpg_error_t assuan_client_read_response (assuan_context_t ctx,
 					 char **line, int *linelen);
 gpg_error_t assuan_client_parse_response (assuan_context_t ctx,
 					  char *line, int linelen,
 					  assuan_response_t *response,
 					  int *off);
 /*-- assuan-client.c --*/
 gpg_error_t
 assuan_transact (assuan_context_t ctx,
                 const char *command,
                 gpg_error_t (*data_cb)(void *, const void *, size_t),
                 void *data_cb_arg,
                 gpg_error_t (*inquire_cb)(void*, const char *),
                 void *inquire_cb_arg,
                 gpg_error_t (*status_cb)(void*, const char *),
                 void *status_cb_arg);
 /*-- assuan-inquire.c --*/
 gpg_error_t assuan_inquire (assuan_context_t ctx, const char *keyword,
                               unsigned char **r_buffer, size_t *r_length,
                               size_t maxlen);
 gpg_error_t assuan_inquire_ext (assuan_context_t ctx, const char *keyword,
 				size_t maxlen,
 				gpg_error_t (*cb) (void *cb_data,
 						   gpg_error_t rc,
 						   unsigned char *buf,
 						   size_t buf_len),
 				void *cb_data);
 /*-- assuan-buffer.c --*/
 gpg_error_t assuan_read_line (assuan_context_t ctx,
                              char **line, size_t *linelen);
 int assuan_pending_line (assuan_context_t ctx);
 gpg_error_t assuan_write_line (assuan_context_t ctx, const char *line);
 gpg_error_t assuan_send_data (assuan_context_t ctx,
                              const void *buffer, size_t length);
 /* The file descriptor must be pending before assuan_receivefd is
 * called.  This means that assuan_sendfd should be called *before* the
 * trigger is sent (normally via assuan_write_line ("INPUT FD")).  */
 gpg_error_t assuan_sendfd (assuan_context_t ctx, assuan_fd_t fd);
 gpg_error_t assuan_receivefd (assuan_context_t ctx, assuan_fd_t *fd);
 /*-- assuan-util.c --*/
 gpg_error_t assuan_set_error (assuan_context_t ctx, gpg_error_t err,
 			      const char *text);
 /*-- assuan-socket.c --*/
 /* This flag is used with assuan_sock_connect_byname to
 * connect via SOCKS.  */
 #define ASSUAN_SOCK_SOCKS   1
 /* This flag is used with assuan_sock_connect_byname to force a
   connection via Tor even if the socket subsystem has not been
   swicthed into Tor mode.  This flags overrides ASSUAN_SOCK_SOCKS. */
 #define ASSUAN_SOCK_TOR     2
 /* These are socket wrapper functions to support an emulation of Unix
 * domain sockets on Windows.  */
 gpg_error_t assuan_sock_init (void);
 void assuan_sock_deinit (void);
 int assuan_sock_close (assuan_fd_t fd);
 assuan_fd_t assuan_sock_new (int domain, int type, int proto);
 int assuan_sock_set_flag (assuan_fd_t sockfd, const char *name, int value);
 int assuan_sock_get_flag (assuan_fd_t sockfd, const char *name, int *r_value);
 int assuan_sock_connect (assuan_fd_t sockfd,
                         struct sockaddr *addr, int addrlen);
 assuan_fd_t assuan_sock_connect_byname (const char *host, unsigned short port,
                                        int reserved,
                                        const char *credentials,
                                        unsigned int flags);
 int assuan_sock_bind (assuan_fd_t sockfd, struct sockaddr *addr, int addrlen);
 int assuan_sock_set_sockaddr_un (const char *fname, struct sockaddr *addr,
                                 int *r_redirected);
 int assuan_sock_get_nonce (struct sockaddr *addr, int addrlen,
                           assuan_sock_nonce_t *nonce);
 int assuan_sock_check_nonce (assuan_fd_t fd, assuan_sock_nonce_t *nonce);
 void assuan_sock_set_system_hooks (assuan_system_hooks_t system_hooks);
 /* Set the default system callbacks.  This is irreversible.  */
 void assuan_set_system_hooks (assuan_system_hooks_t system_hooks);
 /* Set the per context system callbacks.  This is irreversible.  */
 void assuan_ctx_set_system_hooks (assuan_context_t ctx,
 				  assuan_system_hooks_t system_hooks);
 /* Change the system hooks for the socket interface.
 * This is not thread-safe.  */
 void assuan_sock_set_system_hooks (assuan_system_hooks_t system_hooks);
 void __assuan_usleep (assuan_context_t ctx, unsigned int usec);
 int __assuan_pipe (assuan_context_t ctx, assuan_fd_t fd[2], int inherit_idx);
 int __assuan_close (assuan_context_t ctx, assuan_fd_t fd);
 int __assuan_spawn (assuan_context_t ctx, pid_t *r_pid, const char *name,
 		    const char **argv, assuan_fd_t fd_in, assuan_fd_t fd_out,
 		    assuan_fd_t *fd_child_list,
 		    void (*atfork) (void *opaque, int reserved),
 		    void *atforkvalue, unsigned int flags);
 int __assuan_socketpair (assuan_context_t ctx, int _namespace, int style,
 			 int protocol, assuan_fd_t filedes[2]);
 int __assuan_socket (assuan_context_t ctx, int _namespace, int style, int protocol);
 int __assuan_connect (assuan_context_t ctx, int sock, struct sockaddr *addr, socklen_t length);
 ssize_t __assuan_read (assuan_context_t ctx, assuan_fd_t fd, void *buffer, size_t size);
 ssize_t __assuan_write (assuan_context_t ctx, assuan_fd_t fd, const void *buffer, size_t size);
 int __assuan_recvmsg (assuan_context_t ctx, assuan_fd_t fd, assuan_msghdr_t msg, int flags);
 int __assuan_sendmsg (assuan_context_t ctx, assuan_fd_t fd, const assuan_msghdr_t msg, int flags);
 pid_t __assuan_waitpid (assuan_context_t ctx, pid_t pid, int nowait, int *status, int options);
 /* Standard system hooks for the legacy GNU Pth.  */
 #define ASSUAN_SYSTEM_PTH_IMPL						\
  static void _assuan_pth_usleep (assuan_context_t ctx, unsigned int usec) \
  { (void) ctx; pth_usleep (usec); }					\
  static ssize_t _assuan_pth_read (assuan_context_t ctx, assuan_fd_t fd, \
 				void *buffer, size_t size)		\
  { (void) ctx; return pth_read (fd, buffer, size); }			\
  static ssize_t _assuan_pth_write (assuan_context_t ctx, assuan_fd_t fd, \
 				 const void *buffer, size_t size)	\
  { (void) ctx; return pth_write (fd, buffer, size); }			\
  static int _assuan_pth_recvmsg (assuan_context_t ctx, assuan_fd_t fd, \
 				  assuan_msghdr_t msg, int flags)	\
  {									\
    (void) ctx;								\
    gpg_err_set_errno (ENOSYS);                                         \
    return -1;								\
  }									\
  static int _assuan_pth_sendmsg (assuan_context_t ctx, assuan_fd_t fd, \
 				  const assuan_msghdr_t msg, int flags) \
  {									\
    (void) ctx;								\
    gpg_err_set_errno (ENOSYS);                                         \
    return -1;								\
  }                                                                     \
  static pid_t _assuan_pth_waitpid (assuan_context_t ctx, pid_t pid,     \
 				   int nowait, int *status, int options) \
  { (void) ctx;                                                         \
     if (!nowait) return pth_waitpid (pid, status, options);            \
      else return 0; }							\
 									\
  struct assuan_system_hooks _assuan_system_pth =			\
    { ASSUAN_SYSTEM_HOOKS_VERSION, _assuan_pth_usleep, __assuan_pipe,	\
      __assuan_close, _assuan_pth_read, _assuan_pth_write,		\
      _assuan_pth_recvmsg, _assuan_pth_sendmsg,				\
      __assuan_spawn, _assuan_pth_waitpid, __assuan_socketpair,		\
      __assuan_socket, __assuan_connect }
 extern struct assuan_system_hooks _assuan_system_pth;
 #define ASSUAN_SYSTEM_PTH &_assuan_system_pth
 /* Standard system hooks for nPth.  */
 #define ASSUAN_SYSTEM_NPTH_IMPL						\
  static void _assuan_npth_usleep (assuan_context_t ctx, unsigned int usec) \
  { npth_unprotect();				                        \
    __assuan_usleep (ctx, usec);					\
    npth_protect(); }							\
  static ssize_t _assuan_npth_read (assuan_context_t ctx, assuan_fd_t fd, \
 				    void *buffer, size_t size)		\
  { ssize_t res; (void) ctx; npth_unprotect();				\
    res = __assuan_read (ctx, fd, buffer, size);			\
    npth_protect(); return res; }					\
  static ssize_t _assuan_npth_write (assuan_context_t ctx, assuan_fd_t fd, \
 				     const void *buffer, size_t size)	\
  { ssize_t res; (void) ctx; npth_unprotect();				\
    res = __assuan_write (ctx, fd, buffer, size);			\
    npth_protect(); return res; }					\
  static int _assuan_npth_recvmsg (assuan_context_t ctx, assuan_fd_t fd, \
 				  assuan_msghdr_t msg, int flags)	\
  { int res; (void) ctx; npth_unprotect();				\
    res = __assuan_recvmsg (ctx, fd, msg, flags);			\
    npth_protect(); return res; }					\
  static int _assuan_npth_sendmsg (assuan_context_t ctx, assuan_fd_t fd, \
 				  const assuan_msghdr_t msg, int flags) \
  { int res; (void) ctx; npth_unprotect();				\
    res = __assuan_sendmsg (ctx, fd, msg, flags);			\
    npth_protect(); return res; }					\
  static pid_t _assuan_npth_waitpid (assuan_context_t ctx, pid_t pid,	\
 				     int nowait, int *status, int options) \
  { pid_t res; (void) ctx; npth_unprotect();				\
    res = __assuan_waitpid (ctx, pid, nowait, status, options);		\
    npth_protect(); return res; }					\
  static int _assuan_npth_connect (assuan_context_t ctx, int sock,	\
 				   struct sockaddr *addr, socklen_t len)\
  { int res; npth_unprotect();						\
    res = __assuan_connect (ctx, sock, addr, len);			\
    npth_protect(); return res; }					\
  static int _assuan_npth_close (assuan_context_t ctx, assuan_fd_t fd)	\
  { int res; npth_unprotect();						\
    res = __assuan_close (ctx, fd);					\
    npth_protect(); return res; }					\
 									\
  struct assuan_system_hooks _assuan_system_npth =			\
    { ASSUAN_SYSTEM_HOOKS_VERSION, _assuan_npth_usleep, __assuan_pipe,	\
      _assuan_npth_close, _assuan_npth_read, _assuan_npth_write,	\
      _assuan_npth_recvmsg, _assuan_npth_sendmsg,			\
      __assuan_spawn, _assuan_npth_waitpid, __assuan_socketpair,	\
      __assuan_socket, _assuan_npth_connect }
 extern struct assuan_system_hooks _assuan_system_npth;
 #define ASSUAN_SYSTEM_NPTH &_assuan_system_npth
 #ifdef __cplusplus
 }
 #endif
 #endif /* ASSUAN_H */
 /*
 Local Variables:
 buffer-read-only: t
 End:
 */
--- a/lib/gpg/include/gcrypt.h
+++ b/lib/gpg/include/gcrypt.h
--- a/lib/gpg/include/gpg-error.h
+++ b/lib/gpg/include/gpg-error.h
--- a/lib/gpg/include/gpgme.h
+++ b/lib/gpg/include/gpgme.h
--- a/lib/gpg/include/ksba.h
+++ b/lib/gpg/include/ksba.h
@@ -1,640 +0,0 @@
 /* ksba.h - X.509 library used by GnuPG
 * Copyright (C) 2001, 2002, 2003, 2004, 2005, 2006, 2010, 2011
 *               2012, 2013, 2104, 2015, 2019, 2020, 2021 g10 Code GmbH
 *
 * This file is part of KSBA.
 *
 * KSBA is free software; you can redistribute it and/or modify
 * it under the terms of either
 *
 *   - the GNU Lesser General Public License as published by the Free
 *     Software Foundation; either version 3 of the License, or (at
 *     your option) any later version.
 *
 * or
 *
 *   - the GNU General Public License as published by the Free
 *     Software Foundation; either version 2 of the License, or (at
 *     your option) any later version.
 *
 * or both in parallel, as here.
 *
 * KSBA is distributed in the hope that it will be useful, but WITHOUT
 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public
 * License for more details.
 *
 * You should have received a copies of the GNU General Public License
 * and the GNU Lesser General Public License along with this program;
 * if not, see <http://www.gnu.org/licenses/>.
 * SPDX-License-Identifier: LGPL-3.0-or-later OR GPL-2.0-or-later
 */
 #ifndef KSBA_H
 #define KSBA_H 1
 #include <gpg-error.h>
 #include <stdio.h>
 #ifdef __cplusplus
 extern "C" {
 #if 0
 }
 #endif
 #endif
 /* The version of this header should match the one of the library.  Do
 * not use this symbol in your application; use assuan_check_version
 * instead.  */
 #define KSBA_VERSION "1.6.0"
 /* The version number of this header.  It may be used to handle minor
 * API incompatibilities.  */
 #define KSBA_VERSION_NUMBER 0x010600
 /* Check for compiler features.  */
 #ifdef __GNUC__
 #define _KSBA_GCC_VERSION (__GNUC__ * 10000 \
                            + __GNUC_MINOR__ * 100 \
                            + __GNUC_PATCHLEVEL__)
 #if _KSBA_GCC_VERSION > 30100
 #define _KSBA_DEPRECATED	__attribute__ ((__deprecated__))
 #endif
 #endif /*__GNUC__*/
 #ifndef _KSBA_DEPRECATED
 #define _KSBA_DEPRECATED
 #endif
 #define KSBA_CLASS_UNIVERSAL   0
 #define KSBA_CLASS_APPLICATION 1
 #define KSBA_CLASS_CONTEXT     2
 #define KSBA_CLASS_PRIVATE     3
 #define KSBA_CLASS_ENCAPSULATE 0x80  /* Pseudo class.  */
 #define KSBA_TYPE_BOOLEAN           1
 #define KSBA_TYPE_INTEGER           2
 #define KSBA_TYPE_BIT_STRING        3
 #define KSBA_TYPE_OCTET_STRING      4
 #define KSBA_TYPE_NULL              5
 #define KSBA_TYPE_OBJECT_ID         6
 #define KSBA_TYPE_OBJECT_DESCRIPTOR 7
 #define KSBA_TYPE_EXTERNAL          8
 #define KSBA_TYPE_REAL              9
 #define KSBA_TYPE_ENUMERATED       10
 #define KSBA_TYPE_EMBEDDED_PDV     11
 #define KSBA_TYPE_UTF8_STRING      12
 #define KSBA_TYPE_RELATIVE_OID     13
 #define KSBA_TYPE_TIME             14
 #define KSBA_TYPE_SEQUENCE         16
 #define KSBA_TYPE_SET              17
 #define KSBA_TYPE_NUMERIC_STRING   18
 #define KSBA_TYPE_PRINTABLE_STRING 19
 #define KSBA_TYPE_TELETEX_STRING   20
 #define KSBA_TYPE_VIDEOTEX_STRING  21
 #define KSBA_TYPE_IA5_STRING       22
 #define KSBA_TYPE_UTC_TIME         23
 #define KSBA_TYPE_GENERALIZED_TIME 24
 #define KSBA_TYPE_GRAPHIC_STRING   25
 #define KSBA_TYPE_VISIBLE_STRING   26
 #define KSBA_TYPE_GENERAL_STRING   27
 #define KSBA_TYPE_UNIVERSAL_STRING 28
 #define KSBA_TYPE_CHARACTER_STRING 29
 #define KSBA_TYPE_BMP_STRING       30
 #define KSBA_TYPE_DATE             31
 #define KSBA_TYPE_TIME_OF_DAY      32
 #define KSBA_TYPE_DATE_TIME        33
 #define KSBA_TYPE_DURATION         34
 #define KSBA_TYPE_OID_IRI          35
 #define KSBA_TYPE_RELATIVE_OID_IRI 36
 typedef gpg_error_t KsbaError _KSBA_DEPRECATED;
 typedef enum
  {
    KSBA_CT_NONE = 0,
    KSBA_CT_DATA = 1,
    KSBA_CT_SIGNED_DATA = 2,
    KSBA_CT_ENVELOPED_DATA = 3,
    KSBA_CT_DIGESTED_DATA = 4,
    KSBA_CT_ENCRYPTED_DATA = 5,
    KSBA_CT_AUTH_DATA = 6,
    KSBA_CT_PKCS12 = 7,
    KSBA_CT_SPC_IND_DATA_CTX = 8,
    KSBA_CT_OPENPGP_KEYBLOCK = 9,
    KSBA_CT_AUTHENVELOPED_DATA = 10
  }
 ksba_content_type_t;
 typedef ksba_content_type_t KsbaContentType _KSBA_DEPRECATED;
 typedef enum
  {
    KSBA_SR_NONE = 0,     /* Never seen by libksba user. */
    KSBA_SR_RUNNING = 1,  /* Never seen by libksba user. */
    KSBA_SR_GOT_CONTENT = 2,
    KSBA_SR_NEED_HASH = 3,
    KSBA_SR_BEGIN_DATA = 4,
    KSBA_SR_END_DATA = 5,
    KSBA_SR_READY = 6,
    KSBA_SR_NEED_SIG = 7,
    KSBA_SR_DETACHED_DATA = 8,
    KSBA_SR_BEGIN_ITEMS = 9,
    KSBA_SR_GOT_ITEM = 10,
    KSBA_SR_END_ITEMS = 11
  }
 ksba_stop_reason_t;
 typedef ksba_stop_reason_t KsbaStopReason _KSBA_DEPRECATED;
 typedef enum
  {
    KSBA_CRLREASON_UNSPECIFIED = 1,
    KSBA_CRLREASON_KEY_COMPROMISE = 2,
    KSBA_CRLREASON_CA_COMPROMISE = 4,
    KSBA_CRLREASON_AFFILIATION_CHANGED = 8,
    KSBA_CRLREASON_SUPERSEDED = 16,
    KSBA_CRLREASON_CESSATION_OF_OPERATION = 32,
    KSBA_CRLREASON_CERTIFICATE_HOLD = 64,
    KSBA_CRLREASON_REMOVE_FROM_CRL = 256,
    KSBA_CRLREASON_PRIVILEGE_WITHDRAWN = 512,
    KSBA_CRLREASON_AA_COMPROMISE = 1024,
    KSBA_CRLREASON_OTHER = 32768
  }
 ksba_crl_reason_t;
 typedef ksba_crl_reason_t KsbaCRLReason _KSBA_DEPRECATED;
 typedef enum
  {
    KSBA_OCSP_RSPSTATUS_SUCCESS = 0,
    KSBA_OCSP_RSPSTATUS_MALFORMED = 1,
    KSBA_OCSP_RSPSTATUS_INTERNAL = 2,
    KSBA_OCSP_RSPSTATUS_TRYLATER = 3,
    KSBA_OCSP_RSPSTATUS_SIGREQUIRED = 5,
    KSBA_OCSP_RSPSTATUS_UNAUTHORIZED = 6,
    KSBA_OCSP_RSPSTATUS_REPLAYED = 253,
    KSBA_OCSP_RSPSTATUS_OTHER = 254,
    KSBA_OCSP_RSPSTATUS_NONE = 255
  }
 ksba_ocsp_response_status_t;
 typedef enum
  {
    KSBA_STATUS_NONE = 0,
    KSBA_STATUS_UNKNOWN = 1,
    KSBA_STATUS_GOOD = 2,
    KSBA_STATUS_REVOKED = 4
  }
 ksba_status_t;
 typedef enum
  {
    KSBA_KEYUSAGE_DIGITAL_SIGNATURE =  1,
    KSBA_KEYUSAGE_NON_REPUDIATION   =  2,
    KSBA_KEYUSAGE_KEY_ENCIPHERMENT  =  4,
    KSBA_KEYUSAGE_DATA_ENCIPHERMENT =  8,
    KSBA_KEYUSAGE_KEY_AGREEMENT     = 16,
    KSBA_KEYUSAGE_KEY_CERT_SIGN     = 32,
    KSBA_KEYUSAGE_CRL_SIGN          = 64,
    KSBA_KEYUSAGE_ENCIPHER_ONLY    = 128,
    KSBA_KEYUSAGE_DECIPHER_ONLY    = 256
  }
 ksba_key_usage_t;
 typedef ksba_key_usage_t KsbaKeyUsage _KSBA_DEPRECATED;
 /* ISO format, e.g. "19610711T172059", assumed to be UTC. */
 typedef char ksba_isotime_t[16];
 /* X.509 certificates are represented by this object.
   ksba_cert_new() creates such an object */
 struct ksba_cert_s;
 typedef struct ksba_cert_s *ksba_cert_t;
 typedef struct ksba_cert_s *KsbaCert _KSBA_DEPRECATED;
 /* CMS objects are controlled by this object.
   ksba_cms_new() creates it */
 struct ksba_cms_s;
 typedef struct ksba_cms_s *ksba_cms_t;
 typedef struct ksba_cms_s *KsbaCMS _KSBA_DEPRECATED;
 /* CRL objects are controlled by this object.
   ksba_crl_new() creates it */
 struct ksba_crl_s;
 typedef struct ksba_crl_s *ksba_crl_t;
 typedef struct ksba_crl_s *KsbaCRL _KSBA_DEPRECATED;
 /* OCSP objects are controlled by this object.
   ksba_ocsp_new() creates it. */
 struct ksba_ocsp_s;
 typedef struct ksba_ocsp_s *ksba_ocsp_t;
 /* PKCS-10 creation is controlled by this object.
   ksba_certreq_new() creates it */
 struct ksba_certreq_s;
 typedef struct ksba_certreq_s *ksba_certreq_t;
 typedef struct ksba_certreq_s *KsbaCertreq _KSBA_DEPRECATED;
 /* This is a reader object for various purposes
   see ksba_reader_new et al. */
 struct ksba_reader_s;
 typedef struct ksba_reader_s *ksba_reader_t;
 typedef struct ksba_reader_s *KsbaReader _KSBA_DEPRECATED;
 /* This is a writer object for various purposes
   see ksba_writer_new et al. */
 struct ksba_writer_s;
 typedef struct ksba_writer_s *ksba_writer_t;
 typedef struct ksba_writer_s *KsbaWriter _KSBA_DEPRECATED;
 /* This is an object to store an ASN.1 parse tree as
   create by ksba_asn_parse_file() */
 struct ksba_asn_tree_s;
 typedef struct ksba_asn_tree_s *ksba_asn_tree_t;
 typedef struct ksba_asn_tree_s *KsbaAsnTree _KSBA_DEPRECATED;
 /* This is an object to reference a General Name.  Such an object is
   returned by several functions. */
 struct ksba_name_s;
 typedef struct ksba_name_s *ksba_name_t;
 typedef struct ksba_name_s *KsbaName _KSBA_DEPRECATED;
 /* KsbaSexp is just an unsigned char * which should be used for
   documentation purpose.  The S-expressions returned by libksba are
   always in canonical representation with an extra 0 byte at the end,
   so that one can print the values in the debugger and at least see
   the first bytes */
 typedef unsigned char *ksba_sexp_t;
 typedef unsigned char *KsbaSexp _KSBA_DEPRECATED;
 typedef const unsigned char *ksba_const_sexp_t;
 typedef const unsigned char *KsbaConstSexp _KSBA_DEPRECATED;
 /* This is a generic object used by various functions.  */
 struct ksba_der_s;
 typedef struct ksba_der_s *ksba_der_t;
 /*-- cert.c --*/
 gpg_error_t ksba_cert_new (ksba_cert_t *acert);
 void        ksba_cert_ref (ksba_cert_t cert);
 void        ksba_cert_release (ksba_cert_t cert);
 gpg_error_t ksba_cert_set_user_data (ksba_cert_t cert, const char *key,
                                     const void *data, size_t datalen);
 gpg_error_t ksba_cert_get_user_data (ksba_cert_t cert, const char *key,
                                     void *buffer, size_t bufferlen,
                                     size_t *datalen);
 gpg_error_t ksba_cert_read_der (ksba_cert_t cert, ksba_reader_t reader);
 gpg_error_t ksba_cert_init_from_mem (ksba_cert_t cert,
                                     const void *buffer, size_t length);
 const unsigned char *ksba_cert_get_image (ksba_cert_t cert, size_t *r_length);
 gpg_error_t ksba_cert_hash (ksba_cert_t cert,
                            int what,
                            void (*hasher)(void *,
                                           const void *,
                                           size_t length),
                            void *hasher_arg);
 const char *ksba_cert_get_digest_algo (ksba_cert_t cert);
 ksba_sexp_t ksba_cert_get_serial (ksba_cert_t cert);
 char       *ksba_cert_get_issuer (ksba_cert_t cert, int idx);
 gpg_error_t ksba_cert_get_validity (ksba_cert_t cert, int what,
                                    ksba_isotime_t r_time);
 char       *ksba_cert_get_subject (ksba_cert_t cert, int idx);
 ksba_sexp_t ksba_cert_get_public_key (ksba_cert_t cert);
 ksba_sexp_t ksba_cert_get_sig_val (ksba_cert_t cert);
 gpg_error_t ksba_cert_get_extension (ksba_cert_t cert, int idx,
                                     char const **r_oid, int *r_crit,
                                     size_t *r_deroff, size_t *r_derlen);
 gpg_error_t ksba_cert_is_ca (ksba_cert_t cert, int *r_ca, int *r_pathlen);
 gpg_error_t ksba_cert_get_key_usage (ksba_cert_t cert, unsigned int *r_flags);
 gpg_error_t ksba_cert_get_cert_policies (ksba_cert_t cert, char **r_policies);
 gpg_error_t ksba_cert_get_ext_key_usages (ksba_cert_t cert, char **result);
 gpg_error_t ksba_cert_get_crl_dist_point (ksba_cert_t cert, int idx,
                                          ksba_name_t *r_distpoint,
                                          ksba_name_t *r_issuer,
                                          ksba_crl_reason_t *r_reason);
 gpg_error_t ksba_cert_get_auth_key_id (ksba_cert_t cert,
                                       ksba_sexp_t *r_keyid,
                                       ksba_name_t *r_name,
                                       ksba_sexp_t *r_serial);
 gpg_error_t ksba_cert_get_subj_key_id (ksba_cert_t cert,
                                       int *r_crit,
                                       ksba_sexp_t *r_keyid);
 gpg_error_t ksba_cert_get_authority_info_access (ksba_cert_t cert, int idx,
                                                 char **r_method,
                                                 ksba_name_t *r_location);
 gpg_error_t ksba_cert_get_subject_info_access (ksba_cert_t cert, int idx,
                                               char **r_method,
                                               ksba_name_t *r_location);
 /*-- cms.c --*/
 ksba_content_type_t ksba_cms_identify (ksba_reader_t reader);
 gpg_error_t ksba_cms_new (ksba_cms_t *r_cms);
 void        ksba_cms_release (ksba_cms_t cms);
 gpg_error_t ksba_cms_set_reader_writer (ksba_cms_t cms,
                                        ksba_reader_t r, ksba_writer_t w);
 gpg_error_t ksba_cms_parse (ksba_cms_t cms, ksba_stop_reason_t *r_stopreason);
 gpg_error_t ksba_cms_build (ksba_cms_t cms, ksba_stop_reason_t *r_stopreason);
 ksba_content_type_t ksba_cms_get_content_type (ksba_cms_t cms, int what);
 const char *ksba_cms_get_content_oid (ksba_cms_t cms, int what);
 gpg_error_t ksba_cms_get_content_enc_iv (ksba_cms_t cms, void *iv,
                                         size_t maxivlen, size_t *ivlen);
 const char *ksba_cms_get_digest_algo_list (ksba_cms_t cms, int idx);
 gpg_error_t ksba_cms_get_issuer_serial (ksba_cms_t cms, int idx,
                                        char **r_issuer,
                                        ksba_sexp_t *r_serial);
 const char *ksba_cms_get_digest_algo (ksba_cms_t cms, int idx);
 ksba_cert_t ksba_cms_get_cert (ksba_cms_t cms, int idx);
 gpg_error_t ksba_cms_get_message_digest (ksba_cms_t cms, int idx,
                                         char **r_digest, size_t *r_digest_len);
 gpg_error_t ksba_cms_get_signing_time (ksba_cms_t cms, int idx,
                                       ksba_isotime_t r_sigtime);
 gpg_error_t ksba_cms_get_sigattr_oids (ksba_cms_t cms, int idx,
                                       const char *reqoid, char **r_value);
 ksba_sexp_t ksba_cms_get_sig_val (ksba_cms_t cms, int idx);
 ksba_sexp_t ksba_cms_get_enc_val (ksba_cms_t cms, int idx);
 void ksba_cms_set_hash_function (ksba_cms_t cms,
                                 void (*hash_fnc)(void *, const void *, size_t),
                                 void *hash_fnc_arg);
 gpg_error_t ksba_cms_hash_signed_attrs (ksba_cms_t cms, int idx);
 gpg_error_t ksba_cms_set_content_type (ksba_cms_t cms, int what,
                                       ksba_content_type_t type);
 gpg_error_t ksba_cms_add_digest_algo (ksba_cms_t cms, const char *oid);
 gpg_error_t ksba_cms_add_signer (ksba_cms_t cms, ksba_cert_t cert);
 gpg_error_t ksba_cms_add_cert (ksba_cms_t cms, ksba_cert_t cert);
 gpg_error_t ksba_cms_add_smime_capability (ksba_cms_t cms, const char *oid,
                                           const unsigned char *der,
                                           size_t derlen);
 gpg_error_t ksba_cms_set_message_digest (ksba_cms_t cms, int idx,
                                         const unsigned char *digest,
                                         size_t digest_len);
 gpg_error_t ksba_cms_set_signing_time (ksba_cms_t cms, int idx,
                                       const ksba_isotime_t sigtime);
 gpg_error_t ksba_cms_set_sig_val (ksba_cms_t cms,
                                  int idx, ksba_const_sexp_t sigval);
 gpg_error_t ksba_cms_set_content_enc_algo (ksba_cms_t cms,
                                           const char *oid,
                                           const void *iv,
                                           size_t ivlen);
 gpg_error_t ksba_cms_add_recipient (ksba_cms_t cms, ksba_cert_t cert);
 gpg_error_t ksba_cms_set_enc_val (ksba_cms_t cms,
                                  int idx, ksba_const_sexp_t encval);
 /*-- crl.c --*/
 gpg_error_t ksba_crl_new (ksba_crl_t *r_crl);
 void        ksba_crl_release (ksba_crl_t crl);
 gpg_error_t ksba_crl_set_reader (ksba_crl_t crl, ksba_reader_t r);
 void        ksba_crl_set_hash_function (ksba_crl_t crl,
                                        void (*hash_fnc)(void *,
                                                         const void *, size_t),
                                        void *hash_fnc_arg);
 const char *ksba_crl_get_digest_algo (ksba_crl_t crl);
 gpg_error_t ksba_crl_get_issuer (ksba_crl_t crl, char **r_issuer);
 gpg_error_t ksba_crl_get_extension (ksba_crl_t crl, int idx,
                                    char const **oid, int *critical,
                                    unsigned char const **der, size_t *derlen);
 gpg_error_t ksba_crl_get_auth_key_id (ksba_crl_t crl,
                                      ksba_sexp_t *r_keyid,
                                      ksba_name_t *r_name,
                                      ksba_sexp_t *r_serial);
 gpg_error_t ksba_crl_get_crl_number (ksba_crl_t crl, ksba_sexp_t *number);
 gpg_error_t ksba_crl_get_update_times (ksba_crl_t crl,
                                       ksba_isotime_t this_update,
                                       ksba_isotime_t next_update);
 gpg_error_t ksba_crl_get_item (ksba_crl_t crl,
                               ksba_sexp_t *r_serial,
                               ksba_isotime_t r_revocation_date,
                               ksba_crl_reason_t *r_reason);
 ksba_sexp_t ksba_crl_get_sig_val (ksba_crl_t crl);
 gpg_error_t ksba_crl_parse (ksba_crl_t crl, ksba_stop_reason_t *r_stopreason);
 /*-- ocsp.c --*/
 gpg_error_t ksba_ocsp_new (ksba_ocsp_t *r_oscp);
 void ksba_ocsp_release (ksba_ocsp_t ocsp);
 gpg_error_t ksba_ocsp_set_digest_algo (ksba_ocsp_t ocsp, const char *oid);
 gpg_error_t ksba_ocsp_set_requestor (ksba_ocsp_t ocsp, ksba_cert_t cert);
 gpg_error_t ksba_ocsp_add_target (ksba_ocsp_t ocsp,
                                  ksba_cert_t cert, ksba_cert_t issuer_cert);
 size_t ksba_ocsp_set_nonce (ksba_ocsp_t ocsp,
                            unsigned char *nonce, size_t noncelen);
 gpg_error_t ksba_ocsp_prepare_request (ksba_ocsp_t ocsp);
 gpg_error_t ksba_ocsp_hash_request (ksba_ocsp_t ocsp,
                                    void (*hasher)(void *, const void *,
                                                   size_t length),
                                    void *hasher_arg);
 gpg_error_t ksba_ocsp_set_sig_val (ksba_ocsp_t ocsp,
                                   ksba_const_sexp_t sigval);
 gpg_error_t ksba_ocsp_add_cert (ksba_ocsp_t ocsp, ksba_cert_t cert);
 gpg_error_t ksba_ocsp_build_request (ksba_ocsp_t ocsp,
                                     unsigned char **r_buffer,
                                     size_t *r_buflen);
 gpg_error_t ksba_ocsp_parse_response (ksba_ocsp_t ocsp,
                                      const unsigned char *msg, size_t msglen,
                                      ksba_ocsp_response_status_t *resp_status);
 const char *ksba_ocsp_get_digest_algo (ksba_ocsp_t ocsp);
 gpg_error_t ksba_ocsp_hash_response (ksba_ocsp_t ocsp,
                                     const unsigned char *msg, size_t msglen,
                                     void (*hasher)(void *, const void *,
                                                    size_t length),
                                     void *hasher_arg);
 ksba_sexp_t ksba_ocsp_get_sig_val (ksba_ocsp_t ocsp,
                                   ksba_isotime_t produced_at);
 gpg_error_t ksba_ocsp_get_responder_id (ksba_ocsp_t ocsp,
                                        char **r_name,
                                        ksba_sexp_t *r_keyid);
 ksba_cert_t ksba_ocsp_get_cert (ksba_ocsp_t ocsp, int idx);
 gpg_error_t ksba_ocsp_get_status (ksba_ocsp_t ocsp, ksba_cert_t cert,
                                  ksba_status_t *r_status,
                                  ksba_isotime_t r_this_update,
                                  ksba_isotime_t r_next_update,
                                  ksba_isotime_t r_revocation_time,
                                  ksba_crl_reason_t *r_reason);
 gpg_error_t ksba_ocsp_get_extension (ksba_ocsp_t ocsp, ksba_cert_t cert,
                                     int idx,
                                     char const **r_oid, int *r_crit,
                                     unsigned char const **r_der,
                                     size_t *r_derlen);
 /*-- certreq.c --*/
 gpg_error_t ksba_certreq_new (ksba_certreq_t *r_cr);
 void        ksba_certreq_release (ksba_certreq_t cr);
 gpg_error_t ksba_certreq_set_writer (ksba_certreq_t cr, ksba_writer_t w);
 void         ksba_certreq_set_hash_function (
                               ksba_certreq_t cr,
                               void (*hash_fnc)(void *, const void *, size_t),
                               void *hash_fnc_arg);
 gpg_error_t ksba_certreq_add_subject (ksba_certreq_t cr, const char *name);
 gpg_error_t ksba_certreq_set_public_key (ksba_certreq_t cr,
                                         ksba_const_sexp_t key);
 gpg_error_t ksba_certreq_add_extension (ksba_certreq_t cr,
                                        const char *oid, int is_crit,
                                        const void *der,
                                        size_t derlen);
 gpg_error_t ksba_certreq_set_sig_val (ksba_certreq_t cr,
                                      ksba_const_sexp_t sigval);
 gpg_error_t ksba_certreq_build (ksba_certreq_t cr,
                                ksba_stop_reason_t *r_stopreason);
 /* The functions below are used to switch to X.509 certificate creation.  */
 gpg_error_t ksba_certreq_set_serial (ksba_certreq_t cr, ksba_const_sexp_t sn);
 gpg_error_t ksba_certreq_set_issuer (ksba_certreq_t cr, const char *name);
 gpg_error_t ksba_certreq_set_validity (ksba_certreq_t cr, int what,
                                       const ksba_isotime_t timebuf);
 gpg_error_t ksba_certreq_set_siginfo (ksba_certreq_t cr,
                                      ksba_const_sexp_t siginfo);
 /*-- reader.c --*/
 gpg_error_t ksba_reader_new (ksba_reader_t *r_r);
 void        ksba_reader_release (ksba_reader_t r);
 gpg_error_t ksba_reader_set_release_notify (ksba_reader_t r,
                                            void (*notify)(void*,ksba_reader_t),
                                            void *notify_value);
 gpg_error_t ksba_reader_clear (ksba_reader_t r,
                               unsigned char **buffer, size_t *buflen);
 gpg_error_t ksba_reader_error (ksba_reader_t r);
 gpg_error_t ksba_reader_set_mem (ksba_reader_t r,
                               const void *buffer, size_t length);
 gpg_error_t ksba_reader_set_fd (ksba_reader_t r, int fd);
 gpg_error_t ksba_reader_set_file (ksba_reader_t r, FILE *fp);
 gpg_error_t ksba_reader_set_cb (ksba_reader_t r,
                              int (*cb)(void*,char *,size_t,size_t*),
                              void *cb_value );
 gpg_error_t ksba_reader_read (ksba_reader_t r,
                            char *buffer, size_t length, size_t *nread);
 gpg_error_t ksba_reader_unread (ksba_reader_t r, const void *buffer, size_t count);
 unsigned long ksba_reader_tell (ksba_reader_t r);
 /*-- writer.c --*/
 gpg_error_t ksba_writer_new (ksba_writer_t *r_w);
 void        ksba_writer_release (ksba_writer_t w);
 gpg_error_t ksba_writer_set_release_notify (ksba_writer_t w,
                                            void (*notify)(void*,ksba_writer_t),
                                            void *notify_value);
 int         ksba_writer_error (ksba_writer_t w);
 unsigned long ksba_writer_tell (ksba_writer_t w);
 gpg_error_t ksba_writer_set_fd (ksba_writer_t w, int fd);
 gpg_error_t ksba_writer_set_file (ksba_writer_t w, FILE *fp);
 gpg_error_t ksba_writer_set_cb (ksba_writer_t w,
                                int (*cb)(void*,const void *,size_t),
                                void *cb_value);
 gpg_error_t ksba_writer_set_mem (ksba_writer_t w, size_t initial_size);
 const void *ksba_writer_get_mem (ksba_writer_t w, size_t *nbytes);
 void *      ksba_writer_snatch_mem (ksba_writer_t w, size_t *nbytes);
 gpg_error_t ksba_writer_set_filter (ksba_writer_t w,
                                    gpg_error_t (*filter)(void*,
                                             const void *,size_t, size_t *,
                                             void *, size_t, size_t *),
                                    void *filter_arg);
 gpg_error_t ksba_writer_write (ksba_writer_t w, const void *buffer, size_t length);
 gpg_error_t ksba_writer_write_octet_string (ksba_writer_t w,
                                          const void *buffer, size_t length,
                                          int flush);
 /*-- asn1-parse.y --*/
 int ksba_asn_parse_file (const char *filename, ksba_asn_tree_t *result,
                         int debug);
 void ksba_asn_tree_release (ksba_asn_tree_t tree);
 /*-- asn1-func.c --*/
 void ksba_asn_tree_dump (ksba_asn_tree_t tree, const char *name, FILE *fp);
 gpg_error_t ksba_asn_create_tree (const char *mod_name, ksba_asn_tree_t *result);
 /*-- oid.c --*/
 char *ksba_oid_to_str (const char *buffer, size_t length);
 gpg_error_t ksba_oid_from_str (const char *string,
                               unsigned char **rbuf, size_t *rlength);
 /*-- dn.c --*/
 gpg_error_t ksba_dn_der2str (const void *der, size_t derlen, char **r_string);
 gpg_error_t ksba_dn_str2der (const char *string,
                             unsigned char **rder, size_t *rderlen);
 gpg_error_t ksba_dn_teststr (const char *string, int seq,
                             size_t *rerroff, size_t *rerrlen);
 /*-- name.c --*/
 gpg_error_t ksba_name_new (ksba_name_t *r_name);
 void        ksba_name_ref (ksba_name_t name);
 void        ksba_name_release (ksba_name_t name);
 const char *ksba_name_enum (ksba_name_t name, int idx);
 char       *ksba_name_get_uri (ksba_name_t name, int idx);
 /*-- der-builder.c --*/
 void ksba_der_release (ksba_der_t d);
 ksba_der_t ksba_der_builder_new (unsigned int nitems);
 void ksba_der_builder_reset (ksba_der_t d);
 void ksba_der_add_ptr (ksba_der_t d, int cls, int tag,
                       void *value, size_t valuelen);
 void ksba_der_add_val (ksba_der_t d, int cls, int tag,
                       const void *value, size_t valuelen);
 void ksba_der_add_int (ksba_der_t d, const void *value, size_t valuelen,
                       int force_positive);
 void ksba_der_add_oid (ksba_der_t d, const char *oidstr);
 void ksba_der_add_bts (ksba_der_t d, const void *value, size_t valuelen,
                       unsigned int unusedbits);
 void ksba_der_add_der (ksba_der_t d, const void *der, size_t derlen);
 void ksba_der_add_tag (ksba_der_t d, int cls, int tag);
 void ksba_der_add_end (ksba_der_t d);
 gpg_error_t ksba_der_builder_get (ksba_der_t d,
                                  unsigned char **r_obj, size_t *r_objlen);
 /*-- util.c --*/
 void ksba_set_malloc_hooks ( void *(*new_alloc_func)(size_t n),
                             void *(*new_realloc_func)(void *p, size_t n),
                             void (*new_free_func)(void*) );
 void ksba_set_hash_buffer_function ( gpg_error_t (*fnc)
                                     (void *arg, const char *oid,
                                      const void *buffer, size_t length,
                                      size_t resultsize,
                                      unsigned char *result,
                                      size_t *resultlen),
                                     void *fnc_arg);
 void *ksba_malloc (size_t n );
 void *ksba_calloc (size_t n, size_t m );
 void *ksba_realloc (void *p, size_t n);
 char *ksba_strdup (const char *p);
 void  ksba_free ( void *a );
 /*--version.c --*/
 const char *ksba_check_version (const char *req_version);
 #ifdef __cplusplus
 }
 #endif
 #endif /*KSBA_H*/
--- a/lib/gpg/include/npth.h
+++ b/lib/gpg/include/npth.h
@@ -1,238 +0,0 @@
 /* npth.h - a lightweight implementation of pth over native threads
 * Copyright (C) 2011, 2015 g10 Code GmbH
 *
 * This file is part of nPth.
 *
 * nPth is free software; you can redistribute it and/or modify
 * it under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * nPth is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See
 * the GNU Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this program; if not, see <https://www.gnu.org/licenses/>.
 */
 #ifndef _NPTH_H
 #define _NPTH_H
 #include <sys/types.h>
 #include <time.h>
 #include <errno.h>
 #include <winsock2.h>
 #include <ws2tcpip.h>
 #include <windows.h>
 #ifdef __cplusplus
 extern "C" {
 #if 0 /* (Keep Emacsens' auto-indent happy.) */
 }
 #endif
 #endif
 struct msghdr;
 /* The mingw-w64 headers define timespec.  For older compilers we keep
   our replacement.  */
 #ifndef __MINGW64_VERSION_MAJOR
 struct timespec {
  long tv_sec;                 /* seconds */
  long tv_nsec;                /* nanoseconds */
 };
 #endif /*__MINGW64_VERSION_MAJOR */
 #ifndef ETIMEDOUT
 #define ETIMEDOUT 10060  /* This is WSAETIMEDOUT.  */
 #endif
 #ifndef EOPNOTSUPP
 #define EOPNOTSUPP 10045 /* This is WSAEOPNOTSUPP.  */
 #endif
 int npth_init (void);
 typedef struct npth_attr_s *npth_attr_t;
 typedef unsigned long int npth_t;
 typedef struct npth_mutexattr_s *npth_mutexattr_t;
 typedef struct npth_mutex_s *npth_mutex_t;
 typedef struct npth_rwlockattr_s *npth_rwlockattr_t;
 typedef struct npth_rwlock_s *npth_rwlock_t;
 typedef struct npth_condattr_s *npth_condattr_t;
 typedef struct npth_cond_s *npth_cond_t;
 int npth_attr_init (npth_attr_t *attr);
 int npth_attr_destroy (npth_attr_t *attr);
 #define NPTH_CREATE_JOINABLE 0
 #define NPTH_CREATE_DETACHED 1
 int npth_attr_getdetachstate(npth_attr_t *attr, int *detachstate);
 int npth_attr_setdetachstate(npth_attr_t *attr, int detachstate);
 int npth_getname_np (npth_t target_thread, char *buf, size_t buflen);
 int npth_setname_np (npth_t target_thread, const char *name);
 int npth_create (npth_t *newthread, const npth_attr_t *attr,
 		 void *(*start_routine) (void *), void *arg);
 npth_t npth_self (void);
 int npth_join (npth_t th, void **thread_return);
 int npth_detach (npth_t th);
 void npth_exit (void *retval);
 typedef DWORD npth_key_t;
 int npth_key_create (npth_key_t *key,
 		     void (*destr_function) (void *));
 int npth_key_delete (npth_key_t key);
 void *npth_getspecific (npth_key_t key);
 int npth_setspecific (npth_key_t key, const void *pointer);
 int npth_mutexattr_init (npth_mutexattr_t *attr);
 int npth_mutexattr_destroy (npth_mutexattr_t *attr);
 int npth_mutexattr_gettype (const npth_mutexattr_t *attr,
 			    int *kind);
 int npth_mutexattr_settype (npth_mutexattr_t *attr, int kind);
 #define NPTH_MUTEX_NORMAL 0
 #define NPTH_MUTEX_RECURSIVE 1
 #define NPTH_MUTEX_ERRORCHECK 2
 #define NPTH_MUTEX_DEFAULT NPTH_MUTEX_NORMAL
 #define NPTH_MUTEX_INITIALIZER ((npth_mutex_t) -1)
 #define NPTH_RECURSIVE_MUTEX_INITIALIZER_NP ((npth_mutex_t) -2)
 #define NPTH_ERRORCHECK_MUTEX_INITIALIZER_NP ((npth_mutex_t) -3)
 int npth_mutex_init (npth_mutex_t *mutex, const npth_mutexattr_t *mutexattr);
 int npth_mutex_destroy (npth_mutex_t *mutex);
 int npth_mutex_trylock(npth_mutex_t *mutex);
 int npth_mutex_lock(npth_mutex_t *mutex);
 int npth_mutex_timedlock(npth_mutex_t *mutex, const struct timespec *abstime);
 int npth_mutex_unlock(npth_mutex_t *mutex);
 int npth_rwlockattr_init (npth_rwlockattr_t *attr);
 int npth_rwlockattr_destroy (npth_rwlockattr_t *attr);
 int npth_rwlockattr_gettype_np (const npth_rwlockattr_t *attr,
 				int *kind);
 int npth_rwlockattr_settype_np (npth_rwlockattr_t *attr, int kind);
 #define NPTH_RWLOCK_PREFER_READER_NP 0
 #define NPTH_RWLOCK_PREFER_WRITER_NP 1
 #define NPTH_RWLOCK_PREFER_WRITER_NONRECURSIVE_NP 2
 #define NPTH_RWLOCK_DEFAULT_NP NPTH_RWLOCK_PREFER_READER_NP
 #define NPTH_RWLOCK_INITIALIZER ((npth_rwlock_t) -1)
 #define NPTH_RWLOCK_WRITER_NONRECURSIVE_INITIALIZER_NP ((npth_rwlock_t) -2)
 /* For now, we don't support any rwlock attributes.  */
 int npth_rwlock_init (npth_rwlock_t *rwlock,
 		      const npth_rwlockattr_t *attr);
 int npth_rwlock_destroy (npth_rwlock_t *rwlock);
 int npth_rwlock_tryrdlock (npth_rwlock_t *rwlock);
 int npth_rwlock_rdlock (npth_rwlock_t *rwlock);
 int npth_rwlock_timedrdlock (npth_rwlock_t *rwlock,
 			     const struct timespec *abstime);
 int npth_rwlock_trywrlock (npth_rwlock_t *rwlock);
 int npth_rwlock_wrlock (npth_rwlock_t *rwlock);
 int npth_rwlock_timedwrlock (npth_rwlock_t *rwlock,
 			     const struct timespec *abstime);
 int npth_rwlock_unlock (npth_rwlock_t *rwlock);
 #define NPTH_COND_INITIALIZER ((npth_cond_t) -1)
 /* For now, we don't support any cond attributes.  */
 int npth_cond_init (npth_cond_t *cond,
 		    const npth_condattr_t *cond_attr);
 int npth_cond_broadcast (npth_cond_t *cond);
 int npth_cond_signal (npth_cond_t *cond);
 int npth_cond_destroy (npth_cond_t *cond);
 int npth_cond_wait (npth_cond_t *cond, npth_mutex_t *mutex);
 int npth_cond_timedwait (npth_cond_t *cond, npth_mutex_t *mutex,
 			 const struct timespec *abstime);
 int npth_usleep(unsigned int usec);
 unsigned int npth_sleep(unsigned int sec);
 pid_t npth_waitpid(pid_t pid, int *status, int options);
 int npth_system(const char *cmd);
 #if 0
 /* We do not support this on windows.  */
 int npth_sigmask(int how, const sigset_t *set, sigset_t *oldset);
 int npth_sigwait(const sigset_t *set, int *sig);
 #endif
 int npth_connect(int s, const struct sockaddr *addr, socklen_t addrlen);
 int npth_accept(int s, struct sockaddr *addr, socklen_t *addrlen);
 /* Only good for sockets!  */
 int npth_select(int nfd, fd_set *rfds, fd_set *wfds, fd_set *efds,
 		struct timeval *timeout);
 #if 0
 /* We do not support this on windows.  */
 int npth_pselect(int nfd, fd_set *rfds, fd_set *wfds, fd_set *efds,
 		 const struct timespec *timeout, const sigset_t *sigmask);
 #endif
 /* Wait on the FDs (only good for sockets!) and the
   INVALID_HANDLE_VALUE terminated list of extra events.  On return
   (even on error), the bits in EVENTS_SET will contain the extra
   events that occured (which means that there can only be up to 31
   extra events).  */
 int npth_eselect(int nfd, fd_set *rfds, fd_set *wfds, fd_set *efds,
 		 const struct timespec *timeout,
                 HANDLE *events, unsigned int *events_set);
 ssize_t npth_read(int fd, void *buf, size_t nbytes);
 ssize_t npth_write(int fd, const void *buf, size_t nbytes);
 int npth_recvmsg (int fd, struct msghdr *msg, int flags);
 int npth_sendmsg (int fd, const struct msghdr *msg, int flags);
 void npth_unprotect (void);
 void npth_protect (void);
 /* Return true when we hold the sceptre.  This is used to debug
 * problems with npth_unprotect and npth_protect.  */
 int npth_is_protected (void);
 int npth_clock_gettime(struct timespec *tp);
 /* CMP may be ==, < or >.  Do not use <= or >=.  */
 #define npth_timercmp(t1, t2, cmp)					\
  (((t1)->tv_sec == (t2)->tv_sec) ?					\
   ((t1)->tv_nsec cmp (t2)->tv_nsec) :					\
   ((t1)->tv_sec cmp (t2)->tv_sec))
 #define npth_timeradd(t1, t2, result)					\
  do {									\
    (result)->tv_sec = (t1)->tv_sec + (t2)->tv_sec;			\
    (result)->tv_nsec = (t1)->tv_nsec + (t2)->tv_nsec;			\
    if ((result)->tv_nsec >= 1000000000)				\
      {									\
 	++(result)->tv_sec;						\
 	(result)->tv_nsec -= 1000000000;				\
      }									\
  } while (0)
 #define npth_timersub(t1, t2, result)					\
  do {									\
    (result)->tv_sec = (t1)->tv_sec - (t2)->tv_sec;			\
    (result)->tv_nsec = (t1)->tv_nsec - (t2)->tv_nsec;			\
    if ((result)->tv_nsec < 0) {					\
      --(result)->tv_sec;						\
      (result)->tv_nsec += 1000000000;					\
    }									\
  } while (0)
 #if 0
 /* We do not support this on windows.  */
 void npth_sigev_init (void);
 void npth_sigev_add (int signum);
 void npth_sigev_fini (void);
 sigset_t *npth_sigev_sigmask (void);
 int npth_sigev_get_pending (int *r_signum);
 #endif
 #if 0 /* (Keep Emacsens' auto-indent happy.) */
 {
 #endif
 #ifdef __cplusplus
 }
 #endif
 #endif /*_NPTH_H*/
--- a/lib/gpg/lib/libassuan.imp
+++ b/lib/gpg/lib/libassuan.imp
--- a/lib/gpg/lib/libgcrypt.imp
+++ b/lib/gpg/lib/libgcrypt.imp
--- a/lib/gpg/lib/libgpg-error.imp
+++ b/lib/gpg/lib/libgpg-error.imp
--- a/lib/gpg/lib/libgpgme.imp
+++ b/lib/gpg/lib/libgpgme.imp
--- a/lib/gpg/lib/libksba.imp
+++ b/lib/gpg/lib/libksba.imp
--- a/lib/gpg/lib/libnpth.imp
+++ b/lib/gpg/lib/libnpth.imp
--- a/lib/gpg/share/gnupg/sks-keyservers.netCA.pem
+++ b/lib/gpg/share/gnupg/sks-keyservers.netCA.pem
@@ -1,32 +0,0 @@
 -----BEGIN CERTIFICATE-----
 MIIFizCCA3OgAwIBAgIJAK9zyLTPn4CPMA0GCSqGSIb3DQEBBQUAMFwxCzAJBgNV
 BAYTAk5PMQ0wCwYDVQQIDARPc2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5u
 ZXQgQ0ExHjAcBgNVBAMMFXNrcy1rZXlzZXJ2ZXJzLm5ldCBDQTAeFw0xMjEwMDkw
 MDMzMzdaFw0yMjEwMDcwMDMzMzdaMFwxCzAJBgNVBAYTAk5PMQ0wCwYDVQQIDARP
 c2xvMR4wHAYDVQQKDBVza3Mta2V5c2VydmVycy5uZXQgQ0ExHjAcBgNVBAMMFXNr
 cy1rZXlzZXJ2ZXJzLm5ldCBDQTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoC
 ggIBANdsWy4PXWNUCkS3L//nrd0GqN3dVwoBGZ6w94Tw2jPDPifegwxQozFXkG6I
 6A4TK1CJLXPvfz0UP0aBYyPmTNadDinaB9T4jIwd4rnxl+59GiEmqkN3IfPsv5Jj
 MkKUmJnvOT0DEVlEaO1UZIwx5WpfprB3mR81/qm4XkAgmYrmgnLXd/pJDAMk7y1F
 45b5zWofiD5l677lplcIPRbFhpJ6kDTODXh/XEdtF71EAeaOdEGOvyGDmCO0GWqS
 FDkMMPTlieLA/0rgFTcz4xwUYj/cD5e0ZBuSkYsYFAU3hd1cGfBue0cPZaQH2HYx
 Qk4zXD8S3F4690fRhr+tki5gyG6JDR67aKp3BIGLqm7f45WkX1hYp+YXywmEziM4
 aSbGYhx8hoFGfq9UcfPEvp2aoc8u5sdqjDslhyUzM1v3m3ZGbhwEOnVjljY6JJLx
 MxagxnZZSAY424ZZ3t71E/Mn27dm2w+xFRuoy8JEjv1d+BT3eChM5KaNwrj0IO/y
 u8kFIgWYA1vZ/15qMT+tyJTfyrNVV/7Df7TNeWyNqjJ5rBmt0M6NpHG7CrUSkBy9
 p8JhimgjP5r0FlEkgg+lyD+V79H98gQfVgP3pbJICz0SpBQf2F/2tyS4rLm+49rP
 fcOajiXEuyhpcmzgusAj/1FjrtlynH1r9mnNaX4e+rLWzvU5AgMBAAGjUDBOMB0G
 A1UdDgQWBBTkwyoJFGfYTVISTpM8E+igjdq28zAfBgNVHSMEGDAWgBTkwyoJFGfY
 TVISTpM8E+igjdq28zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4ICAQAR
 OXnYwu3g1ZjHyley3fZI5aLPsaE17cOImVTehC8DcIphm2HOMR/hYTTL+V0G4P+u
 gH+6xeRLKSHMHZTtSBIa6GDL03434y9CBuwGvAFCMU2GV8w92/Z7apkAhdLToZA/
 X/iWP2jeaVJhxgEcH8uPrnSlqoPBcKC9PrgUzQYfSZJkLmB+3jEa3HKruy1abJP5
 gAdQvwvcPpvYRnIzUc9fZODsVmlHVFBCl2dlu/iHh2h4GmL4Da2rRkUMlbVTdioB
 UYIvMycdOkpH5wJftzw7cpjsudGas0PARDXCFfGyKhwBRFY7Xp7lbjtU5Rz0Gc04
 lPrhDf0pFE98Aw4jJRpFeWMjpXUEaG1cq7D641RpgcMfPFvOHY47rvDTS7XJOaUT
 BwRjmDt896s6vMDcaG/uXJbQjuzmmx3W2Idyh3s5SI0GTHb0IwMKYb4eBUIpQOnB
 cE77VnCYqKvN1NVYAqhWjXbY7XasZvszCRcOG+W3FqNaHOK/n/0ueb0uijdLan+U
 f4p1bjbAox8eAOQS/8a3bzkJzdyBNUKGx1BIK2IBL9bn/HravSDOiNRSnZ/R3l9G
 ZauX0tu7IIDlRCILXSyeazu0aj/vdT3YFQXPcvt5Fkf5wiNTo53f72/jYEJd6qph
 WrpoKqrwGwTpRUCMhYIUt65hsTxCiJJ5nKe39h46sg==
 -----END CERTIFICATE-----
--- a/lib/gpg/share/locale/ca/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/ca/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/cs/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/cs/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/cs/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/cs/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/da/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/da/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/da/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/da/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/de/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/de/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/de/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/de/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/el/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/el/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/en@boldquot/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/en@quot/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/en@quot/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/eo/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/eo/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/eo/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/eo/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/es/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/es/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/et/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/et/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/fi/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/fi/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/fr/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/fr/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/fr/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/fr/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/gl/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/gl/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/hu/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/hu/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/hu/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/hu/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/id/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/id/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/it/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/it/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/it/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/it/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/ja/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/ja/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/ja/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/ja/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/nb/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/nb/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/nl/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/nl/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/pl/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/pl/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/pl/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/pl/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/pt/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/pt/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/pt/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/pt/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/ro/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/ro/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/ro/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/ro/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/ru/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/ru/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/ru/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/ru/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/sk/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/sk/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/sr/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/sr/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/sv/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/sv/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/sv/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/sv/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/tr/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/tr/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/uk/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/uk/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/uk/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/uk/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/vi/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/vi/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/zh_CN/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/zh_CN/LC_MESSAGES/libgpg-error.mo
--- a/lib/gpg/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo
+++ b/lib/gpg/share/locale/zh_TW/LC_MESSAGES/gnupg2.mo
--- a/lib/gpg/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo
+++ b/lib/gpg/share/locale/zh_TW/LC_MESSAGES/libgpg-error.mo
--- a/lib/sdelete.exe
+++ b/lib/sdelete.exe
--- a/lib/sdelete64.exe
+++ b/lib/sdelete64.exe
--- a/requirements.txt
+++ b/requirements.txt
@@ -0,0 +1 @@
 pykmip
Author	SHA1	Message	Date
jgaunt	7aee7afd4b	Updated crontab to install bw cli	2024-09-02 15:11:35 +00:00
jgaunt	a635241403	added rclone example	2024-08-23 18:53:01 +00:00
jgaunt	a2d23ac0bf	Updated to python usage and crontab example	2024-08-23 18:51:09 +00:00
jgaunt	e0f689852b	Added -l for srm as this should be enough as the OS should be running on FDE	2024-04-15 19:25:56 +00:00
jgaunt	54fa28cd82	added a logout in the beginning to ensure a clean start	2024-04-15 19:19:28 +00:00
John	4bd45b5017	Moved SRM to test for test argument logic	2023-11-11 13:45:24 -05:00
John	b5aa9ee5eb	corrected parser	2023-11-11 13:43:32 -05:00
jgaunt	bad58570ec	added test argument to test login and unlock	2023-11-11 13:40:46 -05:00
John Gaunt	284bd797ee	updated to correctly have help working	2023-11-03 15:45:25 -04:00
John Gaunt	178aae2b89	removed shred comment since we are using srm now	2022-12-31 18:30:55 -05:00
John Gaunt	05c7d99dcf	updated to put export into account folder	2022-12-31 16:41:40 -05:00
John Gaunt	cf280f1bd4	updated error handling for kmip functions	2022-12-31 10:31:58 -05:00
John Gaunt	8ce5763430	added exit for missing programs	2022-12-30 17:44:19 -05:00
John Gaunt	e011138c0d	removed secure_delete	2022-12-30 17:18:05 -05:00
John Gaunt	b1355aac9a	removed lib as we will depend on the user/system to already be configured	2022-12-30 17:15:29 -05:00
John Gaunt	c2e14da1bd	update to use argparse and added option to only backup certain accounts	2022-12-30 17:12:03 -05:00
John Gaunt	5ec2a77630	added check for required programs. updated sdelete variable to secure_delete	2022-12-30 16:24:13 -05:00
John Gaunt	b9477e2943	removed for loop for bad export	2022-12-30 16:06:12 -05:00
John Gaunt	ce40b1ed5d	added no encryption warning message and message that zip is being encrypted. moved file delete to end of loop	2022-12-30 15:54:05 -05:00
John Gaunt	3fec27ac48	updated from shred to srm. need to put in a check for srm before running	2022-12-30 15:00:22 -05:00
John Gaunt	1cb3255f40	fixed shred command	2022-12-30 14:42:07 -05:00
John Gaunt	d941867273	update linux to use system bw	2022-12-30 14:29:38 -05:00
crp3844	4118a8d077	updated BW CLI to 2022.11.0	2022-12-14 10:12:45 -05:00
John Gaunt	72df3e504a	removed does_file_exists function. added a removal of bad export file and sleep time. Still getting empty export files, no idea why	2022-10-07 21:29:06 -04:00
John Gaunt	04ad1dbba6	added no encryption option. Also added for loops for csv and json exports as some are failing	2022-10-07 21:00:05 -04:00
John Gaunt	1e4ed58fe6	changed to get some error codes when things don't work	2022-09-14 19:30:24 -04:00
John Gaunt	75562c141f	moved logger options after log_file variable	2022-09-14 18:38:09 -04:00
John Gaunt	f9bef2bce2	added sdelete path variable, added logic for secure delete, removed import and secure_delete commands	2022-09-14 18:35:02 -04:00
John Gaunt	8938c0378a	removed MacOS from supported OSes and added gpg linux exe	2022-09-14 18:15:38 -04:00
John Gaunt	0023557177	moved variables and OS login into main program	2022-09-14 18:14:40 -04:00
John Gaunt	3baac3958b	changed from stderr to stdout	2022-09-13 23:31:11 -04:00
John Gaunt	c00c7ba4ec	removed old comments	2022-09-13 23:30:03 -04:00
John Gaunt	9359b36c6f	added windows gpg exe path, added gpg command	2022-09-13 23:29:43 -04:00
John Gaunt	5ed4f3da76	added zipping of files and commented out removal of zip for testing	2022-09-13 22:36:53 -04:00
John Gaunt	7ec0116fa5	added shutil and removal of working dir after secure delete	2022-09-13 22:29:20 -04:00
John Gaunt	8f8746e4fa	updated secure delete for working directory	2022-09-13 22:27:02 -04:00
John Gaunt	ad035cae11	updated exports to use working folder	2022-09-13 22:26:33 -04:00
John Gaunt	1284693cf7	added exports and working directory variables	2022-09-13 22:25:30 -04:00
John Gaunt	70c07fb605	added working and export directory	2022-09-13 22:25:02 -04:00
John Gaunt	af3128c7f7	Merge branch 'master' of https://git.johnhgaunt.com/jgaunt/bitwardenbackup	2022-09-09 23:53:42 -04:00
John Gaunt	d52abb2a4d	trying out secure delete but *.cvs doesn't work.	2022-09-09 23:53:35 -04:00
jgaunt	946d627482	added pip requirements.txt file for packages needed	2022-09-09 13:43:32 -04:00
John Gaunt	183aadf796	remove printing of item	2022-09-08 20:52:13 -04:00
John Gaunt	305d7f9019	fixed attachment download loop	2022-09-08 20:50:08 -04:00
John Gaunt	4ac0a2db37	remove unneeded array and added time for sleep between attachment downloads	2022-09-08 20:17:31 -04:00
John Gaunt	b1077dc4be	added attachment loop search and save	2022-09-08 20:15:21 -04:00
John Gaunt	c2e3c37e24	updated export file names to include email and date and organization name fo those	2022-09-08 19:04:46 -04:00
John Gaunt	859ccb675f	added datetime for export file names	2022-09-08 19:01:38 -04:00
John Gaunt	e6dbe90d81	removed print of organization array and added loop for exporting organization vault	2022-09-08 18:51:16 -04:00
crp3844	70a4bb41a0	updated parser descriptions	2022-09-08 15:45:52 -04:00
crp3844	6cab1b4573	added message to create accounts if none exist	2022-09-08 15:43:20 -04:00
crp3844	9e43bc7126	removal of accounts and emails variable at end of script	2022-09-08 15:40:46 -04:00
crp3844	58a7b002ba	removal of vault password at end of loop	2022-09-08 15:40:15 -04:00
crp3844	79d56d00d0	added number of organizations and fixed command for getting them	2022-09-08 14:11:53 -04:00
crp3844	c0890fd57d	updated unsupported OS message	2022-09-08 13:14:36 -04:00
crp3844	88268d4889	removed utils as we built our own	2022-09-08 13:13:40 -04:00
crp3844	303e11b348	remove configparser	2022-09-08 13:12:44 -04:00
crp3844	add98a058f	removed lib from gitignore and file changes coming in now	2022-09-08 09:33:54 -04:00
crp3844	824eb2488d	moved the libs into some folders, added bw cli macos and supported os logic. updated code to use new paths	2022-09-08 09:31:17 -04:00
crp3844	fddaf8ac15	added organization code and removed from periods from logs	2022-09-08 09:27:50 -04:00
crp3844	7be43da4c0	removed the FreeBSD test case support	2022-09-08 09:22:36 -04:00
John Gaunt	5032946e14	moved export commands to only run when unlocked vault. updated unset session variable only if it is set	2022-09-07 22:00:03 -04:00
John Gaunt	a5ca8d2207	update some of the logging commands and fixed logging to logger	2022-09-07 21:43:39 -04:00
John Gaunt	641ffacfb4	added bitwarden code to login, unlock, and export vault	2022-09-07 21:32:46 -04:00
John Gaunt	addf7f27c4	added .config files to ignore	2022-09-07 19:50:48 -04:00
John Gaunt	5f95747b05	remove printing accounts	2022-09-07 19:50:07 -04:00
John Gaunt	afdbaa0ae7	removed ini file	2022-09-07 19:49:38 -04:00
crp3844	07a38c93e6	forgot a few more client options	2022-09-07 15:33:21 -04:00
crp3844	5ec6f2b415	forgot one client to remove	2022-09-07 15:28:44 -04:00
crp3844	60e19cc718	removed client from options for functions as it is a global variable	2022-09-07 15:27:46 -04:00
crp3844	ed5ba18ca7	updated function name	2022-09-07 15:25:52 -04:00
crp3844	892e8548b9	removed old non used code	2022-09-07 15:25:00 -04:00
crp3844	e249901af1	removed extra arguments and encrypt/decrypt section	2022-09-07 15:23:58 -04:00
crp3844	d410ff8aad	removal print of secrets file path	2022-09-07 15:17:02 -04:00
crp3844	d11baaff9c	updated config while loop to work when secrets files is removed	2022-09-07 15:16:14 -04:00
crp3844	de32b4c6e6	added removal of secrets config file if last account is removed	2022-09-07 15:11:25 -04:00
crp3844	7c37b9bb3e	added some spacing on the select account to edit/delete	2022-09-07 15:06:33 -04:00
crp3844	3d60dcdcb2	moved confirmation question into the while loop	2022-09-07 15:05:00 -04:00
crp3844	b2a8ea6f71	updated some logging, added ask for confirmation function, added edit account function	2022-09-07 15:03:12 -04:00
crp3844	248aa408ba	updated selecting account and delete account	2022-09-07 13:44:56 -04:00
crp3844	acbcfa1c1d	fixed adding dict to dict	2022-09-07 11:42:25 -04:00
crp3844	d25282a6fd	updated new account function	2022-09-07 11:37:42 -04:00
crp3844	6ce71bbd61	changed from ini to whole file encryption	2022-09-07 11:33:37 -04:00
crp3844	a4bac299ac	forgot to return the decrypted value with new function	2022-09-07 11:10:23 -04:00
crp3844	70aa686988	removed extra decrypt version finder	2022-09-07 11:07:36 -04:00
crp3844	f22321e226	update getpass calls	2022-09-07 11:05:54 -04:00
crp3844	75dfd0c758	added encrypt and decrypt testing	2022-09-07 11:04:47 -04:00
crp3844	dab4eaa585	added configparser back in to test with	2022-09-07 10:57:41 -04:00
crp3844	f9189ee111	added test decrypt parser	2022-09-07 10:49:14 -04:00
crp3844	8de62c4b5d	forgot ini file	2022-09-07 10:43:05 -04:00
crp3844	a8cb3ca250	added read config file and testing results	2022-09-07 10:42:04 -04:00
crp3844	d684cd0360	switch from a match to if else	2022-09-07 10:32:25 -04:00
crp3844	503e5bce53	updated get account details to only return encryption. updated new account to use the encrypted fields	2022-09-07 10:29:45 -04:00
crp3844	e16cd74e4d	added decryption version functions	2022-09-07 10:26:56 -04:00
crp3844	469c838447	stupid indents	2022-09-07 08:35:05 -04:00
crp3844	710359b324	keeping client open	2022-09-07 08:34:17 -04:00
crp3844	90268494a7	removed old variables	2022-09-07 08:32:42 -04:00
crp3844	142eb62ea4	updated parser and get account details testing of encrypted data	2022-09-07 08:29:43 -04:00
John Gaunt	ae59d4975e	updated logger for console and file	2022-09-06 22:36:35 -04:00
John Gaunt	6ac6337b86	added log file path, adding logger function, updated logger levels	2022-09-06 22:29:39 -04:00
John Gaunt	77d8d51540	added hmac library and removed config options from the client	2022-09-06 22:10:21 -04:00
John Gaunt	3b51a9a065	added base64 library	2022-09-06 21:50:33 -04:00
John Gaunt	71187689a9	added secrets import	2022-09-06 21:49:51 -04:00
John Gaunt	8d77101cc2	added freebsd test cass. updated file paths to be os agnostic	2022-09-06 21:48:03 -04:00
John Gaunt	9fa801908d	added logging, parser, and test client	2022-09-06 20:56:01 -04:00
John Gaunt	171d5617b2	added pykmip functions	2022-09-06 20:50:17 -04:00
John Gaunt	5c7b348b1b	added conf dir with client pykmip sample file	2022-09-06 20:41:47 -04:00
John Gaunt	5958bfdd55	added while loop for top level config menu, updated delete question to standard we are using	2022-09-06 20:39:56 -04:00
John Gaunt	7d9e4fa428	updated gitignore file	2022-09-06 20:38:47 -04:00
crp3844	ea90c0dc97	started work on configuration menu	2022-09-06 17:06:24 -04:00
crp3844	f823711817	lowercased variable names, added function to get account details and write basic config ini file	2022-09-06 15:46:51 -04:00
crp3844	247615d3d1	added sample ini file	2022-09-06 15:21:24 -04:00
crp3844	0cf3109b18	added getpass import	2022-09-06 14:56:41 -04:00
crp3844	de945f6668	added ini format, updated bw linux to correct file, added commnets for ini sections	2022-09-06 14:56:04 -04:00
crp3844	564e5f96bf	reverted windows/linux test logic and added ini parser	2022-09-06 14:07:04 -04:00
crp3844	9add8abcbf	added ini to ignore list	2022-09-06 14:06:31 -04:00
crp3844	fdc92823c7	Started python backup script	2022-09-06 14:03:26 -04:00
crp3844	a113fc49f5	added bw cli for linux	2022-09-06 14:02:53 -04:00
John Gaunt	10da1b57e7	1.22.1 giving same error now, reverted to 2022.8.0	2022-09-05 15:36:48 -04:00
John Gaunt	cefecdfd3b	reverted to 1.22.1 Was getting this error: pkg/prelude/bootstrap.js:1876 throw error; ^ Error: EBADF: bad file descriptor, read ←[90m at Object.readSync (node:fs:727:3)←[39m at Object.readSync (pkg/prelude/bootstrap.js:947:32) at readPayloadSync (pkg/prelude/bootstrap.js:461:13) at payloadCopyManySync (pkg/prelude/bootstrap.js:523:23) at payloadFileSync (pkg/prelude/bootstrap.js:559:3) at Object.internalModuleReadJSON (pkg/prelude/bootstrap.js:1834:10) ←[90m at internalModuleReadJSON (node:internal/modules/package_json_reader:4:68)←[39m ←[90m at Object.read (node:internal/modules/package_json_reader:21:42)←[39m ←[90m at readPackage (node:internal/modules/cjs/loader:296:36)←[39m ←[90m at resolveExports (node:internal/modules/cjs/loader:479:15)←[39m { errno: ←[33m-4083←[39m, syscall: ←[32m'read'←[39m, code: ←[32m'EBADF'←[39m }	2022-09-05 15:05:07 -04:00
John Gaunt	cfc821fa46	updated bw.exe to 2022.8.0	2022-09-04 23:29:36 -04:00
John Gaunt	8beb0a56a9	updated to ignore gpg home	2022-08-07 16:18:10 -04:00
John Gaunt	42ef3870d9	removed shorthand command aliases	2022-06-06 20:38:52 -04:00
John Gaunt	662fc604cd	updated gpg4win portable to 2.3.6	2022-06-06 20:33:55 -04:00
John Gaunt	a793b91bb3	updated bw.exe to 1.22.1	2022-06-06 20:28:10 -04:00
John Gaunt	8c2714a9d6	updated to work with api keys	2022-06-06 20:22:22 -04:00
John Gaunt	e850610128	updated 7za to 21.07	2022-05-07 11:11:39 -04:00
John Gaunt	5db8ed9259	removed all hashed code and self hosted url	2022-02-09 11:01:57 -05:00
John Gaunt	baca57dd2b	added quick notes for restoring attachments	2022-02-09 10:25:58 -05:00
John Gaunt	5f3e7e0c1a	Merge branch '2021Export' of https://git.johnhgaunt.com/jgaunt/bitwardenbackup	2022-01-03 09:28:56 -05:00
John Gaunt	bd2cbc643e	updated bw cli to 1.20.0	2021-12-20 16:44:29 -05:00
John Gaunt	70920467e8	removed file hash check it seems that during a git clone, all the file hashes are changed. removed the check until future notice. Also removing signature file as that is having the same issue as the main script file hash changes and fails to verify	2021-11-26 12:35:12 -05:00
John Gaunt	d406f89835	removed asc from ignore	2021-11-26 12:13:20 -05:00
John Gaunt	2abcdbc50e	updated sig to asc	2021-11-26 12:12:33 -05:00
John Gaunt	8b7b83ee99	detached armor sig	2021-11-26 12:08:25 -05:00
John Gaunt	fcac9fb9b7	Update bitwardenBackup.ps1.sig so the gpg --sign was not detached which is what we want.	2021-11-26 12:06:04 -05:00
John Gaunt	a409873f6b	fixed the signature the signature created with kleopatra would fail outside of the same computer. Using the gpg --sign creates it correctly.	2021-11-26 12:00:35 -05:00
John Gaunt	e2579b4057	problems with the signature on other computers my win11 test computer didn't have any issues verify the sig but my laptop still does.	2021-11-26 11:55:55 -05:00
John Gaunt	4af65b85e4	moved signature to armor	2021-11-26 11:54:02 -05:00
John Gaunt	1bc05527d4	testing the signature	2021-11-26 11:24:25 -05:00
John Gaunt	55b8e792ae	new signature file	2021-11-25 12:49:56 -05:00
John Gaunt	307eaa2a38	minor changes and comments	2021-11-25 12:48:57 -05:00
John Gaunt	5c3b342c88	moved the $bw logout above the remove-variable so it works now. Created new signature	2021-11-25 12:01:43 -05:00
John Gaunt	9e64f093ac	added exit at the bottom and --no-options for gpg	2021-11-25 11:56:07 -05:00
John Gaunt	86e16e64ee	removed the gpg home from the ignore as the files are still hashed and causes errors	2021-11-25 11:52:20 -05:00
John Gaunt	62a82ca818	updated gpg/home dir to ignore list	2021-11-25 11:26:06 -05:00
John Gaunt	541ce541c9	created new signature	2021-11-25 11:15:51 -05:00
John Gaunt	ee513a5e0e	comment	2021-11-25 11:15:20 -05:00
John Gaunt	c9546e3b91	updated hashes to use the compress to save a little bit of space	2021-11-25 11:14:59 -05:00
John Gaunt	3649ca2167	added comments to generate file hashes	2021-11-25 11:12:15 -05:00
John Gaunt	8481a48aa0	updated hashes file path to script path	2021-11-25 11:08:19 -05:00
John Gaunt	1f97bbe182	added comments	2021-11-25 11:07:47 -05:00
jgaunt	fc2d98306a	Update 'README.md'	2021-11-25 10:57:22 -05:00
John Gaunt	ecccbc8226	added file hash check and sig to ensure the store file hashes can be checked	2021-11-25 10:51:11 -05:00
John Gaunt	8cfb8f741b	Merge branch 'master' of https://git.johnhgaunt.com/jgaunt/bitwardenbackup	2021-11-25 10:38:32 -05:00
John Gaunt	1e6f5c37a8	removed adding path of lib folder and did absolute paths in the lib folder	2021-11-25 10:38:13 -05:00
jgaunt	02a247b61b	Update 'README.md'	2021-11-24 13:40:29 -05:00