mirror of
https://github.com/overcuriousity/trace.git
synced 2025-12-20 13:02:21 +00:00
96309319b9
This commit adds comprehensive GPG signature verification functionality and a first-run setup wizard for configuring GPG signing: **GPG Verification Features:** - Added `Crypto.verify_signature()` to verify GPG clearsigned messages - Added `Crypto.is_gpg_available()` to detect GPG installation - Added `Note.verify_signature()` method to verify note signatures - Verification returns status (verified/failed/unsigned) and signer info **TUI Enhancements:** - Display verification symbols in note lists: ✓ (verified), ✗ (failed), ? (unsigned) - Updated note detail view to show verification status with signer information - Added 'v' key binding in note detail view to trigger verification dialog - Verification dialog shows detailed status and helpful error messages **First-Run Wizard:** - Created `gpg_wizard.py` module with interactive setup wizard - Wizard runs on first application startup (when settings.json doesn't exist) - Detects GPG availability and informs user if not installed - Lists available secret keys and allows user to select signing key - Gracefully handles missing GPG or no available keys - Settings can be manually edited later via ~/.trace/settings.json **Implementation Details:** - GPG key ID is now stored in settings as `gpg_key_id` - All note displays show verification status for better chain-of-custody - External verification possible via standard GPG tools on exported notes - Follows existing codebase patterns (atomic writes, graceful degradation) Files modified: - trace/crypto.py: Added verification and availability check functions - trace/models/__init__.py: Added Note.verify_signature() method - trace/gpg_wizard.py: New first-run setup wizard module - trace/cli.py: Integrated wizard before TUI launch - trace/tui_app.py: Added verification display and dialog