aboutsummaryrefslogtreecommitdiffstats
path: root/lib/crypto
diff options
context:
space:
mode:
authorTim Culverhouse <tim@timculverhouse.com>2022-05-05 12:53:15 -0500
committerRobin Jarry <robin@jarry.cc>2022-05-06 11:02:50 +0200
commit32a16dcd8dc488c1f360553d9d9f6d121af1b367 (patch)
tree3662082ccfc1df962cb4d79aec005359925df367 /lib/crypto
parentbb400c7d88a08bc29fd635486dffbbad10f1835d (diff)
downloadaerc-32a16dcd8dc488c1f360553d9d9f6d121af1b367.tar.gz
pgp: check encryption keys before sending message
Add check for public keys of all message recipients (to, cc, and bcc) before sending the message. Adds an OnFocusLost callback to header editors to facilitate a callback for checking keys whenever a new recipient is added (OnChange results in too many keyring checks). Once encryption is initially set, the callbacks are registered. If a public key is not available for any recipient, encryption is turned off. However, notably, the callbacks are still registered meaning as s soon as the user removes the recipients with missing keys, encryption is turned back on. Signed-off-by: Tim Culverhouse <tim@timculverhouse.com> Tested-by: Koni Marti <koni.marti@gmail.com>
Diffstat (limited to 'lib/crypto')
-rw-r--r--lib/crypto/crypto.go1
-rw-r--r--lib/crypto/gpg/gpg.go4
-rw-r--r--lib/crypto/gpg/gpgbin/keys.go10
-rw-r--r--lib/crypto/pgp/pgp.go8
4 files changed, 23 insertions, 0 deletions
diff --git a/lib/crypto/crypto.go b/lib/crypto/crypto.go
index cab93462..54a20e68 100644
--- a/lib/crypto/crypto.go
+++ b/lib/crypto/crypto.go
@@ -20,6 +20,7 @@ type Provider interface {
Init(*log.Logger) error
Close()
GetSignerKeyId(string) (string, error)
+ GetKeyId(string) (string, error)
}
func New(s string) Provider {
diff --git a/lib/crypto/gpg/gpg.go b/lib/crypto/gpg/gpg.go
index 457788dc..fe32468c 100644
--- a/lib/crypto/gpg/gpg.go
+++ b/lib/crypto/gpg/gpg.go
@@ -55,6 +55,10 @@ func (m *Mail) GetSignerKeyId(s string) (string, error) {
return gpgbin.GetPrivateKeyId(s)
}
+func (m *Mail) GetKeyId(s string) (string, error) {
+ return gpgbin.GetKeyId(s)
+}
+
func handleSignatureError(e string) models.SignatureValidity {
if e == "gpg: missing public key" {
return models.UnknownEntity
diff --git a/lib/crypto/gpg/gpgbin/keys.go b/lib/crypto/gpg/gpgbin/keys.go
index 660ce821..9c8b233f 100644
--- a/lib/crypto/gpg/gpgbin/keys.go
+++ b/lib/crypto/gpg/gpgbin/keys.go
@@ -11,3 +11,13 @@ func GetPrivateKeyId(s string) (string, error) {
}
return id, nil
}
+
+// GetKeyId runs gpg --list-keys s
+func GetKeyId(s string) (string, error) {
+ private := false
+ id := getKeyId(s, private)
+ if id == "" {
+ return "", fmt.Errorf("no public key found")
+ }
+ return id, nil
+}
diff --git a/lib/crypto/pgp/pgp.go b/lib/crypto/pgp/pgp.go
index e0c5671b..f0f3f655 100644
--- a/lib/crypto/pgp/pgp.go
+++ b/lib/crypto/pgp/pgp.go
@@ -263,6 +263,14 @@ func (m *Mail) GetSignerKeyId(s string) (string, error) {
return signerEntity.PrimaryKey.KeyIdString(), nil
}
+func (m *Mail) GetKeyId(s string) (string, error) {
+ entity, err := m.getEntityByEmail(s)
+ if err != nil {
+ return "", err
+ }
+ return entity.PrimaryKey.KeyIdString(), nil
+}
+
func handleSignatureError(e string) models.SignatureValidity {
if e == "openpgp: signature made by unknown entity" {
return models.UnknownEntity