diff options
author | Tim Culverhouse <tim@timculverhouse.com> | 2022-05-05 12:53:15 -0500 |
---|---|---|
committer | Robin Jarry <robin@jarry.cc> | 2022-05-06 11:02:50 +0200 |
commit | 32a16dcd8dc488c1f360553d9d9f6d121af1b367 (patch) | |
tree | 3662082ccfc1df962cb4d79aec005359925df367 /lib/crypto | |
parent | bb400c7d88a08bc29fd635486dffbbad10f1835d (diff) | |
download | aerc-32a16dcd8dc488c1f360553d9d9f6d121af1b367.tar.gz |
pgp: check encryption keys before sending message
Add check for public keys of all message recipients (to, cc, and bcc)
before sending the message. Adds an OnFocusLost callback to header
editors to facilitate a callback for checking keys whenever a new
recipient is added (OnChange results in too many keyring checks).
Once encryption is initially set, the callbacks are registered. If a
public key is not available for any recipient, encryption is turned off.
However, notably, the callbacks are still registered meaning as s soon
as the user removes the recipients with missing keys, encryption is
turned back on.
Signed-off-by: Tim Culverhouse <tim@timculverhouse.com>
Tested-by: Koni Marti <koni.marti@gmail.com>
Diffstat (limited to 'lib/crypto')
-rw-r--r-- | lib/crypto/crypto.go | 1 | ||||
-rw-r--r-- | lib/crypto/gpg/gpg.go | 4 | ||||
-rw-r--r-- | lib/crypto/gpg/gpgbin/keys.go | 10 | ||||
-rw-r--r-- | lib/crypto/pgp/pgp.go | 8 |
4 files changed, 23 insertions, 0 deletions
diff --git a/lib/crypto/crypto.go b/lib/crypto/crypto.go index cab93462..54a20e68 100644 --- a/lib/crypto/crypto.go +++ b/lib/crypto/crypto.go @@ -20,6 +20,7 @@ type Provider interface { Init(*log.Logger) error Close() GetSignerKeyId(string) (string, error) + GetKeyId(string) (string, error) } func New(s string) Provider { diff --git a/lib/crypto/gpg/gpg.go b/lib/crypto/gpg/gpg.go index 457788dc..fe32468c 100644 --- a/lib/crypto/gpg/gpg.go +++ b/lib/crypto/gpg/gpg.go @@ -55,6 +55,10 @@ func (m *Mail) GetSignerKeyId(s string) (string, error) { return gpgbin.GetPrivateKeyId(s) } +func (m *Mail) GetKeyId(s string) (string, error) { + return gpgbin.GetKeyId(s) +} + func handleSignatureError(e string) models.SignatureValidity { if e == "gpg: missing public key" { return models.UnknownEntity diff --git a/lib/crypto/gpg/gpgbin/keys.go b/lib/crypto/gpg/gpgbin/keys.go index 660ce821..9c8b233f 100644 --- a/lib/crypto/gpg/gpgbin/keys.go +++ b/lib/crypto/gpg/gpgbin/keys.go @@ -11,3 +11,13 @@ func GetPrivateKeyId(s string) (string, error) { } return id, nil } + +// GetKeyId runs gpg --list-keys s +func GetKeyId(s string) (string, error) { + private := false + id := getKeyId(s, private) + if id == "" { + return "", fmt.Errorf("no public key found") + } + return id, nil +} diff --git a/lib/crypto/pgp/pgp.go b/lib/crypto/pgp/pgp.go index e0c5671b..f0f3f655 100644 --- a/lib/crypto/pgp/pgp.go +++ b/lib/crypto/pgp/pgp.go @@ -263,6 +263,14 @@ func (m *Mail) GetSignerKeyId(s string) (string, error) { return signerEntity.PrimaryKey.KeyIdString(), nil } +func (m *Mail) GetKeyId(s string) (string, error) { + entity, err := m.getEntityByEmail(s) + if err != nil { + return "", err + } + return entity.PrimaryKey.KeyIdString(), nil +} + func handleSignatureError(e string) models.SignatureValidity { if e == "openpgp: signature made by unknown entity" { return models.UnknownEntity |