From 608ccbc1bb72440254c641a0b88eb535696f5be2 Mon Sep 17 00:00:00 2001 From: SET Date: Wed, 25 Nov 2020 22:03:12 +0100 Subject: [PATCH] Generate key data before download is requested. Once ExportKeyStreamResource::handleRequest is entered, a 'Save As' dialog will be opened by the browser, even if key data is empty. This may happen if passphrase is wrong. If key data is generated before the download is actually requested, we can check if there is anything to push to browser and prevent the download request. --- KeyringIO.cpp | 70 +++++++++++++++++++++--------------------- KeyringIO.h | 15 ++++----- WTAPPROOT/K7/K7.xml | 1 + WTAPPROOT/K7/K7_fr.xml | 3 +- 4 files changed, 44 insertions(+), 45 deletions(-) diff --git a/KeyringIO.cpp b/KeyringIO.cpp index 4d05b82..a11342b 100644 --- a/KeyringIO.cpp +++ b/KeyringIO.cpp @@ -281,10 +281,20 @@ void KeyringIO::PrepareExport(const WString& fpr, bool isSecret) } else { + string keyData; + Error e; + GpgMEWorker gpgw; + e = gpgw.ExportPublicKey(fpr.toUTF8().c_str(), keyData); + if (e.code() != 0) + { + m_tmwMessage->SetText(e.asString()); + LGE(e); + return; + } WLink link; shared_ptr shResource = make_shared - (fpr, isSecret, "appliation/pgp-keys", m_tmwMessage); + (keyData, fpr, "application/pgp-keys", m_tmwMessage); link.setResource(shResource); m_btnExport->setLink(link); } @@ -297,48 +307,55 @@ void KeyringIO::OnPreExportSecretKey(const WString& fpr) { // On preExport button of popup WLink link; + /* + * Private keys can be exported as from GPGME 1.15.0. + */ + string keyData; + Error e; GpgMEWorker gpgw; - Error e = gpgw.CheckPassphrase(fpr.toUTF8().c_str(), - m_popupExportSecretKey->GetPassphrase()); + e = gpgw.ExportPrivateKey(fpr.toUTF8().c_str(), keyData, + m_popupExportSecretKey->GetPassphrase()); + // With bad passphrase, e.code() is still 0. if (e.code() != 0) { m_tmwMessage->SetText(e.asString()); - m_popupExportSecretKey->GetApplyButton()->setLink(link); - m_popupExportSecretKey->GetApplyButton()->disable(); LGE(e); return; } - + // But keyData.size() is 0. + if (keyData.size() == 0) + { + m_tmwMessage->SetText(TR("NoKeyData")); + m_popupExportSecretKey->GetApplyButton()->setLink(link); + m_popupExportSecretKey->GetApplyButton()->disable(); + return; + } shared_ptr shResource = make_shared - (fpr, true, "appliation/pgp-keys", m_tmwMessage); + (keyData, fpr, "application/pgp-keys", m_tmwMessage); link.setResource(shResource); - shResource->SetPassphrase(m_popupExportSecretKey->GetPassphrase()); m_popupExportSecretKey->GetApplyButton()->setLink(link); m_popupExportSecretKey->GetApplyButton()->enable(); - } -ExportKeyStreamResource::ExportKeyStreamResource(const WString& fpr, - bool isSecret, +ExportKeyStreamResource::ExportKeyStreamResource(const string& keyData, + const WString& fpr, TransientMessageWidget * tmw) : WStreamResource() { m_fpr = fpr; - m_isSecret = isSecret; - m_passphrase = WString::Empty; + m_keyData = keyData; m_tmwMessage = tmw; } -ExportKeyStreamResource::ExportKeyStreamResource(const WString& fpr, - bool isSecret, +ExportKeyStreamResource::ExportKeyStreamResource(const string& keyData, + const WString& fpr, const string& mimeType, TransientMessageWidget * tmw) : WStreamResource(mimeType) { m_fpr = fpr; - m_isSecret = isSecret; - m_passphrase = WString::Empty; + m_keyData = keyData; m_tmwMessage = tmw; } @@ -350,25 +367,8 @@ ExportKeyStreamResource::~ExportKeyStreamResource() void ExportKeyStreamResource::handleRequest(const Http::Request& request, Http::Response& response) { - /* - * Private keys can be exported as from GPGME 1.15.0. - */ - - string buffer; - Error e; - GpgMEWorker gpgw; - e = m_isSecret - ? gpgw.ExportPrivateKey(m_fpr.toUTF8().c_str(), buffer, - m_passphrase.toUTF8()) - : gpgw.ExportPublicKey(m_fpr.toUTF8().c_str(), buffer); - if (e.code() != 0) - { - m_tmwMessage->SetText(e.asString()); - LGE(e); - return; - } suggestFileName(m_fpr + WString(".asc"), ContentDisposition::Attachment); - istrstream bufStream(buffer.c_str()); + istrstream bufStream(m_keyData.c_str()); handleRequestPiecewise(request, response, bufStream); } diff --git a/KeyringIO.h b/KeyringIO.h index 895425b..5833167 100644 --- a/KeyringIO.h +++ b/KeyringIO.h @@ -53,7 +53,7 @@ private: WPushButton * m_btnCreate; WPushButton * m_btnExport; WLineEdit * m_leSearch; - + // Used to disconnect m_btnExport from previous slot. Signals::connection m_exportSecretConnection; @@ -122,9 +122,11 @@ private: class ExportKeyStreamResource : public WStreamResource { public: - ExportKeyStreamResource(const WString& fpr, bool isSecret, + ExportKeyStreamResource(const string& keyData, + const WString& fpr, TransientMessageWidget * tmw); - ExportKeyStreamResource(const WString& fpr, bool isSecret, + ExportKeyStreamResource(const string& keyData, + const WString& fpr, const string& mimeType, TransientMessageWidget * tmw); virtual ~ExportKeyStreamResource(); @@ -135,15 +137,10 @@ public: */ void handleRequest(const Http::Request& request, Http::Response& response) override; - void SetPassphrase(const WString& passphrase) - { - m_passphrase = passphrase; - } private: WString m_fpr; - bool m_isSecret; - WString m_passphrase; + string m_keyData; TransientMessageWidget * m_tmwMessage; }; diff --git a/WTAPPROOT/K7/K7.xml b/WTAPPROOT/K7/K7.xml index d45a11e..b999a20 100644 --- a/WTAPPROOT/K7/K7.xml +++ b/WTAPPROOT/K7/K7.xml @@ -136,6 +136,7 @@ Prepare download link Export secret key Requires GPGME >= 1.15.0 + No data Add an identity Revoke identity diff --git a/WTAPPROOT/K7/K7_fr.xml b/WTAPPROOT/K7/K7_fr.xml index 6daa06f..d9fcb07 100644 --- a/WTAPPROOT/K7/K7_fr.xml +++ b/WTAPPROOT/K7/K7_fr.xml @@ -134,8 +134,9 @@ Exporter Préparer le téléchargement - Exporter la secrète + Exporter la clé secrète Requiert GPGME >= 1.15.0 + Aucune donnée Ajouter une identité Revoquer une identité