#89 Detailed control saving generated public/private keys

This commit is contained in:
the-djmaze 2022-01-31 08:30:46 +01:00
parent 76361a13da
commit efabf269c7
5 changed files with 75 additions and 45 deletions

View file

@ -131,8 +131,6 @@ export const OpenPGPUserStore = new class {
keyPair.privateKey keyPair.privateKey
keyPair.publicKey keyPair.publicKey
keyPair.revocationCertificate keyPair.revocationCertificate
keyPair.onServer
keyPair.inGnuPG
*/ */
storeKeyPair(keyPair) { storeKeyPair(keyPair) {
openpgp.readKey({armoredKey:keyPair.publicKey}).then(key => { openpgp.readKey({armoredKey:keyPair.publicKey}).then(key => {
@ -164,6 +162,8 @@ export const OpenPGPUserStore = new class {
return findOpenPGPKey(this.publicKeys, query/*, sign*/); return findOpenPGPKey(this.publicKeys, query/*, sign*/);
} }
decrypt(text, fCallback)
{
/* /*
decryptMessage(message, recipients, fCallback) { decryptMessage(message, recipients, fCallback) {
message = store.openpgp.message.readArmored(armoredMessage); message = store.openpgp.message.readArmored(armoredMessage);
@ -229,11 +229,18 @@ export const OpenPGPUserStore = new class {
fCallback(null, null); fCallback(null, null);
return false;
}
*/ */
}
verifyMessage(message, fCallback) { verify(message, fCallback) {
let text = null;
try {
// TODO: if message.pgpSigned().SigPartId then fetch raw from server
text = openpgp.cleartext.readArmored(message.plain);
} catch (e) {
console.error(e);
}
if (text && text.getText && text.verify) {
if (message && message.getSigningKeyIds) { if (message && message.getSigningKeyIds) {
const signingKeyIds = message.getSigningKeyIds(); const signingKeyIds = message.getSigningKeyIds();
if (signingKeyIds && signingKeyIds.length) { if (signingKeyIds && signingKeyIds.length) {

View file

@ -67,19 +67,6 @@ export const PgpUserStore = new class {
return !!(OpenPGPUserStore.isSupported() || GnuPGUserStore.isSupported() || window.mailvelope); return !!(OpenPGPUserStore.isSupported() || GnuPGUserStore.isSupported() || window.mailvelope);
} }
/**
keyPair.privateKey
keyPair.publicKey
keyPair.revocationCertificate
keyPair.onServer
keyPair.inGnuPG
*/
storeKeyPair(keyPair, callback) {
OpenPGPUserStore.isSupported() && OpenPGPUserStore.storeKeyPair(keyPair);
// if (Settings.capa(Capa.GnuPG)) {
GnuPGUserStore.storeKeyPair(keyPair, callback);
}
/** /**
* Checks if verifying/encrypting a message is possible with given email addresses. * Checks if verifying/encrypting a message is possible with given email addresses.
* Returns the first library that can. * Returns the first library that can.

View file

@ -1,6 +1,8 @@
//import { pInt } from 'Common/Utils'; //import { pInt } from 'Common/Utils';
import { PgpUserStore } from 'Stores/User/Pgp'; import { GnuPGUserStore } from 'Stores/User/GnuPG';
import { OpenPGPUserStore } from 'Stores/User/OpenPGP';
import { IdentityUserStore } from 'Stores/User/Identity'; import { IdentityUserStore } from 'Stores/User/Identity';
import { AbstractViewPopup } from 'Knoin/AbstractViews'; import { AbstractViewPopup } from 'Knoin/AbstractViews';
@ -25,8 +27,11 @@ export class OpenPgpGeneratePopupView extends AbstractViewPopup {
submitRequest: false, submitRequest: false,
submitError: '', submitError: '',
saveGnuPG: true, backupPublicKey: true,
saveServer: true backupPrivateKey: false,
saveGnuPGPublic: true,
saveGnuPGPrivate: false
}); });
this.canGnuPG = Settings.capa(Capa.GnuPG); this.canGnuPG = Settings.capa(Capa.GnuPG);
@ -63,12 +68,23 @@ export class OpenPgpGeneratePopupView extends AbstractViewPopup {
openpgp.generateKey(cfg).then(keyPair => { openpgp.generateKey(cfg).then(keyPair => {
if (keyPair) { if (keyPair) {
keyPair.onServer = this.saveServer() ? 1 : 0; const fn = () => {
keyPair.inGnuPG = this.saveGnuPG() ? 1 : 0;
PgpUserStore.storeKeyPair(keyPair, ()=>{
this.submitRequest(false); this.submitRequest(false);
this.cancelCommand(); this.cancelCommand();
}); };
OpenPGPUserStore.storeKeyPair(keyPair);
keyPair.onServer = (this.backupPublicKey() ? 1 : 0) + (this.backupPrivateKey() ? 2 : 0);
keyPair.inGnuPG = (this.saveGnuPGPublic() ? 1 : 0) + (this.saveGnuPGPrivate() ? 2 : 0);
if (keyPair.onServer || keyPair.inGnuPG) {
if (!this.backupPrivateKey() && !this.saveGnuPGPrivate()) {
delete keyPair.privateKey;
}
GnuPGUserStore.storeKeyPair(keyPair, fn);
} else {
fn();
}
} }
}) })
.catch((e) => { .catch((e) => {

View file

@ -214,30 +214,34 @@ trait Pgp
*/ */
public function DoPgpStoreKeyPair() : array public function DoPgpStoreKeyPair() : array
{ {
$publicKey = $this->GetActionParam('publicKey', '');
$privateKey = $this->GetActionParam('privateKey', '');
$result = [ $result = [
'onServer' => [false, false, false], 'onServer' => [false, false, false],
'inGnuPG' => [false, false, false] 'inGnuPG' => [false, false, false]
]; ];
$publicKey = $this->GetActionParam('publicKey', '');
$privateKey = $this->GetActionParam('privateKey', ''); $onServer = (int) $this->GetActionParam('onServer', 0);
$revocationCertificate = $this->GetActionParam('revocationCertificate', ''); if ($publicKey && $onServer & 1) {
if ($this->GetActionParam('onServer', '')) { $result['onServer'][0] = $this->StorePGPKey($publicKey);
$result['onServer'] = [
$this->StorePGPKey($publicKey),
$this->StorePGPKey($privateKey),
false // $this->StorePGPKey($revocationCertificate)
];
} }
if ($this->GetActionParam('inGnuPG', '')) { if ($privateKey && $onServer & 2) {
$result['onServer'][1] = $this->StorePGPKey($privateKey);
}
$inGnuPG = (int) $this->GetActionParam('inGnuPG', 0);
if ($inGnuPG) {
$GPG = $this->GnuPG(); $GPG = $this->GnuPG();
if ($GPG) { if ($publicKey && $inGnuPG & 1) {
$result['inGnuPG'] = [ $result['inGnuPG'][0] = $GPG->import($publicKey);
$publicKey && $GPG->import($publicKey), }
$privateKey && $GPG->import($privateKey), if ($privateKey && $inGnuPG & 2) {
false // $revocationCertificate && $GPG->import($revocationCertificate) $result['inGnuPG'][1] = $GPG->import($privateKey);
];
} }
} }
// $revocationCertificate = $this->GetActionParam('revocationCertificate', '');
return $this->DefaultResponse(__FUNCTION__, $result); return $this->DefaultResponse(__FUNCTION__, $result);
} }

View file

@ -40,16 +40,32 @@
<div data-bind="component: { <div data-bind="component: {
name: 'Checkbox', name: 'Checkbox',
params: { params: {
label: 'Store (encrypted) on server', label: 'Store public key on server',
value: saveServer value: backupPublicKey
}
}"></div>
<br/>
<div data-bind="component: {
name: 'Checkbox',
params: {
label: 'Backup private key on server',
value: backupPrivateKey
} }
}"></div> }"></div>
<br/> <br/>
<div data-bind="visible: canGnuPG, component: { <div data-bind="visible: canGnuPG, component: {
name: 'Checkbox', name: 'Checkbox',
params: { params: {
label: 'Store on server in GnuPG', label: 'Store public key on server in GnuPG',
value: saveGnuPG value: saveGnuPGPublic
}
}"></div>
<br/>
<div data-bind="visible: canGnuPG, component: {
name: 'Checkbox',
params: {
label: 'Store private key on server in GnuPG',
value: saveGnuPGPrivate
} }
}"></div> }"></div>
</div> </div>