issue #409 all keys treated equally (#3086)

* Dummy commit.

* Remove unused types.

* Remove primary key.

* Rename 'myPrivateKeys' field to 'keysWeNeedPassPhraseFor'.

* Disallow removing the last key.

* Add KeyStore.getAll method.
Refactor KeyStore.get(this.view.acctEmail, ['primary']) usages.

* Refactor the rest of ['primary'] usages.

* Ensure KeyStore.getFirst returns a key or throws an error.

* Refactor KeyStore.get method.

* Rename KeyStore.getFirst to .getFirstOrRenderError.

* Revert KeyStore.getFirst -> getFirstOrRenderError (lots of tests were failing).

* Fix failing 'settings - verify key presense 1pp1' test.

* Fix my key page issue properly.

* Fix `compose - own key expired` failing test.

* Made my_key page fingerprint url param required.

* Make fingerprint URL param required for my_key_update page.

* Fix my_key page issue.

* Refactor my_key page click handler.

* fix key update link when expired

Co-authored-by: Tom J <tom@holub.me>

Author: yantakus

extension/chrome/elements/compose-modules/compose-draft-module.ts

@@ -315,8 +315,9 @@ export class ComposeDraftModule extends ViewModule<ComposeView> {
     } else {
       Xss.sanitizeRender(this.view.S.cached('prompt'), `${promptText}<br><br><a href="#" class="action_close">close</a>`).css({ display: 'block', height: '100%' });
     }
-    this.view.S.cached('prompt').find('a.action_open_passphrase_dialog').click(this.view.setHandler(() => {
-      BrowserMsg.send.passphraseDialog(this.view.parentTabId, { type: 'draft', longids: ['primary'] });
+    this.view.S.cached('prompt').find('a.action_open_passphrase_dialog').click(this.view.setHandler(async () => {
+      const primaryKi = await KeyStore.getFirst(this.view.acctEmail);
+      BrowserMsg.send.passphraseDialog(this.view.parentTabId, { type: 'draft', longids: [primaryKi.longid] });
     }));
     this.view.S.cached('prompt').find('a.action_close').click(this.view.setHandler(() => this.view.renderModule.closeMsg()));
     await this.view.storageModule.whenMasterPassphraseEntered();

extension/chrome/elements/compose-modules/compose-render-module.ts

@@ -198,7 +198,7 @@ export class ComposeRenderModule extends ViewModule<ComposeView> {
       <br><br>I was not able to read your encrypted message because it was encrypted for a wrong key.
       <br><br>My current public key is attached below. Please update your records and send me a new encrypted message.
       <br><br>Thank you</div>`);
-    const [primaryKi] = await KeyStore.get(this.view.acctEmail, ['primary']);
+    const primaryKi = await KeyStore.getFirst(this.view.acctEmail);
     const att = Att.keyinfoAsPubkeyAtt(primaryKi);
     this.view.attsModule.attach.addFile(new File([att.getData()], att.name));
     this.view.sendBtnModule.popover.toggleItemTick($('.action-toggle-encrypt-sending-option'), 'encrypt', false); // don't encrypt

extension/chrome/elements/compose-modules/compose-storage-module.ts

@@ -39,7 +39,7 @@ export class ComposeStorageModule extends ViewModule<ComposeView> {
     let result = await this.view.myPubkeyModule.chooseMyPublicKeyBySenderEmail(keys, senderEmail);
     if (!result) {
       this.view.errModule.debug(`ComposerStorage.getKey: could not find key based on senderEmail: ${senderEmail}, using primary instead`);
-      result = keys.find(ki => ki.primary);
+      result = keys[0];
       Assert.abortAndRenderErrorIfKeyinfoEmpty(result);
     } else {
       this.view.errModule.debug(`ComposerStorage.getKey: found key based on senderEmail: ${senderEmail}`);
@@ -100,7 +100,7 @@ export class ComposeStorageModule extends ViewModule<ComposeView> {
 
   public passphraseGet = async (senderKi?: KeyInfo) => {
     if (!senderKi) {
-      [senderKi] = await KeyStore.get(this.view.acctEmail, ['primary']);
+      senderKi = await KeyStore.getFirst(this.view.acctEmail);
       Assert.abortAndRenderErrorIfKeyinfoEmpty(senderKi);
     }
     return await PassphraseStore.get(this.view.acctEmail, senderKi.fingerprint);

extension/chrome/elements/compose-modules/formatters/encrypted-mail-msg-formatter.ts

@@ -7,7 +7,7 @@ import { BaseMailFormatter } from './base-mail-formatter.js';
 import { ComposerResetBtnTrigger } from '../compose-err-module.js';
 import { Mime, SendableMsgBody } from '../../../../js/common/core/mime.js';
 import { NewMsgData } from '../compose-types.js';
-import { Str, Value } from '../../../../js/common/core/common.js';
+import { Str, Url, Value } from '../../../../js/common/core/common.js';
 import { ApiErr } from '../../../../js/common/api/shared/api-error.js';
 import { Att } from '../../../../js/common/core/att.js';
 import { Buf } from '../../../../js/common/core/buf.js';
@@ -143,8 +143,12 @@ export class EncryptedMsgMailFormatter extends BaseMailFormatter {
       return undefined;
     }
     for (const myKey of pubs.filter(ap => ap.isMine)) {
-      if (await myKey.pubkey.usableButExpired) {
-        const path = chrome.runtime.getURL(`chrome/settings/index.htm?acctEmail=${encodeURIComponent(myKey.email)}&page=%2Fchrome%2Fsettings%2Fmodules%2Fmy_key_update.htm`);
+      if (myKey.pubkey.usableButExpired) {
+        const path = Url.create(chrome.runtime.getURL('chrome/settings/index.htm'), {
+          acctEmail: myKey.email,
+          page: '/chrome/settings/modules/my_key_update.htm',
+          pageUrlParams: JSON.stringify({ fingerprint: myKey.pubkey.id }),
+        });
         const errModalLines = [
           'This message could not be encrypted because your own Private Key is expired.',
           '',

extension/chrome/elements/passphrase.ts

@@ -20,7 +20,7 @@ View.run(class PassphraseView extends View {
   private readonly parentTabId: string;
   private readonly longids: string[];
   private readonly type: string;
-  private myPrivateKeys: KeyInfo[] | undefined;
+  private keysWeNeedPassPhraseFor: KeyInfo[] | undefined;
 
   constructor() {
     super();
@@ -35,7 +35,7 @@ View.run(class PassphraseView extends View {
     Ui.event.protect();
     await initPassphraseToggle(['passphrase']);
     const allPrivateKeys = await KeyStore.get(this.acctEmail);
-    this.myPrivateKeys = allPrivateKeys.filter(ki => this.longids.includes(ki.longid) || (ki.primary && this.longids.includes('primary')));
+    this.keysWeNeedPassPhraseFor = allPrivateKeys.filter(ki => this.longids.includes(ki.longid));
     if (this.type === 'embedded') {
       $('h1').parent().css('display', 'none');
       $('div.separator').css('display', 'none');
@@ -55,12 +55,12 @@ View.run(class PassphraseView extends View {
     $('#passphrase').focus();
     if (allPrivateKeys.length > 1) {
       let html: string;
-      if (this.myPrivateKeys.length === 1) {
-        html = `For key Fingerprint: <span class="good">${Xss.escape(Str.spaced(this.myPrivateKeys[0].fingerprint || ''))}</span>`;
+      if (this.keysWeNeedPassPhraseFor.length === 1) {
+        html = `For key Fingerprint: <span class="good">${Xss.escape(Str.spaced(this.keysWeNeedPassPhraseFor[0].fingerprint || ''))}</span>`;
       } else {
         html = 'Pass phrase needed for any of the following keys:';
-        for (const i of this.myPrivateKeys.keys()) {
-          html += `<div>Fingerprint ${String(i + 1)}: <span class="good">${Xss.escape(Str.spaced(this.myPrivateKeys[i].fingerprint) || '')}</span></div>`;
+        for (const i of this.keysWeNeedPassPhraseFor.keys()) {
+          html += `<div>Fingerprint ${String(i + 1)}: <span class="good">${Xss.escape(Str.spaced(this.keysWeNeedPassPhraseFor[i].fingerprint) || '')}</span></div>`;
         }
       }
       Xss.sanitizeRender('.which_key', html);
@@ -106,7 +106,7 @@ View.run(class PassphraseView extends View {
     const pass = String($('#passphrase').val());
     const storageType: StorageType = $('.forget').prop('checked') ? 'session' : 'local';
     let atLeastOneMatched = false;
-    for (const keyinfo of this.myPrivateKeys!) { // if passphrase matches more keys, it will save the pass phrase for all keys
+    for (const keyinfo of this.keysWeNeedPassPhraseFor!) { // if passphrase matches more keys, it will save the pass phrase for all keys
       const prv = await KeyUtil.parse(keyinfo.private);
       try {
         if (await KeyUtil.decrypt(prv, pass) === true) {

extension/chrome/elements/pgp_block_modules/pgp-block-decrypt-module.ts

@@ -93,7 +93,7 @@ export class PgpBlockViewDecryptModule {
         this.view.renderModule.renderText('Decrypting...');
         await this.decryptAndRender(encryptedData, optionalPwd);
       } else {
-        const [primaryKi] = await KeyStore.get(this.view.acctEmail, ['primary']);
+        const primaryKi = await KeyStore.getFirst(this.view.acctEmail);
         if (!result.longids.chosen && !primaryKi) {
           await this.view.errorModule.renderErr(Lang.pgpBlock.notProperlySetUp + this.view.errorModule.btnHtml('FlowCrypt settings', 'green settings'), undefined);
         } else if (result.error.type === DecryptErrTypes.keyMismatch) {

extension/chrome/settings/index.htm

@@ -159,7 +159,7 @@ <h1 class="text-center">FlowCrypt Settings</h1>
 
       <div class="row settings-icons-rows">
         <div class="col-sm-2 col-xs-6">
-          <a href="#" class="show_settings_page" page="modules/my_key.htm" data-test="action-open-pubkey-page">
+          <a href="#" class="action_open_public_key_page" data-test="action-open-pubkey-page">
             <span class="box">
               <img src="/img/svgs/pub-key-icon.svg" class="pub-key-icon" alt="Your Public Keys">
             </span>

extension/chrome/settings/index.ts

@@ -149,6 +149,11 @@ View.run(class SettingsView extends View {
         Catch.report(`Unknown target page in element: ${target.outerHTML}`);
       }
     }));
+    $('.action_open_public_key_page').click(this.setHandler(async target => {
+      const ki = await KeyStore.getFirst(this.acctEmail!);
+      const escapedFp = Xss.escape(ki.fingerprint);
+      await Settings.renderSubPage(this.acctEmail!, this.tabId, 'modules/my_key.htm', `&fingerprint=${escapedFp}`);
+    }));
     $('.action_show_encrypted_inbox').click(this.setHandler(target => {
       window.location.href = Url.create('/chrome/settings/inbox/inbox.htm', { acctEmail: this.acctEmail! });
     }));
@@ -425,18 +430,16 @@ View.run(class SettingsView extends View {
       const created = new Date(prv.created);
       const date = Str.monthName(created.getMonth()) + ' ' + created.getDate() + ', ' + created.getFullYear();
       const escapedFp = Xss.escape(ki.fingerprint);
-      let escapedPrimaryOrRm = '';
-      if (ki.primary) {
-        escapedPrimaryOrRm = '(primary)';
-      } else if (canRemoveKey) {
-        escapedPrimaryOrRm = `(<a href="#" class="action_remove_key" data-test="action-remove-key" fingerprint="${escapedFp}">remove</a>)`;
+      let removeKeyBtn = '';
+      if (canRemoveKey && privateKeys.length > 1) {
+        removeKeyBtn = `(<a href="#" class="action_remove_key" data-test="action-remove-key" fingerprint="${escapedFp}">remove</a>)`;
       }
       const escapedEmail = Xss.escape(prv.emails[0] || '');
       const escapedLink = `<a href="#" data-test="action-show-key-${i}" class="action_show_key" page="modules/my_key.htm" addurltext="&fingerprint=${escapedFp}">${escapedEmail}</a>`;
       const fpHtml = `fingerprint:&nbsp;<span class="good">${Str.spaced(escapedFp)}</span>`;
       const space = `&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;`;
       html += `<div class="row key-content-row key_${escapedFp}">`;
-      html += `  <div class="col-sm-12">${escapedLink} from ${Xss.escape(date)}${space}${fpHtml}${space}${escapedPrimaryOrRm}</div>`;
+      html += `  <div class="col-sm-12">${escapedLink} from ${Xss.escape(date)}${space}${fpHtml}${space}${removeKeyBtn}</div>`;
       html += `</div>`;
     }
     Xss.sanitizeAppend('.key_list', html);

extension/chrome/settings/modules/backup-automatic-module.ts

@@ -25,7 +25,7 @@ export class BackupAutomaticModule extends ViewModule<BackupView> {
   }
 
   private setupCreateSimpleAutomaticInboxBackup = async () => {
-    const [primaryKi] = await KeyStore.get(this.view.acctEmail, ['primary']);
+    const primaryKi = await KeyStore.getFirst(this.view.acctEmail);
     if (!(await KeyUtil.parse(primaryKi.private)).fullyEncrypted) {
       await Ui.modal.warning('Key not protected with a pass phrase, skipping');
       throw new UnreportableError('Key not protected with a pass phrase, skipping');

extension/chrome/settings/modules/backup-manual-module.ts

@@ -61,7 +61,7 @@ export class BackupManualActionModule extends ViewModule<BackupView> {
 
   private actionManualBackupHandler = async () => {
     const selected = $('input[type=radio][name=input_backup_choice]:checked').val();
-    const [primaryKi] = await KeyStore.get(this.view.acctEmail, ['primary']);
+    const primaryKi = await KeyStore.getFirst(this.view.acctEmail);
     Assert.abortAndRenderErrorIfKeyinfoEmpty(primaryKi);
     if (! await this.isPrivateKeyEncrypted(primaryKi)) {
       await Ui.modal.error('Sorry, cannot back up private key because it\'s not protected with a pass phrase.');