Add pass store signing key feature #634
Conversation
|
I added a simple migration for the old profile settings, so old profiles are not lost anymore. |
|
There is still the issue with the translation files. If i add those files, #606 would essentially be reverted. Adding only those hunks with the needed changes for all translation files would be very tedious. Can I prevent, that the header files are added as location filenames? How should I proceed? |
|
I mean those lines, that got added again: M localization/localization_af_ZA.ts
@@ -5,32 +5,39 @@
<name>ConfigDialog</name>
<message>
<location filename="../src/configdialog.ui" line="20"/>
+ <location filename="../src/ui_configdialog.h" line="860"/>
<source>Configuration</source>
<translation>Konfigurasie</translation>
</message>
[...] |
|
Ii also added native gpg/git functions to implement both signature verification and the signing of gpgid file. |
1. harmoized path separators in Pass::getGpgIdPath() as the pass store path couldn't match with the gpgIdDir because of trailing backslashes so two absolute paths were concatenated, leading to checkmarks not set properly in usersdialog.cpp, for example. 2. added an optional \r in regex of ImitatePass::verifyGpgIdFile() to comply with Windows \r\n linebreaks as QRegularExpression::MultilineOption won't honor \r as part of a line separator.
|
We had some testing on Windows and stumbled upon two issues (the first one was kind of inherited and I'd recommend a more general code review to avoind mixing qt-internal and native path separators). This is what I did:
|
Reason
The pass store signing key feature would enhance the security of qtpass/pass when used by teams. Teams need fine-grained control over the
.gpg-iduser lists of subpaths/stores, but they also have to be able to verify the.gpg-iduser lists to prevent accidental/malicious privilege escalation. By setting thePASSWORD_STORE_SIGNING_KEYenvvar to a trusted team signing key id, password admins can provide prepared and signed.gpg-id[.sig]files and team members can easily enable the verification by configuring the new signing key id in the corresponding profile. If the verification fails, the errorSignature for [...]/.gpg-id is invalid.is visible and further actions are prevented. This PR would fix #624, see further discussion there.Changes
Adds the pass store signing key feature by
QStringtoQHash<QString, QString>in order to be able to representmore key/value pairs for one profile (
profile['path'],profile['signingKey'])QHash<QString, QString>toQHash<QString, QHash<QString, QString>>in order to store the new data structure
key/values for one profile (
profile/NAME/path,profile/NAME/signingKey)passSigningKeyfor the current value of the profileupdateEnv()(adding/updating the envvarPASSWORD_STORE_SIGNING_KEYto the value from thepassSigningKeysetting or removing the envvar,if the
passSigningKeysetting is empty)README.mdNotes
Unfortunately the change of profile(s) data structure results in an empty profile list on upgrade, so this PR mightbe considered a breaking change (consider this, if you want to test this PR with your real qtpass configuration). But to introduce another parallel data structure would have been awkward/messy
and this way in the future it is easy to add further key/value pairs for profiles as needed.
This ispassonly. Using git/gpg would be possible, but quite more time-consumingqmake, all translation file items included additional location filenames for header files../src/*.h. I saw Translation cleanup #606,but I have no idea, why this happened again and I'm unsure how to proceed, as some line number references
need to be updated