Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix setup dialog offering revoked key (#2142) #2145

Merged
merged 5 commits into from Sep 25, 2018

Conversation

JackDca
Copy link
Contributor

@JackDca JackDca commented Sep 24, 2018

This PR adds screening of the existing keys that are considered to be listed in the Add Account-Create a new Account-Security and Privacy-Encryption pull down list, so that disabled, revoked and expired keys are excluded, fixing #2142.

  • In mailpile.crypto.gpgi.GnuPGRecordParser._parse_keydata() a boolean attribute "expired" is added and set to True IFF the "e" flag is present in the "validity" field.
  • In mailpile.crypto.gpgi.GnuPG.list_secret_keys() the "expired" attribute is added to the attributes that are copied to the parsed output of the gpg --list-secret-keys command, from the parsed output of the gog --list-keys command. This coying is a workaround for a problem with gpg version < 2.1 in which the --list-secret-keys command does not display all the needed validity information. It is unnecessary for gpg version >= 2.1.18.
  • In mailpile.plugins.crypto_gnupg.GPGKeyListSecret, an option --usable is added to the crypto/gpg/keylist/secret command, which causes disabled, revoked and expired keys to be omitted from the command results.
  • In shared-data/default-theme/html/profiles/account-form.html, the --usable option is added to the call to crypto/gpg/keylist/secret.

Note: The crypto/gpg/keylist/secret command SYNOPSIS formerly listed an argument "address" but that argument was not actually implemented. This may be because it is easier to implement the screening of the key User IDs for the correct email address in account-form.html than to pass the email address from the html interface back to the crypto/gpg/keylist/secret command.

This has been tested on the current Mailpile master, on Debian stretch, using gpg 2.1.18, with a set of test keys including disabled, revoked and expired keys.

@BjarniRunar
Copy link
Member

This looks great! Thank you!

@BjarniRunar BjarniRunar merged commit 8e04801 into mailpile:master Sep 25, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants