Commit 80ecfe9a authored by Ingo Klöcker's avatar Ingo Klöcker
Browse files

Import only user IDs matching address used for WKD lookup

When importing the keys retrieved with a WKD lookup, set an import filter
which filters out all user IDs that do not match the address that was
used for the WKD lookup. gpg does the same when importing keys via WKD.
This prevents the import of "forged" keys and user IDs distributed via WKD.

GnuPG-bug-id: 5334
parent 8cd62600
......@@ -110,6 +110,7 @@ if (QGpgme_VERSION VERSION_GREATER_EQUAL "1.16.1")
set(QGPGME_SUPPORTS_CHANGING_EXPIRATION_OF_COMPLETE_KEY 1)
set(QGPGME_CRYPTOCONFIGENTRY_HAS_DEFAULT_VALUE 1)
set(QGPGME_SUPPORTS_WKDLOOKUP 1)
set(QGPGME_SUPPORTS_IMPORT_WITH_FILTER 1)
endif()
# Kdepimlibs packages
......
......@@ -41,3 +41,6 @@
/* Defined if QGpgME supports WKD lookup */
#cmakedefine QGPGME_SUPPORTS_WKDLOOKUP 1
/* Defined if QGpgME supports specifying an import filter when importing keys */
#cmakedefine QGPGME_SUPPORTS_IMPORT_WITH_FILTER 1
......@@ -675,7 +675,7 @@ static std::unique_ptr<ImportJob> get_import_job(GpgME::Protocol protocol)
}
}
void ImportCertificatesCommand::Private::startImport(GpgME::Protocol protocol, const QByteArray &data, const QString &id)
void ImportCertificatesCommand::Private::startImport(GpgME::Protocol protocol, const QByteArray &data, const QString &id, const ImportOptions &options)
{
Q_ASSERT(protocol != UnknownProtocol);
......@@ -699,6 +699,10 @@ void ImportCertificatesCommand::Private::startImport(GpgME::Protocol protocol, c
q, SLOT(importResult(GpgME::ImportResult)));
connect(job.get(), &Job::progress,
q, &Command::progress);
#ifdef QGPGME_SUPPORTS_IMPORT_WITH_FILTER
job->setImportFilter(options.importFilter);
#endif
const GpgME::Error err = job->start(data);
if (err.code()) {
importResult({id, protocol, ImportType::Local, ImportResult{err}});
......
......@@ -77,6 +77,11 @@ struct ImportedGroup
Status status;
};
struct ImportOptions
{
QString importFilter;
};
class Kleo::ImportCertificatesCommand::Private : public Command::Private
{
friend class ::Kleo::ImportCertificatesCommand;
......@@ -91,7 +96,7 @@ public:
void setWaitForMoreJobs(bool waiting);
void startImport(GpgME::Protocol proto, const QByteArray &data, const QString &id = QString());
void startImport(GpgME::Protocol proto, const QByteArray &data, const QString &id = QString(), const ImportOptions &options = {});
void startImport(GpgME::Protocol proto, const std::vector<GpgME::Key> &keys, const QString &id = QString());
void importResult(const GpgME::ImportResult &);
void importResult(const ImportResultData &result);
......
......@@ -270,6 +270,11 @@ void LookupCertificatesCommand::Private::createDialog()
q, SLOT(slotDialogRejected()));
}
static auto searchTextToEmailAddress(const QString &s)
{
return QString::fromStdString(UserID::addrSpecFromString(s.toStdString().c_str()));
}
void LookupCertificatesCommand::Private::slotSearchTextChanged(const QString &str)
{
// pressing return might trigger both search and dialog destruction (search focused and default key set)
......@@ -296,7 +301,7 @@ void LookupCertificatesCommand::Private::slotSearchTextChanged(const QString &st
} else {
startKeyListJob(OpenPGP, str);
#ifdef QGPGME_SUPPORTS_WKDLOOKUP
if (str.contains(QLatin1Char{'@'})) {
if (str.contains(QLatin1Char{'@'}) && !searchTextToEmailAddress(str).isEmpty()) {
startWKDLookupJob(str);
}
#endif
......@@ -457,7 +462,9 @@ void LookupCertificatesCommand::Private::slotImportRequested(const std::vector<K
setWaitForMoreJobs(true);
if (!wkdKeys.empty()) {
startImport(OpenPGP, keyListing.wkdKeyData, keyListing.wkdSource);
// set an import filter, so that only user IDs matching the email address used for the WKD lookup are imported
const QString importFilter = QLatin1String{"keep-uid=mbox = "} + searchTextToEmailAddress(keyListing.pattern);
startImport(OpenPGP, keyListing.wkdKeyData, keyListing.wkdSource, {importFilter});
}
if (!pgp.empty()) {
startImport(OpenPGP, pgp,
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment