Permit empty passphrase for key by default

As this change might be controversial we both check if "enforce-passphrase-constraints" is set in the GnuPG backend and make this option configurable in kleopatrarc. For most people a passphrase on a key is not really required since the endpoint is either fully compromised, in which case a keylogger can obtain the passphrase or the local storage is secure. The wording "encrypt key with an unrecoverable passphrase" should also further clarify what happens when a passphrase is entered. GnuPG-Bug-Id: T5181 GnuPG-Bug-Id: T3724 GnuPG-Bug-Id: T4346

Permit empty passphrase for key by default
As this change might be controversial we both check if "enforce-passphrase-constraints" is set in the GnuPG backend and make this option configurable in kleopatrarc. For most people a passphrase on a key is not really required since the endpoint is either fully compromised, in which case a keylogger can obtain the passphrase or the local storage is secure. The wording "encrypt key with an unrecoverable passphrase" should also further clarify what happens when a passphrase is entered. GnuPG-Bug-Id: T5181 GnuPG-Bug-Id: T3724 GnuPG-Bug-Id: T4346
af653224 · Andre Heinecke · 536ed695 · af653224 · af653224
Verified Commit af653224 authored Dec 16, 2020 by Andre Heinecke
Showing with 47 additions and 0 deletions

src/newcertificatewizard/enterdetailspage.ui src/newcertificatewizard/enterdetailspage.ui +10 -0

src/newcertificatewizard/newcertificatewizard.cpp src/newcertificatewizard/newcertificatewizard.cpp +37 -0

No files found.
--- a/src/newcertificatewizard/enterdetailspage.ui
+++ b/src/newcertificatewizard/enterdetailspage.ui
@@ -44,6 +44,16 @@
       </property>
      </widget>
     </item>
+     <item row="2" column="1" colspan="2">
+      <widget class="QCheckBox" name="withPassCB">
+       <property name="text" >
+        <string>Protect the generated key with a passphrase.</string>
+       </property>
+       <property name="toolTip" >
+        <string>Encrypts the secret key with an unrecoverable passphrase. You will be asked for the passphrase during key generation.</string>
+       </property>
+      </widget>
+     </item>
    </layout>
   </item>
   <item>

--- a/src/newcertificatewizard/newcertificatewizard.cpp
+++ b/src/newcertificatewizard/newcertificatewizard.cpp
@@ -43,6 +43,7 @@
 #include <gpgme++/global.h>
 #include <gpgme++/keygenerationresult.h>
 #include <gpgme++/context.h>
+#include <gpgme++/interfaces/passphraseprovider.h>

 #include <KConfigGroup>
 #include <KLocalizedString>
@@ -102,6 +103,16 @@ static const QStringList curveNames {
    { QStringLiteral("NIST P-521") },
 };

+class EmptyPassphraseProvider: public PassphraseProvider
+{
+public:
+    char *getPassphrase(const char * /*useridHint*/, const char * /*description*/,
+                        bool /*previousWasBad*/, bool &/*canceled*/) Q_DECL_OVERRIDE
+    {
+        return gpgrt_strdup ("");
+    }
+};
+
 static void set_tab_order(const QList<QWidget *> &wl)
 {
    kdtools::for_each_adjacent_pair(wl.begin(), wl.end(), &QWidget::setTabOrder);
@@ -361,6 +372,7 @@ protected:
    FIELD(QString, name)
    FIELD(QString, email)
    FIELD(QString, dn)
+    FIELD(bool, protectedKey)

    FIELD(Subkey::PubkeyAlgo, keyType)
    FIELD(int, keyStrength)
@@ -775,9 +787,28 @@ public:
        registerField(QStringLiteral("dn"), ui.resultLE);
        registerField(QStringLiteral("name"), ui.nameLE);
        registerField(QStringLiteral("email"), ui.emailLE);
+        registerField(QStringLiteral("protectedKey"), ui.withPassCB);
        updateForm();
        setCommitPage(true);
        setButtonText(QWizard::CommitButton, i18nc("@action", "Create"));
+
+        const auto conf = QGpgME::cryptoConfig();
+        if (!conf) {
+            qCWarning(KLEOPATRA_LOG) << "Failed to obtain cryptoConfig.";
+            return;
+        }
+        const auto entry = conf->entry(QStringLiteral("gpg-agent"),
+                                   QStringLiteral("Passphrase policy"),
+                                   QStringLiteral("enforce-passphrase-constraints"));
+        if (entry && entry->boolValue()) {
+            qCDebug(KLEOPATRA_LOG) << "Disabling passphrace cb because of agent config.";
+            ui.withPassCB->setEnabled(false);
+            ui.withPassCB->setChecked(true);
+        } else {
+            const KConfigGroup config(KSharedConfig::openConfig(), "CertificateCreationWizard");
+            ui.withPassCB->setChecked(config.readEntry("WithPassphrase", false));
+            ui.withPassCB->setEnabled(!config.isEntryImmutable("WithPassphrase"));
+        }
    }

    bool isComplete() const override;
@@ -845,6 +876,11 @@ private:
        if (!j) {
            return;
        }
+        if (!protectedKey ()) {
+            auto ctx = QGpgME::Job::context(j);
+            ctx->setPassphraseProvider(&mEmptyPWProvider);
+            ctx->setPinentryMode(Context::PinentryLoopback);
+        }
        connect(j, &QGpgME::KeyGenerationJob::result,
                this, &KeyCreationPage::slotResult);
        if (const Error err = j->start(createGnupgKeyParms()))
@@ -857,6 +893,7 @@ private:
    QStringList keyUsages() const;
    QStringList subkeyUsages() const;
    QString createGnupgKeyParms() const;
+    EmptyPassphraseProvider mEmptyPWProvider;

 private Q_SLOTS:
    void slotResult(const GpgME::KeyGenerationResult &result, const QByteArray &request, const QString &auditLog)