Commit 6b0fcf64 authored by Sandro Knauß's avatar Sandro Knauß 🐝
Browse files

Add CryptoWarnOwnKeys NearExpiry treshold.

parent 7248a268
# SPDX-License-Identifier: CC0-1.0
# SPDX-FileCopyrightText: none
cmake_minimum_required(VERSION 3.16 FATAL_ERROR)
set(PIM_VERSION "5.21.43")
set(PIM_VERSION "5.21.44")
project(Messagelib VERSION ${PIM_VERSION})
......
......@@ -43,7 +43,7 @@ void KeyResolverTest::cleanup()
void KeyResolverTest::testAutocrypt()
{
const std::vector<GpgME::Key> &keys = Test::getKeys();
NearExpiryChecker::Ptr nearExpiryChecker(new NearExpiryChecker(0, 0, 0, 0, 0, 0));
NearExpiryChecker::Ptr nearExpiryChecker(new NearExpiryChecker(0, 0, 0, 0, 0, 0, 0, 0));
KeyResolver keyResolver(true, false, true, Kleo::OpenPGPMIMEFormat, nearExpiryChecker);
keyResolver.setAkonadiLookupEnabled(false);
......
......@@ -92,7 +92,7 @@ private Q_SLOTS:
QFETCH(GpgME::Key, key);
QFETCH(int, difftime);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1, 1, 1);
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
checker.d->testMode = true;
checker.d->difftime = difftime;
......@@ -144,7 +144,7 @@ private Q_SLOTS:
QFETCH(QString, msgOwnKey);
QFETCH(QString, msgOwnSigningKey);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = -1;
{
......@@ -222,11 +222,14 @@ private Q_SLOTS:
QFETCH(QString, msgOwnSigningKey);
{
NearExpiryChecker checker(10, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 10, 1, 1, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
//Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
QCOMPARE(arguments.at(0).value<GpgME::Key>().keyID(), key.keyID());
......@@ -234,11 +237,14 @@ private Q_SLOTS:
QCOMPARE(arguments.at(2).value<NearExpiryChecker::ExpiryInformation>(), NearExpiryChecker::OtherKeyNearExpiry);
}
{
NearExpiryChecker checker(10, 1, 1, 1, 1, 1);
NearExpiryChecker checker(10, 1, 1, 1, 1, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
// Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
QCOMPARE(arguments.at(0).value<GpgME::Key>().keyID(), key.keyID());
......@@ -246,10 +252,13 @@ private Q_SLOTS:
QCOMPARE(arguments.at(2).value<NearExpiryChecker::ExpiryInformation>(), NearExpiryChecker::OwnKeyNearExpiry);
}
{
NearExpiryChecker checker(1, 10, 1, 1, 1, 1);
NearExpiryChecker checker(1, 10, 1, 1, 1, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
// Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
......
......@@ -569,6 +569,24 @@ namespace
{
// helper methods for reading encryption settings
inline int encryptOwnKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnOwnEncrKeyNearExpiryThresholdDays();
return qMax(1, num);
}
inline int signingOwnKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnOwnSignKeyNearExpiryThresholdDays();
return qMax(1, num);
}
inline int encryptKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
......@@ -2353,7 +2371,9 @@ KMime::Message::Ptr ComposerViewBase::msg() const
NearExpiryChecker::Ptr ComposerViewBase::nearExpiryChecker()
{
if (!mNearExpiryChecker) {
mNearExpiryChecker = NearExpiryChecker::Ptr(new NearExpiryChecker(encryptKeyNearExpiryWarningThresholdInDays(),
mNearExpiryChecker = NearExpiryChecker::Ptr(new NearExpiryChecker(encryptOwnKeyNearExpiryWarningThresholdInDays(),
signingOwnKeyNearExpiryWarningThresholdInDays(),
encryptKeyNearExpiryWarningThresholdInDays(),
signingKeyNearExpiryWarningThresholdInDays(),
encryptRootCertNearExpiryWarningThresholdInDays(),
signingRootCertNearExpiryWarningThresholdInDays(),
......
......@@ -22,7 +22,9 @@
using namespace MessageComposer;
NearExpiryChecker::NearExpiryChecker(int encrKeyNearExpiryThresholdDays,
NearExpiryChecker::NearExpiryChecker(int encrOwnKeyNearExpiryThresholdDays,
int signOwnKeyNearExpiryThresholdDays,
int encrKeyNearExpiryThresholdDays,
int signKeyNearExpiryThresholdDays,
int encrRootCertNearExpiryThresholdDays,
int signRootCertNearExpiryThresholdDays,
......@@ -30,6 +32,8 @@ NearExpiryChecker::NearExpiryChecker(int encrKeyNearExpiryThresholdDays,
int signChainCertNearExpiryThresholdDays)
: d(new NearExpiryCheckerPrivate)
{
d->encryptOwnKeyNearExpiryWarningThreshold = encrOwnKeyNearExpiryThresholdDays;
d->signingOwnKeyNearExpiryWarningThreshold = signOwnKeyNearExpiryThresholdDays;
d->encryptKeyNearExpiryWarningThreshold = encrKeyNearExpiryThresholdDays;
d->signingKeyNearExpiryWarningThreshold = signKeyNearExpiryThresholdDays;
d->encryptRootCertNearExpiryWarningThreshold = encrRootCertNearExpiryThresholdDays;
......@@ -40,6 +44,16 @@ NearExpiryChecker::NearExpiryChecker(int encrKeyNearExpiryThresholdDays,
NearExpiryChecker::~NearExpiryChecker() = default;
int NearExpiryChecker::encryptOwnKeyNearExpiryWarningThresholdInDays() const
{
return d->encryptOwnKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingOwnKeyNearExpiryWarningThresholdInDays() const
{
return d->signingOwnKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::encryptKeyNearExpiryWarningThresholdInDays() const
{
return d->encryptKeyNearExpiryWarningThreshold;
......@@ -329,7 +343,8 @@ void NearExpiryChecker::checkKeyNearExpiry(const GpgME::Key &key, bool isOwnKey,
const int threshold = ca
? (key.isRoot() ? (isSigningKey ? signingRootCertNearExpiryWarningThresholdInDays() : encryptRootCertNearExpiryWarningThresholdInDays())
: (isSigningKey ? signingChainCertNearExpiryWarningThresholdInDays() : encryptChainCertNearExpiryWarningThresholdInDays()))
: (isSigningKey ? signingKeyNearExpiryWarningThresholdInDays() : encryptKeyNearExpiryWarningThresholdInDays());
: (isSigningKey ? (isOwnKey ? signingOwnKeyNearExpiryWarningThresholdInDays() : signingKeyNearExpiryWarningThresholdInDays())
: (isOwnKey ? encryptOwnKeyNearExpiryWarningThresholdInDays() : encryptKeyNearExpiryWarningThresholdInDays()));
if (threshold > -1 && daysTillExpiry <= threshold) {
const QString msg = key.protocol() == GpgME::OpenPGP ? formatOpenPGPMessage(key, secsTillExpiry, isOwnKey, isSigningKey)
: formatSMIMEMessage(key, orig_key, secsTillExpiry, isOwnKey, isSigningKey, ca);
......
......@@ -25,7 +25,9 @@ class MESSAGECOMPOSER_EXPORT NearExpiryChecker : public QObject
Q_OBJECT
public:
using Ptr = QSharedPointer<NearExpiryChecker>;
explicit NearExpiryChecker(int encrKeyNearExpiryThresholdDays,
explicit NearExpiryChecker(int encrOwnKeyNearExpiryThresholdDays,
int signOwnKeyNearExpiryThresholdDays,
int encrKeyNearExpiryThresholdDays,
int signKeyNearExpiryThresholdDays,
int encrRootCertNearExpNearExpiryCheckerPrivateiryThresholdDays,
int signRootCertNearExpiryThresholdDays,
......@@ -34,6 +36,9 @@ public:
~NearExpiryChecker();
int encryptOwnKeyNearExpiryWarningThresholdInDays() const;
int signingOwnKeyNearExpiryWarningThresholdInDays() const;
int encryptKeyNearExpiryWarningThresholdInDays() const;
int signingKeyNearExpiryWarningThresholdInDays() const;
......
......@@ -16,6 +16,8 @@ namespace MessageComposer
class NearExpiryCheckerPrivate
{
public:
int encryptOwnKeyNearExpiryWarningThreshold;
int signingOwnKeyNearExpiryWarningThreshold;
int encryptKeyNearExpiryWarningThreshold;
int signingKeyNearExpiryWarningThreshold;
int encryptRootCertNearExpiryWarningThreshold;
......
......@@ -93,6 +93,10 @@ xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/sta
<label>Warn if certificates/keys expire soon (configure thresholds below)</label>
<default>true</default>
</entry>
<entry name="CryptoWarnOwnSignKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-own-sign-key-near-expire-int">
<label>The minimum number of days that the signature certificate should be valid before issuing a warning</label>
<default>30</default>
</entry>
<entry name="CryptoWarnSignKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-key-near-expire-int">
<label>The minimum number of days that the signature certificate should be valid before issuing a warning</label>
<default>14</default>
......@@ -105,6 +109,10 @@ xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/sta
<label>The minimum number of days that the root certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoWarnOwnEncrKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-own-encr-key-near-expire-int">
<label>The minimum number of days that the encryption certificate should be valid before issuing a warning</label>
<default>30</default>
</entry>
<entry name="CryptoWarnEncrKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-encr-key-near-expire-int">
<label>The minimum number of days that the encryption certificate should be valid before issuing a warning</label>
<default>14</default>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment