Commit 80dd027e authored by Sandro Knauß's avatar Sandro Knauß 🐝
Browse files

Merge cleanup crypto settings

parents 3a6e193f f804bfed
Pipeline #253606 passed with stage
in 11 minutes and 28 seconds
# SPDX-License-Identifier: CC0-1.0
# SPDX-FileCopyrightText: none
cmake_minimum_required(VERSION 3.16 FATAL_ERROR)
set(PIM_VERSION "5.21.43")
set(PIM_VERSION "5.21.44")
project(Messagelib VERSION ${PIM_VERSION})
......@@ -24,7 +24,7 @@ set(AKONADICONTACT_LIB_VERSION "5.21.40")
set(AKONADI_VERSION "5.21.40")
set(GRANTLEETHEME_LIB_VERSION "5.21.40")
set(GRAVATAR_LIB_VERSION "5.21.40")
set(IDENTITYMANAGEMENT_LIB_VERSION "5.21.40")
set(IDENTITYMANAGEMENT_LIB_VERSION "5.21.41")
set(KMAILTRANSPORT_LIB_VERSION "5.21.40")
set(KMBOX_LIB_VERSION "5.21.40")
set(KMIME_LIB_VERSION "5.21.40")
......
......@@ -43,7 +43,7 @@ void KeyResolverTest::cleanup()
void KeyResolverTest::testAutocrypt()
{
const std::vector<GpgME::Key> &keys = Test::getKeys();
NearExpiryChecker::Ptr nearExpiryChecker(new NearExpiryChecker(0, 0, 0, 0, 0, 0));
NearExpiryChecker::Ptr nearExpiryChecker(new NearExpiryChecker(0, 0, 0, 0));
KeyResolver keyResolver(true, false, true, Kleo::OpenPGPMIMEFormat, nearExpiryChecker);
keyResolver.setAkonadiLookupEnabled(false);
......
......@@ -92,7 +92,7 @@ private Q_SLOTS:
QFETCH(GpgME::Key, key);
QFETCH(int, difftime);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 1, 1);
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
checker.d->testMode = true;
checker.d->difftime = difftime;
......@@ -144,7 +144,7 @@ private Q_SLOTS:
QFETCH(QString, msgOwnKey);
QFETCH(QString, msgOwnSigningKey);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = -1;
{
......@@ -222,11 +222,14 @@ private Q_SLOTS:
QFETCH(QString, msgOwnSigningKey);
{
NearExpiryChecker checker(10, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 10, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
//Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
QCOMPARE(arguments.at(0).value<GpgME::Key>().keyID(), key.keyID());
......@@ -234,10 +237,12 @@ private Q_SLOTS:
QCOMPARE(arguments.at(2).value<NearExpiryChecker::ExpiryInformation>(), NearExpiryChecker::OtherKeyNearExpiry);
}
{
NearExpiryChecker checker(10, 1, 1, 1, 1, 1);
NearExpiryChecker checker(10, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
// Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
......@@ -246,10 +251,12 @@ private Q_SLOTS:
QCOMPARE(arguments.at(2).value<NearExpiryChecker::ExpiryInformation>(), NearExpiryChecker::OwnKeyNearExpiry);
}
{
NearExpiryChecker checker(1, 10, 1, 1, 1, 1);
NearExpiryChecker checker(10, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
// Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
......
......@@ -569,24 +569,25 @@ namespace
{
// helper methods for reading encryption settings
inline int encryptKeyNearExpiryWarningThresholdInDays()
inline int encryptOwnKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnEncrKeyNearExpiryThresholdDays();
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnOwnEncrKeyNearExpiryThresholdDays();
return qMax(1, num);
}
inline int signingKeyNearExpiryWarningThresholdInDays()
inline int encryptKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnSignKeyNearExpiryThresholdDays();
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnEncrKeyNearExpiryThresholdDays();
return qMax(1, num);
}
inline int encryptRootCertNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
......@@ -596,15 +597,6 @@ inline int encryptRootCertNearExpiryWarningThresholdInDays()
return qMax(1, num);
}
inline int signingRootCertNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnSignRootNearExpiryThresholdDays();
return qMax(1, num);
}
inline int encryptChainCertNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
......@@ -614,23 +606,25 @@ inline int encryptChainCertNearExpiryWarningThresholdInDays()
return qMax(1, num);
}
inline int signingChainCertNearExpiryWarningThresholdInDays()
inline bool showKeyApprovalDialog()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnSignChaincertNearExpiryThresholdDays();
return qMax(1, num);
return MessageComposer::MessageComposerSettings::self()->cryptoShowKeysForApproval();
}
inline bool encryptToSelf()
inline bool cryptoWarningUnsigned(const KIdentityManagement::Identity &identity)
{
return MessageComposer::MessageComposerSettings::self()->cryptoEncryptToSelf();
if (identity.encryptionOverride()) {
return identity.warnNotSign();
}
return MessageComposer::MessageComposerSettings::self()->cryptoWarningUnsigned();
}
inline bool showKeyApprovalDialog()
inline bool cryptoWarningUnencrypted(const KIdentityManagement::Identity &identity)
{
return MessageComposer::MessageComposerSettings::self()->cryptoShowKeysForApproval();
if (identity.encryptionOverride()) {
return identity.warnNotEncrypt();
}
return MessageComposer::MessageComposerSettings::self()->cryptoWarningUnencrypted();
}
} // nameless namespace
......@@ -759,7 +753,7 @@ QVector<MessageComposer::Composer *> ComposerViewBase::generateCryptoMessages(bo
});
QScopedPointer<Kleo::KeyResolver> keyResolver(
new Kleo::KeyResolver(encryptToSelf(), showKeyApprovalDialog(), id.pgpAutoEncrypt(), m_cryptoMessageFormat, nearExpiryChecker()));
new Kleo::KeyResolver(true, showKeyApprovalDialog(), id.pgpAutoEncrypt(), m_cryptoMessageFormat, nearExpiryChecker()));
keyResolver->setAutocryptEnabled(autocryptEnabled());
keyResolver->setAkonadiLookupEnabled(m_akonadiLookupEnabled);
......@@ -2077,7 +2071,7 @@ bool ComposerViewBase::determineWhetherToSign(bool doSignCompletely, Kleo::KeyRe
}
if (!sign || !doSignCompletely) {
if (MessageComposer::MessageComposerSettings::self()->cryptoWarningUnsigned()) {
if (cryptoWarningUnsigned(currentIdentity())) {
KCursorSaver saver(Qt::WaitCursor);
const QString msg = sign && !doSignCompletely ? i18n(
"Some parts of this message will not be signed.\n"
......@@ -2253,7 +2247,7 @@ bool ComposerViewBase::determineWhetherToEncrypt(bool doEncryptCompletely,
}
if (!encrypt || !doEncryptCompletely) {
if (MessageComposer::MessageComposerSettings::self()->cryptoWarningUnencrypted()) {
if (cryptoWarningUnencrypted(currentIdentity())) {
KCursorSaver saver(Qt::WaitCursor);
const QString msg = !doEncryptCompletely ? i18n(
"Some parts of this message will not be encrypted.\n"
......@@ -2353,12 +2347,10 @@ KMime::Message::Ptr ComposerViewBase::msg() const
NearExpiryChecker::Ptr ComposerViewBase::nearExpiryChecker()
{
if (!mNearExpiryChecker) {
mNearExpiryChecker = NearExpiryChecker::Ptr(new NearExpiryChecker(encryptKeyNearExpiryWarningThresholdInDays(),
signingKeyNearExpiryWarningThresholdInDays(),
mNearExpiryChecker = NearExpiryChecker::Ptr(new NearExpiryChecker(encryptOwnKeyNearExpiryWarningThresholdInDays(),
encryptKeyNearExpiryWarningThresholdInDays(),
encryptRootCertNearExpiryWarningThresholdInDays(),
signingRootCertNearExpiryWarningThresholdInDays(),
encryptChainCertNearExpiryWarningThresholdInDays(),
signingChainCertNearExpiryWarningThresholdInDays()));
encryptChainCertNearExpiryWarningThresholdInDays()));
}
return mNearExpiryChecker;
}
......@@ -22,32 +22,28 @@
using namespace MessageComposer;
NearExpiryChecker::NearExpiryChecker(int encrKeyNearExpiryThresholdDays,
int signKeyNearExpiryThresholdDays,
NearExpiryChecker::NearExpiryChecker(int encrOwnKeyNearExpiryThresholdDays,
int encrKeyNearExpiryThresholdDays,
int encrRootCertNearExpiryThresholdDays,
int signRootCertNearExpiryThresholdDays,
int encrChainCertNearExpiryThresholdDays,
int signChainCertNearExpiryThresholdDays)
int encrChainCertNearExpiryThresholdDays)
: d(new NearExpiryCheckerPrivate)
{
d->encryptOwnKeyNearExpiryWarningThreshold = encrOwnKeyNearExpiryThresholdDays;
d->encryptKeyNearExpiryWarningThreshold = encrKeyNearExpiryThresholdDays;
d->signingKeyNearExpiryWarningThreshold = signKeyNearExpiryThresholdDays;
d->encryptRootCertNearExpiryWarningThreshold = encrRootCertNearExpiryThresholdDays;
d->signingRootCertNearExpiryWarningThreshold = signRootCertNearExpiryThresholdDays;
d->encryptChainCertNearExpiryWarningThreshold = encrChainCertNearExpiryThresholdDays;
d->signingChainCertNearExpiryWarningThreshold = signChainCertNearExpiryThresholdDays;
}
NearExpiryChecker::~NearExpiryChecker() = default;
int NearExpiryChecker::encryptKeyNearExpiryWarningThresholdInDays() const
int NearExpiryChecker::encryptOwnKeyNearExpiryWarningThresholdInDays() const
{
return d->encryptKeyNearExpiryWarningThreshold;
return d->encryptOwnKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingKeyNearExpiryWarningThresholdInDays() const
int NearExpiryChecker::encryptKeyNearExpiryWarningThresholdInDays() const
{
return d->signingKeyNearExpiryWarningThreshold;
return d->encryptKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::encryptRootCertNearExpiryWarningThresholdInDays() const
......@@ -55,21 +51,11 @@ int NearExpiryChecker::encryptRootCertNearExpiryWarningThresholdInDays() const
return d->encryptRootCertNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingRootCertNearExpiryWarningThresholdInDays() const
{
return d->signingRootCertNearExpiryWarningThreshold;
}
int NearExpiryChecker::encryptChainCertNearExpiryWarningThresholdInDays() const
{
return d->encryptChainCertNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingChainCertNearExpiryWarningThresholdInDays() const
{
return d->signingChainCertNearExpiryWarningThreshold;
}
QString formatOpenPGPMessage(const GpgME::Key &key, int secsTillExpiry, bool isOwnKey, bool isSigningKey)
{
KLocalizedString msg;
......@@ -327,9 +313,9 @@ void NearExpiryChecker::checkKeyNearExpiry(const GpgME::Key &key, bool isOwnKey,
} else {
const int daysTillExpiry = 1 + int(secsTillExpiry / secsPerDay);
const int threshold = ca
? (key.isRoot() ? (isSigningKey ? signingRootCertNearExpiryWarningThresholdInDays() : encryptRootCertNearExpiryWarningThresholdInDays())
: (isSigningKey ? signingChainCertNearExpiryWarningThresholdInDays() : encryptChainCertNearExpiryWarningThresholdInDays()))
: (isSigningKey ? signingKeyNearExpiryWarningThresholdInDays() : encryptKeyNearExpiryWarningThresholdInDays());
? (key.isRoot() ? encryptRootCertNearExpiryWarningThresholdInDays()
: encryptChainCertNearExpiryWarningThresholdInDays())
: (isOwnKey ? encryptOwnKeyNearExpiryWarningThresholdInDays() : encryptKeyNearExpiryWarningThresholdInDays());
if (threshold > -1 && daysTillExpiry <= threshold) {
const QString msg = key.protocol() == GpgME::OpenPGP ? formatOpenPGPMessage(key, secsTillExpiry, isOwnKey, isSigningKey)
: formatSMIMEMessage(key, orig_key, secsTillExpiry, isOwnKey, isSigningKey, ca);
......
......@@ -25,23 +25,17 @@ class MESSAGECOMPOSER_EXPORT NearExpiryChecker : public QObject
Q_OBJECT
public:
using Ptr = QSharedPointer<NearExpiryChecker>;
explicit NearExpiryChecker(int encrKeyNearExpiryThresholdDays,
int signKeyNearExpiryThresholdDays,
explicit NearExpiryChecker(int encrOwnKeyNearExpiryThresholdDays,
int encrKeyNearExpiryThresholdDays,
int encrRootCertNearExpNearExpiryCheckerPrivateiryThresholdDays,
int signRootCertNearExpiryThresholdDays,
int encrChainCertNearExpiryThresholdDays,
int signChainCertNearExpiryThresholdDays);
int encrChainCertNearExpiryThresholdDays);
~NearExpiryChecker();
int encryptKeyNearExpiryWarningThresholdInDays() const;
int signingKeyNearExpiryWarningThresholdInDays() const;
int encryptRootCertNearExpiryWarningThresholdInDays() const;
int signingRootCertNearExpiryWarningThresholdInDays() const;
int encryptChainCertNearExpiryWarningThresholdInDays() const;
int signingChainCertNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptOwnKeyNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptKeyNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptRootCertNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptChainCertNearExpiryWarningThresholdInDays() const;
enum ExpiryInformation { OwnKeyExpired, OwnKeyNearExpiry, OtherKeyExpired, OtherKeyNearExpiry };
Q_ENUM(ExpiryInformation)
......@@ -58,7 +52,7 @@ private:
std::unique_ptr<NearExpiryCheckerPrivate> const d;
double calculateSecsTillExpiriy(const GpgME::Subkey &key) const;
Q_REQUIRED_RESULT double calculateSecsTillExpiriy(const GpgME::Subkey &key) const;
void checkKeyNearExpiry(const GpgME::Key &key,
bool isOwnKey,
......
......@@ -16,12 +16,10 @@ namespace MessageComposer
class NearExpiryCheckerPrivate
{
public:
int encryptOwnKeyNearExpiryWarningThreshold;
int encryptKeyNearExpiryWarningThreshold;
int signingKeyNearExpiryWarningThreshold;
int encryptRootCertNearExpiryWarningThreshold;
int signingRootCertNearExpiryWarningThreshold;
int encryptChainCertNearExpiryWarningThreshold;
int signingChainCertNearExpiryWarningThreshold;
std::set<QByteArray> alreadyWarnedFingerprints;
bool testMode = false;
......
......@@ -81,6 +81,14 @@ xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/sta
<label>Improve plain text version of HTML message</label>
<default>true</default>
</entry>
<entry name="CryptoAutoSign" type="Bool" key="crypto-auto-sign">
<label>Sign all messages, if possible</label>
<default>true</default>
</entry>
<entry name="CryptoAutoEncrypt" type="Bool" key="crypto-auto-encrypt">
<label>Enable encrpytion, if we found keys for all recipients</label>
<default>false</default>
</entry>
<entry name="CryptoWarningUnencrypted" type="Bool" key="crypto-warning-unencrypted">
<label>Warn before sending unencrypted messages</label>
<default>false</default>
......@@ -93,17 +101,9 @@ xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/sta
<label>Warn if certificates/keys expire soon (configure thresholds below)</label>
<default>true</default>
</entry>
<entry name="CryptoWarnSignKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-key-near-expire-int">
<label>The minimum number of days that the signature certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoWarnSignChaincertNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-chaincert-near-expire-int">
<label>The minimum number of days that the CA certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoWarnSignRootNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-root-near-expire-int">
<label>The minimum number of days that the root certificate should be valid before issuing a warning</label>
<default>14</default>
<entry name="CryptoWarnOwnEncrKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-own-encr-key-near-expire-int">
<label>The minimum number of days that the encryption certificate should be valid before issuing a warning</label>
<default>30</default>
</entry>
<entry name="CryptoWarnEncrKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-encr-key-near-expire-int">
<label>The minimum number of days that the encryption certificate should be valid before issuing a warning</label>
......@@ -117,10 +117,6 @@ xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/sta
<label>The minimum number of days that the root certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoEncryptToSelf" type="Bool" key="crypto-encrypt-to-self">
<label>When encrypting emails, always also encrypt to the certificate of my own identity</label>
<default>true</default>
</entry>
<entry name="CryptoShowKeysForApproval" type="Bool" key="crypto-show-keys-for-approval">
<label>Always show the list of encryption keys to select the one which will be used</label>
<default>true</default>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment