Commit a1423689 authored by Sandro Knauß's avatar Sandro Knauß 🐝
Browse files

Cleanup tresholds for NearExpiryKey.

There is no need to differ betwenn settings for signing anbd encryption
keys, as we only have own singing keys.
parent ca46e0bd
......@@ -43,7 +43,7 @@ void KeyResolverTest::cleanup()
void KeyResolverTest::testAutocrypt()
{
const std::vector<GpgME::Key> &keys = Test::getKeys();
NearExpiryChecker::Ptr nearExpiryChecker(new NearExpiryChecker(0, 0, 0, 0, 0, 0, 0, 0));
NearExpiryChecker::Ptr nearExpiryChecker(new NearExpiryChecker(0, 0, 0, 0));
KeyResolver keyResolver(true, false, true, Kleo::OpenPGPMIMEFormat, nearExpiryChecker);
keyResolver.setAkonadiLookupEnabled(false);
......
......@@ -92,7 +92,7 @@ private Q_SLOTS:
QFETCH(GpgME::Key, key);
QFETCH(int, difftime);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 1, 1);
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
checker.d->testMode = true;
checker.d->difftime = difftime;
......@@ -144,7 +144,7 @@ private Q_SLOTS:
QFETCH(QString, msgOwnKey);
QFETCH(QString, msgOwnSigningKey);
NearExpiryChecker checker(1, 1, 1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = -1;
{
......@@ -222,7 +222,7 @@ private Q_SLOTS:
QFETCH(QString, msgOwnSigningKey);
{
NearExpiryChecker checker(1, 1, 10, 1, 1, 1, 1, 1);
NearExpiryChecker checker(1, 10, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
......@@ -237,14 +237,13 @@ private Q_SLOTS:
QCOMPARE(arguments.at(2).value<NearExpiryChecker::ExpiryInformation>(), NearExpiryChecker::OtherKeyNearExpiry);
}
{
NearExpiryChecker checker(10, 1, 1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(10, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
// Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
QCOMPARE(arguments.at(0).value<GpgME::Key>().keyID(), key.keyID());
......@@ -252,13 +251,12 @@ private Q_SLOTS:
QCOMPARE(arguments.at(2).value<NearExpiryChecker::ExpiryInformation>(), NearExpiryChecker::OwnKeyNearExpiry);
}
{
NearExpiryChecker checker(1, 10, 1, 1, 1, 1, 1, 1);
NearExpiryChecker checker(10, 1, 1, 1);
checker.d->testMode = true;
checker.d->difftime = 5 * 24 * 3600; // 5 days
QSignalSpy spy(&checker, &NearExpiryChecker::expiryMessage);
// Test if the correct treshold is taken
checker.checkKey(key);
checker.checkOwnKey(key);
checker.checkOwnSigningKey(key);
QCOMPARE(spy.count(), 1);
QList<QVariant> arguments = spy.takeFirst();
......
......@@ -578,15 +578,6 @@ inline int encryptOwnKeyNearExpiryWarningThresholdInDays()
return qMax(1, num);
}
inline int signingOwnKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnOwnSignKeyNearExpiryThresholdDays();
return qMax(1, num);
}
inline int encryptKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
......@@ -596,14 +587,6 @@ inline int encryptKeyNearExpiryWarningThresholdInDays()
return qMax(1, num);
}
inline int signingKeyNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnSignKeyNearExpiryThresholdDays();
return qMax(1, num);
}
inline int encryptRootCertNearExpiryWarningThresholdInDays()
{
......@@ -614,15 +597,6 @@ inline int encryptRootCertNearExpiryWarningThresholdInDays()
return qMax(1, num);
}
inline int signingRootCertNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnSignRootNearExpiryThresholdDays();
return qMax(1, num);
}
inline int encryptChainCertNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
......@@ -632,15 +606,6 @@ inline int encryptChainCertNearExpiryWarningThresholdInDays()
return qMax(1, num);
}
inline int signingChainCertNearExpiryWarningThresholdInDays()
{
if (!MessageComposer::MessageComposerSettings::self()->cryptoWarnWhenNearExpire()) {
return -1;
}
const int num = MessageComposer::MessageComposerSettings::self()->cryptoWarnSignChaincertNearExpiryThresholdDays();
return qMax(1, num);
}
inline bool showKeyApprovalDialog()
{
return MessageComposer::MessageComposerSettings::self()->cryptoShowKeysForApproval();
......@@ -2367,13 +2332,9 @@ NearExpiryChecker::Ptr ComposerViewBase::nearExpiryChecker()
{
if (!mNearExpiryChecker) {
mNearExpiryChecker = NearExpiryChecker::Ptr(new NearExpiryChecker(encryptOwnKeyNearExpiryWarningThresholdInDays(),
signingOwnKeyNearExpiryWarningThresholdInDays(),
encryptKeyNearExpiryWarningThresholdInDays(),
signingKeyNearExpiryWarningThresholdInDays(),
encryptRootCertNearExpiryWarningThresholdInDays(),
signingRootCertNearExpiryWarningThresholdInDays(),
encryptChainCertNearExpiryWarningThresholdInDays(),
signingChainCertNearExpiryWarningThresholdInDays()));
encryptChainCertNearExpiryWarningThresholdInDays()));
}
return mNearExpiryChecker;
}
......@@ -23,23 +23,15 @@
using namespace MessageComposer;
NearExpiryChecker::NearExpiryChecker(int encrOwnKeyNearExpiryThresholdDays,
int signOwnKeyNearExpiryThresholdDays,
int encrKeyNearExpiryThresholdDays,
int signKeyNearExpiryThresholdDays,
int encrRootCertNearExpiryThresholdDays,
int signRootCertNearExpiryThresholdDays,
int encrChainCertNearExpiryThresholdDays,
int signChainCertNearExpiryThresholdDays)
int encrChainCertNearExpiryThresholdDays)
: d(new NearExpiryCheckerPrivate)
{
d->encryptOwnKeyNearExpiryWarningThreshold = encrOwnKeyNearExpiryThresholdDays;
d->signingOwnKeyNearExpiryWarningThreshold = signOwnKeyNearExpiryThresholdDays;
d->encryptKeyNearExpiryWarningThreshold = encrKeyNearExpiryThresholdDays;
d->signingKeyNearExpiryWarningThreshold = signKeyNearExpiryThresholdDays;
d->encryptRootCertNearExpiryWarningThreshold = encrRootCertNearExpiryThresholdDays;
d->signingRootCertNearExpiryWarningThreshold = signRootCertNearExpiryThresholdDays;
d->encryptChainCertNearExpiryWarningThreshold = encrChainCertNearExpiryThresholdDays;
d->signingChainCertNearExpiryWarningThreshold = signChainCertNearExpiryThresholdDays;
}
NearExpiryChecker::~NearExpiryChecker() = default;
......@@ -49,41 +41,21 @@ int NearExpiryChecker::encryptOwnKeyNearExpiryWarningThresholdInDays() const
return d->encryptOwnKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingOwnKeyNearExpiryWarningThresholdInDays() const
{
return d->signingOwnKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::encryptKeyNearExpiryWarningThresholdInDays() const
{
return d->encryptKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingKeyNearExpiryWarningThresholdInDays() const
{
return d->signingKeyNearExpiryWarningThreshold;
}
int NearExpiryChecker::encryptRootCertNearExpiryWarningThresholdInDays() const
{
return d->encryptRootCertNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingRootCertNearExpiryWarningThresholdInDays() const
{
return d->signingRootCertNearExpiryWarningThreshold;
}
int NearExpiryChecker::encryptChainCertNearExpiryWarningThresholdInDays() const
{
return d->encryptChainCertNearExpiryWarningThreshold;
}
int NearExpiryChecker::signingChainCertNearExpiryWarningThresholdInDays() const
{
return d->signingChainCertNearExpiryWarningThreshold;
}
QString formatOpenPGPMessage(const GpgME::Key &key, int secsTillExpiry, bool isOwnKey, bool isSigningKey)
{
KLocalizedString msg;
......@@ -341,10 +313,9 @@ void NearExpiryChecker::checkKeyNearExpiry(const GpgME::Key &key, bool isOwnKey,
} else {
const int daysTillExpiry = 1 + int(secsTillExpiry / secsPerDay);
const int threshold = ca
? (key.isRoot() ? (isSigningKey ? signingRootCertNearExpiryWarningThresholdInDays() : encryptRootCertNearExpiryWarningThresholdInDays())
: (isSigningKey ? signingChainCertNearExpiryWarningThresholdInDays() : encryptChainCertNearExpiryWarningThresholdInDays()))
: (isSigningKey ? (isOwnKey ? signingOwnKeyNearExpiryWarningThresholdInDays() : signingKeyNearExpiryWarningThresholdInDays())
: (isOwnKey ? encryptOwnKeyNearExpiryWarningThresholdInDays() : encryptKeyNearExpiryWarningThresholdInDays()));
? (key.isRoot() ? encryptRootCertNearExpiryWarningThresholdInDays()
: encryptChainCertNearExpiryWarningThresholdInDays())
: (isOwnKey ? encryptOwnKeyNearExpiryWarningThresholdInDays() : encryptKeyNearExpiryWarningThresholdInDays());
if (threshold > -1 && daysTillExpiry <= threshold) {
const QString msg = key.protocol() == GpgME::OpenPGP ? formatOpenPGPMessage(key, secsTillExpiry, isOwnKey, isSigningKey)
: formatSMIMEMessage(key, orig_key, secsTillExpiry, isOwnKey, isSigningKey, ca);
......
......@@ -26,27 +26,16 @@ class MESSAGECOMPOSER_EXPORT NearExpiryChecker : public QObject
public:
using Ptr = QSharedPointer<NearExpiryChecker>;
explicit NearExpiryChecker(int encrOwnKeyNearExpiryThresholdDays,
int signOwnKeyNearExpiryThresholdDays,
int encrKeyNearExpiryThresholdDays,
int signKeyNearExpiryThresholdDays,
int encrRootCertNearExpNearExpiryCheckerPrivateiryThresholdDays,
int signRootCertNearExpiryThresholdDays,
int encrChainCertNearExpiryThresholdDays,
int signChainCertNearExpiryThresholdDays);
int encrChainCertNearExpiryThresholdDays);
~NearExpiryChecker();
int encryptOwnKeyNearExpiryWarningThresholdInDays() const;
int signingOwnKeyNearExpiryWarningThresholdInDays() const;
int encryptKeyNearExpiryWarningThresholdInDays() const;
int signingKeyNearExpiryWarningThresholdInDays() const;
int encryptRootCertNearExpiryWarningThresholdInDays() const;
int signingRootCertNearExpiryWarningThresholdInDays() const;
int encryptChainCertNearExpiryWarningThresholdInDays() const;
int signingChainCertNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptOwnKeyNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptKeyNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptRootCertNearExpiryWarningThresholdInDays() const;
Q_REQUIRED_RESULT int encryptChainCertNearExpiryWarningThresholdInDays() const;
enum ExpiryInformation { OwnKeyExpired, OwnKeyNearExpiry, OtherKeyExpired, OtherKeyNearExpiry };
Q_ENUM(ExpiryInformation)
......
......@@ -17,13 +17,9 @@ class NearExpiryCheckerPrivate
{
public:
int encryptOwnKeyNearExpiryWarningThreshold;
int signingOwnKeyNearExpiryWarningThreshold;
int encryptKeyNearExpiryWarningThreshold;
int signingKeyNearExpiryWarningThreshold;
int encryptRootCertNearExpiryWarningThreshold;
int signingRootCertNearExpiryWarningThreshold;
int encryptChainCertNearExpiryWarningThreshold;
int signingChainCertNearExpiryWarningThreshold;
std::set<QByteArray> alreadyWarnedFingerprints;
bool testMode = false;
......
......@@ -101,22 +101,6 @@ xsi:schemaLocation="http://www.kde.org/standards/kcfg/1.0 http://www.kde.org/sta
<label>Warn if certificates/keys expire soon (configure thresholds below)</label>
<default>true</default>
</entry>
<entry name="CryptoWarnOwnSignKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-own-sign-key-near-expire-int">
<label>The minimum number of days that the signature certificate should be valid before issuing a warning</label>
<default>30</default>
</entry>
<entry name="CryptoWarnSignKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-key-near-expire-int">
<label>The minimum number of days that the signature certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoWarnSignChaincertNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-chaincert-near-expire-int">
<label>The minimum number of days that the CA certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoWarnSignRootNearExpiryThresholdDays" type="Int" key="crypto-warn-sign-root-near-expire-int">
<label>The minimum number of days that the root certificate should be valid before issuing a warning</label>
<default>14</default>
</entry>
<entry name="CryptoWarnOwnEncrKeyNearExpiryThresholdDays" type="Int" key="crypto-warn-own-encr-key-near-expire-int">
<label>The minimum number of days that the encryption certificate should be valid before issuing a warning</label>
<default>30</default>
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment