variety of functionality, performance and style fixes
it was like pulling on a thread in a sweater: the changes just kept rolling into each other... * don't load all the keys at start, just cache them as they are requested * use GpgContext::key to get the key for us rather than looping through all keys * fix SignedBy so it doesn't say a key is signed by every other key(!) * FullTrus*t*ed
This commit is contained in:
parent
35b714cd31
commit
155b5bd879
@ -168,7 +168,7 @@ void SigningPrivate::splitKeysByTrustLevel()
|
|||||||
// After Loop 3, the tmp object contains the remaining keys not yet processed.
|
// After Loop 3, the tmp object contains the remaining keys not yet processed.
|
||||||
//
|
//
|
||||||
// Loop 4: foreach key not yet classified, inspect their signatures and:
|
// Loop 4: foreach key not yet classified, inspect their signatures and:
|
||||||
// - a: if contains a key from keys[UltimatelyTrusted], save it in keys[FullyTrused];
|
// - a: if contains a key from keys[UltimatelyTrusted], save it in keys[FullyTrusted];
|
||||||
// - b: if contains a key from keys[SelfTrusted], save it in keys[UserTrusted];
|
// - b: if contains a key from keys[SelfTrusted], save it in keys[UserTrusted];
|
||||||
// - c: if the signature is unknown, let's save it in keys[UnknownTrusted].
|
// - c: if the signature is unknown, let's save it in keys[UnknownTrusted].
|
||||||
QSet<QByteArray> tmp;
|
QSet<QByteArray> tmp;
|
||||||
@ -192,126 +192,62 @@ void SigningPrivate::splitKeysByTrustLevel()
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
GpgME::KeyListResult lRes = m_gpgContext->endKeyListing();
|
GpgME::KeyListResult lRes = m_gpgContext->endKeyListing();
|
||||||
|
}
|
||||||
|
|
||||||
error = m_gpgContext->startKeyListing("");
|
Plasma::TrustLevel SigningPrivate::addKeyToCache(const QByteArray &fingerprint)
|
||||||
while (!error) { // Loop 3
|
{
|
||||||
|
if (!m_gpgContext) {
|
||||||
GpgME::Key key = m_gpgContext->nextKey(error);
|
kDebug() << "GPGME context not valid: please re-initialize the library.";
|
||||||
if (error) {
|
return UnknownTrusted;
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
QByteArray data(key.subkey(0).fingerprint());
|
|
||||||
|
|
||||||
if (keys[UltimatelyTrusted].contains(data) ||
|
|
||||||
keys[SelfTrusted].contains(data)) {
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
// If the key is disabled, expired, invalid or revoked, put it in the untrusted list
|
|
||||||
if (key.isDisabled() || key.isExpired() || key.isInvalid() || key.isRevoked()) {
|
|
||||||
keys[CompletelyUntrusted].insert(data);
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
// The keys is new, valid and public: save it !
|
|
||||||
tmp.insert(data);
|
|
||||||
}
|
|
||||||
lRes = m_gpgContext->endKeyListing();
|
|
||||||
|
|
||||||
if (lRes.error()) {
|
|
||||||
kDebug() << "Error while ending the keyListing operation: " << lRes.error().asString();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
//Loop 4 - looking for keys signed by kde or by the user, tmp contains the valid public keys remaining
|
GpgME::Error error;
|
||||||
QString kdeKeys;
|
GpgME::Key key = m_gpgContext->key(fingerprint.data(), error);
|
||||||
foreach (QByteArray s, keys[UltimatelyTrusted]) {
|
if (error) {
|
||||||
kdeKeys.append(s).append(' ');
|
keys[UnknownTrusted].insert(fingerprint);
|
||||||
|
return UnknownTrusted;
|
||||||
}
|
}
|
||||||
|
|
||||||
QString selfKeys;
|
if (keys[UltimatelyTrusted].contains(fingerprint)) {
|
||||||
foreach (QByteArray s, keys[SelfTrusted]) {
|
return UltimatelyTrusted;
|
||||||
selfKeys.append(s).append(' ');
|
} else if (keys[SelfTrusted].contains(fingerprint)) {
|
||||||
|
return SelfTrusted;
|
||||||
}
|
}
|
||||||
|
|
||||||
foreach (QByteArray unknowTmpKey, tmp) {
|
// If the key is disabled, expired, invalid or revoked, put it in the untrusted list
|
||||||
QStringList signers = signersOf(QString(unknowTmpKey));
|
if (key.isDisabled() || key.isExpired() || key.isInvalid() || key.isRevoked()) {
|
||||||
|
keys[CompletelyUntrusted].insert(fingerprint);
|
||||||
|
return CompletelyUntrusted;
|
||||||
|
}
|
||||||
|
|
||||||
bool stored = false;
|
for (unsigned int i = 0; i < key.numUserIDs(); ++i) {
|
||||||
|
foreach (const GpgME::UserID::Signature &signature, key.userID(i).signatures()) {
|
||||||
foreach (QString signer, signers) {
|
if (keys[UltimatelyTrusted].contains(signature.signerKeyID())) {
|
||||||
if (kdeKeys.contains(signer)) {
|
|
||||||
// if the unknown key has a signer that is a kde key, let's trust it
|
// if the unknown key has a signer that is a kde key, let's trust it
|
||||||
keys[FullyTrused].insert(unknowTmpKey);
|
keys[FullyTrusted].insert(fingerprint);
|
||||||
stored = true;
|
return FullyTrusted;
|
||||||
break;
|
} else if (keys[SelfTrusted].contains(signature.signerKeyID())) {
|
||||||
} else if (selfKeys.contains(unknowTmpKey)) {
|
|
||||||
// if the unknown key has a signer that is a user key, let's trust it
|
// if the unknown key has a signer that is a user key, let's trust it
|
||||||
keys[UserTrusted].insert(unknowTmpKey);
|
keys[UserTrusted].insert(fingerprint);
|
||||||
stored = true;
|
return UserTrusted;
|
||||||
break;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!stored) {
|
|
||||||
// We didn't stored the unknown key in the previous loop, which means that we
|
|
||||||
// don't know the hey al all.
|
|
||||||
keys[UnknownTrusted].insert(unknowTmpKey);
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// We didn't stored the unknown key in the previous loop, which means that we
|
||||||
|
// don't know the hey al all.
|
||||||
|
keys[UnknownTrusted].insert(fingerprint);
|
||||||
|
return UnknownTrusted;
|
||||||
|
}
|
||||||
|
|
||||||
#if 0
|
void SigningPrivate::dumpKeysToDebug()
|
||||||
// Lets print out all the keys found till now.
|
{
|
||||||
temp = keys[UltimatelyTrusted];
|
kDebug() << "UltimatelyTrusted = " << keys[UltimatelyTrusted];
|
||||||
QStringList list;
|
kDebug() << "FullyTrusted = " << keys[FullyTrusted];
|
||||||
foreach (QByteArray ba, temp) {
|
kDebug() << "SelfTrusted = " << keys[SelfTrusted];
|
||||||
list.append(ba);
|
kDebug() << "UserTrusted = " << keys[UserTrusted];
|
||||||
}
|
kDebug() << "UnknownTrusted = " << keys[UnknownTrusted];
|
||||||
|
kDebug() << "CompletelyUntrusted = " << keys[CompletelyUntrusted];
|
||||||
kDebug() << "UltimatelyTrusted = " << list;
|
|
||||||
list.clear();
|
|
||||||
|
|
||||||
temp = keys[FullyTrused];
|
|
||||||
foreach (QByteArray ba, temp) {
|
|
||||||
list.append(ba);
|
|
||||||
}
|
|
||||||
|
|
||||||
kDebug() << "FullyTrused = " << list;
|
|
||||||
list.clear();
|
|
||||||
|
|
||||||
temp = keys[SelfTrusted];
|
|
||||||
foreach (QByteArray ba, temp) {
|
|
||||||
list.append(ba);
|
|
||||||
}
|
|
||||||
|
|
||||||
kDebug() << "SelfTrusted = " << list;
|
|
||||||
list.clear();
|
|
||||||
|
|
||||||
temp = keys[UserTrusted];
|
|
||||||
foreach (QByteArray ba, temp) {
|
|
||||||
list.append(ba);
|
|
||||||
}
|
|
||||||
|
|
||||||
//kDebug() << "UserTrusted = " << list;
|
|
||||||
list.clear();
|
|
||||||
|
|
||||||
temp = keys[UnknownTrusted];
|
|
||||||
foreach (QByteArray ba, temp) {
|
|
||||||
list.append(ba);
|
|
||||||
}
|
|
||||||
|
|
||||||
//kDebug() << "UnknownTrusted = " << list;
|
|
||||||
list.clear();
|
|
||||||
|
|
||||||
temp = keys[CompletelyUntrusted];
|
|
||||||
foreach (QByteArray ba, temp) {
|
|
||||||
list.append(ba);
|
|
||||||
}
|
|
||||||
|
|
||||||
kDebug() << "CompletelyUntrusted = " << list;
|
|
||||||
kDebug() << "ALL = " << keys;
|
|
||||||
#endif
|
|
||||||
}
|
}
|
||||||
|
|
||||||
QStringList SigningPrivate::keysID(const bool returnPrivate) const
|
QStringList SigningPrivate::keysID(const bool returnPrivate) const
|
||||||
@ -360,36 +296,6 @@ QString SigningPrivate::signerOf(const QString &messagePath, const QString &sign
|
|||||||
return QString();
|
return QString();
|
||||||
}
|
}
|
||||||
|
|
||||||
QString SigningPrivate::descriptiveString(const QString &keyID) const
|
|
||||||
{
|
|
||||||
QString result;
|
|
||||||
|
|
||||||
if (!m_gpgContext) {
|
|
||||||
kDebug() << "GPGME context not valid: please re-initialize the library.";
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
GpgME::Error error = m_gpgContext->startKeyListing("");
|
|
||||||
while (!error) {
|
|
||||||
GpgME::Key k = m_gpgContext->nextKey(error);
|
|
||||||
if (error) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
QString fullID(k.subkey(0).fingerprint());
|
|
||||||
if (fullID.contains(keyID)) {
|
|
||||||
result.append(k.userID(0).id());
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
GpgME::KeyListResult lRes = m_gpgContext->endKeyListing();
|
|
||||||
if (lRes.error()) {
|
|
||||||
kDebug() << "Error while ending the keyListing operation: " << lRes.error().asString();
|
|
||||||
}
|
|
||||||
|
|
||||||
return result;
|
|
||||||
}
|
|
||||||
|
|
||||||
void SigningPrivate::processKeystore(const QString &path)
|
void SigningPrivate::processKeystore(const QString &path)
|
||||||
{
|
{
|
||||||
if (path != m_keystorePath) {
|
if (path != m_keystorePath) {
|
||||||
@ -402,7 +308,7 @@ void SigningPrivate::processKeystore(const QString &path)
|
|||||||
oldValues += keys[CompletelyUntrusted];
|
oldValues += keys[CompletelyUntrusted];
|
||||||
oldValues += keys[UnknownTrusted];
|
oldValues += keys[UnknownTrusted];
|
||||||
oldValues += keys[SelfTrusted];
|
oldValues += keys[SelfTrusted];
|
||||||
oldValues += keys[FullyTrused];
|
oldValues += keys[FullyTrusted];
|
||||||
oldValues += keys[UltimatelyTrusted];
|
oldValues += keys[UltimatelyTrusted];
|
||||||
|
|
||||||
splitKeysByTrustLevel();
|
splitKeysByTrustLevel();
|
||||||
@ -412,7 +318,7 @@ void SigningPrivate::processKeystore(const QString &path)
|
|||||||
newValues += keys[CompletelyUntrusted];
|
newValues += keys[CompletelyUntrusted];
|
||||||
newValues += keys[UnknownTrusted];
|
newValues += keys[UnknownTrusted];
|
||||||
newValues += keys[SelfTrusted];
|
newValues += keys[SelfTrusted];
|
||||||
newValues += keys[FullyTrused];
|
newValues += keys[FullyTrusted];
|
||||||
newValues += keys[UltimatelyTrusted];
|
newValues += keys[UltimatelyTrusted];
|
||||||
|
|
||||||
QString result;
|
QString result;
|
||||||
@ -542,26 +448,19 @@ void SigningPrivate::keyRemoved(const QString &path)
|
|||||||
QStringList SigningPrivate::signersOf(const QString id) const
|
QStringList SigningPrivate::signersOf(const QString id) const
|
||||||
{
|
{
|
||||||
QStringList result;
|
QStringList result;
|
||||||
GpgME::Error error = m_gpgContext->startKeyListing("");
|
GpgME::Error error;
|
||||||
while (!error) {
|
GpgME::Key key = m_gpgContext->key(id.toAscii().data(), error);
|
||||||
GpgME::Key k = m_gpgContext->nextKey(error);
|
|
||||||
if (error) {
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
for (unsigned int i = 0; i < k.numUserIDs(); ++i) {
|
if (!error) {
|
||||||
for (unsigned int j = 0; j < k.userID(i).numSignatures(); ++j) {
|
for (unsigned int i = 0; i < key.numUserIDs(); ++i) {
|
||||||
QString sig(k.userID(i).signature(j).signerKeyID());
|
foreach (const GpgME::UserID::Signature &signature, key.userID(i).signatures()) {
|
||||||
if (!result.contains(sig) && !id.contains(sig)) {
|
QString sig(signature.signerKeyID());
|
||||||
|
if (!result.contains(sig) && id != sig) {
|
||||||
result.append(sig);
|
result.append(sig);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
GpgME::KeyListResult lRes = m_gpgContext->endKeyListing();
|
|
||||||
if (lRes.error()) {
|
|
||||||
kDebug() << "Error while ending the keyListing operation: " << lRes.error().asString();
|
|
||||||
}
|
|
||||||
|
|
||||||
//kDebug() << "Hey, the key " << id << " has been signed with " << result;
|
//kDebug() << "Hey, the key " << id << " has been signed with " << result;
|
||||||
|
|
||||||
@ -611,7 +510,7 @@ TrustLevel Signing::trustLevelOf(const QString &keyID) const
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return Plasma::UnverifiableTrust;
|
return d->addKeyToCache(keyID.toAscii());
|
||||||
}
|
}
|
||||||
|
|
||||||
QStringList Signing::privateKeys() const
|
QStringList Signing::privateKeys() const
|
||||||
@ -663,7 +562,18 @@ QString Signing::descriptiveString(const QString &keyID) const
|
|||||||
return QString();
|
return QString();
|
||||||
}
|
}
|
||||||
|
|
||||||
return d->descriptiveString(keyID);
|
if (!d->m_gpgContext) {
|
||||||
|
kDebug() << "GPGME context not valid: please re-initialize the library.";
|
||||||
|
return QString();
|
||||||
|
}
|
||||||
|
|
||||||
|
GpgME::Error error;
|
||||||
|
GpgME::Key key = d->m_gpgContext->key(keyID.toAscii().data(), error);
|
||||||
|
if (error) {
|
||||||
|
return QString();
|
||||||
|
}
|
||||||
|
|
||||||
|
return key.userID(0).id();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -51,9 +51,10 @@ public:
|
|||||||
QString ultimateKeyStoragePath() const;
|
QString ultimateKeyStoragePath() const;
|
||||||
void registerUltimateTrustKeys();
|
void registerUltimateTrustKeys();
|
||||||
void splitKeysByTrustLevel();
|
void splitKeysByTrustLevel();
|
||||||
|
Plasma::TrustLevel addKeyToCache(const QByteArray &fingerprint);
|
||||||
|
void dumpKeysToDebug();
|
||||||
QStringList keysID(const bool returnPrivate) const;
|
QStringList keysID(const bool returnPrivate) const;
|
||||||
QString signerOf(const QString &messagePath, const QString &signaturePath) const;
|
QString signerOf(const QString &messagePath, const QString &signaturePath) const;
|
||||||
QString descriptiveString(const QString &keyID) const;
|
|
||||||
|
|
||||||
void processKeystore(const QString &path);
|
void processKeystore(const QString &path);
|
||||||
void keyAdded(const QString &path);
|
void keyAdded(const QString &path);
|
||||||
|
Loading…
Reference in New Issue
Block a user