diff options
| author | Carson Fleming <[email protected]> | 2025-01-01 22:31:52 -0800 |
|---|---|---|
| committer | Carson Fleming <[email protected]> | 2025-01-01 22:31:52 -0800 |
| commit | 1a93a383eab4c161a67a32e9dc715f6ee6106699 (patch) | |
| tree | da5eff266be98cfd11515869ba603229d99450cc | |
| parent | dabf5e030c5a894ce7a1b02a35547e9d2abef93a (diff) | |
| download | rc-inbox-settings-1a93a383eab4c161a67a32e9dc715f6ee6106699.tar.gz | |
assume everything is a key of some kind
| -rw-r--r-- | inbox_settings.php | 34 | ||||
| -rw-r--r-- | localization/en_US.inc | 3 |
2 files changed, 28 insertions, 9 deletions
diff --git a/inbox_settings.php b/inbox_settings.php index 47c25b9..27480bc 100644 --- a/inbox_settings.php +++ b/inbox_settings.php @@ -203,6 +203,11 @@ class inbox_settings extends rcube_plugin { 'display_message', $this->gettext('invalid_pgp_data'), 'error'); return false; } + if (empty($dearmored_key_data)) { + $this->rcmail->output->command( + 'display_message', $this->gettext('no_key_data'), 'error'); + return false; + } $comment = $_POST['comment']; if (empty($comment)) $comment = null; @@ -359,21 +364,34 @@ class inbox_settings extends rcube_plugin { return null; $parsed_data = OpenPGP_Message::parse($dearmored); - if (!($parsed_data instanceof OpenPGP_Message) || !is_array($parsed_data->packets)) { + if (!($parsed_data instanceof OpenPGP_Message) || !is_array($parsed_data->packets)) throw new IllegalArgumentException( 'Input data was not a PGP message with data packets.'); - } $parsed_keys = []; + $fingerprint = null; + $data_blob = ''; foreach ($parsed_data->packets as $data_packet) { - // TODO: maybe we keep uids and such - if (!($data_packet instanceof OpenPGP_PublicKeyPacket)) + if ($data_packet instanceof OpenPGP_SecretKeyPacket) + throw new IllegalArgumentException('Input data contains private keys.'); + + if ($data_packet instanceof OpenPGP_PublicKeyPacket + && !($data_packet instanceof OpenPGP_PublicSubkeyPacket)) { + $parsed_keys[] = ['fingerprint' => $fingerprint, 'data_blob' => $data_blob]; + $fingerprint = $data_packet->fingerprint; + $data_blob = ''; + } else if (!($data_packet instanceof OpenPGP_UserIDPacket) + && !($data_packet instanceof OpenPGP_SignaturePacket) + && !($data_packet instanceof OpenPGP_PublicSubkeyPacket)) { + // ignore unknown packet types for the time being continue; + } + + $data_blob .= $data_packet->to_bytes(); + } - $parsed_keys[] = [ - 'fingerprint' => $data_packet->fingerprint, - 'data_blob' => $data_packet->to_bytes() - ]; + if (!is_null($fingerprint) && !empty($data_blob)) { + $parsed_keys[] = ['fingerprint' => $fingerprint, 'data_blob' => $data_blob]; } return $parsed_keys; } diff --git a/localization/en_US.inc b/localization/en_US.inc index 1aec5fa..3e042f1 100644 --- a/localization/en_US.inc +++ b/localization/en_US.inc @@ -18,7 +18,8 @@ $labels['fingerprint'] = 'Key Fingerprint'; $labels['comment'] = 'Comment'; $labels['comment_placeholder'] = 'A comment to remember this key by'; $labels['paste_key_data'] = 'Paste ASCII-armored PGP public key(s) here. Please do not upload private keys.'; -$labels['invalid_pgp_data'] = 'Imported key contains invalid PGP data'; +$labels['invalid_pgp_data'] = 'Imported blob does not contain valid PGP data, or contains private keys'; +$labels['no_key_data'] = 'Imported blob does not contain any PGP public keys'; $labels['keys_imported'] = 'Encryption key(s) added'; $labels['confirm_delete_key'] = 'Are you sure you want to remove this encryption key from your account?'; $labels['deleting_key'] = 'Removing encryption key...'; |