diff options
Diffstat (limited to 'inbox_settings.php')
| -rw-r--r-- | inbox_settings.php | 46 |
1 files changed, 43 insertions, 3 deletions
diff --git a/inbox_settings.php b/inbox_settings.php index 7b3ccce..47c25b9 100644 --- a/inbox_settings.php +++ b/inbox_settings.php @@ -196,10 +196,23 @@ class inbox_settings extends rcube_plugin { if (!isset($_POST['import'])) return false; - $dearmored_key_data = TODO_magic($_POST['key_data']); + try { + $dearmored_key_data = self::parse_keys($_POST['key_data']); + } catch (Throwable $e) { + $this->rcmail->output->command( + 'display_message', $this->gettext('invalid_pgp_data'), 'error'); + return false; + } + $comment = $_POST['comment']; - foreach ($dearmored_key_data as $dearmored_key) { - $this->run_query('add_key', ['%k' => $dearmored_key, '%c' => $comment]); + if (empty($comment)) $comment = null; + + foreach ($dearmored_key_data as $parsed_key) { + $this->run_query( + 'add_key', + ['%f' => $parsed_key['fingerprint'], + '%k' => $parsed_key['data_blob'], + '%c' => $comment]); } $this->rcmail->output->command( @@ -337,5 +350,32 @@ class inbox_settings extends rcube_plugin { return $dsn; } + + private static function parse_keys($armored) { + require_once(__DIR__ . '/openpgp.php'); + + $dearmored = OpenPGP::unarmor($armored); + if (empty($dearmored)) + return null; + + $parsed_data = OpenPGP_Message::parse($dearmored); + if (!($parsed_data instanceof OpenPGP_Message) || !is_array($parsed_data->packets)) { + throw new IllegalArgumentException( + 'Input data was not a PGP message with data packets.'); + } + + $parsed_keys = []; + foreach ($parsed_data->packets as $data_packet) { + // TODO: maybe we keep uids and such + if (!($data_packet instanceof OpenPGP_PublicKeyPacket)) + continue; + + $parsed_keys[] = [ + 'fingerprint' => $data_packet->fingerprint, + 'data_blob' => $data_packet->to_bytes() + ]; + } + return $parsed_keys; + } } ?> |