From 1a93a383eab4c161a67a32e9dc715f6ee6106699 Mon Sep 17 00:00:00 2001
From: Carson Fleming <cflems@cflems.net>
Date: Wed, 1 Jan 2025 22:31:52 -0800
Subject: assume everything is a key of some kind

---
 inbox_settings.php | 34 ++++++++++++++++++++++++++--------
 1 file changed, 26 insertions(+), 8 deletions(-)

(limited to 'inbox_settings.php')

diff --git a/inbox_settings.php b/inbox_settings.php
index 47c25b9..27480bc 100644
--- a/inbox_settings.php
+++ b/inbox_settings.php
@@ -203,6 +203,11 @@ class inbox_settings extends rcube_plugin {
                 'display_message', $this->gettext('invalid_pgp_data'), 'error');
             return false;
         }
+        if (empty($dearmored_key_data)) {
+            $this->rcmail->output->command(
+                'display_message', $this->gettext('no_key_data'), 'error');
+            return false;
+        }
 
         $comment = $_POST['comment'];
         if (empty($comment)) $comment = null;
@@ -359,21 +364,34 @@ class inbox_settings extends rcube_plugin {
             return null;
 
         $parsed_data = OpenPGP_Message::parse($dearmored);
-        if (!($parsed_data instanceof OpenPGP_Message) || !is_array($parsed_data->packets)) {
+        if (!($parsed_data instanceof OpenPGP_Message) || !is_array($parsed_data->packets))
             throw new IllegalArgumentException(
                 'Input data was not a PGP message with data packets.');
-        }
 
         $parsed_keys = [];
+        $fingerprint = null;
+        $data_blob = '';
         foreach ($parsed_data->packets as $data_packet) {
-            // TODO: maybe we keep uids and such
-            if (!($data_packet instanceof OpenPGP_PublicKeyPacket))
+            if ($data_packet instanceof OpenPGP_SecretKeyPacket)
+                throw new IllegalArgumentException('Input data contains private keys.');
+
+            if ($data_packet instanceof OpenPGP_PublicKeyPacket
+                && !($data_packet instanceof OpenPGP_PublicSubkeyPacket)) {
+                $parsed_keys[] = ['fingerprint' => $fingerprint, 'data_blob' => $data_blob];
+                $fingerprint = $data_packet->fingerprint;
+                $data_blob = '';
+            } else if (!($data_packet instanceof OpenPGP_UserIDPacket)
+                && !($data_packet instanceof OpenPGP_SignaturePacket)
+                && !($data_packet instanceof OpenPGP_PublicSubkeyPacket)) {
+                // ignore unknown packet types for the time being
                 continue;
+            }
+
+            $data_blob .= $data_packet->to_bytes();
+        }
 
-            $parsed_keys[] = [
-                'fingerprint' => $data_packet->fingerprint,
-                'data_blob' => $data_packet->to_bytes()
-            ];
+        if (!is_null($fingerprint) && !empty($data_blob)) {
+            $parsed_keys[] = ['fingerprint' => $fingerprint, 'data_blob' => $data_blob];
         }
         return $parsed_keys;
     }
-- 
cgit v1.2.3