OPENPGP PLUGIN: Don't list expired/revoked GPG keyopenpgp-plugin-hide-revoked-expired

- Closes #91 - Blocks input in chat box if the key in use becomes revoked or expired - Mention GPG key status below chat input box if it's expired or revoked - Account manager will show a warning message: "Key is revoked/expired!" below the selected GPG key for the corresponding account.
author: Miquel Lionel <lionel@les-miquelots.net> 2024-01-20 14:24:30 +0100
committer: Miquel Lionel <lionel@les-miquelots.net> 2025-02-23 12:48:04 +0100
commit: 28529f0038543e8a7fef2f10ef8231355a0dbca3 (patch)
tree: c5684da5c20f1d6aedeff1ecf664a6b46009b23f
parent: f796286650e4ad862b147e484d528ca56cf5e0e6 (diff)
download: dino-28529f0038543e8a7fef2f10ef8231355a0dbca3.tar.gz
dino-28529f0038543e8a7fef2f10ef8231355a0dbca3.zip
3 files changed, 26 insertions, 2 deletions
diff --git a/main/src/ui/chat_input/chat_input_controller.vala b/main/src/ui/chat_input/chat_input_controller.vala
index 07499aa4..7f461123 100644
--- a/main/src/ui/chat_input/chat_input_controller.vala
+++ b/main/src/ui/chat_input/chat_input_controller.vala
@@ -27,6 +27,7 @@ public class ChatInputController : Object {
     private ChatTextViewController chat_text_view_controller;
 
     private ContentItem? quoted_content_item = null;
+    private Encryption encryption_mode;
 
     public ChatInputController(ChatInput.View chat_input, StreamInteractor stream_interactor) {
         this.chat_input = chat_input;
@@ -104,7 +105,7 @@ public class ChatInputController : Object {
 
     private void on_encryption_changed(Encryption encryption) {
         reset_input_field_status();
-
+        this.encryption_mode = encryption;
         if (encryption == Encryption.NONE) return;
 
         Application app = GLib.Application.get_default() as Application;
@@ -129,6 +130,9 @@ public class ChatInputController : Object {
     }
 
     private void send_text() {
+        // Double check GPG keys before sending in case of expired / revoked keys while Dino is in use
+        if (this.encryption_mode == Encryption.PGP) on_encryption_changed(this.encryption_mode);
+
         // Don't do anything if we're in a NO_SEND state. Don't clear the chat input, don't send.
         if (input_field_status.input_state == Plugins.InputFieldStatus.InputState.NO_SEND) {
             chat_input.highlight_state_description();
diff --git a/plugins/openpgp/src/encryption_list_entry.vala b/plugins/openpgp/src/encryption_list_entry.vala
index cf5da8c4..8aba1522 100644
--- a/plugins/openpgp/src/encryption_list_entry.vala
+++ b/plugins/openpgp/src/encryption_list_entry.vala
@@ -40,6 +40,14 @@ private class EncryptionListEntry : Plugins.EncryptionListEntry, Object {
             return;
         }
 
+        GPG.Key key_check = GPGHelper.get_public_key(db.get_account_key(conversation.account));
+        if (key_check.expired || key_check.revoked){
+            string status_str = key_check.expired ? " is expired." : " is revoked.";
+            debug("GPG public key %s is NOT fine for encryption: it %s.\n", key_check.fpr, status_str);
+            input_status_callback(new Plugins.InputFieldStatus("Your GPG key " + key_check.fpr + status_str, Plugins.InputFieldStatus.MessageType.ERROR, Plugins.InputFieldStatus.InputState.NO_SEND));
+            return;
+        }
+
         if (conversation.type_ == Conversation.Type.CHAT) {
             string? key_id = stream_interactor.get_module(Manager.IDENTITY).get_key_id(conversation.account, conversation.counterpart);
             if (key_id == null) {
diff --git a/plugins/openpgp/src/encryption_preferences_entry.vala b/plugins/openpgp/src/encryption_preferences_entry.vala
index 4620e173..e110116d 100644
--- a/plugins/openpgp/src/encryption_preferences_entry.vala
+++ b/plugins/openpgp/src/encryption_preferences_entry.vala
@@ -51,10 +51,22 @@ namespace Dino.Plugins.OpenPgp {
 #endif
 
             string_list.append(_("Disabled"));
+
+            // Cleanup revoked or expired keys, except if linked to an account
+            for (int i = 0; i < keys.size; i++) {
+                if (keys[i].revoked || keys[i].expired){
+                    if (keys[i].fpr != plugin.db.get_account_key(account)) keys.remove(keys[i]);
+                }
+            }
+
             for (int i = 0; i < keys.size; i++) {
-                string_list.append(@"$(keys[i].uids[0].uid)\n$(keys[i].fpr.substring(24, 16))");
+                var key_status="";
+                if (keys[i].revoked) key_status = _("\nKey is revoked!");
+                if (keys[i].expired) key_status = _("\nKey is expired!");
+                string_list.append(@"$(keys[i].uids[0].uid)\n$(keys[i].fpr.substring(24, 16))$(key_status)");
                 if (keys[i].fpr == plugin.db.get_account_key(account)) {
                     drop_down.selected = i + 1;
+                    if (keys[i].expired || keys[i].revoked) drop_down.add_css_class("error");
                 }
             }
author	Miquel Lionel <lionel@les-miquelots.net>	2024-01-20 14:24:30 +0100
committer	Miquel Lionel <lionel@les-miquelots.net>	2025-02-23 12:48:04 +0100
commit	28529f0038543e8a7fef2f10ef8231355a0dbca3 (patch)
tree	c5684da5c20f1d6aedeff1ecf664a6b46009b23f
parent	f796286650e4ad862b147e484d528ca56cf5e0e6 (diff)
download	dino-28529f0038543e8a7fef2f10ef8231355a0dbca3.tar.gz dino-28529f0038543e8a7fef2f10ef8231355a0dbca3.zip