From 8371f94d06cefbd65392af3b5c0f1fd1057429f7 Mon Sep 17 00:00:00 2001 From: Antoine GIRARD Date: Wed, 26 Apr 2017 15:10:43 +0200 Subject: Rework SSH key management UI to add GPG (#1293) * Rework SSH key management UI to add GPG * Add more detail to gpg key display * Update CHANGELOG.md * Implement deletion UI * Implement adding gpg UI * Various fixes - Fix duplicate entry in locale - Re-generate hash before verification since they are consumed * Add missing translation * Split template * Catch not found/verified email error --- models/error.go | 30 ++++++++++++++++++++++++++++++ models/gpg_key.go | 33 +++++++++++++++++++++------------ 2 files changed, 51 insertions(+), 12 deletions(-) (limited to 'models') diff --git a/models/error.go b/models/error.go index 68bc238907..404939c58a 100644 --- a/models/error.go +++ b/models/error.go @@ -260,6 +260,36 @@ func (err ErrKeyNameAlreadyUsed) Error() string { return fmt.Sprintf("public key already exists [owner_id: %d, name: %s]", err.OwnerID, err.Name) } +// ErrGPGEmailNotFound represents a "ErrGPGEmailNotFound" kind of error. +type ErrGPGEmailNotFound struct { + Email string +} + +// IsErrGPGEmailNotFound checks if an error is a ErrGPGEmailNotFound. +func IsErrGPGEmailNotFound(err error) bool { + _, ok := err.(ErrGPGEmailNotFound) + return ok +} + +func (err ErrGPGEmailNotFound) Error() string { + return fmt.Sprintf("failed to found email or is not confirmed : %s", err.Email) +} + +// ErrGPGKeyParsing represents a "ErrGPGKeyParsing" kind of error. +type ErrGPGKeyParsing struct { + ParseError error +} + +// IsErrGPGKeyParsing checks if an error is a ErrGPGKeyParsing. +func IsErrGPGKeyParsing(err error) bool { + _, ok := err.(ErrGPGKeyParsing) + return ok +} + +func (err ErrGPGKeyParsing) Error() string { + return fmt.Sprintf("failed to parse gpg key %s", err.ParseError.Error()) +} + // ErrGPGKeyNotExist represents a "GPGKeyNotExist" kind of error. type ErrGPGKeyNotExist struct { ID int64 diff --git a/models/gpg_key.go b/models/gpg_key.go index 1c9d17d0e2..862bd88596 100644 --- a/models/gpg_key.go +++ b/models/gpg_key.go @@ -89,7 +89,7 @@ func GetGPGKeyByID(keyID int64) (*GPGKey, error) { func checkArmoredGPGKeyString(content string) (*openpgp.Entity, error) { list, err := openpgp.ReadArmoredKeyRing(strings.NewReader(content)) if err != nil { - return nil, err + return nil, ErrGPGKeyParsing{err} } return list[0], nil } @@ -219,7 +219,7 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) { } } if emails[n] == nil { - return nil, fmt.Errorf("Failed to found email or is not confirmed : %s", ident.UserId.Email) + return nil, ErrGPGEmailNotFound{ident.UserId.Email} } n++ } @@ -400,17 +400,16 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification { } } - //Generating hash of commit - hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload)) - if err != nil { //Skipping ailed to generate hash - log.Error(3, "PopulateHash: %v", err) - return &CommitVerification{ - Verified: false, - Reason: "gpg.error.generate_hash", - } - } - for _, k := range keys { + //Generating hash of commit + hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload)) + if err != nil { //Skipping ailed to generate hash + log.Error(3, "PopulateHash: %v", err) + return &CommitVerification{ + Verified: false, + Reason: "gpg.error.generate_hash", + } + } //We get PK if err := verifySign(sig, hash, k); err == nil { return &CommitVerification{ //Everything is ok @@ -422,6 +421,16 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification { } //And test also SubsKey for _, sk := range k.SubsKey { + + //Generating hash of commit + hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload)) + if err != nil { //Skipping ailed to generate hash + log.Error(3, "PopulateHash: %v", err) + return &CommitVerification{ + Verified: false, + Reason: "gpg.error.generate_hash", + } + } if err := verifySign(sig, hash, sk); err == nil { return &CommitVerification{ //Everything is ok Verified: true, -- cgit v1.2.3