Skip to content
This repository has been archived by the owner on Oct 5, 2023. It is now read-only.

can i ask you about this project #1

Open
wants to merge 52 commits into
base: master
Choose a base branch
from
Open
Changes from 1 commit
Commits
Show all changes
52 commits
Select commit Hold shift + click to select a range
2e6c661
No longer crashes settings screen with syntax errors.
galaxor Jan 21, 2018
50b6866
Try to redo the js to use yarn and webpack.
galaxor Jan 21, 2018
f5b3de1
I was wrong; I can get it to compile and run in browser.
galaxor Jan 21, 2018
9745daa
Key generator works (importer doesn't).
galaxor Jan 21, 2018
d6407cd
You can generate a key and import it.
galaxor Jan 22, 2018
cc9051b
Much of the public key table works.
galaxor Jan 22, 2018
1872c5a
The "Status" column of pubkey table.
galaxor Jan 22, 2018
355aa73
Export and delete public keys works.
galaxor Jan 22, 2018
0b3e655
Import public key works.
galaxor Jan 22, 2018
427644d
Display all persons in a pubkey.
galaxor Jan 22, 2018
547f65c
When everything goes well, pubkey search works.
galaxor Jan 22, 2018
02f8715
Errors from key search are displayed to user.
galaxor Jan 22, 2018
4f63925
Display hkp search errors a little more prettily.
galaxor Jan 22, 2018
745f043
You can hit enter to search for keys.
galaxor Jan 23, 2018
9dc15df
Key search happens on form submit instead of click.
galaxor Jan 23, 2018
8532224
Show correct text if multiple search results.
galaxor Jan 23, 2018
062a486
Remove debugging printout.
galaxor Jan 23, 2018
feed893
Private key pane fills, import private key works.
galaxor Jan 23, 2018
5e52cb2
Encrypt-only, to recip, doesn't send.
galaxor Mar 26, 2018
b002981
Generate keys works again.
galaxor Apr 7, 2018
437373c
Oops, that fix actually broke it. Revert.
galaxor Apr 8, 2018
6e2aa2a
The state machine works for the "encrypt only" branch.
galaxor Apr 16, 2018
b264452
gitignore
galaxor Apr 16, 2018
61ee235
Don't artificially wait 2 seconds when encrypting.
galaxor Apr 16, 2018
16c509e
Don't allow exceptions to get people killed IRL.
galaxor Apr 16, 2018
f9ca498
Clarified my comment about a workaround.
galaxor Apr 16, 2018
6ea78e4
Send blank messages if an exception occurred.
galaxor Apr 16, 2018
fa5dae9
I'm going to refactor it to use promises more heavily.
galaxor Apr 20, 2018
7cf9c2f
The pubkey_save callback knows where the file's at.
galaxor Apr 20, 2018
5e98953
"Enc only" is done in the new Promises style.
galaxor Apr 20, 2018
9f8de8e
pubkey_save is back to being a single handler.
galaxor Apr 20, 2018
8d7803c
key_select is a form with onsubmit.
galaxor Apr 21, 2018
4906f21
Tinkering with the flow for signing.
galaxor Apr 21, 2018
1035fde
Signing works now.
galaxor Apr 22, 2018
f546036
Gracefully handle when user cancels key select.
galaxor Apr 22, 2018
67acbfc
Working: Encrypt, Sign, Encrypt+Sign.
galaxor Apr 24, 2018
1f4e777
Encrypt+Sign actually encrypts, not just signs.
galaxor Apr 25, 2018
24bf6dd
Unified Encrypt Only with S/E+S.
galaxor Apr 25, 2018
f7a40d2
Key selector shows all persons.
galaxor Apr 27, 2018
f368f22
It should, but doesn't, show a spinner while decrypting secret key.
galaxor Apr 27, 2018
f82b02d
Don't stop showing spinner until encryption is done.
galaxor Apr 27, 2018
a23900e
Make code clearer, comments less verbose.
galaxor Apr 27, 2018
f0884de
Switching key select to use keyId
galaxor Apr 29, 2018
967f7b2
Only decrypt the private key once.
galaxor Apr 29, 2018
9e436c0
Key Manager: Deleting private keys works.
galaxor Apr 29, 2018
63fd767
Remember key selection/passphrase for the session.
galaxor Apr 29, 2018
4b1465d
We should have a UI to forget remembered keys.
galaxor Apr 29, 2018
808c44d
A little more tooltip text.
galaxor Apr 29, 2018
56194db
A little styling for the remembered key
galaxor Apr 30, 2018
d41b4ea
We show the remembered signing key.
galaxor May 1, 2018
4054c26
You can forget a previously remembered key/passphrase.
galaxor May 1, 2018
192ca68
Only require a private key if you are signing.
galaxor May 2, 2018
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
Send blank messages if an exception occurred.
This is a compromise which allows exceptions to function properly.
  • Loading branch information
galaxor committed Apr 16, 2018
commit 6ea78e484310f1e96a1f611fdabf245d48b2d9a5
93 changes: 57 additions & 36 deletions js/rc_openpgpjs.js
Original file line number Diff line number Diff line change
@@ -35,6 +35,8 @@ if(window.rcmail) {
rcmail.display_message(rcmail.gettext("no_window_crypto", "rc_openpgpjs"), "error");
}

this.cleartext = null;

this.send_pubkey_state = "init";
this.encryption_state = "init";
this.passphrase_state = "init";
@@ -110,36 +112,7 @@ if(window.rcmail) {

rcmail.env.compose_commands.push("open-key-manager");
rcmail.addEventListener("beforesend", function(e) {
// As much as I'd like to simply let exceptions bubble up and out (I
// would like that very much), it is IMPERATIVE!! that we return false
// if anything goes wrong.
// The "command" function in app.js requires "before" hooks to
// affirmatively return false in order to cancel the send. If they
// simply don't return anything, then the command will go through.
// See app.js:729 of roundcube 1.3.4.
//
// If something throws an exception in beforeSend, then it will fail to
// return false.
// That means that we maybe didn't encrypt a message that the user
// intended to encrypt. If that "send" command goes through, the
// plaintext will be sent, when the user intended to send encrypted
// text. This can literally get people killed in real life.
//
// XXX I have an idea: Before attempting to do anything (even before
// checking if the "encrypt" box was checked), pull all the text out of
// the text area, set it aside in some other variable, and then clear
// the text area itself. That way, if an exception is thrown and the
// send accidentally goes through, it just sends a blank message. If
// we do it that way, we don't have to do this try/catch here; we can
// allow the exceptions to bubble up and out. This is desirable
// because it makes debugging easier, and even lets the user know that
// something went wrong.
try {
return beforeSend();
} catch(e) {
console.log(e);
return false;
}
return beforeSend();
});
} else if(rcmail.env.action === "show" || rcmail.env.action === "preview") {
processReceived();
@@ -401,11 +374,59 @@ if(window.rcmail) {
* Processes messages before sending
*/
function beforeSend() {
// As much as I'd like to simply let exceptions bubble up and out (I
// would like that very much), it is IMPERATIVE!! that we return false
// if anything goes wrong.
// The "command" function in app.js requires "before" hooks to
// affirmatively return false in order to cancel the send. If they
// simply don't return anything, then the command will go through.
// See app.js:729 of roundcube 1.3.4.
//
// If something throws an exception in beforeSend, then it will fail to
// return false.
// That means that we maybe didn't encrypt a message that the user
// intended to encrypt. If that "send" command goes through, the
// plaintext will be sent, when the user intended to send encrypted
// text. This can literally get people killed in real life.
//
// XXX I have an idea: Before attempting to do anything (even before
// checking if the "encrypt" box was checked), pull all the text out of
// the text area, set it aside in some other variable, and then clear
// the text area itself. That way, if an exception is thrown and the
// send accidentally goes through, it just sends a blank message. If
// we do it that way, we don't have to do this try/catch here; we can
// allow the exceptions to bubble up and out. This is desirable
// because it makes debugging easier, and even lets the user know that
// something went wrong.

// XXX Okay, this idea seems to be working.
// HOWEVER, I'm not totally satisfied with this. It may cause the user to
// send a blank message when they intended to send the *encrypted version of*
// a blank message, which would not actually be blank.
// Instead of blank, I could put some placeholder text in there, but it's
// probably best not to try to think of something sufficiently neutral. If
// the placeholder text is actually sent, we will have leaked some
// information, such as: the fact that we intended to use encryption; what
// software we are using; the fact that an error occurred; the fact that
// messages get sent if errors occur.
// If we had succeeded in encrypting the message, the eavesdropper would
// also know that we intended to use encryption. But I don't want to
// assume that it's ok to leak that info if there's a failure. If there's
// a failure, the most correct way to behave is to not send anything.
if (this.cleartext == null) {
this.cleartext = $("textarea#composebody").val();
$("textarea#composebody").val("");
}

if( !$("#openpgpjs_encrypt").is(":checked") &&
!$("#openpgpjs_sign").is(":checked")) {

if ($("#openpgpjs_warn").val() == "1" ) {
if(confirm(rcmail.gettext("continue_unencrypted", "rc_openpgpjs"))) {
// The user intends to send cleartext.
// It is thus safe to replace the cleartext back into the textarea.
$("textarea#composebody").val(this.cleartext);

// remove the public key attachment since we don't sign nor encrypt the message
removePublicKeyAttachment();
return true;
@@ -415,6 +436,9 @@ if(window.rcmail) {
}
else
{
// The user intends to send cleartext.
// It is thus safe to replace the cleartext back into the textarea.
$("textarea#composebody").val(this.cleartext);
return true
}
}
@@ -475,8 +499,7 @@ if(window.rcmail) {
}
// end add user's public key

var text = $("textarea#composebody").val();
var encrypted = rc_openpgpjs_crypto.encrypt(pubkeys, text, 1, privkey, passobj.passphrase);
var encrypted = rc_openpgpjs_crypto.encrypt(pubkeys, this.cleartext, 1, privkey, passobj.passphrase);

if(encrypted) {
$("textarea#composebody").val(encrypted);
@@ -505,9 +528,8 @@ if(window.rcmail) {
}
// end add user's public key

var text = $("textarea#composebody").val();
var enc_lock = rcmail.set_busy(true, 'encrypting');
rc_openpgpjs_crypto.encrypt(pubkeys, text).then((function (enc_lock, encrypted) {
rc_openpgpjs_crypto.encrypt(pubkeys, this.cleartext).then((function (enc_lock, encrypted) {
rcmail.set_busy(false, null, enc_lock);

$("textarea#composebody").val(encrypted.data);
@@ -534,9 +556,8 @@ if(window.rcmail) {
var passobj = JSON.parse(this.passphrase);
var privkey = rc_openpgpjs_crypto.getPrivkeyObj(passobj.id);

var text = $("textarea#composebody").val();
var enc_lock = rcmail.set_busy(true, 'signing');
rc_openpgpjs_crypto.sign(text, privkey, passobj.passphrase).then((function (enc_lock, signed) {
rc_openpgpjs_crypto.sign(this.cleartext, privkey, passobj.passphrase).then((function (enc_lock, signed) {
rcmail.set_busy(false, null, enc_lock);

$("textarea#composebody").val(signed.data);