Rework SSH key management UI to add GPG (#1293)

* Rework SSH key management UI to add GPG * Add more detail to gpg key display * Update CHANGELOG.md * Implement deletion UI * Implement adding gpg UI * Various fixes - Fix duplicate entry in locale - Re-generate hash before verification since they are consumed * Add missing translation * Split template * Catch not found/verified email error
2025-06-01 04:12:10 +00:00 · 2017-04-26 15:10:43 +02:00 · 2017-04-26 15:10:43 +02:00 · 8371f94d06
commit 8371f94d06
parent b7da5a6cb7
14 changed files with 324 additions and 140 deletions
--- a/models/error.go
+++ b/models/error.go
@ -260,6 +260,36 @@ func (err ErrKeyNameAlreadyUsed) Error() string {
 	return fmt.Sprintf("public key already exists [owner_id: %d, name: %s]", err.OwnerID, err.Name)
 }

+// ErrGPGEmailNotFound represents a "ErrGPGEmailNotFound" kind of error.
+type ErrGPGEmailNotFound struct {
+	Email string
+}
+
+// IsErrGPGEmailNotFound checks if an error is a ErrGPGEmailNotFound.
+func IsErrGPGEmailNotFound(err error) bool {
+	_, ok := err.(ErrGPGEmailNotFound)
+	return ok
+}
+
+func (err ErrGPGEmailNotFound) Error() string {
+	return fmt.Sprintf("failed to found email or is not confirmed : %s", err.Email)
+}
+
+// ErrGPGKeyParsing represents a "ErrGPGKeyParsing" kind of error.
+type ErrGPGKeyParsing struct {
+	ParseError error
+}
+
+// IsErrGPGKeyParsing checks if an error is a ErrGPGKeyParsing.
+func IsErrGPGKeyParsing(err error) bool {
+	_, ok := err.(ErrGPGKeyParsing)
+	return ok
+}
+
+func (err ErrGPGKeyParsing) Error() string {
+	return fmt.Sprintf("failed to parse gpg key %s", err.ParseError.Error())
+}
+
 // ErrGPGKeyNotExist represents a "GPGKeyNotExist" kind of error.
 type ErrGPGKeyNotExist struct {
 	ID int64
--- a/models/gpg_key.go
+++ b/models/gpg_key.go
@ -89,7 +89,7 @@ func GetGPGKeyByID(keyID int64) (*GPGKey, error) {
 func checkArmoredGPGKeyString(content string) (*openpgp.Entity, error) {
 	list, err := openpgp.ReadArmoredKeyRing(strings.NewReader(content))
 	if err != nil {
-		return nil, err
+		return nil, ErrGPGKeyParsing{err}
 	}
 	return list[0], nil
 }
@ -219,7 +219,7 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) {
 			}
 		}
 		if emails[n] == nil {
-			return nil, fmt.Errorf("Failed to found email or is not confirmed : %s", ident.UserId.Email)
+			return nil, ErrGPGEmailNotFound{ident.UserId.Email}
 		}
 		n++
 	}
@ -400,17 +400,16 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
 			}
 		}

-		//Generating hash of commit
-		hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload))
-		if err != nil { //Skipping ailed to generate hash
-			log.Error(3, "PopulateHash: %v", err)
-			return &CommitVerification{
-				Verified: false,
-				Reason:   "gpg.error.generate_hash",
-			}
-		}
-
 		for _, k := range keys {
+			//Generating hash of commit
+			hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload))
+			if err != nil { //Skipping ailed to generate hash
+				log.Error(3, "PopulateHash: %v", err)
+				return &CommitVerification{
+					Verified: false,
+					Reason:   "gpg.error.generate_hash",
+				}
+			}
 			//We get PK
 			if err := verifySign(sig, hash, k); err == nil {
 				return &CommitVerification{ //Everything is ok
@ -422,6 +421,16 @@ func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
 			}
 			//And test also SubsKey
 			for _, sk := range k.SubsKey {
+
+				//Generating hash of commit
+				hash, err := populateHash(sig.Hash, []byte(c.Signature.Payload))
+				if err != nil { //Skipping ailed to generate hash
+					log.Error(3, "PopulateHash: %v", err)
+					return &CommitVerification{
+						Verified: false,
+						Reason:   "gpg.error.generate_hash",
+					}
+				}
 				if err := verifySign(sig, hash, sk); err == nil {
 					return &CommitVerification{ //Everything is ok
 						Verified:    true,