KeeShare: Remove checking signed container
* Remove QuaZip dependency in favor of minizip * Remove signature checks, but maintain signatures for backwards compatibility * Remove UI components related to certificates except for personal certificate for backwards compatibility * Default to unsigned containers (*.kdbx)
This commit is contained in:
Jonathan White
@@ -23,8 +23,8 @@
|
||||
#include "core/Metadata.h"
|
||||
#include "crypto/Random.h"
|
||||
#include "gui/DatabaseIcons.h"
|
||||
#include "keeshare/Signature.h"
|
||||
|
||||
#include <QDataStream>
|
||||
#include <QTextCodec>
|
||||
#include <QXmlStreamWriter>
|
||||
|
||||
@@ -261,82 +261,6 @@ namespace KeeShareSettings
|
||||
return own;
|
||||
}
|
||||
|
||||
bool ScopedCertificate::operator==(const ScopedCertificate& other) const
|
||||
{
|
||||
return trust == other.trust && path == other.path && certificate == other.certificate;
|
||||
}
|
||||
|
||||
bool ScopedCertificate::operator!=(const ScopedCertificate& other) const
|
||||
{
|
||||
return !operator==(other);
|
||||
}
|
||||
|
||||
void ScopedCertificate::serialize(QXmlStreamWriter& writer, const ScopedCertificate& scopedCertificate)
|
||||
{
|
||||
writer.writeAttribute("Path", scopedCertificate.path);
|
||||
QString trust = "Ask";
|
||||
if (scopedCertificate.trust == KeeShareSettings::Trust::Trusted) {
|
||||
trust = "Trusted";
|
||||
}
|
||||
if (scopedCertificate.trust == KeeShareSettings::Trust::Untrusted) {
|
||||
trust = "Untrusted";
|
||||
}
|
||||
writer.writeAttribute("Trust", trust);
|
||||
Certificate::serialize(writer, scopedCertificate.certificate);
|
||||
}
|
||||
|
||||
ScopedCertificate ScopedCertificate::deserialize(QXmlStreamReader& reader)
|
||||
{
|
||||
ScopedCertificate scopedCertificate;
|
||||
scopedCertificate.path = reader.attributes().value("Path").toString();
|
||||
scopedCertificate.trust = KeeShareSettings::Trust::Ask;
|
||||
auto trust = reader.attributes().value("Trust").toString();
|
||||
if (trust.compare("Trusted", Qt::CaseInsensitive) == 0) {
|
||||
scopedCertificate.trust = KeeShareSettings::Trust::Trusted;
|
||||
}
|
||||
if (trust.compare("Untrusted", Qt::CaseInsensitive) == 0) {
|
||||
scopedCertificate.trust = KeeShareSettings::Trust::Untrusted;
|
||||
}
|
||||
scopedCertificate.certificate = Certificate::deserialize(reader);
|
||||
return scopedCertificate;
|
||||
}
|
||||
|
||||
QString Foreign::serialize(const Foreign& foreign)
|
||||
{
|
||||
return xmlSerialize([&](QXmlStreamWriter& writer) {
|
||||
writer.writeStartElement("Foreign");
|
||||
for (const ScopedCertificate& scopedCertificate : foreign.certificates) {
|
||||
writer.writeStartElement("Certificate");
|
||||
ScopedCertificate::serialize(writer, scopedCertificate);
|
||||
writer.writeEndElement();
|
||||
}
|
||||
writer.writeEndElement();
|
||||
});
|
||||
}
|
||||
|
||||
Foreign Foreign::deserialize(const QString& raw)
|
||||
{
|
||||
Foreign foreign;
|
||||
xmlDeserialize(raw, [&](QXmlStreamReader& reader) {
|
||||
while (!reader.error() && reader.readNextStartElement()) {
|
||||
if (reader.name() == "Foreign") {
|
||||
while (!reader.error() && reader.readNextStartElement()) {
|
||||
if (reader.name() == "Certificate") {
|
||||
foreign.certificates << ScopedCertificate::deserialize(reader);
|
||||
} else {
|
||||
qWarning("Unknown Certificates element %s", qPrintable(reader.name().toString()));
|
||||
reader.skipCurrentElement();
|
||||
}
|
||||
}
|
||||
} else {
|
||||
qWarning("Unknown KeeShareSettings element %s", qPrintable(reader.name().toString()));
|
||||
reader.skipCurrentElement();
|
||||
}
|
||||
}
|
||||
});
|
||||
return foreign;
|
||||
}
|
||||
|
||||
Reference::Reference()
|
||||
: type(Inactive)
|
||||
, uuid(QUuid::createUuid())
|
||||
@@ -433,31 +357,38 @@ namespace KeeShareSettings
|
||||
|
||||
QString Sign::serialize(const Sign& sign)
|
||||
{
|
||||
if (sign.certificate.isNull()) {
|
||||
return {};
|
||||
}
|
||||
|
||||
// Extract RSA key data to serialize an ssh-rsa public key.
|
||||
// ssh-rsa keys are currently not built into Botan
|
||||
const auto rsaKey = static_cast<Botan::RSA_PrivateKey*>(sign.certificate.key.data());
|
||||
|
||||
std::vector<uint8_t> rsaE(rsaKey->get_e().bytes());
|
||||
rsaKey->get_e().binary_encode(rsaE.data());
|
||||
|
||||
std::vector<uint8_t> rsaN(rsaKey->get_n().bytes());
|
||||
rsaKey->get_n().binary_encode(rsaN.data());
|
||||
|
||||
QByteArray rsaKeySerialized;
|
||||
QDataStream stream(&rsaKeySerialized, QIODevice::WriteOnly);
|
||||
stream.writeBytes("ssh-rsa", 7);
|
||||
stream.writeBytes(reinterpret_cast<const char*>(rsaE.data()), rsaE.size());
|
||||
stream.writeBytes(reinterpret_cast<const char*>(rsaN.data()), rsaN.size());
|
||||
|
||||
return xmlSerialize([&](QXmlStreamWriter& writer) {
|
||||
writer.writeStartElement("Signature");
|
||||
writer.writeCharacters(sign.signature);
|
||||
writer.writeEndElement();
|
||||
writer.writeStartElement("Certificate");
|
||||
Certificate::serialize(writer, sign.certificate);
|
||||
writer.writeStartElement("Signer");
|
||||
writer.writeCharacters(sign.certificate.signer);
|
||||
writer.writeEndElement();
|
||||
writer.writeStartElement("Key");
|
||||
writer.writeCharacters(rsaKeySerialized.toBase64());
|
||||
writer.writeEndElement();
|
||||
writer.writeEndElement();
|
||||
});
|
||||
}
|
||||
|
||||
Sign Sign::deserialize(const QString& raw)
|
||||
{
|
||||
Sign sign;
|
||||
xmlDeserialize(raw, [&](QXmlStreamReader& reader) {
|
||||
while (!reader.error() && reader.readNextStartElement()) {
|
||||
if (reader.name() == "Signature") {
|
||||
sign.signature = reader.readElementText();
|
||||
} else if (reader.name() == "Certificate") {
|
||||
sign.certificate = KeeShareSettings::Certificate::deserialize(reader);
|
||||
} else {
|
||||
qWarning("Unknown Sign element %s", qPrintable(reader.name().toString()));
|
||||
reader.skipCurrentElement();
|
||||
}
|
||||
}
|
||||
});
|
||||
return sign;
|
||||
}
|
||||
} // namespace KeeShareSettings
|
||||
|
||||
Reference in New Issue
Block a user