diff --git a/database/src/lib.rs b/database/src/lib.rs index 20799af..3c6de60 100644 --- a/database/src/lib.rs +++ b/database/src/lib.rs @@ -2,7 +2,7 @@ #![recursion_limit = "1024"] #![feature(try_from)] -use std::convert::{TryFrom,TryInto}; +use std::convert::TryFrom; use std::path::PathBuf; use std::str::FromStr; @@ -27,7 +27,6 @@ use tempfile::NamedTempFile; extern crate sequoia_openpgp as openpgp; use openpgp::{ TPK, - RevocationStatus, packet::UserID, parse::Parse, packet::KeyFlags, @@ -45,7 +44,7 @@ mod stateful_tokens; pub use stateful_tokens::StatefulTokens; mod openpgp_utils; -use openpgp_utils::{tpk_filter_userids, tpk_to_string, tpk_clean}; +use openpgp_utils::{tpk_filter_userids, tpk_to_string, tpk_clean, is_status_revoked}; #[cfg(test)] mod test; @@ -206,8 +205,7 @@ pub trait Database: Sync + Send { (new_tpk, false) }; - let is_revoked = full_tpk_new.revocation_status() - != RevocationStatus::NotAsFarAsWeKnow; + let is_revoked = is_status_revoked(full_tpk_new.revocation_status()); let is_ok = is_revoked || full_tpk_new.subkeys().next().is_some() || @@ -237,7 +235,7 @@ pub trait Database: Sync + Send { .flat_map(|binding| { let uid = binding.userid(); if let Ok(email) = Email::try_from(uid) { - if binding.revoked(None) != RevocationStatus::NotAsFarAsWeKnow { + if is_status_revoked(binding.revoked(None)) { Some((email, EmailAddressStatus::Revoked)) } else if published_uids.contains(uid) { Some((email, EmailAddressStatus::Published)) @@ -259,7 +257,7 @@ pub trait Database: Sync + Send { let revoked_uids: Vec = full_tpk_new .userids() - .filter(|binding| binding.revoked(None) != RevocationStatus::NotAsFarAsWeKnow) + .filter(|binding| is_status_revoked(binding.revoked(None))) .map(|binding| binding.userid().clone()) .collect(); @@ -278,7 +276,7 @@ pub trait Database: Sync + Send { .filter(|email| { let has_unrevoked_userid = published_tpk_new .userids() - .filter(|binding| binding.revoked(None) == RevocationStatus::NotAsFarAsWeKnow) + .filter(|binding| !is_status_revoked(binding.revoked(None))) .map(|binding| binding.userid()) .map(|uid| Email::try_from(uid).ok()) .flatten() @@ -337,8 +335,7 @@ pub trait Database: Sync + Send { .ok_or_else(|| failure::err_msg("Key not in database!")) .and_then(|bytes| TPK::from_bytes(bytes.as_ref()))?; - let is_revoked = tpk_full.revocation_status() - != RevocationStatus::NotAsFarAsWeKnow; + let is_revoked = is_status_revoked(tpk_full.revocation_status()); let unparsed_uids = tpk_full .userids() @@ -361,7 +358,7 @@ pub trait Database: Sync + Send { if let Ok(email) = Email::try_from(uid) { if !known_addresses.contains(&email) { None - } else if binding.revoked(None) != RevocationStatus::NotAsFarAsWeKnow { + } else if is_status_revoked(binding.revoked(None)) { Some((email, EmailAddressStatus::Revoked)) } else if published_uids.contains(uid) { Some((email, EmailAddressStatus::Published)) diff --git a/database/src/openpgp_utils.rs b/database/src/openpgp_utils.rs index 0af02e8..48a7a98 100644 --- a/database/src/openpgp_utils.rs +++ b/database/src/openpgp_utils.rs @@ -2,11 +2,20 @@ use failure::Fallible as Result; use openpgp::{ TPK, + RevocationStatus, armor::{Writer, Kind}, packet::{UserID, Tag}, serialize::Serialize as OpenPgpSerialize, }; +pub fn is_status_revoked(status: RevocationStatus) -> bool { + match status { + RevocationStatus::Revoked(_) => true, + RevocationStatus::CouldBe(_) => false, + RevocationStatus::NotAsFarAsWeKnow => false, + } +} + pub fn tpk_to_string(tpk: &TPK) -> Result> { let mut buf = Vec::new(); { diff --git a/dist/templates/about/faq.html.hbs b/dist/templates/about/faq.html.hbs index 6bbb16f..477e12b 100644 --- a/dist/templates/about/faq.html.hbs +++ b/dist/templates/about/faq.html.hbs @@ -93,13 +93,13 @@

- This is a problem with current versions of GnuPG. If you are - trying to update a key from Hagrid that includes only - non-identity information, GnuPG will complain complain about the - key not having a userid: + This is a problem with current versions of GnuPG. If you attempt to + update a key from keys.openpgp.org that + contains no identity information, GnuPG will refuse + to process the key:

- $ gpg --receive-keys A2604867523C7ED8
+ $ gpg --receive-keys A2604867523C7ED8
gpg: key A2604867523C7ED8: no user ID

diff --git a/dist/templates/about/usage.html.hbs b/dist/templates/about/usage.html.hbs index d9ff982..c433046 100644 --- a/dist/templates/about/usage.html.hbs +++ b/dist/templates/about/usage.html.hbs @@ -46,10 +46,10 @@

  • To refresh all your keys (e.g. new revocation certificates and subkeys):
    gpg --refresh-keys
    - Note: If you see messages like the following, - see here for notes on - compatibility with older versions of GnuPG. -
    gpg: key A2604867523C7ED8: no user ID
    + Note: If you see errors like the following, + see our notes on compatibility + with older versions of GnuPG. +
    gpg: key A2604867523C7ED8: no user ID
    • @@ -93,8 +93,8 @@

    API

    - We offer an API integrated support in OpenPGP applications. Check out - our API documentation. + We offer an API for integrated support in OpenPGP applications. Check + out our API documentation.

    Others