diff --git a/libretroshare/src/retroshare/rspeers.h b/libretroshare/src/retroshare/rspeers.h
index 19127d2ca..3fdbbaf17 100644
--- a/libretroshare/src/retroshare/rspeers.h
+++ b/libretroshare/src/retroshare/rspeers.h
@@ -889,7 +889,7 @@ public:
bool& is_short_format, uint32_t& error_code ) = 0;
virtual std::string saveCertificateToString(const RsPeerId &id) = 0;
- virtual bool signGPGCertificate(const RsPgpId &gpg_id) = 0;
+ virtual bool signGPGCertificate(const RsPgpId &gpg_id,const std::string& gpg_passphrase) = 0;
virtual bool trustGPGCertificate(const RsPgpId &gpg_id, uint32_t trustlvl) = 0;
/* Group Stuff */
diff --git a/libretroshare/src/rsserver/p3peers.cc b/libretroshare/src/rsserver/p3peers.cc
index eee3864d7..22d9a2ae6 100644
--- a/libretroshare/src/rsserver/p3peers.cc
+++ b/libretroshare/src/rsserver/p3peers.cc
@@ -34,6 +34,7 @@
#include "pqi/authssl.h"
#include "pqi/authgpg.h"
#include "retroshare/rsinit.h"
+#include "retroshare/rsnotify.h"
#include "retroshare/rsfiles.h"
#include "util/rsurl.h"
#include "util/radix64.h"
@@ -1680,19 +1681,23 @@ std::string p3Peers::saveCertificateToString(const RsPeerId &id)
}
}
-bool p3Peers::signGPGCertificate(const RsPgpId &id)
+bool p3Peers::signGPGCertificate(const RsPgpId &id, const std::string &gpg_passphrase)
{
#ifdef P3PEERS_DEBUG
std::cerr << "p3Peers::SignCertificate() " << id;
std::cerr << std::endl;
#endif
+ rsNotify->cachePgpPassphrase(gpg_passphrase);
+ rsNotify->setDisableAskPassword(true);
+ bool res = AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
- AuthGPG::getAuthGPG()->AllowConnection(id, true);
- return AuthGPG::getAuthGPG()->SignCertificateLevel0(id);
+ rsNotify->clearPgpPassphrase();
+ rsNotify->setDisableAskPassword(false);
+
+ return res;
}
-
bool p3Peers::trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl)
{
#ifdef P3PEERS_DEBUG
diff --git a/libretroshare/src/rsserver/p3peers.h b/libretroshare/src/rsserver/p3peers.h
index cd4d0876e..9b0a7666f 100644
--- a/libretroshare/src/rsserver/p3peers.h
+++ b/libretroshare/src/rsserver/p3peers.h
@@ -165,7 +165,7 @@ public:
virtual bool cleanCertificate(const std::string &certstr, std::string &cleanCert, bool &is_short_format, uint32_t& error_code) override;
virtual std::string saveCertificateToString(const RsPeerId &id) override;
- virtual bool signGPGCertificate(const RsPgpId &id) override;
+ virtual bool signGPGCertificate(const RsPgpId &id,const std::string& gpg_passphrase) override;
virtual bool trustGPGCertificate(const RsPgpId &id, uint32_t trustlvl) override;
/* Group Stuff */
diff --git a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
index 09db7d48e..97ad0d331 100755
--- a/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
+++ b/retroshare-gui/src/gui/connect/ConnectFriendWizard.cpp
@@ -740,6 +740,38 @@ void ConnectFriendWizard::accept()
{
std::cerr << "ConclusionPage::validatePage() accepting GPG key for connection." << std::endl;
+ if(sign)
+ {
+ std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl;
+ bool prev_is_bad = false;
+
+ for(int i=0;i<3;++i)
+ {
+ std::string pgp_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
+ bool cancelled;
+ std::string pgp_password;
+
+ if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), pgp_name + " (" + rsPeers->getOwnId().toStdString() + ")", prev_is_bad, pgp_password,cancelled))
+ {
+ QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password."));
+ return;
+ }
+
+ if(rsPeers->signGPGCertificate(peerDetails.gpg_id,pgp_password))
+ {
+ prev_is_bad = false;
+ break;
+ }
+ else
+ prev_is_bad = true;
+ }
+
+ if(prev_is_bad)
+ {
+ QMessageBox::warning(nullptr,tr("Signature failed"),tr("Signature failed. Uncheck the key signature box if you want to make friends without signing the friends' certificate"));
+ return;
+ }
+ }
if(peerDetails.skip_pgp_signature_validation)
rsPeers->addSslOnlyFriend(peerDetails.id, peerDetails.gpg_id,peerDetails);
else
@@ -757,12 +789,7 @@ void ConnectFriendWizard::accept()
}
}
- if(sign)
- {
- std::cerr << "ConclusionPage::validatePage() signing GPG key." << std::endl;
- rsPeers->signGPGCertificate(peerDetails.gpg_id); //bye default sign set accept_connection to true;
- rsPeers->setServicePermissionFlags(peerDetails.gpg_id,serviceFlags()) ;
- }
+
if (!groupId.isEmpty())
rsPeers->assignPeerToGroup(RsNodeGroupId(groupId.toStdString()), peerDetails.gpg_id, true);
diff --git a/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp b/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp
index 190b40855..d1cf736a6 100644
--- a/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp
+++ b/retroshare-gui/src/gui/connect/PGPKeyDialog.cpp
@@ -87,8 +87,6 @@ PGPKeyDialog::PGPKeyDialog(const RsPeerId& id, const RsPgpId &pgp_id, QWidget *p
connect(ui.make_friend_button, SIGNAL(clicked()), this, SLOT(makeFriend()));
connect(ui.denyFriendButton, SIGNAL(clicked()), this, SLOT(denyFriend()));
connect(ui.signKeyButton, SIGNAL(clicked()), this, SLOT(signGPGKey()));
- //connect(ui.trusthelpButton, SIGNAL(clicked()), this, SLOT(showHelpDialog()));
- //connect(ui._shouldAddSignatures_CB, SIGNAL(toggled(bool)), this, SLOT(loadInvitePage()));
connect(ui._shouldAddSignatures_CB_2, SIGNAL(toggled(bool)), this, SLOT(loadKeyPage()));
//ui.avatar->setFrameType(AvatarWidget::NORMAL_FRAME);
@@ -182,7 +180,6 @@ void PGPKeyDialog::load()
if (detail.gpg_id == rsPeers->getGPGOwnId())
{
ui.make_friend_button->hide();
- ui.signGPGKeyCheckBox->hide();
ui.signKeyButton->hide();
ui.denyFriendButton->hide();
@@ -199,62 +196,49 @@ void PGPKeyDialog::load()
ui.trustlevel_CB->show();
ui.is_signing_me->show();
ui.signersLabel->setText(tr("This key is signed by :")+" ");
+ ui.signKeyButton->setEnabled(!detail.ownsign);
if (detail.accept_connection)
{
ui.make_friend_button->hide();
ui.denyFriendButton->show();
- ui.signGPGKeyCheckBox->hide();
- //connection already accepted, propose to sign gpg key
- if (!detail.ownsign) {
- ui.signKeyButton->show();
- } else {
- ui.signKeyButton->hide();
- }
}
else
{
ui.make_friend_button->show();
ui.denyFriendButton->hide();
- ui.signKeyButton->hide();
- if (!detail.ownsign) {
- ui.signGPGKeyCheckBox->show();
- ui.signGPGKeyCheckBox->setChecked(false);
- } else {
- ui.signGPGKeyCheckBox->hide();
- }
}
//web of trust
- ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ;
+ ui.trustlevel_CB->setCurrentIndex(detail.trustLvl) ;
- QString truststring = "" ;
- truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ;
- truststring += "
" ;
- truststring += "" ;
+ QString truststring = "
" ;
+ truststring += tr("The trust level is a way to express your own trust in this key. It is not used by the software nor shared, but can be useful to you in order to remember good/bad keys.") ;
+ truststring += "
" ;
+ truststring += "" ;
switch(detail.trustLvl)
- {
- case RS_TRUST_LVL_ULTIMATE:
- //trust is ultimate, it means it's one of our own keys
- truststring += tr("Your trust in this peer is ultimate");
- break ;
- case RS_TRUST_LVL_FULL:
- truststring += tr("Your trust in this peer is full.");
- break ;
- case RS_TRUST_LVL_MARGINAL:
- truststring += tr("Your trust in this peer is marginal.");
- break ;
- case RS_TRUST_LVL_NEVER:
- truststring += tr("Your trust in this peer is none.");
- break ;
+ {
+ case RS_TRUST_LVL_ULTIMATE:
+ //trust is ultimate, it means it's one of our own keys
+ truststring += tr("Your trust in this peer is ultimate");
+ break ;
+ case RS_TRUST_LVL_FULL:
+ truststring += tr("Your trust in this peer is full.");
+ break ;
+ case RS_TRUST_LVL_MARGINAL:
+ truststring += tr("Your trust in this peer is marginal.");
+ break ;
+ case RS_TRUST_LVL_NEVER:
+ truststring += tr("Your trust in this peer is none.");
+ break ;
- default:
- truststring += tr("You haven't set a trust level for this key.");
- break ;
- }
- truststring += "
" ;
+ default:
+ truststring += tr("You haven't set a trust level for this key.");
+ break ;
+ }
+ truststring += "" ;
ui.trustlevel_CB->setToolTip(truststring) ;
if (detail.hasSignedMe) {
@@ -358,12 +342,7 @@ void PGPKeyDialog::applyDialog()
void PGPKeyDialog::makeFriend()
{
- if (ui.signGPGKeyCheckBox->isChecked()) {
- rsPeers->signGPGCertificate(pgpId);
- }
-
rsPeers->addFriend(peerId, pgpId);
-// setServiceFlags() ;
loadAll();
emit configChanged();
@@ -379,12 +358,21 @@ void PGPKeyDialog::denyFriend()
void PGPKeyDialog::signGPGKey()
{
- if (!rsPeers->signGPGCertificate(pgpId)) {
- QMessageBox::warning ( NULL,
- tr("Signature Failure"),
- tr("Maybe password is wrong"),
- QMessageBox::Ok);
+ std::string gpg_name = rsPeers->getGPGName(rsPeers->getGPGOwnId());
+ bool cancelled;
+ std::string gpg_password;
+
+ if(!NotifyQt::getInstance()->askForPassword(tr("Profile password needed.").toStdString(), gpg_name + " (" + rsPeers->getOwnId().toStdString() + ")", false, gpg_password,cancelled))
+ {
+ QMessageBox::critical(NULL,tr("Identity creation failed"),tr("Cannot create an identity linked to your profile without your profile password."));
+ return;
}
+
+ rsNotify->clearPgpPassphrase(); // just in case
+
+ if(!rsPeers->signGPGCertificate(pgpId,gpg_password))
+ QMessageBox::warning ( NULL, tr("Signature Failure"), tr("Check the password!"), QMessageBox::Ok);
+
loadAll();
emit configChanged();
diff --git a/retroshare-gui/src/gui/connect/PGPKeyDialog.ui b/retroshare-gui/src/gui/connect/PGPKeyDialog.ui
index 754a3a6d2..4baa2f667 100644
--- a/retroshare-gui/src/gui/connect/PGPKeyDialog.ui
+++ b/retroshare-gui/src/gui/connect/PGPKeyDialog.ui
@@ -7,7 +7,7 @@
0
0
600
- 401
+ 452
@@ -205,16 +205,6 @@ p, li { white-space: pre-wrap; }
- -
-
-
- <html><head/><body><p><span style=" font-size:10pt;">Signing a friend's key is a way to express your trust into this friend, to your other friends. It helps them to decide whether to allow connections from that key based on your own trust. Signing a key is absolutely optional and cannot be undone, so do it wisely.</span></p></body></html>
-
-
- Sign PGP key
-
-
-
-