Libkleo

formatting.cpp
1/* -*- mode: c++; c-basic-offset: 4; indent-tabs-mode: nil; -*-
2 utils/formatting.cpp
3
4 This file is part of Kleopatra, the KDE keymanager
5 SPDX-FileCopyrightText: 2007 Klarälvdalens Datakonsult AB
6 SPDX-FileCopyrightText: 2021, 2022 g10 Code GmbH
7 SPDX-FileContributor: Ingo Klöcker <dev@ingo-kloecker.de>
8
9 SPDX-License-Identifier: GPL-2.0-or-later
10*/
11
12#include <config-libkleo.h>
13
14#include "formatting.h"
15
16#include "algorithm.h"
17#include "compat.h"
18#include "compliance.h"
19#include "cryptoconfig.h"
20#include "gnupg.h"
21#include "keyhelpers.h"
22
23#include <libkleo/dnattributes.h>
24#include <libkleo/keycache.h>
25#include <libkleo/keygroup.h>
26
27#include <libkleo_debug.h>
28
29#include <KEmailAddress>
30#include <KLocalizedString>
31
32#include <QGpgME/CryptoConfig>
33#include <QGpgME/DN>
34#include <QGpgME/Protocol>
35
36#include <QDateTime>
37#include <QIcon>
38#include <QLocale>
39#include <QRegularExpression>
40#include <QString>
41
42#include <gpgme++/importresult.h>
43#include <gpgme++/key.h>
44
45#include <gpg-error.h>
46
47using namespace GpgME;
48using namespace Kleo;
49
50using namespace Qt::Literals::StringLiterals;
51
52namespace
53{
54QIcon iconForValidityAndCompliance(UserID::Validity validity, bool isCompliant)
55{
56 switch (validity) {
57 case UserID::Ultimate:
58 case UserID::Full:
59 case UserID::Marginal:
60 return isCompliant ? Formatting::successIcon() : Formatting::infoIcon();
61 case UserID::Never:
62 return Formatting::errorIcon();
63 case UserID::Undefined:
64 case UserID::Unknown:
65 default:
66 return Formatting::infoIcon();
67 }
68}
69QIcon iconForValidity(const UserID &userId)
70{
71 const bool keyIsCompliant = !DeVSCompliance::isActive() || //
72 (DeVSCompliance::isCompliant() && DeVSCompliance::keyIsCompliant(userId.parent()));
73 return iconForValidityAndCompliance(userId.validity(), keyIsCompliant);
74}
75}
76
77QIcon Formatting::IconProvider::icon(const GpgME::Key &key) const
78{
79 return icon(key.userID(0));
80}
81
82QIcon Formatting::IconProvider::icon(const GpgME::UserID &userID) const
83{
84 if (usage.canEncrypt() && !Kleo::canBeUsedForEncryption(userID.parent())) {
85 return Formatting::errorIcon();
86 }
87 if (usage.canSign() && !Kleo::canBeUsedForSigning(userID.parent())) {
88 return Formatting::errorIcon();
89 }
90 if (userID.parent().isBad() || userID.isBad()) {
91 return Formatting::errorIcon();
92 }
93 if (Kleo::isRevokedOrExpired(userID)) {
94 return Formatting::errorIcon();
95 }
96 return iconForValidity(userID);
97}
98
99QIcon Formatting::IconProvider::icon(const KeyGroup &group) const
100{
101 if (usage.canEncrypt() && !Kleo::all_of(group.keys(), Kleo::canBeUsedForEncryption)) {
102 return Formatting::errorIcon();
103 }
104 if (usage.canSign() && !Kleo::all_of(group.keys(), Kleo::canBeUsedForSigning)) {
105 return Formatting::errorIcon();
106 }
107 return validityIcon(group);
108}
109
110QIcon Formatting::successIcon()
111{
112 return QIcon::fromTheme(QStringLiteral("emblem-success"));
113}
114
115QIcon Formatting::infoIcon()
116{
117 return QIcon::fromTheme(QStringLiteral("emblem-information"));
118}
119
120QIcon Formatting::questionIcon()
121{
122 return QIcon::fromTheme(QStringLiteral("emblem-question"));
123}
124
125QIcon Formatting::unavailableIcon()
126{
127 return QIcon::fromTheme(QStringLiteral("emblem-unavailable"));
128}
129
130QIcon Formatting::warningIcon()
131{
132 return QIcon::fromTheme(QStringLiteral("emblem-warning"));
133}
134
135QIcon Formatting::errorIcon()
136{
137 return QIcon::fromTheme(QStringLiteral("emblem-error"));
138}
139
140//
141// Name
142//
143
144QString Formatting::prettyName(int proto, const char *id, const char *name_, const char *comment_)
145{
146 if (proto == GpgME::OpenPGP) {
147 const QString name = QString::fromUtf8(name_);
148 if (name.isEmpty()) {
149 return QString();
150 }
151 const QString comment = QString::fromUtf8(comment_);
152 if (comment.isEmpty()) {
153 return name;
154 }
155 return QStringLiteral("%1 (%2)").arg(name, comment);
156 }
157
158 if (proto == GpgME::CMS) {
159 const QGpgME::DN subject(id);
160 const QString cn = subject[QStringLiteral("CN")].trimmed();
161 if (cn.isEmpty()) {
162 subject.setAttributeOrder(DNAttributes::order());
163 return subject.prettyDN();
164 }
165 return cn;
166 }
167
168 return QString();
169}
170
171QString Formatting::prettyNameAndEMail(int proto, const char *id, const char *name_, const char *email_, const char *comment_)
172{
173 return prettyNameAndEMail(proto, QString::fromUtf8(id), QString::fromUtf8(name_), prettyEMail(email_, id), QString::fromUtf8(comment_));
174}
175
176QString Formatting::prettyNameAndEMail(int proto, const QString &id, const QString &name, const QString &email, const QString &comment)
177{
178 if (proto == GpgME::OpenPGP) {
179 if (name.isEmpty()) {
180 if (email.isEmpty()) {
181 return QString();
182 } else if (comment.isEmpty()) {
183 return QStringLiteral("<%1>").arg(email);
184 } else {
185 return QStringLiteral("(%2) <%1>").arg(email, comment);
186 }
187 }
188 if (email.isEmpty()) {
189 if (comment.isEmpty()) {
190 return name;
191 } else {
192 return QStringLiteral("%1 (%2)").arg(name, comment);
193 }
194 }
195 if (comment.isEmpty()) {
196 return QStringLiteral("%1 <%2>").arg(name, email);
197 } else {
198 return QStringLiteral("%1 (%3) <%2>").arg(name, email, comment);
199 }
200 }
201
202 if (proto == GpgME::CMS) {
203 const QGpgME::DN subject(id);
204 const QString cn = subject[QStringLiteral("CN")].trimmed();
205 if (cn.isEmpty()) {
206 subject.setAttributeOrder(DNAttributes::order());
207 return subject.prettyDN();
208 }
209 return cn;
210 }
211 return QString();
212}
213
214QString Formatting::prettyUserID(const UserID &uid)
215{
216 if (uid.parent().protocol() == GpgME::OpenPGP) {
217 return prettyNameAndEMail(uid);
218 }
219 const QByteArray id = QByteArray(uid.id()).trimmed();
220 if (id.startsWith('<')) {
221 return prettyEMail(uid.email(), uid.id());
222 }
223 if (id.startsWith('(')) {
224 // ### parse uri/dns:
225 return QString::fromUtf8(uid.id());
226 } else {
227 return prettyDN(uid.id());
228 }
229}
230
231QString Formatting::prettyKeyID(const char *id)
232{
233 if (!id) {
234 return QString();
235 }
236 return QLatin1StringView("0x") + QString::fromLatin1(id).toUpper();
237}
238
239QString Formatting::prettyNameAndEMail(const UserID &uid)
240{
241 return prettyNameAndEMail(uid.parent().protocol(), uid.id(), uid.name(), uid.email(), uid.comment());
242}
243
244QString Formatting::prettyNameAndEMail(const Key &key)
245{
246 return prettyNameAndEMail(key.userID(0));
247}
248
249QString Formatting::prettyName(const Key &key)
250{
251 return prettyName(key.userID(0));
252}
253
254QString Formatting::prettyName(const UserID &uid)
255{
256 return prettyName(uid.parent().protocol(), uid.id(), uid.name(), uid.comment());
257}
258
259QString Formatting::prettyName(const UserID::Signature &sig)
260{
261 return prettyName(GpgME::OpenPGP, sig.signerUserID(), sig.signerName(), sig.signerComment());
262}
263
264//
265// EMail
266//
267
268QString Formatting::prettyEMail(const Key &key)
269{
270 for (unsigned int i = 0, end = key.numUserIDs(); i < end; ++i) {
271 const QString email = prettyEMail(key.userID(i));
272 if (!email.isEmpty()) {
273 return email;
274 }
275 }
276 return QString();
277}
278
279QString Formatting::prettyEMail(const UserID &uid)
280{
281 return prettyEMail(uid.email(), uid.id());
282}
283
284QString Formatting::prettyEMail(const UserID::Signature &sig)
285{
286 return prettyEMail(sig.signerEmail(), sig.signerUserID());
287}
288
289QString Formatting::prettyEMail(const char *email_, const char *id)
290{
291 QString email;
292 QString name;
293 QString comment;
294 if (email_ && KEmailAddress::splitAddress(QString::fromUtf8(email_), name, email, comment) == KEmailAddress::AddressOk) {
295 return email;
296 } else {
297 return QGpgME::DN(id)[QStringLiteral("EMAIL")].trimmed();
298 }
299}
300
301QString Formatting::prettyDN(const char *utf8DN)
302{
303 QGpgME::DN dn{utf8DN};
304 dn.setAttributeOrder(DNAttributes::order());
305 return dn.prettyDN();
306}
307
308//
309// Tooltip
310//
311
312namespace
313{
314
315static QString protect_whitespace(QString s)
316{
317 static const QLatin1Char SP(' ');
318 static const QLatin1Char NBSP('\xA0');
319 return s.replace(SP, NBSP);
320}
321
322template<typename T_arg>
323QString format_row(const QString &field, const T_arg &arg)
324{
325 return QStringLiteral("<tr><th>%1:</th><td>%2</td></tr>").arg(protect_whitespace(field), arg);
326}
327QString format_row(const QString &field, const QString &arg)
328{
329 return QStringLiteral("<tr><th>%1:</th><td>%2</td></tr>").arg(protect_whitespace(field), arg.toHtmlEscaped());
330}
331QString format_row(const QString &field, const char *arg)
332{
333 return format_row(field, QString::fromUtf8(arg));
334}
335
336QString format_keytype(const Key &key)
337{
338 const Subkey subkey = key.subkey(0);
339 if (key.hasSecret()) {
340 return i18n("%1-bit %2 (secret key available)", subkey.length(), QLatin1StringView(subkey.publicKeyAlgorithmAsString()));
341 } else {
342 return i18n("%1-bit %2", subkey.length(), QLatin1StringView(subkey.publicKeyAlgorithmAsString()));
343 }
344}
345
346QString format_keyusage(const Key &key)
347{
348 QStringList capabilities;
349 if (Kleo::keyHasSign(key)) {
350 if (key.isQualified()) {
351 capabilities.push_back(i18n("Signing (Qualified)"));
352 } else {
353 capabilities.push_back(i18n("Signing"));
354 }
355 }
356 if (Kleo::keyHasEncrypt(key)) {
357 capabilities.push_back(i18n("Encryption"));
358 }
359 if (Kleo::keyHasCertify(key)) {
360 capabilities.push_back(i18n("Certifying User IDs"));
361 }
362 if (Kleo::keyHasAuthenticate(key)) {
363 capabilities.push_back(i18n("SSH Authentication"));
364 }
365 return capabilities.join(QLatin1StringView(", "));
366}
367
368static QString time_t2string(time_t t)
369{
370 const QDateTime dt = QDateTime::fromSecsSinceEpoch(quint32(t));
371 return QLocale().toString(dt, QLocale::ShortFormat);
372}
373
374static QString make_red(const QString &txt)
375{
376 return QLatin1StringView("<font color=\"red\">") + txt.toHtmlEscaped() + QLatin1StringView("</font>");
377}
378
379}
380
381static QString toolTipInternal(const GpgME::Key &key, const GpgME::UserID &userID, int flags)
382{
383 if (flags == 0 || (key.protocol() != GpgME::CMS && key.protocol() != GpgME::OpenPGP)) {
384 return QString();
385 }
386
387 const Subkey subkey = key.subkey(0);
388
389 QString result;
390 if (flags & Formatting::Validity) {
391 if (key.protocol() == GpgME::OpenPGP || (key.keyListMode() & Validate)) {
392 if (key.isDisabled()) {
393 result = i18n("Disabled");
394 } else if (userID.isRevoked() || key.isRevoked()) {
395 result = make_red(i18n("Revoked"));
396 } else if (key.isExpired()) {
397 result = make_red(i18n("Expired"));
398 } else if (key.keyListMode() & GpgME::Validate) {
399 if (!userID.isNull()) {
400 if (userID.validity() >= UserID::Validity::Full) {
401 result = i18n("User ID is certified.");
402 const auto compliance = Formatting::complianceStringForUserID(userID);
403 if (!compliance.isEmpty()) {
404 result += QStringLiteral("<br>") + compliance;
405 }
406 } else {
407 result = i18n("User ID is not certified.");
408 }
409 } else {
410 unsigned int fullyTrusted = 0;
411 for (const auto &uid : key.userIDs()) {
412 if (uid.validity() >= UserID::Validity::Full) {
413 fullyTrusted++;
414 }
415 }
416 if (fullyTrusted == key.numUserIDs()) {
417 result = i18n("All User IDs are certified.");
418 const auto compliance = Formatting::complianceStringForKey(key);
419 if (!compliance.isEmpty()) {
420 result += QStringLiteral("<br>") + compliance;
421 }
422 } else {
423 result = i18np("One User ID is not certified.", "%1 User IDs are not certified.", key.numUserIDs() - fullyTrusted);
424 }
425 }
426 } else {
427 result = i18n("The validity cannot be checked at the moment.");
428 }
429 } else {
430 result = i18n("The validity cannot be checked at the moment.");
431 }
432 }
433 if (flags == Formatting::Validity) {
434 return result;
435 }
436
437 result += QLatin1StringView("<table border=\"0\">");
438 if (key.protocol() == GpgME::CMS) {
439 if (flags & Formatting::SerialNumber) {
440 result += format_row(i18n("Serial number"), key.issuerSerial());
441 }
442 if (flags & Formatting::Issuer) {
443 result += format_row(i18n("Issuer"), key.issuerName());
444 }
445 }
446 if (flags & Formatting::UserIDs) {
447 if (userID.isNull()) {
448 const std::vector<UserID> uids = key.userIDs();
449 if (!uids.empty()) {
450 result += format_row(key.protocol() == GpgME::CMS ? i18n("Subject") : i18n("User ID"), Formatting::prettyUserID(uids.front()));
451 }
452 if (uids.size() > 1) {
453 for (auto it = uids.begin() + 1, end = uids.end(); it != end; ++it) {
454 if (!it->isRevoked() && !it->isInvalid()) {
455 result += format_row(i18n("a.k.a."), Formatting::prettyUserID(*it));
456 }
457 }
458 }
459 } else {
460 result += format_row(key.protocol() == GpgME::CMS ? i18n("Subject") : i18n("User ID"), Formatting::prettyUserID(userID));
461 }
462 }
463 if (flags & Formatting::ExpiryDates) {
464 result += format_row(i18n("Valid from"), time_t2string(subkey.creationTime()));
465
466 if (!subkey.neverExpires()) {
467 result += format_row(i18n("Valid until"), time_t2string(subkey.expirationTime()));
468 }
469 }
470
471 if (flags & Formatting::CertificateType) {
472 result += format_row(i18n("Type"), format_keytype(key));
473 }
474 if (flags & Formatting::CertificateUsage) {
475 result += format_row(i18n("Usage"), format_keyusage(key));
476 }
477 if (flags & Formatting::KeyID) {
478 result += format_row(i18n("Key ID"), QString::fromLatin1(key.keyID()));
479 }
480 if (flags & Formatting::Fingerprint) {
481 result += format_row(i18n("Fingerprint"), key.primaryFingerprint());
482 }
483 if (flags & Formatting::OwnerTrust) {
484 if (key.protocol() == GpgME::OpenPGP) {
485 result += format_row(i18n("Certification trust"), Formatting::ownerTrustShort(key));
486 } else if (key.isRoot()) {
487 result += format_row(i18n("Trusted issuer?"), (userID.isNull() ? key.userID(0) : userID).validity() == UserID::Ultimate ? i18n("Yes") : i18n("No"));
488 }
489 }
490 if (flags & Formatting::StorageLocation) {
491 if (const char *card = subkey.cardSerialNumber()) {
492 result += format_row(i18n("Stored"), i18nc("stored...", "on SmartCard with serial no. %1", QString::fromUtf8(card)));
493 } else {
494 result += format_row(i18n("Stored"), i18nc("stored...", "on this computer"));
495 }
496 }
497 result += QLatin1StringView("</table>");
498
499 return result;
500}
501
502QString Formatting::toolTip(const Key &key, int flags)
503{
504 return toolTipInternal(key, UserID(), flags);
505}
506
507namespace
508{
509template<typename Container>
510QString getValidityStatement(const Container &keys)
511{
512 const bool allKeysAreOpenPGP = std::all_of(keys.cbegin(), keys.cend(), [](const Key &key) {
513 return key.protocol() == GpgME::OpenPGP;
514 });
515 const bool allKeysAreValidated = std::all_of(keys.cbegin(), keys.cend(), [](const Key &key) {
516 return key.keyListMode() & Validate;
517 });
518 if (allKeysAreOpenPGP || allKeysAreValidated) {
519 const bool someKeysAreBad = std::any_of(keys.cbegin(), keys.cend(), std::mem_fn(&Key::isBad));
520 if (someKeysAreBad) {
521 return i18n("Some keys are revoked, expired, disabled, or invalid.");
522 } else {
523 const bool allKeysAreFullyValid = std::all_of(keys.cbegin(), keys.cend(), &Kleo::allUserIDsHaveFullValidity);
524 if (allKeysAreFullyValid) {
525 return i18n("All keys are certified.");
526 } else {
527 return i18n("Some keys are not certified.");
528 }
529 }
530 }
531 return i18n("The validity of the keys cannot be checked at the moment.");
532}
533}
534
535QString Formatting::toolTip(const KeyGroup &group, int flags)
536{
537 static const unsigned int maxNumKeysForTooltip = 20;
538
539 if (group.isNull()) {
540 return QString();
541 }
542
543 const KeyGroup::Keys &keys = group.keys();
544 if (keys.size() == 0) {
545 return i18nc("@info:tooltip", "This group does not contain any keys.");
546 }
547
548 if (Kleo::any_of(keys, [](const auto &key) {
549 return !key.hasEncrypt();
550 })) {
551 return i18nc("@info:tooltip", "Some of the certificates in this group cannot be used for encryption. Using this group can lead to unexpected results.");
552 }
553
554 const QString validity = (flags & Validity) ? getValidityStatement(keys) : QString();
555 if (flags == Validity) {
556 return validity;
557 }
558
559 // list either up to maxNumKeysForTooltip keys or (maxNumKeysForTooltip-1) keys followed by "and n more keys"
560 const unsigned int numKeysForTooltip = keys.size() > maxNumKeysForTooltip ? maxNumKeysForTooltip - 1 : keys.size();
561
562 QStringList result;
563 result.reserve(3 + 2 + numKeysForTooltip + 2);
564 if (!validity.isEmpty()) {
565 result.push_back(QStringLiteral("<p>"));
566 result.push_back(validity.toHtmlEscaped());
567 result.push_back(QStringLiteral("</p>"));
568 }
569
570 result.push_back(QStringLiteral("<p>"));
571 result.push_back(i18n("Keys:"));
572 {
573 auto it = keys.cbegin();
574 for (unsigned int i = 0; i < numKeysForTooltip; ++i, ++it) {
575 result.push_back(QLatin1StringView("<br>") + Formatting::summaryLine(*it).toHtmlEscaped());
576 }
577 }
578 if (keys.size() > numKeysForTooltip) {
579 result.push_back(QLatin1StringView("<br>")
580 + i18ncp("this follows a list of keys", "and 1 more key", "and %1 more keys", keys.size() - numKeysForTooltip));
581 }
582 result.push_back(QStringLiteral("</p>"));
583
584 return result.join(QLatin1Char('\n'));
585}
586
587QString Formatting::toolTip(const UserID &userID, int flags)
588{
589 return toolTipInternal(userID.parent(), userID, flags);
590}
591
592//
593// Creation and Expiration
594//
595
596namespace
597{
598static QDate time_t2date(time_t t)
599{
600 if (!t) {
601 return {};
602 }
603 const QDateTime dt = QDateTime::fromSecsSinceEpoch(quint32(t));
604 return dt.date();
605}
606static QString accessible_date_format()
607{
608 return i18nc(
609 "date format suitable for screen readers; "
610 "d: day as a number without a leading zero, "
611 "MMMM: localized month name, "
612 "yyyy: year as a four digit number",
613 "MMMM d, yyyy");
614}
615
616template<typename T>
617QString expiration_date_string(const T &tee, const QString &noExpiration)
618{
619 return tee.neverExpires() ? noExpiration : Formatting::dateString(time_t2date(tee.expirationTime()));
620}
621template<typename T>
622QDate creation_date(const T &tee)
623{
624 return time_t2date(tee.creationTime());
625}
626template<typename T>
627QDate expiration_date(const T &tee)
628{
629 return time_t2date(tee.expirationTime());
630}
631}
632
633QString Formatting::dateString(time_t t)
634{
635 return dateString(time_t2date(t));
636}
637
638QString Formatting::dateString(const QDate &date)
639{
640 return QLocale().toString(date, QLocale::ShortFormat);
641}
642
643QString Formatting::accessibleDate(time_t t)
644{
645 return accessibleDate(time_t2date(t));
646}
647
648QString Formatting::accessibleDate(const QDate &date)
649{
650 return QLocale().toString(date, accessible_date_format());
651}
652
653QString Formatting::expirationDateString(const Key &key, const QString &noExpiration)
654{
655 // if key is remote but has a non-zero expiration date (e.g. a key looked up via WKD),
656 // then we assume that the date is valid; if the date is zero for a remote key, then
657 // we don't know if it's unknown or unlimited
658 return isRemoteKey(key) && (key.subkey(0).expirationTime() == 0) //
659 ? i18nc("@info the expiration date of the key is unknown", "unknown")
660 : expiration_date_string(key.subkey(0), noExpiration);
661}
662
663QString Formatting::expirationDateString(const Subkey &subkey, const QString &noExpiration)
664{
665 return expiration_date_string(subkey, noExpiration);
666}
667
668QString Formatting::expirationDateString(const UserID::Signature &sig, const QString &noExpiration)
669{
670 return expiration_date_string(sig, noExpiration);
671}
672
673QDate Formatting::expirationDate(const Key &key)
674{
675 return expiration_date(key.subkey(0));
676}
677
678QDate Formatting::expirationDate(const Subkey &subkey)
679{
680 return expiration_date(subkey);
681}
682
683QDate Formatting::expirationDate(const UserID::Signature &sig)
684{
685 return expiration_date(sig);
686}
687
688QString Formatting::accessibleExpirationDate(const Key &key, const QString &noExpiration)
689{
690 // if key is remote but has a non-zero expiration date (e.g. a key looked up via WKD),
691 // then we assume that the date is valid; if the date is zero for a remote key, then
692 // we don't know if it's unknown or unlimited
693 return isRemoteKey(key) && (key.subkey(0).expirationTime() == 0) //
694 ? i18nc("@info the expiration date of the key is unknown", "unknown")
695 : accessibleExpirationDate(key.subkey(0), noExpiration);
696}
697
698QString Formatting::accessibleExpirationDate(const Subkey &subkey, const QString &noExpiration)
699{
700 if (subkey.neverExpires()) {
701 return noExpiration.isEmpty() ? i18n("unlimited") : noExpiration;
702 } else {
703 return accessibleDate(expirationDate(subkey));
704 }
705}
706
707QString Formatting::accessibleExpirationDate(const UserID::Signature &sig, const QString &noExpiration)
708{
709 if (sig.neverExpires()) {
710 return noExpiration.isEmpty() ? i18n("unlimited") : noExpiration;
711 } else {
712 return accessibleDate(expirationDate(sig));
713 }
714}
715
716QString Formatting::creationDateString(const Key &key)
717{
718 return dateString(creation_date(key.subkey(0)));
719}
720
721QString Formatting::creationDateString(const Subkey &subkey)
722{
723 return dateString(creation_date(subkey));
724}
725
726QString Formatting::creationDateString(const UserID::Signature &sig)
727{
728 return dateString(creation_date(sig));
729}
730
731QDate Formatting::creationDate(const Key &key)
732{
733 return creation_date(key.subkey(0));
734}
735
736QDate Formatting::creationDate(const Subkey &subkey)
737{
738 return creation_date(subkey);
739}
740
741QDate Formatting::creationDate(const UserID::Signature &sig)
742{
743 return creation_date(sig);
744}
745
746QString Formatting::accessibleCreationDate(const Key &key)
747{
748 return accessibleDate(creationDate(key));
749}
750
751QString Formatting::accessibleCreationDate(const Subkey &subkey)
752{
753 return accessibleDate(creationDate(subkey));
754}
755
756//
757// Types
758//
759
760QString Formatting::displayName(GpgME::Protocol p)
761{
762 if (p == GpgME::CMS) {
763 return i18nc("X.509/CMS encryption standard", "S/MIME");
764 }
765 if (p == GpgME::OpenPGP) {
766 return i18n("OpenPGP");
767 }
768 return i18nc("Unknown encryption protocol", "Unknown");
769}
770
771QString Formatting::type(const Key &key)
772{
773 return displayName(key.protocol());
774}
775
776QString Formatting::type(const Subkey &subkey)
777{
778 return QString::fromUtf8(subkey.publicKeyAlgorithmAsString());
779}
780
781QString Formatting::type(const KeyGroup &group)
782{
783 Q_UNUSED(group)
784 return i18nc("a group of keys/certificates", "Group");
785}
786
787//
788// Status / Validity
789//
790
791QString Formatting::ownerTrustShort(const Key &key)
792{
793 return ownerTrustShort(key.ownerTrust());
794}
795
796QString Formatting::ownerTrustShort(Key::OwnerTrust trust)
797{
798 switch (trust) {
799 case Key::Unknown:
800 return i18nc("unknown trust level", "unknown");
801 case Key::Never:
802 return i18n("untrusted");
803 case Key::Marginal:
804 return i18nc("marginal trust", "marginal");
805 case Key::Full:
806 return i18nc("full trust", "full");
807 case Key::Ultimate:
808 return i18nc("ultimate trust", "ultimate");
809 case Key::Undefined:
810 return i18nc("undefined trust", "undefined");
811 default:
812 Q_ASSERT(!"unexpected owner trust value");
813 break;
814 }
815 return QString();
816}
817
818QString Formatting::validityShort(const Subkey &subkey)
819{
820 if (subkey.isDisabled()) {
821 return i18n("disabled");
822 }
823 if (subkey.isRevoked()) {
824 return i18n("revoked");
825 }
826 if (subkey.isExpired()) {
827 return i18n("expired");
828 }
829 if (subkey.isInvalid()) {
830 return i18n("invalid");
831 }
832 return i18nc("as in 'this subkey is ok'", "OK");
833}
834
835QString Formatting::validityShort(const UserID &uid)
836{
837 if (uid.isRevoked()) {
838 return i18n("revoked");
839 }
840 if (uid.isInvalid()) {
841 return i18n("invalid");
842 }
843 switch (uid.validity()) {
844 case UserID::Unknown:
845 return i18nc("unknown trust level", "unknown");
846 case UserID::Undefined:
847 return i18nc("undefined trust", "undefined");
848 case UserID::Never:
849 return i18n("untrusted");
850 case UserID::Marginal:
851 return i18nc("marginal trust", "marginal");
852 case UserID::Full:
853 return i18nc("full trust", "full");
854 case UserID::Ultimate:
855 return i18nc("ultimate trust", "ultimate");
856 }
857 return QString();
858}
859
860QString Formatting::validityShort(const UserID::Signature &sig)
861{
862 switch (sig.status()) {
863 case UserID::Signature::NoError:
864 if (!sig.isInvalid()) {
865 /* See RFC 4880 Section 5.2.1 */
866 switch (sig.certClass()) {
867 case 0x10: /* Generic */
868 case 0x11: /* Persona */
869 case 0x12: /* Casual */
870 case 0x13: /* Positive */
871 return i18n("valid");
872 case 0x30:
873 return i18n("revoked");
874 default:
875 return i18n("class %1", sig.certClass());
876 }
877 }
878 [[fallthrough]];
879 // fall through:
880 case UserID::Signature::GeneralError:
881 return i18n("invalid");
882 case UserID::Signature::SigExpired:
883 return i18n("expired");
884 case UserID::Signature::KeyExpired:
885 return i18n("certificate expired");
886 case UserID::Signature::BadSignature:
887 return i18nc("fake/invalid signature", "bad");
888 case UserID::Signature::NoPublicKey: {
889 /* GnuPG returns the same error for no public key as for expired
890 * or revoked certificates. */
891 const auto key = KeyCache::instance()->findByKeyIDOrFingerprint(sig.signerKeyID());
892 if (key.isNull()) {
893 return i18n("no public key");
894 } else if (key.isDisabled()) {
895 return i18n("key disabled");
896 } else if (key.isRevoked()) {
897 return i18n("key revoked");
898 } else if (key.isExpired()) {
899 return i18n("key expired");
900 }
901 /* can't happen */
902 return QStringLiteral("unknown");
903 }
904 }
905 return QString();
906}
907
908QIcon Formatting::validityIcon(const UserID::Signature &sig)
909{
910 switch (sig.status()) {
911 case UserID::Signature::NoError:
912 if (!sig.isInvalid()) {
913 /* See RFC 4880 Section 5.2.1 */
914 switch (sig.certClass()) {
915 case 0x10: /* Generic */
916 case 0x11: /* Persona */
917 case 0x12: /* Casual */
918 case 0x13: /* Positive */
919 return Formatting::successIcon();
920 case 0x30:
921 return Formatting::errorIcon();
922 default:
923 return QIcon();
924 }
925 }
926 [[fallthrough]];
927 // fall through:
928 case UserID::Signature::BadSignature:
929 case UserID::Signature::GeneralError:
930 return Formatting::errorIcon();
931 case UserID::Signature::SigExpired:
932 case UserID::Signature::KeyExpired:
933 return Formatting::infoIcon();
934 case UserID::Signature::NoPublicKey:
935 return Formatting::questionIcon();
936 }
937 return QIcon();
938}
939
940QString Formatting::formatKeyLink(const Key &key)
941{
942 if (key.isNull()) {
943 return QString();
944 }
945 return QStringLiteral("<a href=\"key:%1\">%2</a>").arg(QLatin1StringView(key.primaryFingerprint()), Formatting::prettyName(key));
946}
947
948QString Formatting::formatForComboBox(const GpgME::Key &key)
949{
950 const QString name = prettyName(key);
951 QString mail = prettyEMail(key);
952 if (!mail.isEmpty()) {
953 mail = QLatin1Char('<') + mail + QLatin1Char('>');
954 }
955 return i18nc("name, email, key id", "%1 %2 (%3)", name, mail, QLatin1StringView(key.keyID())).simplified();
956}
957
958QString Formatting::nameAndEmailForSummaryLine(const UserID &id)
959{
960 Q_ASSERT(!id.isNull());
961
962 const QString email = Formatting::prettyEMail(id);
963 const QString name = Formatting::prettyName(id);
964
965 if (name.isEmpty()) {
966 return email;
967 } else if (email.isEmpty()) {
968 return name;
969 } else {
970 return QStringLiteral("%1 <%2>").arg(name, email);
971 }
972}
973
974QString Formatting::nameAndEmailForSummaryLine(const Key &key)
975{
976 Q_ASSERT(!key.isNull());
977
978 const QString email = Formatting::prettyEMail(key);
979 const QString name = Formatting::prettyName(key);
980
981 if (name.isEmpty()) {
982 return email;
983 } else if (email.isEmpty()) {
984 return name;
985 } else {
986 return QStringLiteral("%1 <%2>").arg(name, email);
987 }
988}
989
990const char *Formatting::summaryToString(const Signature::Summary summary)
991{
992 if (summary & Signature::Red) {
993 return "RED";
994 }
995 if (summary & Signature::Green) {
996 return "GREEN";
997 }
998 return "YELLOW";
999}
1000
1001QString Formatting::signatureToString(const Signature &sig, const Key &key)
1002{
1003 if (sig.isNull()) {
1004 return QString();
1005 }
1006
1007 const bool red = (sig.summary() & Signature::Red);
1008 const bool valid = (sig.summary() & Signature::Valid);
1009
1010 if (red) {
1011 if (key.isNull()) {
1012 if (const char *fpr = sig.fingerprint()) {
1013 return i18n("Bad signature by unknown certificate %1: %2", QString::fromLatin1(fpr), Formatting::errorAsString(sig.status()));
1014 } else {
1015 return i18n("Bad signature by an unknown certificate: %1", Formatting::errorAsString(sig.status()));
1016 }
1017 } else {
1018 return i18n("Bad signature by %1: %2", nameAndEmailForSummaryLine(key), Formatting::errorAsString(sig.status()));
1019 }
1020
1021 } else if (valid) {
1022 if (key.isNull()) {
1023 if (const char *fpr = sig.fingerprint()) {
1024 return i18n("Good signature by unknown certificate %1.", QString::fromLatin1(fpr));
1025 } else {
1026 return i18n("Good signature by an unknown certificate.");
1027 }
1028 } else {
1029 return i18n("Good signature by %1.", nameAndEmailForSummaryLine(key));
1030 }
1031
1032 } else if (key.isNull()) {
1033 if (const char *fpr = sig.fingerprint()) {
1034 return i18n("Invalid signature by unknown certificate %1: %2", QString::fromLatin1(fpr), Formatting::errorAsString(sig.status()));
1035 } else {
1036 return i18n("Invalid signature by an unknown certificate: %1", Formatting::errorAsString(sig.status()));
1037 }
1038 } else {
1039 return i18n("Invalid signature by %1: %2", nameAndEmailForSummaryLine(key), Formatting::errorAsString(sig.status()));
1040 }
1041}
1042
1043//
1044// ImportResult
1045//
1046
1047QString Formatting::importMetaData(const Import &import, const QStringList &ids)
1048{
1049 const QString result = importMetaData(import);
1050 if (result.isEmpty()) {
1051 return QString();
1052 } else {
1053 return result + QLatin1Char('\n') + i18n("This certificate was imported from the following sources:") + QLatin1Char('\n') + ids.join(QLatin1Char('\n'));
1054 }
1055}
1056
1057QString Formatting::importMetaData(const Import &import)
1058{
1059 if (import.isNull()) {
1060 return QString();
1061 }
1062
1063 if (import.error().isCanceled()) {
1064 return i18n("The import of this certificate was canceled.");
1065 }
1066 if (import.error()) {
1067 return i18n("An error occurred importing this certificate: %1", Formatting::errorAsString(import.error()));
1068 }
1069
1070 const unsigned int status = import.status();
1071 if (status & Import::NewKey) {
1072 return (status & Import::ContainedSecretKey) ? i18n("This certificate was new to your keystore. The secret key is available.")
1073 : i18n("This certificate is new to your keystore.");
1074 }
1075
1076 QStringList results;
1077 if (status & Import::NewUserIDs) {
1078 results.push_back(i18n("New user-ids were added to this certificate by the import."));
1079 }
1080 if (status & Import::NewSignatures) {
1081 results.push_back(i18n("New signatures were added to this certificate by the import."));
1082 }
1083 if (status & Import::NewSubkeys) {
1084 results.push_back(i18n("New subkeys were added to this certificate by the import."));
1085 }
1086
1087 return results.empty() ? i18n("The import contained no new data for this certificate. It is unchanged.") : results.join(QLatin1Char('\n'));
1088}
1089
1090QString Formatting::usageString(const Subkey &sub)
1091{
1092 QStringList usageStrings;
1093 if (sub.canCertify()) {
1094 usageStrings << i18n("Certify");
1095 }
1096 if (sub.canSign()) {
1097 usageStrings << i18n("Sign");
1098 }
1099 if (sub.canEncrypt()) {
1100 usageStrings << i18n("Encrypt");
1101 }
1102 if (sub.canAuthenticate()) {
1103 usageStrings << i18n("Authenticate");
1104 }
1105 if (sub.canRenc()) {
1106 usageStrings << i18nc("Means 'Additional Decryption Subkey'; Don't try translating that, though.", "ADSK");
1107 }
1108 return usageStrings.join(QLatin1StringView(", "));
1109}
1110
1111QString Formatting::summaryLine(const UserID &id)
1112{
1113 return i18nc("name <email> (validity, protocol, creation date)",
1114 "%1 (%2, %3, created: %4)",
1115 nameAndEmailForSummaryLine(id),
1116 Formatting::complianceStringShort(id),
1117 displayName(id.parent().protocol()),
1118 Formatting::creationDateString(id.parent()));
1119}
1120
1121QString Formatting::summaryLine(const Key &key)
1122{
1123 return nameAndEmailForSummaryLine(key) + QLatin1Char(' ')
1124 + i18nc("(validity, protocol, creation date)",
1125 "(%1, %2, created: %3)",
1126 Formatting::complianceStringShort(key),
1127 displayName(key.protocol()),
1128 Formatting::creationDateString(key));
1129}
1130
1131QString Formatting::summaryLine(const KeyGroup &group)
1132{
1133 switch (group.source()) {
1134 case KeyGroup::ApplicationConfig:
1135 case KeyGroup::GnuPGConfig:
1136 return i18ncp("name of group of keys (n key(s), validity)",
1137 "%2 (1 key, %3)",
1138 "%2 (%1 keys, %3)",
1139 group.keys().size(),
1140 group.name(),
1141 Formatting::complianceStringShort(group));
1142 case KeyGroup::Tags:
1143 return i18ncp("name of group of keys (n key(s), validity, tag)",
1144 "%2 (1 key, %3, tag)",
1145 "%2 (%1 keys, %3, tag)",
1146 group.keys().size(),
1147 group.name(),
1148 Formatting::complianceStringShort(group));
1149 default:
1150 return i18ncp("name of group of keys (n key(s), validity, group ...)",
1151 "%2 (1 key, %3, unknown origin)",
1152 "%2 (%1 keys, %3, unknown origin)",
1153 group.keys().size(),
1154 group.name(),
1155 Formatting::complianceStringShort(group));
1156 }
1157}
1158
1159// Icon for certificate selection indication
1160QIcon Formatting::iconForUid(const UserID &uid)
1161{
1162 if (Kleo::isRevokedOrExpired(uid)) {
1163 return Formatting::errorIcon();
1164 }
1165 return iconForValidity(uid);
1166}
1167
1168QString Formatting::validity(const UserID &uid)
1169{
1170 switch (uid.validity()) {
1171 case UserID::Ultimate:
1172 return i18n("The certificate is marked as your own.");
1173 case UserID::Full:
1174 return i18n("The certificate belongs to this recipient.");
1175 case UserID::Marginal:
1176 return i18n("The trust model indicates marginally that the certificate belongs to this recipient.");
1177 case UserID::Never:
1178 return i18n("This certificate should not be used.");
1179 case UserID::Undefined:
1180 case UserID::Unknown:
1181 default:
1182 return i18n("There is no indication that this certificate belongs to this recipient.");
1183 }
1184}
1185
1186QString Formatting::validity(const KeyGroup &group)
1187{
1188 if (group.isNull()) {
1189 return QString();
1190 }
1191
1192 const KeyGroup::Keys &keys = group.keys();
1193 if (keys.size() == 0) {
1194 return i18n("This group does not contain any keys.");
1195 }
1196
1197 return getValidityStatement(keys);
1198}
1199
1200namespace
1201{
1202template<typename Container>
1203UserID::Validity minimalValidity(const Container &keys)
1204{
1205 const int minValidity = std::accumulate(keys.cbegin(), keys.cend(), UserID::Ultimate + 1, [](int validity, const Key &key) {
1206 return std::min<int>(validity, minimalValidityOfNotRevokedUserIDs(key));
1207 });
1208 return minValidity <= UserID::Ultimate ? static_cast<UserID::Validity>(minValidity) : UserID::Unknown;
1209}
1210
1211template<typename Container>
1212bool allKeysAreCompliant(const Container &keys)
1213{
1214 if (!DeVSCompliance::isActive()) {
1215 return true;
1216 }
1217 if (!DeVSCompliance::isCompliant()) {
1218 return false;
1219 }
1220 return Kleo::all_of(keys, DeVSCompliance::keyIsCompliant);
1221}
1222}
1223
1224QIcon Formatting::validityIcon(const KeyGroup &group)
1225{
1226 if (Kleo::any_of(group.keys(), std::mem_fn(&Key::isBad))) {
1227 return Formatting::errorIcon();
1228 }
1229 return iconForValidityAndCompliance(minimalValidity(group.keys()), allKeysAreCompliant(group.keys()));
1230}
1231
1232QString Formatting::complianceMode()
1233{
1234 const auto complianceValue = getCryptoConfigStringValue("gpg", "compliance");
1235 return complianceValue == QLatin1StringView("gnupg") ? QString() : complianceValue;
1236}
1237
1238QString Formatting::complianceStringForKey(const GpgME::Key &key)
1239{
1240 // There will likely be more in the future for other institutions
1241 // for now we only have DE-VS
1242 if (DeVSCompliance::isCompliant()) {
1243 return isRemoteKey(key) //
1244 ? i18nc("@info the compliance of the key with certain requirements is unknown", "unknown")
1245 : DeVSCompliance::name(DeVSCompliance::keyIsCompliant(key));
1246 }
1247 return QString();
1248}
1249
1250QString Formatting::complianceStringForUserID(const GpgME::UserID &userID)
1251{
1252 // There will likely be more in the future for other institutions
1253 // for now we only have DE-VS
1254 if (DeVSCompliance::isCompliant()) {
1255 return isRemoteKey(userID.parent()) //
1256 ? i18nc("@info the compliance of the key with certain requirements is unknown", "unknown")
1257 : DeVSCompliance::name(DeVSCompliance::userIDIsCompliant(userID));
1258 }
1259 return QString();
1260}
1261
1262QString Formatting::complianceStringShort(const GpgME::UserID &id)
1263{
1264 if (DeVSCompliance::isCompliant() && DeVSCompliance::userIDIsCompliant(id)) {
1265 return QStringLiteral("★ ") + DeVSCompliance::name(true);
1266 }
1267 const bool keyValidityChecked = (id.parent().keyListMode() & GpgME::Validate);
1268 if (keyValidityChecked && id.validity() >= UserID::Full) {
1269 return i18nc("As in 'this user ID is valid.'", "certified");
1270 }
1271 if (id.parent().isDisabled()) {
1272 return i18n("disabled");
1273 }
1274 if (id.parent().isRevoked() || id.isRevoked()) {
1275 return i18n("revoked");
1276 }
1277 if (id.parent().isExpired() || isExpired(id)) {
1278 return i18n("expired");
1279 }
1280 if (id.parent().isInvalid() || id.isInvalid()) {
1281 return i18n("invalid");
1282 }
1283 if (keyValidityChecked) {
1284 return i18nc("As in 'this user ID is not certified'", "not certified");
1285 }
1286
1287 return i18nc("The validity of this user ID has not been/could not be checked", "not checked");
1288}
1289
1290QString Formatting::complianceStringShort(const GpgME::Key &key)
1291{
1292 if (DeVSCompliance::isCompliant() && DeVSCompliance::keyIsCompliant(key)) {
1293 return QStringLiteral("★ ") + DeVSCompliance::name(true);
1294 }
1295 const bool keyValidityChecked = (key.keyListMode() & GpgME::Validate);
1296 if (key.isDisabled()) {
1297 return i18n("disabled");
1298 }
1299 if (key.isRevoked()) {
1300 return i18n("revoked");
1301 }
1302 if (key.isExpired()) {
1303 return i18n("expired");
1304 }
1305 if (key.isInvalid()) {
1306 return i18n("invalid");
1307 }
1308 if (keyValidityChecked && Kleo::allUserIDsHaveFullValidity(key)) {
1309 return i18nc("As in all user IDs are valid.", "certified");
1310 }
1311 if (keyValidityChecked) {
1312 return i18nc("As in not all user IDs are valid.", "not certified");
1313 }
1314
1315 return i18nc("The validity of the user IDs has not been/could not be checked", "not checked");
1316}
1317
1318QString Formatting::complianceStringShort(const KeyGroup &group)
1319{
1320 const KeyGroup::Keys &keys = group.keys();
1321
1322 const bool allKeysFullyValid = std::all_of(keys.cbegin(), keys.cend(), &Kleo::allUserIDsHaveFullValidity);
1323 if (allKeysFullyValid) {
1324 return i18nc("As in all keys are valid.", "all certified");
1325 }
1326
1327 return i18nc("As in not all keys are valid.", "not all certified");
1328}
1329
1330QString Formatting::prettyID(const char *id)
1331{
1332 if (!id) {
1333 return QString();
1334 }
1335 QString ret = QString::fromLatin1(id).toUpper();
1336 if (ret.size() == 64) {
1337 // looks like a V5 fingerprint; format the first 25 bytes as 10 groups of 5 hex characters
1338 ret.truncate(50);
1339 return ret.replace(QRegularExpression(QStringLiteral("(.....)")), QStringLiteral("\\1 ")).trimmed();
1340 }
1341 ret = ret.replace(QRegularExpression(QStringLiteral("(....)")), QStringLiteral("\\1 ")).trimmed();
1342 // For the standard 10 group V4 fingerprint let us use a double space in the
1343 // middle to increase readability
1344 if (ret.size() == 49) {
1345 ret.insert(24, QLatin1Char(' '));
1346 }
1347 return ret;
1348}
1349
1350QString Formatting::accessibleHexID(const char *id)
1351{
1352 static const QRegularExpression groupOfFourRegExp{QStringLiteral("(?:(.)(.)(.)(.))")};
1353 static const QRegularExpression groupOfFiveRegExp{QStringLiteral("(?:(.)(.)(.)(.)(.))")};
1354
1355 QString ret;
1356 ret = QString::fromLatin1(id);
1357 if (ret.size() == 64) {
1358 ret.truncate(50);
1359 return ret.replace(groupOfFiveRegExp, QStringLiteral("\\1 \\2 \\3 \\4 \\5, ")).chopped(2);
1360 }
1361 if (!ret.isEmpty() && (ret.size() % 4 == 0)) {
1362 ret = ret.replace(groupOfFourRegExp, QStringLiteral("\\1 \\2 \\3 \\4, ")).chopped(2);
1363 }
1364 return ret;
1365}
1366
1367QString Formatting::origin(int o)
1368{
1369 switch (o) {
1370 case Key::OriginKS:
1371 return i18n("Keyserver");
1372 case Key::OriginDane:
1373 return QStringLiteral("DANE");
1374 case Key::OriginWKD:
1375 return QStringLiteral("WKD");
1376 case Key::OriginURL:
1377 return QStringLiteral("URL");
1378 case Key::OriginFile:
1379 return i18n("File import");
1380 case Key::OriginSelf:
1381 return i18n("Generated");
1382 case Key::OriginOther:
1383 case Key::OriginUnknown:
1384 default:
1385 return {};
1386 }
1387}
1388
1389namespace
1390{
1391QString formatTrustScope(const char *trustScope)
1392{
1393 static const QRegularExpression escapedNonAlphaNum{QStringLiteral(R"(\\‍([^0-9A-Za-z]))")};
1394
1395 const auto scopeRegExp = QString::fromUtf8(trustScope);
1396 if (scopeRegExp.startsWith(u"<[^>]+[@.]") && scopeRegExp.endsWith(u">$")) {
1397 // looks like a trust scope regular expression created by gpg
1398 auto domain = scopeRegExp.mid(10, scopeRegExp.size() - 10 - 2);
1399 domain.replace(escapedNonAlphaNum, QStringLiteral(R"(\1)"));
1400 return domain;
1401 }
1402 return scopeRegExp;
1403}
1404}
1405
1406QString Formatting::trustSignatureDomain(const GpgME::UserID::Signature &sig)
1407{
1408 return formatTrustScope(sig.trustScope());
1409}
1410
1411QString Formatting::trustSignature(const GpgME::UserID::Signature &sig)
1412{
1413 switch (sig.trustValue()) {
1414 case TrustSignatureTrust::Partial:
1415 return i18nc("Certifies this key as partially trusted introducer for 'domain name'.",
1416 "Certifies this key as partially trusted introducer for '%1'.",
1417 trustSignatureDomain(sig));
1418 case TrustSignatureTrust::Complete:
1419 return i18nc("Certifies this key as fully trusted introducer for 'domain name'.",
1420 "Certifies this key as fully trusted introducer for '%1'.",
1421 trustSignatureDomain(sig));
1422 default:
1423 return {};
1424 }
1425}
1426
1427QString Formatting::errorAsString(const GpgME::Error &error)
1428{
1429#ifdef Q_OS_WIN
1430 // On Windows, we set GpgME resp. libgpg-error to return (translated) error messages as UTF-8
1431#if GPGMEPP_ERROR_HAS_ASSTDSTRING
1432 const std::string s = error.asStdString();
1433 qCDebug(LIBKLEO_LOG) << __func__ << "gettext_use_utf8(-1) returns" << gettext_use_utf8(-1);
1434 qCDebug(LIBKLEO_LOG) << __func__ << "error:" << s;
1435 qCDebug(LIBKLEO_LOG) << __func__ << "error (percent-encoded):" << QByteArray::fromStdString(s).toPercentEncoding();
1436 return QString::fromStdString(s);
1437#else
1438 const char *s = error.asString();
1439 qCDebug(LIBKLEO_LOG) << __func__ << "gettext_use_utf8(-1) returns" << gettext_use_utf8(-1);
1440 qCDebug(LIBKLEO_LOG) << __func__ << "error:" << s;
1441 qCDebug(LIBKLEO_LOG) << __func__ << "error (percent-encoded):" << QByteArray{s}.toPercentEncoding();
1442 return QString::fromUtf8(s);
1443#endif
1444#else
1445#if GPGMEPP_ERROR_HAS_ASSTDSTRING
1446 const std::string s = error.asStdString();
1447 return QString::fromLocal8Bit(QByteArrayView{s.data(), qsizetype(s.size())});
1448#else
1449 return QString::fromLocal8Bit(error.asString());
1450#endif
1451#endif
1452}
1453
1454QString Formatting::prettyAlgorithmName(const std::string &algorithm)
1455{
1456 static const std::map<std::string, QString> displayNames = {
1457 {"brainpoolP256r1", i18nc("@info", "ECC (Brainpool P-256)")},
1458 {"brainpoolP384r1", i18nc("@info", "ECC (Brainpool P-384)")},
1459 {"brainpoolP512r1", i18nc("@info", "ECC (Brainpool P-512)")},
1460 {"curve25519", i18nc("@info", "ECC (Curve25519)")},
1461 {"curve448", i18nc("@info", "ECC (Curve448)")},
1462 {"ed25519", i18nc("@info", "ECC (Ed25519)")},
1463 {"ed448", i18nc("@info", "ECC (Ed448)")},
1464 {"cv25519", i18nc("@info", "ECC (Cv25519)")},
1465 {"cv448", i18nc("@info", "ECC (Cv448)")},
1466 {"nistp256", i18nc("@info", "ECC (NIST P-256)")},
1467 {"nistp384", i18nc("@info", "ECC (NIST P-384)")},
1468 {"nistp521", i18nc("@info", "ECC (NIST P-521)")},
1469 {"rsa1024", i18nc("@info", "RSA 1024")},
1470 {"rsa2048", i18nc("@info", "RSA 2048")},
1471 {"rsa3072", i18nc("@info", "RSA 3072")},
1472 {"rsa4096", i18nc("@info", "RSA 4096")},
1473 {"dsa1024", i18nc("@info", "DSA 1024")},
1474 {"dsa2048", i18nc("@info", "DSA 2048")},
1475 {"elg1024", i18nc("@info", "Elgamal 1024")},
1476 {"elg2048", i18nc("@info", "Elgamal 2048")},
1477 {"elg3072", i18nc("@info", "Elgamal 3072")},
1478 {"elg4096", i18nc("@info", "Elgamal 4096")},
1479 };
1480 const auto it = displayNames.find(algorithm);
1481 return (it != displayNames.end()) ? it->second : QString::fromStdString(algorithm);
1482}
1483
1484static QString formatValidSignatureWithTrustLevel(const GpgME::UserID &id)
1485{
1486 if (id.isNull()) {
1487 return QString();
1488 }
1489 switch (id.validity()) {
1490 case GpgME::UserID::Marginal:
1491 return i18n("The signature is valid but the trust in the certificate's validity is only marginal.");
1492 case GpgME::UserID::Full:
1493 return i18n("The signature is valid and the certificate's validity is fully trusted.");
1494 case GpgME::UserID::Ultimate:
1495 return i18n("The signature is valid and the certificate's validity is ultimately trusted.");
1496 case GpgME::UserID::Never:
1497 return i18n("The signature is valid but the certificate's validity is <em>not trusted</em>.");
1498 case GpgME::UserID::Unknown:
1499 return i18n("The signature is valid but the certificate's validity is unknown.");
1500 case GpgME::UserID::Undefined:
1501 default:
1502 return i18n("The signature is valid but the certificate's validity is undefined.");
1503 }
1504}
1505
1506static QString renderKeyLink(const QString &fpr, const QString &text)
1507{
1508 return QStringLiteral("<a href=\"key:%1\">%2</a>").arg(fpr, text.toHtmlEscaped());
1509}
1510
1511static QString renderKey(const GpgME::Key &key)
1512{
1513 if (key.isNull()) {
1514 return i18n("Unknown certificate");
1515 }
1516
1517 return renderKeyLink(QLatin1StringView(key.primaryFingerprint()),
1518 i18nc("User ID (Key ID)", "%1 (%2)", Formatting::prettyNameAndEMail(key), Formatting::prettyID(key.subkey(0).keyID())));
1519}
1520
1521static QString formatSigningInformation(const GpgME::Signature &sig, const GpgME::Key &key)
1522{
1523 if (sig.isNull()) {
1524 return QString();
1525 }
1526 QString text;
1527 const QDateTime dt = sig.creationTime() != 0 ? QDateTime::fromSecsSinceEpoch(quint32(sig.creationTime())) : QDateTime();
1528
1529 if (key.isNull()) {
1530 const auto id =
1531 QStringLiteral("<br/><a href='certificate:%1'>%2</a>").arg(QString::fromLatin1(sig.fingerprint()), Formatting::prettyID(sig.fingerprint()));
1532 if (dt.isValid()) {
1533 return i18nc("1 is a date",
1534 "Signature created on %1 using an unknown certificate with fingerprint %2",
1535 QLocale().toString(dt, QLocale::ShortFormat),
1536 id);
1537 }
1538 return i18n("Signature created using an unknown certificate with fingerprint %1", id);
1539 }
1540
1541 if (dt.isValid()) {
1542 text += i18nc("1 is a date", "Signature created on %1 with certificate: %2", QLocale().toString(dt, QLocale::ShortFormat), renderKey(key));
1543 } else {
1544 text += i18n("Signature created with certificate: %1", renderKey(key));
1545 }
1546
1547 if (Kleo::DeVSCompliance::isCompliant() && ((sig.summary() & GpgME::Signature::Valid) || (sig.summary() & GpgME::Signature::Green))) {
1548 text += (QStringLiteral("<br/>")
1549 + (sig.isDeVs() ? i18nc("%1 is a placeholder for the name of a compliance mode. E.g. NATO RESTRICTED compliant or VS-NfD compliant",
1550 "The signature is %1",
1551 Kleo::DeVSCompliance::name(true))
1552 : i18nc("%1 is a placeholder for the name of a compliance mode. E.g. NATO RESTRICTED compliant or VS-NfD compliant",
1553 "The signature <b>is not</b> %1.",
1554 Kleo::DeVSCompliance::name(true))));
1555 }
1556
1557 return text;
1558}
1559
1560static QString signatureSummaryToString(GpgME::Signature::Summary summary)
1561{
1562 if (summary & GpgME::Signature::None) {
1563 return i18n("Error: Signature not verified");
1564 } else if ((summary & GpgME::Signature::Valid) || (summary & GpgME::Signature::Green)) {
1565 return i18n("Good signature");
1566 } else if (summary & GpgME::Signature::KeyRevoked) {
1567 return i18n("Signing certificate was revoked");
1568 } else if (summary & GpgME::Signature::KeyExpired) {
1569 return i18n("Signing certificate is expired");
1570 } else if (summary & GpgME::Signature::KeyMissing) {
1571 return i18n("Certificate is not available");
1572 } else if (summary & GpgME::Signature::SigExpired) {
1573 return i18n("Signature expired");
1574 } else if (summary & GpgME::Signature::CrlMissing) {
1575 return i18n("CRL missing");
1576 } else if (summary & GpgME::Signature::CrlTooOld) {
1577 return i18n("CRL too old");
1578 } else if (summary & GpgME::Signature::BadPolicy) {
1579 return i18n("Bad policy");
1580 } else if (summary & GpgME::Signature::SysError) {
1581 return i18n("System error"); // ### retrieve system error details?
1582 } else if (summary & GpgME::Signature::Red) {
1583 return i18n("Bad signature");
1584 }
1585 return QString();
1586}
1587
1588static QLatin1StringView stripAngleBrackets(const QLatin1StringView &str)
1589{
1590 if (str.isEmpty()) {
1591 return str;
1592 }
1593 if (str[0] == '<' && str[str.size() - 1] == '>') {
1594 return str.mid(1, str.size() - 2);
1595 }
1596 return str;
1597}
1598
1599QString Formatting::email(const GpgME::UserID &uid)
1600{
1601 if (uid.parent().protocol() == GpgME::OpenPGP) {
1602 const QLatin1StringView email(uid.email());
1603 if (!email.isEmpty()) {
1604 return stripAngleBrackets(email).toString();
1605 }
1606 return {};
1607 }
1608
1609 Q_ASSERT(uid.parent().protocol() == GpgME::CMS);
1610
1611 const QLatin1StringView id(uid.id());
1612 if (!id.isEmpty()) {
1613 if (id[0] == '<') {
1614 return stripAngleBrackets(id).toString();
1615 }
1616 return QGpgME::DN(id)[QStringLiteral("EMAIL")].trimmed();
1617 }
1618 return {};
1619}
1620
1621static GpgME::UserID findUserIDByMailbox(const GpgME::Key &key, const QString &email)
1622{
1623 const auto userIDs{key.userIDs()};
1624 for (const GpgME::UserID &id : userIDs) {
1625 if (Formatting::email(id).compare(email, Qt::CaseInsensitive)) {
1626 return id;
1627 }
1628 }
1629 return {};
1630}
1631
1632QString Kleo::Formatting::prettySignature(const GpgME::Signature &sig, const QString &sender)
1633{
1634 if (sig.isNull()) {
1635 return QString();
1636 }
1637
1638 const GpgME::Key key = Kleo::KeyCache::instance()->findSigner(sig);
1639
1640 const QString text = formatSigningInformation(sig, key) + QLatin1StringView("<br/>");
1641
1642 // Green
1643 if (sig.summary() & GpgME::Signature::Valid) {
1644 GpgME::UserID id = findUserIDByMailbox(key, sender);
1645 if (id.isNull()) {
1646 for (int i = 0, count = key.userIDs().size(); i < count; i++) {
1647 id = key.userID(i);
1648 if (!id.isNull()) {
1649 break;
1650 }
1651 }
1652 }
1653
1654 return text + formatValidSignatureWithTrustLevel(!id.isNull() ? id : key.userID(0));
1655 }
1656
1657 // Red
1658 if ((sig.summary() & GpgME::Signature::Red)) {
1659 const QString ret = text + i18n("The signature is invalid: %1", signatureSummaryToString(sig.summary()));
1660 if (sig.summary() & GpgME::Signature::SysError) {
1661 return ret + QStringLiteral(" (%1)").arg(Kleo::Formatting::errorAsString(sig.status()));
1662 }
1663 return ret;
1664 }
1665
1666 // Key missing
1667 if ((sig.summary() & GpgME::Signature::KeyMissing)) {
1668 return text + i18n("You can search the certificate on a keyserver or import it from a file.");
1669 }
1670
1671 // Yellow
1672 if ((sig.validity() & GpgME::Signature::Validity::Undefined) //
1673 || (sig.validity() & GpgME::Signature::Validity::Unknown) //
1674 || (sig.summary() == GpgME::Signature::Summary::None)) {
1675 return text
1676 + (key.protocol() == GpgME::OpenPGP
1677 ? i18n("The used key is not certified by you or any trusted person.")
1678 : i18n("The used certificate is not certified by a trustworthy Certificate Authority or the Certificate Authority is unknown."));
1679 }
1680
1681 // Catch all fall through
1682 const QString ret = text + i18n("The signature is invalid: %1", signatureSummaryToString(sig.summary()));
1683 if (sig.summary() & GpgME::Signature::SysError) {
1684 return ret + QStringLiteral(" (%1)").arg(Kleo::Formatting::errorAsString(sig.status()));
1685 }
1686 return ret;
1687}
status
Q_SCRIPTABLE CaptureState status()
KEmailAddress::splitAddress
KCODECS_EXPORT EmailParseResult splitAddress(const QByteArray &address, QByteArray &displayName, QByteArray &addrSpec, QByteArray &comment)
KEmailAddress::AddressOk
AddressOk
i18np
QString i18np(const char *singular, const char *plural, const TYPE &arg...)
i18nc
QString i18nc(const char *context, const char *text, const TYPE &arg...)
i18n
QString i18n(const char *text, const TYPE &arg...)
i18ncp
QString i18ncp(const char *context, const char *singular, const char *plural, const TYPE &arg...)
KGameAudioScene::capabilities
Capabilities capabilities()
KMessageBox::error
void error(QWidget *parent, const QString &text, const QString &title, const KGuiItem &buttonOk, Options options=Notify)
KStandardAction::mail
QAction * mail(const QObject *recvr, const char *slot, QObject *parent)
QByteArray::fromStdString
QByteArray fromStdString(const std::string &str)
QByteArray::toPercentEncoding
QByteArray toPercentEncoding(const QByteArray &exclude, const QByteArray &include, char percent) const const
QDateTime::date
QDate date() const const
QDateTime::fromSecsSinceEpoch
QDateTime fromSecsSinceEpoch(qint64 secs)
QDateTime::isValid
bool isValid() const const
QIcon::fromTheme
QIcon fromTheme(const QString &name)
QLatin1StringView::isEmpty
bool isEmpty() const const
QLatin1StringView::mid
QLatin1StringView mid(qsizetype start, qsizetype length) const const
QLatin1StringView::size
qsizetype size() const const
QLatin1StringView::toString
QString toString() const const
QList::empty
bool empty() const const
QList::push_back
void push_back(parameter_type value)
QList::reserve
void reserve(qsizetype size)
QString::arg
QString arg(Args &&... args) const const
QString::chopped
QString chopped(qsizetype len) const const
QString::fromLatin1
QString fromLatin1(QByteArrayView str)
QString::fromLocal8Bit
QString fromLocal8Bit(QByteArrayView str)
QString::fromStdString
QString fromStdString(const std::string &str)
QString::fromUtf8
QString fromUtf8(QByteArrayView str)
QString::insert
QString & insert(qsizetype position, QChar ch)
QString::isEmpty
bool isEmpty() const const
QString::replace
QString & replace(QChar before, QChar after, Qt::CaseSensitivity cs)
QString::simplified
QString simplified() const const
QString::size
qsizetype size() const const
QString::toHtmlEscaped
QString toHtmlEscaped() const const
QString::toUpper
QString toUpper() const const
QString::trimmed
QString trimmed() const const
QString::truncate
void truncate(qsizetype position)
QStringList::join
QString join(QChar separator) const const
Qt::CaseInsensitive
CaseInsensitive
This file is part of the KDE documentation.
Documentation copyright © 1996-2025 The KDE developers.
Generated on Fri Apr 4 2025 12:04:00 by doxygen 1.13.2 written by Dimitri van Heesch, © 1997-2006

KDE's Doxygen guidelines are available online.