commit a7470a0b193a3a02871120a27fe0960d6dfa56ac
parent 1fd8a01d492cb5be6c4a4d8da659cf84bcce15dc
Author: n0tr1v <n0tr1v@protonmail.com>
Date: Thu, 2 Mar 2023 22:44:28 -0800
convert clearsign messages to files
Diffstat:
2 files changed, 24 insertions(+), 6 deletions(-)
diff --git a/pkg/web/handlers/api/v1/msgInterceptor.go b/pkg/web/handlers/api/v1/msgInterceptor.go
@@ -68,6 +68,7 @@ func ProcessRawMessage(in, roomKey string, authUserID database.UserID, roomID da
html, quoted := convertQuote(in, roomKey, roomID) // Get raw quote text which is not safe to render
html = html2.EscapeString(html) // Makes user input safe to render
// All html generated from this point on shall be safe to render.
+ html = convertPGPClearsignToFile(html, authUserID)
html = convertPGPMessageToFile(html, authUserID)
html = convertPGPPublicKeyToFile(html, authUserID)
html = convertAgeMessageToFile(html, authUserID)
diff --git a/pkg/web/handlers/api/v1/topBarHandler.go b/pkg/web/handlers/api/v1/topBarHandler.go
@@ -10,6 +10,7 @@ import (
"dkforest/pkg/utils"
"errors"
"fmt"
+ "github.com/ProtonMail/go-crypto/openpgp/clearsign"
"github.com/dustin/go-humanize"
"github.com/labstack/echo"
"github.com/microcosm-cc/bluemonday"
@@ -22,12 +23,14 @@ import (
)
const (
- agePrefix = "-----BEGIN AGE ENCRYPTED FILE-----"
- ageSuffix = "-----END AGE ENCRYPTED FILE-----"
- pgpPrefix = "-----BEGIN PGP MESSAGE-----"
- pgpSuffix = "-----END PGP MESSAGE-----"
- pgpPKeyPrefix = "-----BEGIN PGP PUBLIC KEY BLOCK-----"
- pgpPKeySuffix = "-----END PGP PUBLIC KEY BLOCK-----"
+ agePrefix = "-----BEGIN AGE ENCRYPTED FILE-----"
+ ageSuffix = "-----END AGE ENCRYPTED FILE-----"
+ pgpPrefix = "-----BEGIN PGP MESSAGE-----"
+ pgpSuffix = "-----END PGP MESSAGE-----"
+ pgpPKeyPrefix = "-----BEGIN PGP PUBLIC KEY BLOCK-----"
+ pgpPKeySuffix = "-----END PGP PUBLIC KEY BLOCK-----"
+ pgpSignedPrefix = "-----BEGIN PGP SIGNED MESSAGE-----"
+ pgpSignedSuffix = "-----END PGP SIGNATURE-----"
)
var emojiReplacer = strings.NewReplacer(
@@ -1018,6 +1021,20 @@ func convertLinks(in string, getUserByUsername func(string) (database.User, erro
return quote + newRest
}
+func convertPGPClearsignToFile(html string, authUserID database.UserID) string {
+ if b, _ := clearsign.Decode([]byte(html)); b != nil {
+ startIdx := strings.Index(html, pgpSignedPrefix)
+ endIdx := strings.Index(html, pgpSignedSuffix)
+ tmp := html[startIdx : endIdx+len(pgpSignedSuffix)]
+ upload, _ := database.CreateUpload("pgp_clearsign.txt", []byte(tmp), authUserID)
+ msgBefore := html[0:startIdx]
+ msgAfter := html[endIdx+len(pgpSignedSuffix):]
+ html = msgBefore + ` [<a href="/uploads/` + upload.FileName + `" rel="noopener noreferrer" target="_blank">` + upload.OrigFileName + `</a>] ` + msgAfter
+ html = strings.TrimSpace(html)
+ }
+ return html
+}
+
func extractPGPMessage(html string) (out string) {
startIdx := strings.Index(html, pgpPrefix)
endIdx := strings.Index(html, pgpSuffix)
