Add always required keys and parse empty field

metsma · metsma · commit c6288854fdb9 · 2026-03-31T11:06:35.000+03:00
Signed-off-by: Raul Metsma &lt;raul@metsma.ee&gt;
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -30,7 +30,6 @@ jobs:
     - name: Install dependencies
       run: |
         brew install flatbuffers
-        brew upgrade cmake || true
         curl -O -L -s https://installer.id.ee/media/github/opensc_0.26.1.pkg
         sudo installer -verboseR -pkg libdigidocpp-pkg/build/macos/libdigidocpp*.pkg -target /
         sudo installer -verboseR -pkg opensc_*.pkg -target /
diff --git a/client/CDocSupport.cpp b/client/CDocSupport.cpp
@@ -449,58 +449,3 @@ StreamListSource::next(std::string& name, int64_t& size)
 	size = _files[_current].size;
 	return libcdoc::OK;
 }
-
-static void
-recode_label(libcdoc::Recipient& rcpt, std::string& label, uint64_t& expiry)
-{
-	if(!label.starts_with("data:")) return;
-	auto values = libcdoc::Lock::parseLabel(label);
-	if (!values.contains("v") || !values.contains("type")) return;
-	std::string v = values.at("v");
-	values.erase("v");
-	std::string type = values.at("type");
-	values.erase("type");
-	std::string expiry_str = values.at("server_exp");
-	values.erase("server_exp");
-	if (!expiry_str.empty()) expiry = std::stoll(expiry_str);
-	for (const auto& [key, value] : values) {
-		if (!value.empty())
-			rcpt.setLabelValue(key, value);
-	}
-}
-
-libcdoc::Recipient
-makeFromLock(const libcdoc::Lock& lock, const std::string& server_id)
-{
-	uint64_t expiry_ts = 0;
-	std::string label = lock.label;
-	switch (lock.type) {
-	case libcdoc::Lock::CDOC1:
-		if (!server_id.empty()) {
-			libcdoc::Recipient rcpt = libcdoc::Recipient::makeServer(label, lock.getBytes(libcdoc::Lock::CERT), server_id);
-			recode_label(rcpt, label, expiry_ts);
-			return rcpt;
-		} else {
-			libcdoc::Recipient rcpt = libcdoc::Recipient::makeCertificate(label, lock.getBytes(libcdoc::Lock::CERT));
-			recode_label(rcpt, label, expiry_ts);
-			return rcpt;
-		}
-	case libcdoc::Lock::PUBLIC_KEY:
-	case libcdoc::Lock::SERVER: {
-		libcdoc::Recipient::PKType rcpt_type = (lock.pk_type == libcdoc::Lock::RSA) ? libcdoc::Recipient::RSA : libcdoc::Recipient::ECC;
-		if (!server_id.empty()) {
-			libcdoc::Recipient rcpt = libcdoc::Recipient::makeServer(label, lock.getBytes(libcdoc::Lock::RCPT_KEY), rcpt_type, server_id);
-			recode_label(rcpt, label, expiry_ts);
-			rcpt.expiry_ts = expiry_ts;
-			return rcpt;
-		} else {
-			libcdoc::Recipient rcpt = libcdoc::Recipient::makePublicKey(label, lock.getBytes(libcdoc::Lock::RCPT_KEY), rcpt_type);
-			recode_label(rcpt, label, expiry_ts);
-			rcpt.expiry_ts = expiry_ts;
-			return rcpt;
-		}
-	}
-	default:
-		return {};
-	}
-}
diff --git a/client/CDocSupport.h b/client/CDocSupport.h
@@ -178,6 +178,4 @@ struct StreamListSource final : public libcdoc::MultiDataSource {
 
 	const std::vector<IOEntry> &_files;
 	int64_t _current = -1;
-};
-
-libcdoc::Recipient makeFromLock(const libcdoc::Lock& lock, const std::string& server_id);
+};
diff --git a/client/CryptoDoc.cpp b/client/CryptoDoc.cpp
@@ -53,7 +53,7 @@ Q_LOGGING_CATEGORY(CRYPTO, "CRYPTO")
 
 CDKey::CDKey(QSslCertificate _rcpt_cert) : lock(libcdoc::Lock::PUBLIC_KEY), rcpt_cert(_rcpt_cert) {
 	SslCertificate ssl(rcpt_cert);
-	lock.pk_type = (rcpt_cert.publicKey().algorithm() == QSsl::Ec) ? libcdoc::Lock::ECC : libcdoc::Lock::RSA;
+	lock.pk_type = (rcpt_cert.publicKey().algorithm() == QSsl::Ec) ? libcdoc::PKType::ECC : libcdoc::PKType::RSA;
 	QByteArray der = ssl.publicKeyDer();
 	lock.setBytes(libcdoc::Lock::RCPT_KEY, std::vector<uint8_t>(der.cbegin(), der.cend()));
 	der = rcpt_cert.toDer();
@@ -462,9 +462,20 @@ bool CryptoDoc::encrypt(const QString &filename, const QString& label, const QBy
 					libcdoc::Recipient::makeCertificate({}, {ba.cbegin(), ba.cend()}) :
 					libcdoc::Recipient::makeServer({}, {ba.cbegin(), ba.cend()}, keyserver_id));
 			} else {
-				libcdoc::Recipient rcpt = makeFromLock(key.lock, keyserver_id);
-				if (!rcpt.isEmpty()) {
-					enc_keys.push_back(rcpt);
+				switch (key.lock.type) {
+				case libcdoc::Lock::CDOC1:
+					enc_keys.push_back(libcdoc::Recipient::makePublicKey(key.lock));
+					break;
+				case libcdoc::Lock::PUBLIC_KEY:
+				case libcdoc::Lock::SERVER:
+					if (keyserver_id.empty()) {
+						enc_keys.push_back(libcdoc::Recipient::makePublicKey(key.lock));
+					} else {
+						enc_keys.push_back(libcdoc::Recipient::makeServer(key.lock, keyserver_id));
+					}
+					break;
+				default:
+					break;
 				}
 			}
 		}
diff --git a/client/MainWindow.cpp b/client/MainWindow.cpp
@@ -33,7 +33,6 @@
 #include "effects/Overlay.h"
 #include "dialogs/FileDialog.h"
 #include "dialogs/MobileProgress.h"
-#include "dialogs/PasswordDialog.h"
 #include "dialogs/RoleAddressDialog.h"
 #include "dialogs/SettingsDialog.h"
 #include "dialogs/SmartIDProgress.h"
diff --git a/client/libcdoc b/client/libcdoc
@@ -1 +1 @@
-Subproject commit e503001eeddf6970f84d09ca5467ca7c5d96a594
+Subproject commit 177757013146bdb2835bfe1422f657b99c2f7855
diff --git a/client/translations/en.ts b/client/translations/en.ts
@@ -1342,10 +1342,6 @@ E-Seal</translation>
         <source>Encrypt</source>
         <translation>Encrypt</translation>
     </message>
-    <message>
-        <source>Encrypt long-term</source>
-        <translation>Encrypt long-term</translation>
-    </message>
     <message>
         <source>Decrypt</source>
         <translation>Decrypt</translation>
@@ -1355,6 +1351,12 @@ E-Seal</translation>
 ID-Card</source>
         <translation>Decrypt with
 ID-Card</translation>
+    </message>
+    <message>
+        <source>Encrypt
+long-term</source>
+        <translation>Encrypt
+long-term</translation>
     </message>
     <message>
         <source>Sign with
diff --git a/client/translations/et.ts b/client/translations/et.ts
@@ -1342,10 +1342,6 @@ E-templiga</translation>
         <source>Encrypt</source>
         <translation>Krüpteeri</translation>
     </message>
-    <message>
-        <source>Encrypt long-term</source>
-        <translation>Krüpteeri säilitamiseks</translation>
-    </message>
     <message>
         <source>Decrypt</source>
         <translation>Dekrüpteeri</translation>
@@ -1355,6 +1351,12 @@ E-templiga</translation>
 ID-Card</source>
         <translation>Dekrüpteeri
 ID-kaardiga</translation>
+    </message>
+    <message>
+        <source>Encrypt
+long-term</source>
+        <translation>Krüpteeri
+säilitamiseks</translation>
     </message>
     <message>
         <source>Sign with
diff --git a/client/translations/ru.ts b/client/translations/ru.ts
@@ -1342,10 +1342,6 @@ E-Seal</source>
         <source>Encrypt</source>
         <translation>Зашифровать</translation>
     </message>
-    <message>
-        <source>Encrypt long-term</source>
-        <translation>Зашифровать долгосрочно</translation>
-    </message>
     <message>
         <source>Decrypt</source>
         <translation>Расшифровать</translation>
@@ -1355,6 +1351,12 @@ E-Seal</source>
 ID-Card</source>
         <translation>Расшифровать
 с ID-картой</translation>
+    </message>
+    <message>
+        <source>Encrypt
+long-term</source>
+        <translation>Зашифровать
+долгосрочно</translation>
     </message>
     <message>
         <source>Sign with
diff --git a/client/widgets/AddressItem.cpp b/client/widgets/AddressItem.cpp
@@ -69,6 +69,8 @@ AddressItem::AddressItem(const CDKey &key, Type type, QWidget *parent)
 		auto map = libcdoc::Lock::parseLabel(ui->key.lock.label);
 		if (map.contains("cn")) {
 			ui->label = QString::fromStdString(map["cn"]);
+		} else if (map.contains("label")) {
+			ui->label = QString::fromStdString(map["label"]);
 		} else {
 			ui->label = QString::fromStdString(ui->key.lock.label);
 		}
diff --git a/client/widgets/ContainerPage.cpp b/client/widgets/ContainerPage.cpp
@@ -402,15 +402,16 @@ void ContainerPage::transition(CryptoDoc *container, const QSslCertificate &cert
 	ui->leftPane->init(fileName, QT_TRANSLATE_NOOP("ItemList", "Encrypted files"));
 	ui->rightPane->init(ItemList::ItemAddress, QT_TRANSLATE_NOOP("ItemList", "Recipients"));
 	bool hasUnsupported = false;
-	for (auto &key : container->keys()) {
+	for (const auto &key : container->keys()) {
 		hasUnsupported = hasUnsupported || (key.rcpt_cert.isNull() && !key.lock.isValid());
-		AddressItem *addr = new AddressItem(key, AddressItem::Icon, ui->rightPane);
+		auto *addr = new AddressItem(key, AddressItem::Icon, ui->rightPane);
 		ui->rightPane->addWidget(addr);
 		connect(addr, &AddressItem::decrypt, container, [container, key, this] {
 			if (key.lock.type != libcdoc::Lock::Type::PASSWORD)
 				return;
 			PasswordDialog p(PasswordDialog::Mode::DECRYPT, this);
-			p.setLabel(QString::fromStdString(key.lock.label));
+			auto params = libcdoc::Lock::parseLabel(key.lock.label);
+			p.setLabel(QString::fromStdString(params.contains("label") ? params["label"] : key.lock.label));
 			if (!p.exec())
 				return;
 			decrypt(container, &key.lock, p.secret());
diff --git a/client/widgets/MainAction.cpp b/client/widgets/MainAction.cpp
@@ -107,7 +107,7 @@ QString MainAction::label(Actions action)
 	case SignatureSmartID: return tr("Sign with\nSmart-ID");
 	case SignatureToken: return tr("Sign with\nE-Seal");
 	case EncryptContainer: return tr("Encrypt");
-	case EncryptLT: return tr("Encrypt long-term");
+	case EncryptLT: return tr("Encrypt\nlong-term");
 	case DecryptContainer: return tr("Decrypt with\nID-Card");
 	case DecryptToken: return tr("Decrypt");
 	default: return tr("Sign with\nID-Card");

Original file line number	Diff line number	Diff line change
`@@ -69,6 +69,8 @@ AddressItem::AddressItem(const CDKey &key, Type type, QWidget *parent)`
`69`	`69`	`auto map = libcdoc::Lock::parseLabel(ui->key.lock.label);`
`70`	`70`	`if (map.contains("cn")) {`
`71`	`71`	`ui->label = QString::fromStdString(map["cn"]);`
	`72`	`+ } else if (map.contains("label")) {`
	`73`	`+ ui->label = QString::fromStdString(map["label"]);`
`72`	`74`	`} else {`
`73`	`75`	`ui->label = QString::fromStdString(ui->key.lock.label);`
`74`	`76`	`}`