Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix gpg key import / replies / encrypt to source on qubes #377

Merged
merged 2 commits into from
May 22, 2019
Merged

fix gpg key import / replies / encrypt to source on qubes #377

merged 2 commits into from
May 22, 2019

Conversation

redshiftzero
Copy link
Contributor

@redshiftzero redshiftzero commented May 16, 2019
edited
Loading

Fixes #363

The reviewer of this PR should test this on both Qubes and non-Qubes. If you need/want additional clarity on how to test please let me know and I will happily elaborate on any unclear parts of the test plans below.

Testing on non Qubes

  1. Make sure you’re running the server container on latest develop
  2. Start the client on this branch, and ensure you can successfully send a reply to a source (warning: due to Clearly indicate that a reply failed to send #365, you should verify either using the client logs which will log a line when a reply is successfully sent OR the dev server output on the server side by watching for a 201 response from the POST /api/v1/sources/<source uuid>/replies endpoint)

Testing on Qubes

  1. Make sure you have applied the RPC policy change merged in rpc policies: allow sd-svs to get sd-gpg to import gpg keys securedrop-workstation#254. If you like you can test this part works by trying to import a key from sd-svs into sd-gpg. Note that if you see some error output containing a note about no-tty when you try to import a test gpg key, you will need to apply the (unreleased) fix merged today over in Qubes land: GpgImportKey: pass --no-tty through to gpg invocation QubesOS/qubes-app-linux-split-gpg#23.

  2. Next, make sure your staging server is running on anything after this server-side API change was merged: api: expose gpg fingerprint of source securedrop#4436.

  3. In your dev env in sd-svs AppVM on Qubes, check out the branch in this PR (I attach a NetVM to my sd-svs AppVM for dev purposes), run the client application (without passing —no-proxy to the client invokation), monitor the logs, and verify that:

  • After sync, you do not see the qubes-gpg-client: unrecognized option '--import-options’ error described in gpg key import not working in Qubes #363
  • You can reply to a source (again monitor the client logs to verify it was successfully sent), and after syncing once more you continue to see the reply appear in the UI.

@redshiftzero
bugfix 363: update crypto.py to use qubes RPC service for key import
87475a1 
this also simplifies parts of our gpg wrapper, which we should
keep as feature limited as possible and expand only when we need to -
we don't need to support importing private keys, nor can we easily
get the fingerprint that is imported without brittle parsing of
stdout (stdout is significantly different between qubes and other
platforms so we'd need to maintain it on both - much simpler to
use the fingerprint that the server provides for us).
@redshiftzero
crypto: fix encrypt_to_source on Qubes
01478a1 
the -o- option cannot be passed through the qubes gpg wrapper,
and ciphertext will go to stdout regardless
@redshiftzero
Copy link
Contributor Author

closed #375 and removed blocked label, this should be ready for review

@rmol
Copy link
Contributor

rmol commented May 20, 2019

👍 Both local and (hours later 😉) Qubes scenarios worked as described. I was able to reply with no errors logged, and the reply persisted across multiple syncs.

kushaldas
kushaldas suggested changes May 21, 2019
View reviewed changes
Copy link
Contributor

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In my Qubes setup, I can see error messages like:

2019-05-21 18:13:16,319 - securedrop_client.logic:621(send_reply) ERROR: Failed to encrypt to source f482a492-2e35-4229-9d95-bfbc2d09f49f:

@redshiftzero Can you please tell me how to debug more?

@redshiftzero
Copy link
Contributor Author

Steps to debug:

  1. Manually ensure you're able to import a key from sd-svs into sd-gpg using the qubes RPC service. In sd-svs:
export QUBES_GPG_DOMAIN=sd-gpg
qubes-gpg-import-key ~/path-to-test-key.asc

  1. Verify you have the private key corresponding to your staging instance in your sd-gpg (you can download a file via the journalist interface and then decrypt from sd-svs).

  2. If that also works ensure that your version of staging is running on a version of develop after this was merged: api: expose gpg fingerprint of source securedrop#4436

kushaldas
kushaldas approved these changes May 22, 2019
View reviewed changes
Copy link
Contributor

@kushaldas kushaldas left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The source code change looks good and @rmol already tested the functionality. Approved.

I will debug my instance later on.

@kushaldas kushaldas merged commit 30f9967 into master May 22, 2019
@kushaldas kushaldas deleted the replies-key-import branch May 22, 2019 08:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kushaldas kushaldas kushaldas approved these changes

@sssoleileraaa sssoleileraaa Awaiting requested review from sssoleileraaa

@heartsucker heartsucker Awaiting requested review from heartsucker

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

gpg key import not working in Qubes
4 participants
@redshiftzero @rmol @kushaldas @eloquence