Prevent overwrite read only gpg keys (#1713)

It was possible to download the default SCM-Manager gpg keys and overwrite them with the same raw key. This made the new key deletable. This behaviour is not longer possible.
2026-01-16 12:32:10 +01:00 · 2021-06-28 11:27:13 +02:00
parent 7a3db7ee3f
commit 2cd46ce8a0
3 changed files with 32 additions and 1 deletions
--- a/gradle/changelog/prevent_overwrite_read_only_gpg_keys.yaml
+++ b/gradle/changelog/prevent_overwrite_read_only_gpg_keys.yaml
@@ -0,0 +1,2 @@
+- type: fixed
+  description: Prevent overwrite read-only gpg keys ([#1713](https://github.com/scm-manager/scm-manager/pull/1713))
--- a/scm-webapp/src/main/java/sonia/scm/security/gpg/PublicKeyStore.java
+++ b/scm-webapp/src/main/java/sonia/scm/security/gpg/PublicKeyStore.java
@@ -71,9 +71,14 @@ public class PublicKeyStore {
    UserPermissions.changePublicKeys(username).check();

    if (!rawKey.contains("PUBLIC KEY")) {
-      throw new NotPublicKeyException(ContextEntry.ContextBuilder.entity(RawGpgKey.class, displayName).build(), "The provided key is not a public key");
+      throw new NotPublicKeyException(
+        ContextEntry.ContextBuilder.entity(RawGpgKey.class, displayName).build(),
+        "The provided key is not a public key"
+      );
    }

+    preventOverwriteReadOnlyKeys(rawKey);
+
    Keys keys = Keys.resolve(rawKey);
    String master = keys.getMaster();

@@ -90,6 +95,17 @@ public class PublicKeyStore {

  }

+  private void preventOverwriteReadOnlyKeys(String rawKey) {
+    Optional<RawGpgKey> existingReadOnlyKey = store.getAll().values()
+      .stream()
+      .filter(k -> k.getRaw().trim().equals(rawKey.trim()))
+      .filter(RawGpgKey::isReadonly)
+      .findFirst();
+    if (existingReadOnlyKey.isPresent()) {
+      throw new DeletingReadonlyKeyNotAllowedException(existingReadOnlyKey.get().getId());
+    }
+  }
+
  private Set<Person> getContactsFromPublicKey(String rawKey) {
    List<String> userIds = new ArrayList<>();
    PGPPublicKey publicKeyFromRawKey = extractPublicKey(rawKey);
--- a/scm-webapp/src/test/java/sonia/scm/security/gpg/PublicKeyStoreTest.java
+++ b/scm-webapp/src/test/java/sonia/scm/security/gpg/PublicKeyStoreTest.java
@@ -169,6 +169,19 @@ class PublicKeyStoreTest {
    verify(eventBus, never()).post(any(PublicKeyDeletedEvent.class));
  }

+  @Test()
+  void shouldThrowOnOverwriteReadonlyKey() throws IOException {
+    String rawKey = GPGTestHelper.readResourceAsString("single.asc");
+    keyStore.add("SCM Package Key", "trillian", rawKey, true);
+    Optional<RawGpgKey> key = keyStore.findById("0x975922F193B07D6E");
+
+    assertThat(key).isPresent();
+
+    assertThrows(DeletingReadonlyKeyNotAllowedException.class, () -> keyStore.add("Some other entry with same raw key", "trillian", rawKey, false));
+
+    verify(eventBus, never()).post(any(PublicKeyDeletedEvent.class));
+  }
+
  @Test
  void shouldReturnEmptyListIfNoKeysAvailable() {
    List<RawGpgKey> keys = keyStore.findByUsername("zaphod");