From 75f128ebf8afb89aecd847a30650c8e7e2aa0214 Mon Sep 17 00:00:00 2001
From: Gusted <postmaster@gusted.xyz>
Date: Fri, 30 Dec 2022 05:53:23 +0100
Subject: [PATCH] Fix key signature error page (#22229) (#22230)

- Backport of #22229
- When the GPG key contains an error, such as an invalid signature or an
email address that does not match the user.A page will be shown that
says you must provide a signature for the token.
- This page had two errors: one had the wrong translation key and the
other tried to use an undefined variable
[`.PaddedKeyID`](https://github.com/go-gitea/gitea/blob/e81ccc406bf723a5a58d685e7782f281736affd4/models/asymkey/gpg_key.go#L65-L72),
which is a function implemented on the `GPGKey` struct, given that we
don't have that, we use
[`KeyID`](https://github.com/go-gitea/gitea/blob/e81ccc406bf723a5a58d685e7782f281736affd4/routers/web/user/setting/keys.go#L102)
which is [the fingerprint of the
publickey](https://pkg.go.dev/golang.org/x/crypto/openpgp/packet#PublicKey.KeyIdString)
and is a valid way for opengpg to refer to a key.
---
 models/asymkey/gpg_key.go             | 10 +++++++++-
 routers/web/user/setting/keys.go      | 12 +++++++++---
 templates/user/settings/keys_gpg.tmpl |  4 ++--
 3 files changed, 20 insertions(+), 6 deletions(-)

diff --git a/models/asymkey/gpg_key.go b/models/asymkey/gpg_key.go
index 83774533a..cc22eab9f 100644
--- a/models/asymkey/gpg_key.go
+++ b/models/asymkey/gpg_key.go
@@ -68,8 +68,16 @@ func (key *GPGKey) PaddedKeyID() string {
 	if len(key.KeyID) > 15 {
 		return key.KeyID
 	}
+	return PaddedKeyID(key.KeyID)
+}
+
+// PaddedKeyID show KeyID padded to 16 characters
+func PaddedKeyID(keyID string) string {
+	if len(keyID) > 15 {
+		return keyID
+	}
 	zeros := "0000000000000000"
-	return zeros[0:16-len(key.KeyID)] + key.KeyID
+	return zeros[0:16-len(keyID)] + keyID
 }
 
 // ListGPGKeys returns a list of public keys belongs to given user.
diff --git a/routers/web/user/setting/keys.go b/routers/web/user/setting/keys.go
index a8d07ea47..4c43e0524 100644
--- a/routers/web/user/setting/keys.go
+++ b/routers/web/user/setting/keys.go
@@ -100,14 +100,18 @@ func KeysPost(ctx *context.Context) {
 				loadKeysData(ctx)
 				ctx.Data["Err_Content"] = true
 				ctx.Data["Err_Signature"] = true
-				ctx.Data["KeyID"] = err.(asymkey_model.ErrGPGInvalidTokenSignature).ID
+				keyID := err.(asymkey_model.ErrGPGInvalidTokenSignature).ID
+				ctx.Data["KeyID"] = keyID
+				ctx.Data["PaddedKeyID"] = asymkey_model.PaddedKeyID(keyID)
 				ctx.RenderWithErr(ctx.Tr("settings.gpg_invalid_token_signature"), tplSettingsKeys, &form)
 			case asymkey_model.IsErrGPGNoEmailFound(err):
 				loadKeysData(ctx)
 
 				ctx.Data["Err_Content"] = true
 				ctx.Data["Err_Signature"] = true
-				ctx.Data["KeyID"] = err.(asymkey_model.ErrGPGNoEmailFound).ID
+				keyID := err.(asymkey_model.ErrGPGNoEmailFound).ID
+				ctx.Data["KeyID"] = keyID
+				ctx.Data["PaddedKeyID"] = asymkey_model.PaddedKeyID(keyID)
 				ctx.RenderWithErr(ctx.Tr("settings.gpg_no_key_email_found"), tplSettingsKeys, &form)
 			default:
 				ctx.ServerError("AddPublicKey", err)
@@ -139,7 +143,9 @@ func KeysPost(ctx *context.Context) {
 				loadKeysData(ctx)
 				ctx.Data["VerifyingID"] = form.KeyID
 				ctx.Data["Err_Signature"] = true
-				ctx.Data["KeyID"] = err.(asymkey_model.ErrGPGInvalidTokenSignature).ID
+				keyID := err.(asymkey_model.ErrGPGInvalidTokenSignature).ID
+				ctx.Data["KeyID"] = keyID
+				ctx.Data["PaddedKeyID"] = asymkey_model.PaddedKeyID(keyID)
 				ctx.RenderWithErr(ctx.Tr("settings.gpg_invalid_token_signature"), tplSettingsKeys, &form)
 			default:
 				ctx.ServerError("VerifyGPG", err)
diff --git a/templates/user/settings/keys_gpg.tmpl b/templates/user/settings/keys_gpg.tmpl
index fe6c0bbeb..29134d6ba 100644
--- a/templates/user/settings/keys_gpg.tmpl
+++ b/templates/user/settings/keys_gpg.tmpl
@@ -18,11 +18,11 @@
 					<p>{{.locale.Tr "settings.gpg_token_required"}}</p>
 				</div>
 				<div class="field">
-					<label for="token">{{.locale.Tr "setting.gpg_token"}}
+					<label for="token">{{.locale.Tr "settings.gpg_token"}}
 					<input readonly="" value="{{.TokenToSign}}">
 					<div class="help">
 						<p>{{.locale.Tr "settings.gpg_token_help"}}</p>
-						<p><code>{{$.locale.Tr "settings.gpg_token_code" .TokenToSign .PaddedKeyID}}</code></p>
+						<p><code>{{$.locale.Tr "settings.gpg_token_code" .TokenToSign .KeyID}}</code></p>
 					</div>
 				</div>
 				<div class="field">