issue #4201 replaced signature info with badge, also added encryption badge (#4203)

* replaced signature info with badge

* removed ttf support

* lint fix

* test fix

* fixed output

* removed RTL tuning

* lint fix

* removed RTL signature tests

* encryption badge

* updated badges tests

* better styling

* update badges css

Co-authored-by: Tom J <[email protected]>

Author: rrrooommmaaa

build.sh

@@ -7,9 +7,9 @@ set -euxo pipefail
 shopt -s globstar
 
 if [[ "$#" == 1 ]] && [[ "$1" == "--assets-only" ]]; then # only build static assets, without re-building TS
-    ( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,ttf,woff2,png,svg,txt} ../build/chrome-enterprise )
-    ( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,ttf,woff2,png,svg,txt} ../build/chrome-consumer )
-    ( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,ttf,woff2,png,svg,txt} ../build/firefox-consumer )
+    ( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,woff2,png,svg,txt} ../build/chrome-enterprise )
+    ( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,woff2,png,svg,txt} ../build/chrome-consumer )
+    ( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,woff2,png,svg,txt} ../build/firefox-consumer )
     exit 0
 fi
 
@@ -71,7 +71,7 @@ cp node_modules/bootstrap/dist/css/bootstrap.min.css $OUTDIR/lib/bootstrap/boots
 # WARN: the steps above are not working as of forge 0.10.0 due to eval/CSP mentioned here: https://github.com/digitalbazaar/forge/issues/814
 
 # remaining build steps sequentially
-( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,ttf,woff2,png,svg,txt} ./{.web-extension-id,manifest.json} ../$OUTDIR )
+( cd $SRCDIR && cp -r --parents ./**/*.{js,htm,css,woff2,png,svg,txt} ./{.web-extension-id,manifest.json} ../$OUTDIR )
 node ./build/tooling/resolve-modules
 node ./build/tooling/fill-values
 node ./build/tooling/bundle-content-scripts

extension/chrome/elements/pgp_block.htm

@@ -13,9 +13,9 @@
 
 <body style="background-color: transparent;">
   <div id="pgp_background" class="pgp_secure">
-    <div id="pgp_signature" data-test="pgp-signature">
-      <div class="cursive"><span></span></div>
-      <div class="result"></div>
+    <div id="pgp_encryption" data-test="pgp-encryption" class="pgp_badge short">
+    </div>
+    <div id="pgp_signature" data-test="pgp-signature" class="pgp_badge short">
     </div>
     <div id="pgp_block" data-test="pgp-block-content">Loading...</div>
   </div>

extension/chrome/elements/pgp_block_modules/pgp-block-decrypt-module.ts

@@ -76,7 +76,7 @@ export class PgpBlockViewDecryptModule {
           verificationPubs, async (verificationPubs: string[]) => {
             const decryptResult = await decrypt(verificationPubs);
             if (!decryptResult.success) {
-              return undefined; // note: this internal error results in a wrong "Message Not Signed" badge
+              return undefined; // note: this internal error results in a wrong "Not Signed" badge
             } else {
               return decryptResult.signature;
             }

extension/chrome/elements/pgp_block_modules/pgp-block-error-module.ts

@@ -22,6 +22,8 @@ export class PgpBlockViewErrorModule {
     const showRawMsgPrompt = renderRawMsg ? '<a href="#" class="action_show_raw_pgp_block">show original message</a>' : '';
     await this.view.renderModule.renderContent(`<div class="error">${errBoxContent.replace(/\n/g, '<br>')}</div>${showRawMsgPrompt}`, true);
     $('.action_show_raw_pgp_block').click(this.view.setHandler(async () => { // this may contain content missing MDC
+      this.view.renderModule.renderEncryptionStatus('decrypt error: security hazard');
+      this.view.renderModule.renderSignatureStatus('not signed');
       Xss.sanitizeAppend('#pgp_block', `<div class="raw_pgp_block">${Xss.escape(renderRawMsg!)}</div>`); // therefore the .escape is crucial
     }));
     $('.button.settings_keyserver').click(this.view.setHandler(async () => await Browser.openSettingsPage('index.htm', this.view.acctEmail, '/chrome/settings/modules/keyserver.htm')));

extension/chrome/elements/pgp_block_modules/pgp-block-render-module.ts

@@ -10,7 +10,6 @@ import { Catch } from '../../../js/common/platform/catch.js';
 import { Mime } from '../../../js/common/core/mime.js';
 import { MsgBlock } from '../../../js/common/core/msg-block.js';
 import { PgpBlockView } from '../pgp_block.js';
-import { Str } from '../../../js/common/core/common.js';
 import { Ui } from '../../../js/common/browser/ui.js';
 import { Xss } from '../../../js/common/platform/xss.js';
 import { MsgBlockParser } from '../../../js/common/core/msg-block-parser.js';
@@ -76,9 +75,23 @@ export class PgpBlockViewRenderModule {
     }
   };
 
+  public renderEncryptionStatus = (status: string): JQuery<HTMLElement> => {
+    return $('#pgp_encryption').addClass(status === 'encrypted' ? 'green_label' : 'red_label').text(status);
+  };
+
+  public renderSignatureStatus = (status: string): JQuery<HTMLElement> => {
+    return $('#pgp_signature').addClass(status === 'signed' ? 'green_label' : 'red_label').text(status);
+  };
+
   public decideDecryptedContentFormattingAndRender = async (decryptedBytes: Buf, isEncrypted: boolean, sigResult: VerifyRes | undefined,
     verificationPubs: string[], retryVerification: (verificationPubs: string[]) => Promise<VerifyRes | undefined>, plainSubject?: string) => {
-    this.setFrameColor(isEncrypted ? 'green' : 'gray');
+    if (isEncrypted) {
+      this.renderEncryptionStatus('encrypted');
+      this.setFrameColor('green');
+    } else {
+      this.renderEncryptionStatus('not encrypted');
+      this.setFrameColor('gray');
+    }
     const publicKeys: string[] = [];
     let renderableAttachments: Attachment[] = [];
     let decryptedContent = decryptedBytes.toUtfStr();
@@ -116,9 +129,6 @@ export class PgpBlockViewRenderModule {
       }
     }
     await this.view.quoteModule.separateQuotedContentAndRenderText(decryptedContent, isHtml);
-    if (Str.mostlyRTL(Xss.htmlSanitizeAndStripAllTags(decryptedContent, '\n'))) {
-      $('#pgp_signature').addClass('rtl');
-    }
     await this.view.signatureModule.renderPgpSignatureCheckResult(sigResult, verificationPubs, retryVerification);
     if (isEncrypted && publicKeys.length) {
       BrowserMsg.send.renderPublicKeys(this.view.parentTabId, { afterFrameId: this.view.frameId, publicKeys });

extension/chrome/elements/pgp_block_modules/pgp-block-signature-module.ts

@@ -26,24 +26,20 @@ export class PgpBlockViewSignatureModule {
         await this.view.decryptModule.initialize(verificationPubs, true);
         return;
       }
-      $('#pgp_signature').addClass('bad');
-      $('#pgp_signature > .result').text(verifyRes.error);
+      this.view.renderModule.renderSignatureStatus(`error verifying signature: ${verifyRes.error}`);
       this.view.renderModule.setFrameColor('red');
     } else if (!verifyRes || !verifyRes.signerLongids.length) {
-      $('#pgp_signature').addClass('bad');
-      $('#pgp_signature > .cursive').remove();
-      $('#pgp_signature > .result').text('Message Not Signed');
+      this.view.renderModule.renderSignatureStatus('not signed');
     } else if (verifyRes.match) {
-      $('#pgp_signature').addClass('good');
-      $('#pgp_signature > .result').text('matching signature');
+      this.view.renderModule.renderSignatureStatus('signed');
     } else {
       if (retryVerification) {
         const signerEmail = this.view.getExpectedSignerEmail();
         if (!signerEmail) {
           // in some tests we load the block without sender information
-          $('#pgp_signature').addClass('bad').find('.result').text(`Cannot verify: missing pubkey, missing sender info`);
+          this.view.renderModule.renderSignatureStatus('could not verify signature: missing pubkey, missing sender info');
         } else {
-          $('#pgp_signature > .result').text('Verifying message...');
+          $('#pgp_signature').addClass('gray_label').text('verifying signature...');
           try {
             const { pubkeys } = await this.view.pubLookup.lookupEmail(signerEmail);
             if (pubkeys.length) {
@@ -55,9 +51,9 @@ export class PgpBlockViewSignatureModule {
           } catch (e) {
             if (ApiErr.isSignificant(e)) {
               Catch.reportErr(e);
-              $('#pgp_signature').addClass('bad').find('.result').text(`Could not load sender's pubkey due to an error.`);
+              this.view.renderModule.renderSignatureStatus(`error verifying signature: ${e}`);
             } else {
-              $('#pgp_signature').addClass('bad').find('.result').text(`Could not look up sender's pubkey due to network error, click to retry.`).click(
+              this.view.renderModule.renderSignatureStatus('error verifying signature: offline, click to retry').click(
                 this.view.setHandler(() => window.location.reload()));
             }
           }
@@ -66,25 +62,16 @@ export class PgpBlockViewSignatureModule {
         this.renderMissingPubkeyOrBadSignature(verifyRes);
       }
     }
-    if (verifyRes) {
-      this.setSigner(verifyRes);
-    }
     this.view.renderModule.doNotSetStateAsReadyYet = false;
     Ui.setTestState('ready');
   };
 
-  private setSigner = (signature: VerifyRes): void => {
-    const signerEmail = signature.match ? this.view.getExpectedSignerEmail() : undefined;
-    $('#pgp_signature > .cursive > span').text(signerEmail || 'Unknown Signer');
-  };
-
   private renderMissingPubkey = (signerLongid: string) => {
-    $('#pgp_signature').addClass('bad').find('.result').text(`Missing pubkey ${signerLongid}`);
+    this.view.renderModule.renderSignatureStatus(`could not verify signature: missing pubkey ${signerLongid}`);
   };
 
   private renderBadSignature = () => {
-    $('#pgp_signature').addClass('bad');
-    $('#pgp_signature > .result').text('signature does not match');
+    this.view.renderModule.renderSignatureStatus('bad signature');
     this.view.renderModule.setFrameColor('red'); // todo: in what other cases should we set the frame red?
   };
 

extension/css/cryptup.css

@@ -1,16 +1,5 @@
 /* © 2016-2018 FlowCrypt Limited. Limitations apply. Contact [email protected] */
 
-@font-face {
-  font-family: signature;
-  src: url('/fonts/Tangerine_Regular.ttf');
-}
-
-@font-face {
-  font-family: signature;
-  src: url('/fonts/Tangerine_Bold.ttf');
-  font-weight: bold;
-}
-
 .button {
   text-transform: uppercase;
   display: inline-block;
@@ -75,6 +64,7 @@ span.gray { color: #b7b7b7; }
   cursor: pointer;
 }
 
+.gray_label,
 .green_label,
 .orange_label,
 .red_label {
@@ -88,10 +78,16 @@ span.gray { color: #b7b7b7; }
   margin-right: 10px;
 }
 
+.gray_label.short,
 .green_label.short,
 .orange_label.short,
 .red_label.short { min-width: 0; }
 
+.gray_label {
+  color: white !important;
+  background-color: #b7b7b7;
+}
+
 .green_label {
   color: white !important;
   background-color: #31a217;
@@ -1305,39 +1301,16 @@ td {
   height: 37px;
 }
 
-#pgp_signature {
-  max-width: 300px;
-  float: right;
-  text-align: right;
-  opacity: 0.5;
-  margin-left: 1em;
-}
-
-#pgp_signature.rtl {
-  float: left;
-  text-align: left;
-  margin-left: 0;
-  margin-right: 1em;
-}
-
-#pgp_signature > .cursive {
-  font-family: signature; /* stylelint-disable-line font-family-no-missing-generic-family-keyword */
-  font-size: 24px;
-  font-weight: bold;
+.pgp_badge {
+  opacity: 1;
+  margin-bottom: 1em;
 }
 
-#pgp_signature > .result {
+.pgp_badge > .result {
   font-size: 10px;
   font-family: monospace;
 }
 
-#pgp_signature.neutral,
-#pgp_signature.bad,
-#pgp_signature:hover { opacity: 1; }
-#pgp_signature.neutral > .cursive { border-bottom: 1px dotted #b7b7b7; }
-#pgp_signature.bad > .cursive { border-bottom: 1px dotted #a44; }
-#pgp_signature.good > .cursive { border-bottom: 1px dotted #088447; }
-
 #pgp_block.pgp_pubkey { padding-top: 7px; }
 #pgp_block.pgp_pubkey .line { margin: 0; }
 #pgp_block.pgp_pubkey .add_contact:not(.line) { text-align: center; }

extension/fonts/Tangerine_Bold.ttf

@@ -472,7 +472,7 @@ export class OpenPGPKey {
         verifyRes.error = 'FlowCrypt is not equipped to verify this message';
         verifyRes.isErrFatal = true; // don't try to re-fetch the message from API
       } else if (verifyErr instanceof Error && verifyErr.message.startsWith('Insecure message hash algorithm:')) {
-        verifyRes.error = `Could not verify message: ${verifyErr.message}. Sender is using old, insecure OpenPGP software.`;
+        verifyRes.error = `${verifyErr.message}. Sender is using old, insecure OpenPGP software.`;
         verifyRes.isErrFatal = true; // don't try to re-fetch the message from API
       } else if (verifyErr instanceof Error && verifyErr.message === 'Signature is expired') {
         verifyRes.error = verifyErr.message;