luci-mod-system: file naming improvement for repo key management

When downloading a key, try to get the filename of the key. opkg expects it to
match the key fingerprint when verifying .sig files. apk not so.

Try to save the public key file with the name from the provided URL, so it is
not named "key_blah" which won't match its fingerprint.

The alternative would be to call usign with the public key file as input, and
then rename it to its fingerprint. This is only necessary for opkg which is on
the way out.

If the public key file at the remote resource is not named according to its
fingerprint, that's on the repo owner.

Signed-off-by: Paul Donald <newtwen+github@gmail.com>

modules/luci-mod-system/htdocs/luci-static/resources/view/system/repokeys.js

@@ -87,6 +87,7 @@ function refreshKeyList(list, keys) {
 
 function saveKeyFile(keyContent, file, fileContent) {
 	const ts = Date.now();
+	// Note: opkg can only verify against a key with filename that matches its key hash
 	// generate a file name in case key content was pasted
 	const filename = file ? file?.name?.split('.')?.[0] + (KEYEXT || '') : null;
 	const noname = 'key_' + ts + (KEYEXT || '');
@@ -167,8 +168,12 @@ function addKey(ev, file, fileContent) {
 				return;
 			}
 
-			// Continue directly with fetched key
-			addKey(ev, null, fetched);
+			const filename = res?.url?.split('/').pop().split('?')[0].split('#')[0];
+
+			// Remove extension if any (we'll re-add based on environment)
+			const file = {name: filename.replace(/\.[^.]+$/, '') };
+
+			addKey(ev, file, fetched);
 		}).catch(err => {
 			ui.addTimeLimitedNotification(_('Failed to fetch key'), [
 				E('p', err.message),