gitea/models/gpg_key.go

// Copyright 2017 The Gitea Authors. All rights reserved.
// Use of this source code is governed by a MIT-style
// license that can be found in the LICENSE file.

package models

import (
	"bytes"
	"encoding/base64"
	"fmt"
	"strings"
	"time"

	"github.com/go-xorm/xorm"
	"golang.org/x/crypto/openpgp"
	"golang.org/x/crypto/openpgp/packet"
)

// GPGKey represents a GPG key.
type GPGKey struct {
	ID                int64     `xorm:"pk autoincr"`
	OwnerID           int64     `xorm:"INDEX NOT NULL"`
	KeyID             string    `xorm:"INDEX TEXT NOT NULL"`
	PrimaryKeyID      string    `xorm:"TEXT"`
	Content           string    `xorm:"TEXT NOT NULL"`
	Created           time.Time `xorm:"-"`
	CreatedUnix       int64
	Expired           time.Time `xorm:"-"`
	ExpiredUnix       int64
	Added             time.Time `xorm:"-"`
	AddedUnix         int64
	SubsKey           []*GPGKey `xorm:"-"`
	Emails            []*EmailAddress
	CanSign           bool
	CanEncryptComms   bool
	CanEncryptStorage bool
	CanCertify        bool
}

// BeforeInsert will be invoked by XORM before inserting a record
func (key *GPGKey) BeforeInsert() {
	key.AddedUnix = time.Now().Unix()
	key.ExpiredUnix = key.Expired.Unix()
	key.CreatedUnix = key.Created.Unix()
}

// AfterSet is invoked from XORM after setting the value of a field of this object.
func (key *GPGKey) AfterSet(colName string, _ xorm.Cell) {
	switch colName {
	case "key_id":
		x.Where("primary_key_id=?", key.KeyID).Find(&key.SubsKey)
	case "added_unix":
		key.Added = time.Unix(key.AddedUnix, 0).Local()
	case "expired_unix":
		key.Expired = time.Unix(key.ExpiredUnix, 0).Local()
	case "created_unix":
		key.Created = time.Unix(key.CreatedUnix, 0).Local()
	}
}

// ListGPGKeys returns a list of public keys belongs to given user.
func ListGPGKeys(uid int64) ([]*GPGKey, error) {
	keys := make([]*GPGKey, 0, 5)
	return keys, x.Where("owner_id=? AND primary_key_id=''", uid).Find(&keys)
}

// GetGPGKeyByID returns public key by given ID.
func GetGPGKeyByID(keyID int64) (*GPGKey, error) {
	key := new(GPGKey)
	has, err := x.Id(keyID).Get(key)
	if err != nil {
		return nil, err
	} else if !has {
		return nil, ErrGPGKeyNotExist{keyID}
	}
	return key, nil
}

// checkArmoredGPGKeyString checks if the given key string is a valid GPG armored key.
// The function returns the actual public key on success
func checkArmoredGPGKeyString(content string) (*openpgp.Entity, error) {
	list, err := openpgp.ReadArmoredKeyRing(strings.NewReader(content))
	if err != nil {
		return nil, err
	}
	return list[0], nil
}

//addGPGKey add key and subkeys to database
func addGPGKey(e Engine, key *GPGKey) (err error) {
	// Save GPG primary key.
	if _, err = e.Insert(key); err != nil {
		return err
	}
	// Save GPG subs key.
	for _, subkey := range key.SubsKey {
		if err := addGPGKey(e, subkey); err != nil {
			return err
		}
	}
	return nil
}

// AddGPGKey adds new public key to database.
func AddGPGKey(ownerID int64, content string) (*GPGKey, error) {
	ekey, err := checkArmoredGPGKeyString(content)
	if err != nil {
		return nil, err
	}

	// Key ID cannot be duplicated.
	has, err := x.Where("key_id=?", ekey.PrimaryKey.KeyIdString()).
		Get(new(GPGKey))
	if err != nil {
		return nil, err
	} else if has {
		return nil, ErrGPGKeyIDAlreadyUsed{ekey.PrimaryKey.KeyIdString()}
	}

	//Get DB session
	sess := x.NewSession()
	defer sessionRelease(sess)
	if err = sess.Begin(); err != nil {
		return nil, err
	}

	key, err := parseGPGKey(ownerID, ekey)
	if err != nil {
		return nil, err
	}

	if err = addGPGKey(sess, key); err != nil {
		return nil, err
	}

	return key, sess.Commit()
}

//base64EncPubKey encode public kay content to base 64
func base64EncPubKey(pubkey *packet.PublicKey) (string, error) {
	var w bytes.Buffer
	err := pubkey.Serialize(&w)
	if err != nil {
		return "", err
	}
	return base64.StdEncoding.EncodeToString(w.Bytes()), nil
}

//parseSubGPGKey parse a sub Key
func parseSubGPGKey(ownerID int64, primaryID string, pubkey *packet.PublicKey, expiry time.Time) (*GPGKey, error) {
	content, err := base64EncPubKey(pubkey)
	if err != nil {
		return nil, err
	}
	return &GPGKey{
		OwnerID:           ownerID,
		KeyID:             pubkey.KeyIdString(),
		PrimaryKeyID:      primaryID,
		Content:           content,
		Created:           pubkey.CreationTime,
		Expired:           expiry,
		CanSign:           pubkey.CanSign(),
		CanEncryptComms:   pubkey.PubKeyAlgo.CanEncrypt(),
		CanEncryptStorage: pubkey.PubKeyAlgo.CanEncrypt(),
		CanCertify:        pubkey.PubKeyAlgo.CanSign(),
	}, nil
}

//parseGPGKey parse a PrimaryKey entity (primary key + subs keys + self-signature)
func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) {
	pubkey := e.PrimaryKey

	//Extract self-sign for expire date based on : https://github.com/golang/crypto/blob/master/openpgp/keys.go#L165
	var selfSig *packet.Signature
	for _, ident := range e.Identities {
		if selfSig == nil {
			selfSig = ident.SelfSignature
		} else if ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
			selfSig = ident.SelfSignature
			break
		}
	}
	expiry := time.Time{}
	if selfSig.KeyLifetimeSecs != nil {
		expiry = selfSig.CreationTime.Add(time.Duration(*selfSig.KeyLifetimeSecs) * time.Second)
	}

	//Parse Subkeys
	subkeys := make([]*GPGKey, len(e.Subkeys))
	for i, k := range e.Subkeys {
		subs, err := parseSubGPGKey(ownerID, pubkey.KeyIdString(), k.PublicKey, expiry)
		if err != nil {
			return nil, err
		}
		subkeys[i] = subs
	}

	//Check emails
	userEmails, err := GetEmailAddresses(ownerID)
	if err != nil {
		return nil, err
	}
	emails := make([]*EmailAddress, len(e.Identities))
	n := 0
	for _, ident := range e.Identities {

		for _, e := range userEmails {
			if e.Email == ident.UserId.Email && e.IsActivated {
				emails[n] = e
				break
			}
		}
		if emails[n] == nil {
			return nil, fmt.Errorf("Failed to found email or is not confirmed : %s", ident.UserId.Email)
		}
		n++
	}
	content, err := base64EncPubKey(pubkey)
	if err != nil {
		return nil, err
	}
	return &GPGKey{
		OwnerID:           ownerID,
		KeyID:             pubkey.KeyIdString(),
		PrimaryKeyID:      "",
		Content:           content,
		Created:           pubkey.CreationTime,
		Expired:           expiry,
		Emails:            emails,
		SubsKey:           subkeys,
		CanSign:           pubkey.CanSign(),
		CanEncryptComms:   pubkey.PubKeyAlgo.CanEncrypt(),
		CanEncryptStorage: pubkey.PubKeyAlgo.CanEncrypt(),
		CanCertify:        pubkey.PubKeyAlgo.CanSign(),
	}, nil
}

// deleteGPGKey does the actual key deletion
func deleteGPGKey(e *xorm.Session, keyID string) (int64, error) {
	if keyID == "" {
		return 0, fmt.Errorf("empty KeyId forbidden") //Should never happen but just to be sure
	}
	return e.Where("key_id=?", keyID).Or("primary_key_id=?", keyID).Delete(new(GPGKey))
}

// DeleteGPGKey deletes GPG key information in database.
func DeleteGPGKey(doer *User, id int64) (err error) {
	key, err := GetGPGKeyByID(id)
	if err != nil {
		if IsErrGPGKeyNotExist(err) {
			return nil
		}
		return fmt.Errorf("GetPublicKeyByID: %v", err)
	}

	// Check if user has access to delete this key.
	if !doer.IsAdmin && doer.ID != key.OwnerID {
		return ErrGPGKeyAccessDenied{doer.ID, key.ID}
	}

	sess := x.NewSession()
	defer sessionRelease(sess)
	if err = sess.Begin(); err != nil {
		return err
	}

	if _, err = deleteGPGKey(sess, key.KeyID); err != nil {
		return err
	}

	if err = sess.Commit(); err != nil {
		return err
	}

	return nil
}
Implement GPG api (#710) * Implement GPG API * Better handle error * Apply review recommendation + simplify database operations * Remove useless comments 2017-03-15 19:27:35 -06:00			`// Copyright 2017 The Gitea Authors. All rights reserved.`
			`// Use of this source code is governed by a MIT-style`
			`// license that can be found in the LICENSE file.`

			`package models`

			`import (`
			`"bytes"`
			`"encoding/base64"`
			`"fmt"`
			`"strings"`
			`"time"`

			`"github.com/go-xorm/xorm"`
			`"golang.org/x/crypto/openpgp"`
			`"golang.org/x/crypto/openpgp/packet"`
			`)`

			`// GPGKey represents a GPG key.`
			`type GPGKey struct {`
			ID int64 `xorm:"pk autoincr"`
			OwnerID int64 `xorm:"INDEX NOT NULL"`
			KeyID string `xorm:"INDEX TEXT NOT NULL"`
			PrimaryKeyID string `xorm:"TEXT"`
			Content string `xorm:"TEXT NOT NULL"`
			Created time.Time `xorm:"-"`
			`CreatedUnix int64`
			Expired time.Time `xorm:"-"`
			`ExpiredUnix int64`
			Added time.Time `xorm:"-"`
			`AddedUnix int64`
			SubsKey []*GPGKey `xorm:"-"`
			`Emails []*EmailAddress`
			`CanSign bool`
			`CanEncryptComms bool`
			`CanEncryptStorage bool`
			`CanCertify bool`
			`}`

			`// BeforeInsert will be invoked by XORM before inserting a record`
			`func (key *GPGKey) BeforeInsert() {`
			`key.AddedUnix = time.Now().Unix()`
			`key.ExpiredUnix = key.Expired.Unix()`
			`key.CreatedUnix = key.Created.Unix()`
			`}`

			`// AfterSet is invoked from XORM after setting the value of a field of this object.`
			`func (key *GPGKey) AfterSet(colName string, _ xorm.Cell) {`
			`switch colName {`
			`case "key_id":`
			`x.Where("primary_key_id=?", key.KeyID).Find(&key.SubsKey)`
			`case "added_unix":`
			`key.Added = time.Unix(key.AddedUnix, 0).Local()`
			`case "expired_unix":`
			`key.Expired = time.Unix(key.ExpiredUnix, 0).Local()`
			`case "created_unix":`
			`key.Created = time.Unix(key.CreatedUnix, 0).Local()`
			`}`
			`}`

			`// ListGPGKeys returns a list of public keys belongs to given user.`
			`func ListGPGKeys(uid int64) ([]*GPGKey, error) {`
			`keys := make([]*GPGKey, 0, 5)`
			`return keys, x.Where("owner_id=? AND primary_key_id=''", uid).Find(&keys)`
			`}`

			`// GetGPGKeyByID returns public key by given ID.`
			`func GetGPGKeyByID(keyID int64) (*GPGKey, error) {`
			`key := new(GPGKey)`
			`has, err := x.Id(keyID).Get(key)`
			`if err != nil {`
			`return nil, err`
			`} else if !has {`
			`return nil, ErrGPGKeyNotExist{keyID}`
			`}`
			`return key, nil`
			`}`

			`// checkArmoredGPGKeyString checks if the given key string is a valid GPG armored key.`
			`// The function returns the actual public key on success`
			`func checkArmoredGPGKeyString(content string) (*openpgp.Entity, error) {`
			`list, err := openpgp.ReadArmoredKeyRing(strings.NewReader(content))`
			`if err != nil {`
			`return nil, err`
			`}`
			`return list[0], nil`
			`}`

			`//addGPGKey add key and subkeys to database`
			`func addGPGKey(e Engine, key *GPGKey) (err error) {`
			`// Save GPG primary key.`
			`if _, err = e.Insert(key); err != nil {`
			`return err`
			`}`
			`// Save GPG subs key.`
			`for _, subkey := range key.SubsKey {`
			`if err := addGPGKey(e, subkey); err != nil {`
			`return err`
			`}`
			`}`
			`return nil`
			`}`

			`// AddGPGKey adds new public key to database.`
			`func AddGPGKey(ownerID int64, content string) (*GPGKey, error) {`
			`ekey, err := checkArmoredGPGKeyString(content)`
			`if err != nil {`
			`return nil, err`
			`}`

			`// Key ID cannot be duplicated.`
			`has, err := x.Where("key_id=?", ekey.PrimaryKey.KeyIdString()).`
			`Get(new(GPGKey))`
			`if err != nil {`
			`return nil, err`
			`} else if has {`
			`return nil, ErrGPGKeyIDAlreadyUsed{ekey.PrimaryKey.KeyIdString()}`
			`}`

			`//Get DB session`
			`sess := x.NewSession()`
			`defer sessionRelease(sess)`
			`if err = sess.Begin(); err != nil {`
			`return nil, err`
			`}`

			`key, err := parseGPGKey(ownerID, ekey)`
			`if err != nil {`
			`return nil, err`
			`}`

			`if err = addGPGKey(sess, key); err != nil {`
			`return nil, err`
			`}`

			`return key, sess.Commit()`
			`}`

			`//base64EncPubKey encode public kay content to base 64`
			`func base64EncPubKey(pubkey *packet.PublicKey) (string, error) {`
			`var w bytes.Buffer`
			`err := pubkey.Serialize(&w)`
			`if err != nil {`
			`return "", err`
			`}`
			`return base64.StdEncoding.EncodeToString(w.Bytes()), nil`
			`}`

			`//parseSubGPGKey parse a sub Key`
			`func parseSubGPGKey(ownerID int64, primaryID string, pubkey packet.PublicKey, expiry time.Time) (GPGKey, error) {`
			`content, err := base64EncPubKey(pubkey)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return &GPGKey{`
			`OwnerID: ownerID,`
			`KeyID: pubkey.KeyIdString(),`
			`PrimaryKeyID: primaryID,`
			`Content: content,`
			`Created: pubkey.CreationTime,`
			`Expired: expiry,`
			`CanSign: pubkey.CanSign(),`
			`CanEncryptComms: pubkey.PubKeyAlgo.CanEncrypt(),`
			`CanEncryptStorage: pubkey.PubKeyAlgo.CanEncrypt(),`
			`CanCertify: pubkey.PubKeyAlgo.CanSign(),`
			`}, nil`
			`}`

			`//parseGPGKey parse a PrimaryKey entity (primary key + subs keys + self-signature)`
			`func parseGPGKey(ownerID int64, e openpgp.Entity) (GPGKey, error) {`
			`pubkey := e.PrimaryKey`

			`//Extract self-sign for expire date based on : https://github.com/golang/crypto/blob/master/openpgp/keys.go#L165`
			`var selfSig *packet.Signature`
			`for _, ident := range e.Identities {`
			`if selfSig == nil {`
			`selfSig = ident.SelfSignature`
			`} else if ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {`
			`selfSig = ident.SelfSignature`
			`break`
			`}`
			`}`
			`expiry := time.Time{}`
			`if selfSig.KeyLifetimeSecs != nil {`
			`expiry = selfSig.CreationTime.Add(time.Duration(selfSig.KeyLifetimeSecs) time.Second)`
			`}`

			`//Parse Subkeys`
			`subkeys := make([]*GPGKey, len(e.Subkeys))`
			`for i, k := range e.Subkeys {`
			`subs, err := parseSubGPGKey(ownerID, pubkey.KeyIdString(), k.PublicKey, expiry)`
			`if err != nil {`
			`return nil, err`
			`}`
			`subkeys[i] = subs`
			`}`

			`//Check emails`
			`userEmails, err := GetEmailAddresses(ownerID)`
			`if err != nil {`
			`return nil, err`
			`}`
			`emails := make([]*EmailAddress, len(e.Identities))`
			`n := 0`
			`for _, ident := range e.Identities {`

			`for _, e := range userEmails {`
			`if e.Email == ident.UserId.Email && e.IsActivated {`
			`emails[n] = e`
			`break`
			`}`
			`}`
			`if emails[n] == nil {`
			`return nil, fmt.Errorf("Failed to found email or is not confirmed : %s", ident.UserId.Email)`
			`}`
			`n++`
			`}`
			`content, err := base64EncPubKey(pubkey)`
			`if err != nil {`
			`return nil, err`
			`}`
			`return &GPGKey{`
			`OwnerID: ownerID,`
			`KeyID: pubkey.KeyIdString(),`
			`PrimaryKeyID: "",`
			`Content: content,`
			`Created: pubkey.CreationTime,`
			`Expired: expiry,`
			`Emails: emails,`
			`SubsKey: subkeys,`
			`CanSign: pubkey.CanSign(),`
			`CanEncryptComms: pubkey.PubKeyAlgo.CanEncrypt(),`
			`CanEncryptStorage: pubkey.PubKeyAlgo.CanEncrypt(),`
			`CanCertify: pubkey.PubKeyAlgo.CanSign(),`
			`}, nil`
			`}`

			`// deleteGPGKey does the actual key deletion`
			`func deleteGPGKey(e *xorm.Session, keyID string) (int64, error) {`
			`if keyID == "" {`
			`return 0, fmt.Errorf("empty KeyId forbidden") //Should never happen but just to be sure`
			`}`
			`return e.Where("key_id=?", keyID).Or("primary_key_id=?", keyID).Delete(new(GPGKey))`
			`}`

			`// DeleteGPGKey deletes GPG key information in database.`
			`func DeleteGPGKey(doer *User, id int64) (err error) {`
			`key, err := GetGPGKeyByID(id)`
			`if err != nil {`
			`if IsErrGPGKeyNotExist(err) {`
			`return nil`
			`}`
			`return fmt.Errorf("GetPublicKeyByID: %v", err)`
			`}`

			`// Check if user has access to delete this key.`
			`if !doer.IsAdmin && doer.ID != key.OwnerID {`
			`return ErrGPGKeyAccessDenied{doer.ID, key.ID}`
			`}`

			`sess := x.NewSession()`
			`defer sessionRelease(sess)`
			`if err = sess.Begin(); err != nil {`
			`return err`
			`}`

			`if _, err = deleteGPGKey(sess, key.KeyID); err != nil {`
			`return err`
			`}`

			`if err = sess.Commit(); err != nil {`
			`return err`
			`}`

			`return nil`
			`}`