2016-05-26 07:58:50 +00:00
|
|
|
/**
|
|
|
|
|
* Mailvelope - secure email with OpenPGP encryption for Webmail
|
|
|
|
|
* Copyright (C) 2016 Mailvelope GmbH
|
|
|
|
|
*
|
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
|
* it under the terms of the GNU Affero General Public License version 3
|
|
|
|
|
* as published by the Free Software Foundation.
|
|
|
|
|
*
|
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
|
*
|
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
|
|
|
*/
|
|
|
|
|
|
|
|
|
|
'use strict';
|
|
|
|
|
|
2016-05-27 17:57:48 +00:00
|
|
|
const parse = require('co-body');
|
2016-05-28 13:17:46 +00:00
|
|
|
const util = require('../service/util');
|
2016-05-27 17:57:48 +00:00
|
|
|
|
2016-05-26 07:58:50 +00:00
|
|
|
/**
|
|
|
|
|
* An implementation of the OpenPGP HTTP Keyserver Protocol (HKP)
|
|
|
|
|
* See https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00
|
|
|
|
|
*/
|
|
|
|
|
class HKP {
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Create an instance of the HKP server
|
2016-05-30 14:06:52 +00:00
|
|
|
* @param {Object} publicKey An instance of the public key service
|
2016-05-26 07:58:50 +00:00
|
|
|
*/
|
|
|
|
|
constructor(publicKey) {
|
|
|
|
|
this._publicKey = publicKey;
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-26 11:45:32 +00:00
|
|
|
/**
|
|
|
|
|
* Public key upload via http POST
|
|
|
|
|
* @param {Object} ctx The koa request/response context
|
|
|
|
|
*/
|
|
|
|
|
*add(ctx) {
|
2016-05-27 17:57:48 +00:00
|
|
|
let body = yield parse.form(ctx, { limit: '1mb' });
|
2016-05-29 14:47:45 +00:00
|
|
|
let publicKeyArmored = body.keytext;
|
|
|
|
|
if (!util.validatePublicKey(publicKeyArmored)) {
|
2016-05-27 17:57:48 +00:00
|
|
|
ctx.throw(400, 'Invalid request!');
|
|
|
|
|
}
|
2016-05-29 14:47:45 +00:00
|
|
|
let origin = util.getOrigin(ctx);
|
|
|
|
|
yield this._publicKey.put({ publicKeyArmored, origin });
|
2016-05-29 16:59:14 +00:00
|
|
|
ctx.status = 201;
|
2016-05-26 11:45:32 +00:00
|
|
|
}
|
|
|
|
|
|
2016-05-26 07:58:50 +00:00
|
|
|
/**
|
|
|
|
|
* Public key lookup via http GET
|
|
|
|
|
* @param {Object} ctx The koa request/response context
|
|
|
|
|
*/
|
|
|
|
|
*lookup(ctx) {
|
2016-05-26 11:45:32 +00:00
|
|
|
let params = this.parseQueryString(ctx);
|
|
|
|
|
let key = yield this._publicKey.get(params);
|
2016-05-27 17:57:48 +00:00
|
|
|
this.setGetHeaders(ctx, params);
|
2016-06-02 17:34:24 +00:00
|
|
|
this.setGetBody(ctx, params, key);
|
2016-05-26 07:58:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Parse the query string for a lookup request and set a corresponding
|
|
|
|
|
* error code if the requests is not supported or invalid.
|
|
|
|
|
* @param {Object} ctx The koa request/response context
|
|
|
|
|
* @return {Object} The query parameters or undefined for an invalid request
|
|
|
|
|
*/
|
|
|
|
|
parseQueryString(ctx) {
|
|
|
|
|
let params = {
|
2016-05-26 11:45:32 +00:00
|
|
|
op: ctx.query.op, // operation ... only 'get' is supported
|
|
|
|
|
mr: ctx.query.options === 'mr' // machine readable
|
2016-05-26 07:58:50 +00:00
|
|
|
};
|
2016-05-26 11:45:32 +00:00
|
|
|
if (this.checkId(ctx.query.search)) {
|
2016-05-27 17:57:48 +00:00
|
|
|
params.keyid = ctx.query.search.replace(/^0x/, '');
|
|
|
|
|
} else if(util.validateAddress(ctx.query.search)) {
|
2016-05-26 11:45:32 +00:00
|
|
|
params.email = ctx.query.search;
|
|
|
|
|
}
|
2016-05-26 07:58:50 +00:00
|
|
|
|
2016-06-02 21:32:23 +00:00
|
|
|
if (['get','index','vindex'].indexOf(params.op) === -1) {
|
2016-05-27 17:57:48 +00:00
|
|
|
ctx.throw(501, 'Not implemented!');
|
|
|
|
|
} else if (!params.keyid && !params.email) {
|
|
|
|
|
ctx.throw(400, 'Invalid request!');
|
2016-05-26 07:58:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return params;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Checks for a valid key id in the query string. A key must be prepended
|
2016-05-26 08:42:35 +00:00
|
|
|
* with '0x' and can be between 8 and 40 hex characters long.
|
2016-05-26 07:58:50 +00:00
|
|
|
* @param {String} keyid The key id
|
|
|
|
|
* @return {Boolean} If the key id is valid
|
|
|
|
|
*/
|
|
|
|
|
checkId(keyid) {
|
2016-05-27 17:57:48 +00:00
|
|
|
if (!util.isString(keyid)) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
2016-05-26 11:45:32 +00:00
|
|
|
return /^0x[a-fA-F0-9]{8,40}$/.test(keyid);
|
2016-05-26 07:58:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Set HTTP headers for a GET requests with 'mr' (machine readable) options.
|
2016-05-27 17:57:48 +00:00
|
|
|
* @param {Object} ctx The koa request/response context
|
|
|
|
|
* @param {Object} params The parsed query string parameters
|
2016-05-26 07:58:50 +00:00
|
|
|
*/
|
2016-05-27 17:57:48 +00:00
|
|
|
setGetHeaders(ctx, params) {
|
2016-06-02 17:34:24 +00:00
|
|
|
if (params.op === 'get' && params.mr) {
|
|
|
|
|
ctx.set('Content-Type', 'application/pgp-keys; charset=utf-8');
|
2016-05-27 17:57:48 +00:00
|
|
|
ctx.set('Content-Disposition', 'attachment; filename=openpgpkey.asc');
|
|
|
|
|
}
|
2016-05-26 07:58:50 +00:00
|
|
|
}
|
|
|
|
|
|
2016-06-02 17:34:24 +00:00
|
|
|
/**
|
|
|
|
|
* Format the body accordingly.
|
|
|
|
|
* See https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00#section-5
|
|
|
|
|
* @param {Object} ctx The koa request/response context
|
|
|
|
|
* @param {Object} params The parsed query string parameters
|
|
|
|
|
* @param {Object} key The public key document
|
|
|
|
|
*/
|
|
|
|
|
setGetBody(ctx, params, key) {
|
|
|
|
|
if (params.op === 'get') {
|
|
|
|
|
ctx.body = key.publicKeyArmored;
|
2016-06-02 21:32:23 +00:00
|
|
|
} else if (['index','vindex'].indexOf(params.op) !== -1) {
|
2016-06-02 20:55:32 +00:00
|
|
|
const VERSION = 1, COUNT = 1; // number of keys
|
2016-06-02 17:34:24 +00:00
|
|
|
let algo = (key.algorithm.indexOf('rsa') !== -1) ? 1 : '';
|
|
|
|
|
let created = key.created ? (key.created.getTime() / 1000) : '';
|
|
|
|
|
|
2016-06-02 20:55:32 +00:00
|
|
|
ctx.body = 'info:' + VERSION + ':' + COUNT + '\n' +
|
|
|
|
|
'pub:' + key.fingerprint + ':' + algo + ':' + key.keylen + ':' + created + '::\n';
|
|
|
|
|
|
|
|
|
|
for (let uid of key.userIds) {
|
|
|
|
|
ctx.body += 'uid:' + encodeURIComponent(uid.name + ' <' + uid.email + '>') + ':::\n';
|
|
|
|
|
}
|
2016-06-02 17:34:24 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-05-26 07:58:50 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
module.exports = HKP;
|
