Search in sources :

Example 1 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class PGPPublicKeyAPI method addFingerprintStrProperties.

@ApiMethod(name = "addFingerprintStrProperties", path = "addFingerprintStrProperties", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // (fingerprint -> fingerprintStr)
StringWrapperObject addFingerprintStrProperties(final User googleUser) throws Exception {
    /* Check authorization: */
    UserTools.ensureCryptonomicaOfficer(googleUser);
    /* Load PGPPublicKeyData from DB*/
    List<PGPPublicKeyData> pgpPublicKeyDataList = ofy().load().type(PGPPublicKeyData.class).limit(20).list();
    if (pgpPublicKeyDataList.size() > 10) {
        throw new Exception("there are to many keys in the database");
    }
    for (PGPPublicKeyData pgpPublicKeyData : pgpPublicKeyDataList) {
        pgpPublicKeyData.setFingerprintStr(pgpPublicKeyData.getFingerprint());
    }
    Map<Key<PGPPublicKeyData>, PGPPublicKeyData> result = ofy().save().entities(pgpPublicKeyDataList).now();
    String resultJSON = new Gson().toJson(result);
    return new StringWrapperObject(resultJSON);
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) StringWrapperObject(net.cryptonomica.returns.StringWrapperObject) Gson(com.google.gson.Gson) PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey) Key(com.googlecode.objectify.Key) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 2 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class PGPPublicKeyAPI method uploadNewPGPPublicKey.

// end of getPGPPublicKeyByFingerprint()
@ApiMethod(name = "uploadNewPGPPublicKey", path = "uploadNewPGPPublicKey", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public PGPPublicKeyUploadReturn uploadNewPGPPublicKey(// final HttpServletRequest httpServletRequest,
final User googleUser, final PGPPublicKeyUploadForm pgpPublicKeyUploadForm) throws Exception {
    // authorization
    CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // 
    if (pgpPublicKeyUploadForm == null || pgpPublicKeyUploadForm.getAsciiArmored() == null || pgpPublicKeyUploadForm.getAsciiArmored().length() == 0) {
        throw new Exception("ASCII-armored key is empty");
    }
    // --- LOG request form: (after check if not null)
    LOG.warning(GSON.toJson(pgpPublicKeyUploadForm));
    String asciiArmored = pgpPublicKeyUploadForm.getAsciiArmored();
    PGPPublicKey pgpPublicKey = PGPTools.readPublicKeyFromString(asciiArmored);
    // -> throws IOException, PGPException
    LOG.warning(GSON.toJson(pgpPublicKey));
    PGPPublicKeyData pgpPublicKeyData = PGPTools.checkPublicKey(pgpPublicKey, asciiArmored, cryptonomicaUser);
    pgpPublicKeyData.setUserBirthday(cryptonomicaUser.getBirthday());
    // -- add @Parent value: ---
    pgpPublicKeyData.setCryptonomicaUserKey(Key.create(CryptonomicaUser.class, googleUser.getUserId()));
    // save key
    Key<PGPPublicKeyData> pgpPublicKeyDataKey = ofy().save().entity(pgpPublicKeyData).now();
    // load key from DB and and create return object
    String messageToUser = "Key " + pgpPublicKeyData.getFingerprint() + " saved in data base";
    PGPPublicKeyGeneralView pgpPublicKeyGeneralView = new PGPPublicKeyGeneralView(ofy().load().key(pgpPublicKeyDataKey).now());
    PGPPublicKeyUploadReturn pgpPublicKeyUploadReturn = new PGPPublicKeyUploadReturn(messageToUser, pgpPublicKeyGeneralView);
    return pgpPublicKeyUploadReturn;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey) PGPPublicKeyUploadReturn(net.cryptonomica.returns.PGPPublicKeyUploadReturn) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 3 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class PGPPublicKeyAPI method getMyKeys.

@ApiMethod(name = "getMyKeys", path = "getMyKeys", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // 4) by first and last names
SearchPGPPublicKeysReturn getMyKeys(// final HttpServletRequest httpServletRequest,
final User googleUser) throws Exception {
    // authorization
    UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // 
    Key<CryptonomicaUser> cryptonomicaUserKey = Key.create(CryptonomicaUser.class, googleUser.getUserId());
    List<PGPPublicKeyData> result = ofy().load().type(PGPPublicKeyData.class).ancestor(cryptonomicaUserKey).list();
    SearchPGPPublicKeysReturn searchPGPPublicKeysReturn;
    if (result.size() > 0) {
        searchPGPPublicKeysReturn = new SearchPGPPublicKeysReturn("this is list of your keys, if any:", new ArrayList<>(result));
    } else {
        searchPGPPublicKeysReturn = new SearchPGPPublicKeysReturn("You have no keys, yet.", new ArrayList<>(result));
    }
    return searchPGPPublicKeysReturn;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) SearchPGPPublicKeysReturn(net.cryptonomica.returns.SearchPGPPublicKeysReturn) ArrayList(java.util.ArrayList) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 4 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class PGPTools method getPGPPublicKeyDataFromDataBaseByFingerprint.

// end of checkPublicKey()
public static PGPPublicKeyData getPGPPublicKeyDataFromDataBaseByFingerprint(String fingerprint) throws Exception {
    /* Validate fingerprint */
    if (fingerprint == null || fingerprint.length() < 40 || fingerprint.length() > 40) {
        throw new Exception("Invalid public key in request (fingerprint not valid)");
    }
    /* Load PGPPublicKeyData from DB by fingerprint */
    List<PGPPublicKeyData> pgpPublicKeyDataList = null;
    pgpPublicKeyDataList = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", fingerprint.toUpperCase()).list();
    LOG.warning("DS search result by fingerprint: " + GSON.toJson(pgpPublicKeyDataList));
    // if key not found trow an exception
    if (pgpPublicKeyDataList == null || pgpPublicKeyDataList.size() == 0) {
        throw new Exception("Public PGP key with firngerprint" + fingerprint.toUpperCase() + "not found in DataBase");
    }
    // check if there is only one key with given fingerprint in the database
    if (pgpPublicKeyDataList.size() > 1) {
        throw new Exception("there are " + pgpPublicKeyDataList.size() + " different keys with fingerprint " + fingerprint.toUpperCase() + "in the database");
    }
    // get key from the list
    PGPPublicKeyData pgpPublicKeyData = pgpPublicKeyDataList.get(0);
    return pgpPublicKeyData;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) IOException(java.io.IOException)

Example 5 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class NewUserRegistrationAPI method registerNewUser.

@ApiMethod(name = "registerNewUser", path = "registerNewUser", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // creates a new cryptonomica user and saves him/her to database
NewUserRegistrationReturn registerNewUser(final HttpServletRequest httpServletRequest, final User googleUser, final NewUserRegistrationForm newUserRegistrationForm) throws Exception {
    /* --- Ensure 1) user login, 2) not already registered:: */
    UserTools.ensureNewCryptonomicaUser(googleUser);
    /* --- Check form:*/
    if (newUserRegistrationForm.getArmoredPublicPGPkeyBlock() == null || newUserRegistrationForm.getArmoredPublicPGPkeyBlock().length() == 0) {
        throw new Exception("ASCII-armored PGP public key can not be empty");
    // } else if (newUserRegistrationForm.getUserInfo() == null) {
    // throw new Exception("Info can not be empty");
    } else if (newUserRegistrationForm.getBirthday() == null) {
        throw new Exception("Birthdate can not be empty");
    }
    /* --- user BirthDate */
    Date userBirthDate = newUserRegistrationForm.getBirthday();
    // TODO: add check
    /* --- create PGPPublicKey from armored PGP key block: */
    String userId = googleUser.getUserId();
    String armoredPublicPGPkeyBlock = newUserRegistrationForm.getArmoredPublicPGPkeyBlock();
    LOG.warning("[armoredPublicPGPkeyBlock]:");
    LOG.warning(armoredPublicPGPkeyBlock);
    PGPPublicKey pgpPublicKey = PGPTools.readPublicKeyFromString(armoredPublicPGPkeyBlock);
    // create PGPPublicKeyData (Entity in DS) from PGPPublicKey:
    PGPPublicKeyData pgpPublicKeyData = new PGPPublicKeyData(pgpPublicKey, armoredPublicPGPkeyBlock, userId);
    pgpPublicKeyData.setUserBirthday(userBirthDate);
    /* --- Check PGPPublic Key: */
    // --- check key creation date/time:
    Date creationTime = pgpPublicKey.getCreationTime();
    if (creationTime.after(new Date())) {
        throw new Exception("Invalid key creation Date/Time");
    }
    // -- bits size check:
    if (pgpPublicKeyData.getBitStrength() < 2048) {
        throw new Exception("Key Strength (bits size) should be min 2048 bits");
    }
    // -- email check:
    if (!pgpPublicKeyData.getUserEmail().getEmail().toLowerCase().equals(googleUser.getEmail().toLowerCase())) {
        throw new Exception("Email in the key's user ID should be the same as in account");
    }
    // -- key validity period check
    Integer validDays = pgpPublicKey.getValidDays();
    if (validDays > 366 * 2) {
        throw new Exception("This key valid for more than 2 years");
    } else if (validDays <= 0) {
        // 
        throw new Exception("This key's validity term is incorrect");
    }
    // --- check for dublicates in DS:
    List<PGPPublicKeyData> duplicates = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", pgpPublicKeyData.getFingerprint()).list();
    if (!duplicates.isEmpty()) {
        throw new Exception("The key with fingerprint" + pgpPublicKeyData.getFingerprint() + "already registered");
    }
    // create CryptonomicaUser:
    CryptonomicaUser cryptonomicaUser = new CryptonomicaUser(googleUser, pgpPublicKeyData, newUserRegistrationForm);
    // save new user and his key
    Key<CryptonomicaUser> cryptonomicaUserKey = ofy().save().entity(cryptonomicaUser).now();
    cryptonomicaUser = // ?
    ofy().load().key(cryptonomicaUserKey).now();
    Key<PGPPublicKeyData> pgpPublicKeyDataKey = ofy().save().entity(pgpPublicKeyData).now();
    pgpPublicKeyData = ofy().load().key(pgpPublicKeyDataKey).now();
    // 
    Login login = UserTools.registerLogin(httpServletRequest, googleUser);
    // 
    ArrayList<PGPPublicKeyData> pgpPublicKeyDataArrayList = new ArrayList<>();
    pgpPublicKeyDataArrayList.add(pgpPublicKeyData);
    UserProfileGeneralView userProfileGeneralView = new UserProfileGeneralView(cryptonomicaUser, pgpPublicKeyDataArrayList);
    // - for $rootScope.currentUser
    userProfileGeneralView.setRegisteredCryptonomicaUser(Boolean.TRUE);
    // 
    String messageToUser;
    if (cryptonomicaUser != null) {
        messageToUser = "User created successful";
    } else {
        messageToUser = "Error creating new user";
    }
    NewUserRegistrationReturn result = new NewUserRegistrationReturn(messageToUser, new PGPPublicKeyGeneralView(pgpPublicKeyData), userProfileGeneralView, new LoginView(login));
    // send an email to user:
    final Queue queue = QueueFactory.getDefaultQueue();
    Gson prettyGson = new GsonBuilder().setPrettyPrinting().create();
    queue.add(TaskOptions.Builder.withUrl("/_ah/SendGridServlet").param("email", googleUser.getEmail()).param("messageSubject", "You are registered on Cryptonomica server").param("messageText", "Congratulation! \n\n" + userProfileGeneralView.getFirstName().toUpperCase() + " " + userProfileGeneralView.getLastName().toUpperCase() + ",\n\n" + "You are registered on Cryptonomica server" + "\n\n" + "To verify your key online:" + "\n" + "1) go to 'My profile', 2) click on key ID and go to page with key data , " + "3) click green button 'Verify online' and follow instructions provided by web application" + "\n\n" + "Best regards, \n\n" + "Cryptonomica team\n\n" + new Date().toString() + "\n\n" + "if you think it's wrong or it is an error, please write to admin@cryptonomica.net \n"));
    // 
    return result;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) GsonBuilder(com.google.gson.GsonBuilder) ArrayList(java.util.ArrayList) PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey) Gson(com.google.gson.Gson) Login(net.cryptonomica.entities.Login) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser) Date(java.util.Date) UserProfileGeneralView(net.cryptonomica.returns.UserProfileGeneralView) NewUserRegistrationReturn(net.cryptonomica.returns.NewUserRegistrationReturn) LoginView(net.cryptonomica.returns.LoginView) Queue(com.google.appengine.api.taskqueue.Queue) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Aggregations

PGPPublicKeyData (net.cryptonomica.entities.PGPPublicKeyData)12 ApiMethod (com.google.api.server.spi.config.ApiMethod)10 CryptonomicaUser (net.cryptonomica.entities.CryptonomicaUser)6 PGPPublicKeyGeneralView (net.cryptonomica.returns.PGPPublicKeyGeneralView)5 Gson (com.google.gson.Gson)4 PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)4 ArrayList (java.util.ArrayList)3 UserProfileGeneralView (net.cryptonomica.returns.UserProfileGeneralView)3 IOException (java.io.IOException)2 Date (java.util.Date)2 SearchPGPPublicKeysReturn (net.cryptonomica.returns.SearchPGPPublicKeysReturn)2 UnauthorizedException (com.google.api.server.spi.response.UnauthorizedException)1 Email (com.google.appengine.api.datastore.Email)1 Queue (com.google.appengine.api.taskqueue.Queue)1 HTTPResponse (com.google.appengine.api.urlfetch.HTTPResponse)1 GsonBuilder (com.google.gson.GsonBuilder)1 Key (com.googlecode.objectify.Key)1 HashMap (java.util.HashMap)1 AppSettings (net.cryptonomica.entities.AppSettings)1 Login (net.cryptonomica.entities.Login)1