use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.
the class PGPPublicKeyAPI method addFingerprintStrProperties.
@ApiMethod(name = "addFingerprintStrProperties", path = "addFingerprintStrProperties", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // (fingerprint -> fingerprintStr)
StringWrapperObject addFingerprintStrProperties(final User googleUser) throws Exception {
/* Check authorization: */
UserTools.ensureCryptonomicaOfficer(googleUser);
/* Load PGPPublicKeyData from DB*/
List<PGPPublicKeyData> pgpPublicKeyDataList = ofy().load().type(PGPPublicKeyData.class).limit(20).list();
if (pgpPublicKeyDataList.size() > 10) {
throw new Exception("there are to many keys in the database");
}
for (PGPPublicKeyData pgpPublicKeyData : pgpPublicKeyDataList) {
pgpPublicKeyData.setFingerprintStr(pgpPublicKeyData.getFingerprint());
}
Map<Key<PGPPublicKeyData>, PGPPublicKeyData> result = ofy().save().entities(pgpPublicKeyDataList).now();
String resultJSON = new Gson().toJson(result);
return new StringWrapperObject(resultJSON);
}
use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.
the class PGPPublicKeyAPI method uploadNewPGPPublicKey.
// end of getPGPPublicKeyByFingerprint()
@ApiMethod(name = "uploadNewPGPPublicKey", path = "uploadNewPGPPublicKey", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public PGPPublicKeyUploadReturn uploadNewPGPPublicKey(// final HttpServletRequest httpServletRequest,
final User googleUser, final PGPPublicKeyUploadForm pgpPublicKeyUploadForm) throws Exception {
// authorization
CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
//
if (pgpPublicKeyUploadForm == null || pgpPublicKeyUploadForm.getAsciiArmored() == null || pgpPublicKeyUploadForm.getAsciiArmored().length() == 0) {
throw new Exception("ASCII-armored key is empty");
}
// --- LOG request form: (after check if not null)
LOG.warning(GSON.toJson(pgpPublicKeyUploadForm));
String asciiArmored = pgpPublicKeyUploadForm.getAsciiArmored();
PGPPublicKey pgpPublicKey = PGPTools.readPublicKeyFromString(asciiArmored);
// -> throws IOException, PGPException
LOG.warning(GSON.toJson(pgpPublicKey));
PGPPublicKeyData pgpPublicKeyData = PGPTools.checkPublicKey(pgpPublicKey, asciiArmored, cryptonomicaUser);
pgpPublicKeyData.setUserBirthday(cryptonomicaUser.getBirthday());
// -- add @Parent value: ---
pgpPublicKeyData.setCryptonomicaUserKey(Key.create(CryptonomicaUser.class, googleUser.getUserId()));
// save key
Key<PGPPublicKeyData> pgpPublicKeyDataKey = ofy().save().entity(pgpPublicKeyData).now();
// load key from DB and and create return object
String messageToUser = "Key " + pgpPublicKeyData.getFingerprint() + " saved in data base";
PGPPublicKeyGeneralView pgpPublicKeyGeneralView = new PGPPublicKeyGeneralView(ofy().load().key(pgpPublicKeyDataKey).now());
PGPPublicKeyUploadReturn pgpPublicKeyUploadReturn = new PGPPublicKeyUploadReturn(messageToUser, pgpPublicKeyGeneralView);
return pgpPublicKeyUploadReturn;
}
use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.
the class PGPPublicKeyAPI method getMyKeys.
@ApiMethod(name = "getMyKeys", path = "getMyKeys", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // 4) by first and last names
SearchPGPPublicKeysReturn getMyKeys(// final HttpServletRequest httpServletRequest,
final User googleUser) throws Exception {
// authorization
UserTools.ensureCryptonomicaRegisteredUser(googleUser);
//
Key<CryptonomicaUser> cryptonomicaUserKey = Key.create(CryptonomicaUser.class, googleUser.getUserId());
List<PGPPublicKeyData> result = ofy().load().type(PGPPublicKeyData.class).ancestor(cryptonomicaUserKey).list();
SearchPGPPublicKeysReturn searchPGPPublicKeysReturn;
if (result.size() > 0) {
searchPGPPublicKeysReturn = new SearchPGPPublicKeysReturn("this is list of your keys, if any:", new ArrayList<>(result));
} else {
searchPGPPublicKeysReturn = new SearchPGPPublicKeysReturn("You have no keys, yet.", new ArrayList<>(result));
}
return searchPGPPublicKeysReturn;
}
use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.
the class PGPTools method getPGPPublicKeyDataFromDataBaseByFingerprint.
// end of checkPublicKey()
public static PGPPublicKeyData getPGPPublicKeyDataFromDataBaseByFingerprint(String fingerprint) throws Exception {
/* Validate fingerprint */
if (fingerprint == null || fingerprint.length() < 40 || fingerprint.length() > 40) {
throw new Exception("Invalid public key in request (fingerprint not valid)");
}
/* Load PGPPublicKeyData from DB by fingerprint */
List<PGPPublicKeyData> pgpPublicKeyDataList = null;
pgpPublicKeyDataList = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", fingerprint.toUpperCase()).list();
LOG.warning("DS search result by fingerprint: " + GSON.toJson(pgpPublicKeyDataList));
// if key not found trow an exception
if (pgpPublicKeyDataList == null || pgpPublicKeyDataList.size() == 0) {
throw new Exception("Public PGP key with firngerprint" + fingerprint.toUpperCase() + "not found in DataBase");
}
// check if there is only one key with given fingerprint in the database
if (pgpPublicKeyDataList.size() > 1) {
throw new Exception("there are " + pgpPublicKeyDataList.size() + " different keys with fingerprint " + fingerprint.toUpperCase() + "in the database");
}
// get key from the list
PGPPublicKeyData pgpPublicKeyData = pgpPublicKeyDataList.get(0);
return pgpPublicKeyData;
}
use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.
the class NewUserRegistrationAPI method registerNewUser.
@ApiMethod(name = "registerNewUser", path = "registerNewUser", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // creates a new cryptonomica user and saves him/her to database
NewUserRegistrationReturn registerNewUser(final HttpServletRequest httpServletRequest, final User googleUser, final NewUserRegistrationForm newUserRegistrationForm) throws Exception {
/* --- Ensure 1) user login, 2) not already registered:: */
UserTools.ensureNewCryptonomicaUser(googleUser);
/* --- Check form:*/
if (newUserRegistrationForm.getArmoredPublicPGPkeyBlock() == null || newUserRegistrationForm.getArmoredPublicPGPkeyBlock().length() == 0) {
throw new Exception("ASCII-armored PGP public key can not be empty");
// } else if (newUserRegistrationForm.getUserInfo() == null) {
// throw new Exception("Info can not be empty");
} else if (newUserRegistrationForm.getBirthday() == null) {
throw new Exception("Birthdate can not be empty");
}
/* --- user BirthDate */
Date userBirthDate = newUserRegistrationForm.getBirthday();
// TODO: add check
/* --- create PGPPublicKey from armored PGP key block: */
String userId = googleUser.getUserId();
String armoredPublicPGPkeyBlock = newUserRegistrationForm.getArmoredPublicPGPkeyBlock();
LOG.warning("[armoredPublicPGPkeyBlock]:");
LOG.warning(armoredPublicPGPkeyBlock);
PGPPublicKey pgpPublicKey = PGPTools.readPublicKeyFromString(armoredPublicPGPkeyBlock);
// create PGPPublicKeyData (Entity in DS) from PGPPublicKey:
PGPPublicKeyData pgpPublicKeyData = new PGPPublicKeyData(pgpPublicKey, armoredPublicPGPkeyBlock, userId);
pgpPublicKeyData.setUserBirthday(userBirthDate);
/* --- Check PGPPublic Key: */
// --- check key creation date/time:
Date creationTime = pgpPublicKey.getCreationTime();
if (creationTime.after(new Date())) {
throw new Exception("Invalid key creation Date/Time");
}
// -- bits size check:
if (pgpPublicKeyData.getBitStrength() < 2048) {
throw new Exception("Key Strength (bits size) should be min 2048 bits");
}
// -- email check:
if (!pgpPublicKeyData.getUserEmail().getEmail().toLowerCase().equals(googleUser.getEmail().toLowerCase())) {
throw new Exception("Email in the key's user ID should be the same as in account");
}
// -- key validity period check
Integer validDays = pgpPublicKey.getValidDays();
if (validDays > 366 * 2) {
throw new Exception("This key valid for more than 2 years");
} else if (validDays <= 0) {
//
throw new Exception("This key's validity term is incorrect");
}
// --- check for dublicates in DS:
List<PGPPublicKeyData> duplicates = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", pgpPublicKeyData.getFingerprint()).list();
if (!duplicates.isEmpty()) {
throw new Exception("The key with fingerprint" + pgpPublicKeyData.getFingerprint() + "already registered");
}
// create CryptonomicaUser:
CryptonomicaUser cryptonomicaUser = new CryptonomicaUser(googleUser, pgpPublicKeyData, newUserRegistrationForm);
// save new user and his key
Key<CryptonomicaUser> cryptonomicaUserKey = ofy().save().entity(cryptonomicaUser).now();
cryptonomicaUser = // ?
ofy().load().key(cryptonomicaUserKey).now();
Key<PGPPublicKeyData> pgpPublicKeyDataKey = ofy().save().entity(pgpPublicKeyData).now();
pgpPublicKeyData = ofy().load().key(pgpPublicKeyDataKey).now();
//
Login login = UserTools.registerLogin(httpServletRequest, googleUser);
//
ArrayList<PGPPublicKeyData> pgpPublicKeyDataArrayList = new ArrayList<>();
pgpPublicKeyDataArrayList.add(pgpPublicKeyData);
UserProfileGeneralView userProfileGeneralView = new UserProfileGeneralView(cryptonomicaUser, pgpPublicKeyDataArrayList);
// - for $rootScope.currentUser
userProfileGeneralView.setRegisteredCryptonomicaUser(Boolean.TRUE);
//
String messageToUser;
if (cryptonomicaUser != null) {
messageToUser = "User created successful";
} else {
messageToUser = "Error creating new user";
}
NewUserRegistrationReturn result = new NewUserRegistrationReturn(messageToUser, new PGPPublicKeyGeneralView(pgpPublicKeyData), userProfileGeneralView, new LoginView(login));
// send an email to user:
final Queue queue = QueueFactory.getDefaultQueue();
Gson prettyGson = new GsonBuilder().setPrettyPrinting().create();
queue.add(TaskOptions.Builder.withUrl("/_ah/SendGridServlet").param("email", googleUser.getEmail()).param("messageSubject", "You are registered on Cryptonomica server").param("messageText", "Congratulation! \n\n" + userProfileGeneralView.getFirstName().toUpperCase() + " " + userProfileGeneralView.getLastName().toUpperCase() + ",\n\n" + "You are registered on Cryptonomica server" + "\n\n" + "To verify your key online:" + "\n" + "1) go to 'My profile', 2) click on key ID and go to page with key data , " + "3) click green button 'Verify online' and follow instructions provided by web application" + "\n\n" + "Best regards, \n\n" + "Cryptonomica team\n\n" + new Date().toString() + "\n\n" + "if you think it's wrong or it is an error, please write to admin@cryptonomica.net \n"));
//
return result;
}
Aggregations