Examples with PGPPublicKeyData net.cryptonomica.entities.PGPPublicKeyData used on opensource projects

Example 11 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class PGPTools method checkPublicKey.

/* this can be used to check if provided OpenPGP public key
     * contains all required information to be stored in DataBase
     * */
public static PGPPublicKeyData checkPublicKey(final PGPPublicKey pgpPublicKey, final String asciiArmored, final CryptonomicaUser cryptonomicaUser) throws Exception {
    // -- email check:
    PGPPublicKeyData pgpPublicKeyData = new PGPPublicKeyData(pgpPublicKey, asciiArmored, cryptonomicaUser.getUserId());
    String userEmailFromAccount = cryptonomicaUser.getEmail().getEmail().toLowerCase();
    String userEmailFromKey = pgpPublicKeyData.getUserEmail().getEmail().toLowerCase();
    if (!userEmailFromKey.equals(userEmailFromAccount)) {
        throw new Exception("Email in the key's user ID should be the same as in account");
    }
    // --- first and last name check:
    String firstNameFromAccount = cryptonomicaUser.getFirstName().toLowerCase();
    String lastNameFromAccount = cryptonomicaUser.getLastName().toLowerCase();
    String firstNameFromKey = pgpPublicKeyData.getFirstName().toLowerCase();
    String lastNameFromKey = pgpPublicKeyData.getLastName().toLowerCase();
    if (!firstNameFromAccount.equals(firstNameFromKey) || !lastNameFromAccount.equals(lastNameFromKey)) {
        throw new Exception("First and last name in key should be exactly as first and last name in account");
    }
    // --- check key creation date/time:
    Date creationTime = pgpPublicKey.getCreationTime();
    if (creationTime.after(new Date())) {
        throw new Exception("Invalid key creation Date/Time");
    }
    // -- bits size check:
    if (pgpPublicKeyData.getBitStrength() < 2048) {
        throw new Exception("Key Strength (bits size) should be min 2048 bits");
    }
    // -- key validity period check
    Integer validDays = pgpPublicKey.getValidDays();
    if (validDays > 366 * 2) {
        throw new Exception("This key valid for more than 2 years");
    } else if (validDays <= 0) {
        // 
        throw new Exception("This key's validity term is incorrect");
    }
    // --- check for dublicates in DS:
    List<PGPPublicKeyData> duplicates = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", pgpPublicKeyData.getFingerprint()).list();
    if (!duplicates.isEmpty()) {
        throw new Exception("The key with this fingerprint (" + pgpPublicKeyData.getFingerprint() + ") already registered");
    }
    // if no Exceptions:
    return pgpPublicKeyData;
}

Example 12 with PGPPublicKeyData

use of net.cryptonomica.entities.PGPPublicKeyData in project cryptonomica by Cryptonomica.

the class EthNodeAPI method verifyEthAddress.

@ApiMethod(name = "verifyEthAddress", path = "verifyEthAddress", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public BooleanWrapperObject verifyEthAddress(// final HttpServletRequest httpServletRequest,
final User googleUser, @Named("ethereumAcc") final String ethereumAcc) throws IllegalArgumentException, UnauthorizedException, Exception {
    BooleanWrapperObject result = new BooleanWrapperObject();
    // ensure registered user ( - may be later only for verified):
    CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // check form:
    LOG.warning("ethereumAcc" + ethereumAcc);
    if (ethereumAcc == null || ethereumAcc.equals("")) {
        throw new IllegalArgumentException("Provided text is to short or empty");
    }
    String tomcatWeb3jAPIkey = ofy().load().key(Key.create(AppSettings.class, "tomcatweb3jAPIkey")).now().getValue();
    String urlHost = "https://tomcatweb3j.cryptonomica.net";
    String urlPath = "/GetVerificationRequestDataServlet";
    String urlAddress = urlHost + urlPath;
    // HashMap<String, String> queryMap = new HashMap<>();
    // queryMap.put("address", ethereumAcc);
    String postRequestBody = "address=" + ethereumAcc;
    HTTPResponse httpResponse = HttpService.postRequestWithAPIkey(urlAddress, postRequestBody, tomcatWeb3jAPIkey);
    byte[] httpResponseContentBytes = httpResponse.getContent();
    String httpResponseContentString = new String(httpResponseContentBytes, StandardCharsets.UTF_8);
    // Test:
    // Object resObj = new Gson().fromJson(httpResponseContentString, Object.class); // --- exception
    // LOG.warning("resObj: " + new Gson().toJson(resObj));
    LOG.warning("httpResponseContentString: " + httpResponseContentString);
    VerificationRequestDataFromSC verificationRequestDataFromSC = GSON.fromJson(httpResponseContentString, VerificationRequestDataFromSC.class);
    // GET Key from DataBase by fingerprint:
    String unverifiedFingerprint = verificationRequestDataFromSC.getUnverifiedFingerprint();
    String signedString = verificationRequestDataFromSC.getSignedString();
    PGPPublicKeyData pgpPublicKeyData = PGPTools.getPGPPublicKeyDataFromDataBaseByFingerprint(unverifiedFingerprint);
    Boolean keyVerifiedOffline = pgpPublicKeyData.getVerified();
    Boolean keyVerifiedOnline = pgpPublicKeyData.getOnlineVerificationFinished();
    if (!keyVerifiedOffline && !keyVerifiedOnline) {
        throw new Exception("Owner of the OpenPGP key " + pgpPublicKeyData.getFingerprint() + " not verified. Can not process with ETH address verification for " + ethereumAcc);
    }
    PGPPublicKey publicKey = PGPTools.readPublicKeyFromString(pgpPublicKeyData.getAsciiArmored().getValue());
    result.setResult(PGPTools.verifyText(signedString, publicKey));
    if (result.getResult()) {
        Map<String, String> parameterMap = new HashMap<>();
        parameterMap.put("acc", ethereumAcc);
        parameterMap.put("fingerprint", unverifiedFingerprint);
        // https://stackoverflow.com/questions/7784421/getting-unix-timestamp-from-date
        Long keyCertificateValidUntilUnixTimeLong = pgpPublicKeyData.getExp().getTime() / 1000;
        Integer keyCertificateValidUntilUnixTime = keyCertificateValidUntilUnixTimeLong.intValue();
        parameterMap.put("keyCertificateValidUntil", keyCertificateValidUntilUnixTime.toString());
        parameterMap.put("firstName", pgpPublicKeyData.getFirstName());
        parameterMap.put("lastName", pgpPublicKeyData.getLastName());
        if (pgpPublicKeyData.getUserBirthday() != null) {
            // for testing with old keys only
            Long birthDateUnixTimeLong = pgpPublicKeyData.getUserBirthday().getTime() / 1000;
            Integer birthDateUnixTime = birthDateUnixTimeLong.intValue();
            parameterMap.put("birthDate", birthDateUnixTime.toString());
        } else {
            parameterMap.put("birthDate", "null");
        }
        if (pgpPublicKeyData.getNationality() != null) {
            // for testing with old keys only
            parameterMap.put("nationality", pgpPublicKeyData.getNationality());
        } else {
            parameterMap.put("nationality", "null");
        }
        LOG.warning("parameterMap: ");
        LOG.warning(GSON.toJson(parameterMap));
        HTTPResponse httpResponseFromAddVerificationDataServlet = HttpService.makePostRequestWithParametersMapAndApiKey("https://tomcatweb3j.cryptonomica.net/addVerificationData", tomcatWeb3jAPIkey, parameterMap);
        byte[] httpResponseContentBytesFromAddVerificationDataServlet = httpResponseFromAddVerificationDataServlet.getContent();
        String httpResponseContentStringAddVerificationDataServlet = new String(httpResponseContentBytesFromAddVerificationDataServlet, StandardCharsets.UTF_8);
        LOG.warning(httpResponseContentStringAddVerificationDataServlet);
        result.setMessage(// tx receipt
        httpResponseContentStringAddVerificationDataServlet);
    }
    LOG.warning("result:");
    LOG.warning(GSON.toJson(result));
    return result;
}