Search in sources :

Example 1 with PGPPublicKeyGeneralView

use of net.cryptonomica.returns.PGPPublicKeyGeneralView in project cryptonomica by Cryptonomica.

the class PGPPublicKeyAPI method uploadNewPGPPublicKey.

// end of getPGPPublicKeyByFingerprint()
@ApiMethod(name = "uploadNewPGPPublicKey", path = "uploadNewPGPPublicKey", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public PGPPublicKeyUploadReturn uploadNewPGPPublicKey(// final HttpServletRequest httpServletRequest,
final User googleUser, final PGPPublicKeyUploadForm pgpPublicKeyUploadForm) throws Exception {
    // authorization
    CryptonomicaUser cryptonomicaUser = UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // 
    if (pgpPublicKeyUploadForm == null || pgpPublicKeyUploadForm.getAsciiArmored() == null || pgpPublicKeyUploadForm.getAsciiArmored().length() == 0) {
        throw new Exception("ASCII-armored key is empty");
    }
    // --- LOG request form: (after check if not null)
    LOG.warning(GSON.toJson(pgpPublicKeyUploadForm));
    String asciiArmored = pgpPublicKeyUploadForm.getAsciiArmored();
    PGPPublicKey pgpPublicKey = PGPTools.readPublicKeyFromString(asciiArmored);
    // -> throws IOException, PGPException
    LOG.warning(GSON.toJson(pgpPublicKey));
    PGPPublicKeyData pgpPublicKeyData = PGPTools.checkPublicKey(pgpPublicKey, asciiArmored, cryptonomicaUser);
    pgpPublicKeyData.setUserBirthday(cryptonomicaUser.getBirthday());
    // -- add @Parent value: ---
    pgpPublicKeyData.setCryptonomicaUserKey(Key.create(CryptonomicaUser.class, googleUser.getUserId()));
    // save key
    Key<PGPPublicKeyData> pgpPublicKeyDataKey = ofy().save().entity(pgpPublicKeyData).now();
    // load key from DB and and create return object
    String messageToUser = "Key " + pgpPublicKeyData.getFingerprint() + " saved in data base";
    PGPPublicKeyGeneralView pgpPublicKeyGeneralView = new PGPPublicKeyGeneralView(ofy().load().key(pgpPublicKeyDataKey).now());
    PGPPublicKeyUploadReturn pgpPublicKeyUploadReturn = new PGPPublicKeyUploadReturn(messageToUser, pgpPublicKeyGeneralView);
    return pgpPublicKeyUploadReturn;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey) PGPPublicKeyUploadReturn(net.cryptonomica.returns.PGPPublicKeyUploadReturn) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 2 with PGPPublicKeyGeneralView

use of net.cryptonomica.returns.PGPPublicKeyGeneralView in project cryptonomica by Cryptonomica.

the class NewUserRegistrationAPI method registerNewUser.

@ApiMethod(name = "registerNewUser", path = "registerNewUser", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // creates a new cryptonomica user and saves him/her to database
NewUserRegistrationReturn registerNewUser(final HttpServletRequest httpServletRequest, final User googleUser, final NewUserRegistrationForm newUserRegistrationForm) throws Exception {
    /* --- Ensure 1) user login, 2) not already registered:: */
    UserTools.ensureNewCryptonomicaUser(googleUser);
    /* --- Check form:*/
    if (newUserRegistrationForm.getArmoredPublicPGPkeyBlock() == null || newUserRegistrationForm.getArmoredPublicPGPkeyBlock().length() == 0) {
        throw new Exception("ASCII-armored PGP public key can not be empty");
    // } else if (newUserRegistrationForm.getUserInfo() == null) {
    // throw new Exception("Info can not be empty");
    } else if (newUserRegistrationForm.getBirthday() == null) {
        throw new Exception("Birthdate can not be empty");
    }
    /* --- user BirthDate */
    Date userBirthDate = newUserRegistrationForm.getBirthday();
    // TODO: add check
    /* --- create PGPPublicKey from armored PGP key block: */
    String userId = googleUser.getUserId();
    String armoredPublicPGPkeyBlock = newUserRegistrationForm.getArmoredPublicPGPkeyBlock();
    LOG.warning("[armoredPublicPGPkeyBlock]:");
    LOG.warning(armoredPublicPGPkeyBlock);
    PGPPublicKey pgpPublicKey = PGPTools.readPublicKeyFromString(armoredPublicPGPkeyBlock);
    // create PGPPublicKeyData (Entity in DS) from PGPPublicKey:
    PGPPublicKeyData pgpPublicKeyData = new PGPPublicKeyData(pgpPublicKey, armoredPublicPGPkeyBlock, userId);
    pgpPublicKeyData.setUserBirthday(userBirthDate);
    /* --- Check PGPPublic Key: */
    // --- check key creation date/time:
    Date creationTime = pgpPublicKey.getCreationTime();
    if (creationTime.after(new Date())) {
        throw new Exception("Invalid key creation Date/Time");
    }
    // -- bits size check:
    if (pgpPublicKeyData.getBitStrength() < 2048) {
        throw new Exception("Key Strength (bits size) should be min 2048 bits");
    }
    // -- email check:
    if (!pgpPublicKeyData.getUserEmail().getEmail().toLowerCase().equals(googleUser.getEmail().toLowerCase())) {
        throw new Exception("Email in the key's user ID should be the same as in account");
    }
    // -- key validity period check
    Integer validDays = pgpPublicKey.getValidDays();
    if (validDays > 366 * 2) {
        throw new Exception("This key valid for more than 2 years");
    } else if (validDays <= 0) {
        // 
        throw new Exception("This key's validity term is incorrect");
    }
    // --- check for dublicates in DS:
    List<PGPPublicKeyData> duplicates = ofy().load().type(PGPPublicKeyData.class).filter("fingerprintStr", pgpPublicKeyData.getFingerprint()).list();
    if (!duplicates.isEmpty()) {
        throw new Exception("The key with fingerprint" + pgpPublicKeyData.getFingerprint() + "already registered");
    }
    // create CryptonomicaUser:
    CryptonomicaUser cryptonomicaUser = new CryptonomicaUser(googleUser, pgpPublicKeyData, newUserRegistrationForm);
    // save new user and his key
    Key<CryptonomicaUser> cryptonomicaUserKey = ofy().save().entity(cryptonomicaUser).now();
    cryptonomicaUser = // ?
    ofy().load().key(cryptonomicaUserKey).now();
    Key<PGPPublicKeyData> pgpPublicKeyDataKey = ofy().save().entity(pgpPublicKeyData).now();
    pgpPublicKeyData = ofy().load().key(pgpPublicKeyDataKey).now();
    // 
    Login login = UserTools.registerLogin(httpServletRequest, googleUser);
    // 
    ArrayList<PGPPublicKeyData> pgpPublicKeyDataArrayList = new ArrayList<>();
    pgpPublicKeyDataArrayList.add(pgpPublicKeyData);
    UserProfileGeneralView userProfileGeneralView = new UserProfileGeneralView(cryptonomicaUser, pgpPublicKeyDataArrayList);
    // - for $rootScope.currentUser
    userProfileGeneralView.setRegisteredCryptonomicaUser(Boolean.TRUE);
    // 
    String messageToUser;
    if (cryptonomicaUser != null) {
        messageToUser = "User created successful";
    } else {
        messageToUser = "Error creating new user";
    }
    NewUserRegistrationReturn result = new NewUserRegistrationReturn(messageToUser, new PGPPublicKeyGeneralView(pgpPublicKeyData), userProfileGeneralView, new LoginView(login));
    // send an email to user:
    final Queue queue = QueueFactory.getDefaultQueue();
    Gson prettyGson = new GsonBuilder().setPrettyPrinting().create();
    queue.add(TaskOptions.Builder.withUrl("/_ah/SendGridServlet").param("email", googleUser.getEmail()).param("messageSubject", "You are registered on Cryptonomica server").param("messageText", "Congratulation! \n\n" + userProfileGeneralView.getFirstName().toUpperCase() + " " + userProfileGeneralView.getLastName().toUpperCase() + ",\n\n" + "You are registered on Cryptonomica server" + "\n\n" + "To verify your key online:" + "\n" + "1) go to 'My profile', 2) click on key ID and go to page with key data , " + "3) click green button 'Verify online' and follow instructions provided by web application" + "\n\n" + "Best regards, \n\n" + "Cryptonomica team\n\n" + new Date().toString() + "\n\n" + "if you think it's wrong or it is an error, please write to admin@cryptonomica.net \n"));
    // 
    return result;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) GsonBuilder(com.google.gson.GsonBuilder) ArrayList(java.util.ArrayList) PGPPublicKey(org.bouncycastle.openpgp.PGPPublicKey) Gson(com.google.gson.Gson) Login(net.cryptonomica.entities.Login) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser) Date(java.util.Date) UserProfileGeneralView(net.cryptonomica.returns.UserProfileGeneralView) NewUserRegistrationReturn(net.cryptonomica.returns.NewUserRegistrationReturn) LoginView(net.cryptonomica.returns.LoginView) Queue(com.google.appengine.api.taskqueue.Queue) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 3 with PGPPublicKeyGeneralView

use of net.cryptonomica.returns.PGPPublicKeyGeneralView in project cryptonomica by Cryptonomica.

the class PGPPublicKeyAPI method getPGPPublicKeyByFingerprint.

@ApiMethod(name = "getPGPPublicKeyByFingerprint", path = "getPGPPublicKeyByFingerprint", httpMethod = ApiMethod.HttpMethod.GET)
@SuppressWarnings("unused")
public // get key by by fingerprint
PGPPublicKeyGeneralView getPGPPublicKeyByFingerprint(final User googleUser, @Named("fingerprint") final String fingerprint) throws Exception {
    /* Log request: */
    LOG.warning("Request: @Named(\"fingerprint\") : " + fingerprint);
    /* Check authorization: */
    UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // GET Key from DataBase by fingerprint:
    PGPPublicKeyData pgpPublicKeyData = PGPTools.getPGPPublicKeyDataFromDataBaseByFingerprint(fingerprint);
    // make key representation, return result
    PGPPublicKeyGeneralView pgpPublicKeyGeneralView = new PGPPublicKeyGeneralView(pgpPublicKeyData);
    LOG.warning("Result: " + GSON.toJson(pgpPublicKeyGeneralView));
    return pgpPublicKeyGeneralView;
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 4 with PGPPublicKeyGeneralView

use of net.cryptonomica.returns.PGPPublicKeyGeneralView in project cryptonomica by Cryptonomica.

the class PGPPublicKeyAPI method getPGPPublicKeyByWebSafeString.

@ApiMethod(name = "getPGPPublicKeyByWebSafeString", path = "getPGPPublicKeyByWebSafeString", httpMethod = ApiMethod.HttpMethod.GET)
@SuppressWarnings("unused")
public // get key by by WebSafeString
PGPPublicKeyGeneralView getPGPPublicKeyByWebSafeString(final User googleUser, @Named("websafestring") final String webSafeString) throws Exception {
    /* Check authorization */
    UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    /* Validate form: */
    LOG.warning("@Named(\"websafestring\") : " + webSafeString);
    if (webSafeString == null || webSafeString.length() < 1) {
        throw new Exception("Invalid public key in request");
    }
    /* Load PGPPublicKeyData from DB*/
    Key<PGPPublicKeyData> pgpPublicKeyDataKey = Key.create(webSafeString);
    PGPPublicKeyData pgpPublicKeyData = null;
    try {
        pgpPublicKeyData = ofy().load().key(pgpPublicKeyDataKey).now();
    } catch (Exception e) {
        LOG.warning("Load PGPPublicKeyData from DB failed: " + e.getMessage());
    }
    if (pgpPublicKeyData == null) {
        LOG.warning("pgpPublicKeyData == null");
        throw new Exception("Public PGP key not found");
    }
    return new PGPPublicKeyGeneralView(pgpPublicKeyData);
}
Also used : PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Example 5 with PGPPublicKeyGeneralView

use of net.cryptonomica.returns.PGPPublicKeyGeneralView in project cryptonomica by Cryptonomica.

the class UserSearchAndViewAPI method getMyProfile.

// end of getUserProfileById @ApiMethod
@// <<< --- not used, use getMyUserData in CryptonomicaUserAPI
ApiMethod(name = "getMyProfile", path = "getMyProfile", httpMethod = ApiMethod.HttpMethod.POST)
@SuppressWarnings("unused")
public // returns list of user profiles
UserProfileGeneralView getMyProfile(final User googleUser) throws Exception {
    // ensure authorization
    UserTools.ensureCryptonomicaRegisteredUser(googleUser);
    // 
    Key<CryptonomicaUser> myKey = Key.create(CryptonomicaUser.class, googleUser.getUserId());
    CryptonomicaUser profile = ofy().load().key(myKey).now();
    UserProfileGeneralView userProfileGeneralView = new UserProfileGeneralView(profile);
    List<PGPPublicKeyData> pgpPublicKeyDataList = ofy().load().type(PGPPublicKeyData.class).ancestor(myKey).list();
    ArrayList<PGPPublicKeyGeneralView> pgpPublicKeyGeneralViews = new ArrayList<>();
    for (PGPPublicKeyData pgpPublicKeyData : pgpPublicKeyDataList) {
        pgpPublicKeyGeneralViews.add(new PGPPublicKeyGeneralView(pgpPublicKeyData));
    }
    userProfileGeneralView.setPgpPublicKeyGeneralViews(pgpPublicKeyGeneralViews);
    return userProfileGeneralView;
}
Also used : UserProfileGeneralView(net.cryptonomica.returns.UserProfileGeneralView) PGPPublicKeyData(net.cryptonomica.entities.PGPPublicKeyData) PGPPublicKeyGeneralView(net.cryptonomica.returns.PGPPublicKeyGeneralView) ArrayList(java.util.ArrayList) CryptonomicaUser(net.cryptonomica.entities.CryptonomicaUser) ApiMethod(com.google.api.server.spi.config.ApiMethod)

Aggregations

ApiMethod (com.google.api.server.spi.config.ApiMethod)5 PGPPublicKeyData (net.cryptonomica.entities.PGPPublicKeyData)5 PGPPublicKeyGeneralView (net.cryptonomica.returns.PGPPublicKeyGeneralView)5 CryptonomicaUser (net.cryptonomica.entities.CryptonomicaUser)3 ArrayList (java.util.ArrayList)2 UserProfileGeneralView (net.cryptonomica.returns.UserProfileGeneralView)2 PGPPublicKey (org.bouncycastle.openpgp.PGPPublicKey)2 Queue (com.google.appengine.api.taskqueue.Queue)1 Gson (com.google.gson.Gson)1 GsonBuilder (com.google.gson.GsonBuilder)1 Date (java.util.Date)1 Login (net.cryptonomica.entities.Login)1 LoginView (net.cryptonomica.returns.LoginView)1 NewUserRegistrationReturn (net.cryptonomica.returns.NewUserRegistrationReturn)1 PGPPublicKeyUploadReturn (net.cryptonomica.returns.PGPPublicKeyUploadReturn)1