afan
/
gitea
Bevaka 1
Stjärnmärk 0
Förgrening 0
Kod Ärenden 0 Pull-förfrågningar 0 Släpp 0 Wiki Activity
gitea源码
3 Incheckningar
2 Grenar
Gren: master
Grenar Taggar
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
gitea/models/asymkey/gpg_key_add.go

gpg_key_add.go 4.3KB
Permalänk Historik

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package asymkey

  5. 

  6. import (

  7. 	"context"

  8. 	"strings"

  9. 

  10. 	"code.gitea.io/gitea/models/db"

  11. 	"code.gitea.io/gitea/modules/log"

  12. 

  13. 	"github.com/ProtonMail/go-crypto/openpgp"

  14. )

  15. 

  16. //   __________________  ________   ____  __.

  17. //  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.

  18. // /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |

  19. // \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |

  20. //  \______  /|____|    \______  / |____|__ \___  > ____|

  21. //         \/                  \/          \/   \/\/

  22. //    _____       .___  .___

  23. //   /  _  \    __| _/__| _/

  24. //	/  /_\  \  / __ |/ __ |

  25. // /    |    \/ /_/ / /_/ |

  26. // \____|__  /\____ \____ |

  27. //         \/      \/    \/

  28. 

  29. // This file contains functions relating to adding GPG Keys

  30. 

  31. // addGPGKey add key, import and subkeys to database

  32. func addGPGKey(ctx context.Context, key *GPGKey, content string) (err error) {

  33. 	// Add GPGKeyImport

  34. 	if err = db.Insert(ctx, &GPGKeyImport{

  35. 		KeyID:   key.KeyID,

  36. 		Content: content,

  37. 	}); err != nil {

  38. 		return err

  39. 	}

  40. 	// Save GPG primary key.

  41. 	if err = db.Insert(ctx, key); err != nil {

  42. 		return err

  43. 	}

  44. 	// Save GPG subs key.

  45. 	for _, subkey := range key.SubsKey {

  46. 		if err := addGPGSubKey(ctx, subkey); err != nil {

  47. 			return err

  48. 		}

  49. 	}

  50. 	return nil

  51. }

  52. 

  53. // addGPGSubKey add subkeys to database

  54. func addGPGSubKey(ctx context.Context, key *GPGKey) (err error) {

  55. 	// Save GPG primary key.

  56. 	if err = db.Insert(ctx, key); err != nil {

  57. 		return err

  58. 	}

  59. 	// Save GPG subs key.

  60. 	for _, subkey := range key.SubsKey {

  61. 		if err := addGPGSubKey(ctx, subkey); err != nil {

  62. 			return err

  63. 		}

  64. 	}

  65. 	return nil

  66. }

  67. 

  68. // AddGPGKey adds new public key to database.

  69. func AddGPGKey(ctx context.Context, ownerID int64, content, token, signature string) ([]*GPGKey, error) {

  70. 	ekeys, err := CheckArmoredGPGKeyString(content)

  71. 	if err != nil {

  72. 		return nil, err

  73. 	}

  74. 

  75. 	return db.WithTx2(ctx, func(ctx context.Context) ([]*GPGKey, error) {

  76. 		keys := make([]*GPGKey, 0, len(ekeys))

  77. 

  78. 		verified := false

  79. 		// Handle provided signature

  80. 		if signature != "" {

  81. 			signer, err := openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token), strings.NewReader(signature), nil)

  82. 			if err != nil {

  83. 				signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\n"), strings.NewReader(signature), nil)

  84. 			}

  85. 			if err != nil {

  86. 				signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\r\n"), strings.NewReader(signature), nil)

  87. 			}

  88. 			if err != nil {

  89. 				log.Debug("AddGPGKey CheckArmoredDetachedSignature failed: %v", err)

  90. 				return nil, ErrGPGInvalidTokenSignature{

  91. 					ID:      ekeys[0].PrimaryKey.KeyIdString(),

  92. 					Wrapped: err,

  93. 				}

  94. 			}

  95. 			ekeys = []*openpgp.Entity{signer}

  96. 			verified = true

  97. 		}

  98. 

  99. 		if len(ekeys) > 1 {

  100. 			id2key := map[string]*openpgp.Entity{}

  101. 			newEKeys := make([]*openpgp.Entity, 0, len(ekeys))

  102. 			for _, ekey := range ekeys {

  103. 				id := ekey.PrimaryKey.KeyIdString()

  104. 				if original, has := id2key[id]; has {

  105. 					// Coalesce this with the other one

  106. 					for _, subkey := range ekey.Subkeys {

  107. 						if subkey.PublicKey == nil {

  108. 							continue

  109. 						}

  110. 						found := false

  111. 

  112. 						for _, originalSubkey := range original.Subkeys {

  113. 							if originalSubkey.PublicKey == nil {

  114. 								continue

  115. 							}

  116. 							if originalSubkey.PublicKey.KeyId == subkey.PublicKey.KeyId {

  117. 								found = true

  118. 								break

  119. 							}

  120. 						}

  121. 						if !found {

  122. 							original.Subkeys = append(original.Subkeys, subkey)

  123. 						}

  124. 					}

  125. 					for name, identity := range ekey.Identities {

  126. 						if _, has := original.Identities[name]; has {

  127. 							continue

  128. 						}

  129. 						original.Identities[name] = identity

  130. 					}

  131. 					continue

  132. 				}

  133. 				id2key[id] = ekey

  134. 				newEKeys = append(newEKeys, ekey)

  135. 			}

  136. 			ekeys = newEKeys

  137. 		}

  138. 

  139. 		for _, ekey := range ekeys {

  140. 			// Key ID cannot be duplicated.

  141. 			has, err := db.GetEngine(ctx).Where("key_id=?", ekey.PrimaryKey.KeyIdString()).

  142. 				Get(new(GPGKey))

  143. 			if err != nil {

  144. 				return nil, err

  145. 			} else if has {

  146. 				return nil, ErrGPGKeyIDAlreadyUsed{ekey.PrimaryKey.KeyIdString()}

  147. 			}

  148. 

  149. 			key, err := parseGPGKey(ctx, ownerID, ekey, verified)

  150. 			if err != nil {

  151. 				return nil, err

  152. 			}

  153. 

  154. 			if err = addGPGKey(ctx, key, content); err != nil {

  155. 				return nil, err

  156. 			}

  157. 			keys = append(keys, key)

  158. 		}

  159. 		return keys, nil

  160. 	})

  161. }