afan
/
gitea
Observar 1
Favorito 0
Fork 0
Código Issues 0 Pull Requests 0 Versões 0 Wiki Atividade
gitea源码
3 Commits
2 Branches
Branch: master
Branches Tags
${ item.name }
Criar branch ${ searchTerm }
de master
${ noResults }
gitea/models/asymkey/gpg_key_verify.go

gpg_key_verify.go 2.4KB
Link permanente Histórico Original

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899 
  1. // Copyright 2021 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package asymkey

  5. 

  6. import (

  7. 	"context"

  8. 	"strconv"

  9. 	"time"

  10. 

  11. 	"code.gitea.io/gitea/models/db"

  12. 	user_model "code.gitea.io/gitea/models/user"

  13. 	"code.gitea.io/gitea/modules/base"

  14. 	"code.gitea.io/gitea/modules/log"

  15. )

  16. 

  17. // This file provides functions relating verifying gpg keys

  18. 

  19. // VerifyGPGKey marks a GPG key as verified

  20. func VerifyGPGKey(ctx context.Context, ownerID int64, keyID, token, signature string) (string, error) {

  21. 	return db.WithTx2(ctx, func(ctx context.Context) (string, error) {

  22. 		key := new(GPGKey)

  23. 

  24. 		has, err := db.GetEngine(ctx).Where("owner_id = ? AND key_id = ?", ownerID, keyID).Get(key)

  25. 		if err != nil {

  26. 			return "", err

  27. 		} else if !has {

  28. 			return "", ErrGPGKeyNotExist{}

  29. 		}

  30. 

  31. 		if err := key.LoadSubKeys(ctx); err != nil {

  32. 			return "", err

  33. 		}

  34. 

  35. 		sig, err := ExtractSignature(signature)

  36. 		if err != nil {

  37. 			return "", ErrGPGInvalidTokenSignature{

  38. 				ID:      key.KeyID,

  39. 				Wrapped: err,

  40. 			}

  41. 		}

  42. 

  43. 		signer, err := hashAndVerifyWithSubKeys(sig, token, key)

  44. 		if err != nil {

  45. 			return "", ErrGPGInvalidTokenSignature{

  46. 				ID:      key.KeyID,

  47. 				Wrapped: err,

  48. 			}

  49. 		}

  50. 		if signer == nil {

  51. 			signer, err = hashAndVerifyWithSubKeys(sig, token+"\n", key)

  52. 			if err != nil {

  53. 				return "", ErrGPGInvalidTokenSignature{

  54. 					ID:      key.KeyID,

  55. 					Wrapped: err,

  56. 				}

  57. 			}

  58. 		}

  59. 		if signer == nil {

  60. 			signer, err = hashAndVerifyWithSubKeys(sig, token+"\n\n", key)

  61. 			if err != nil {

  62. 				return "", ErrGPGInvalidTokenSignature{

  63. 					ID:      key.KeyID,

  64. 					Wrapped: err,

  65. 				}

  66. 			}

  67. 		}

  68. 

  69. 		if signer == nil {

  70. 			log.Debug("VerifyGPGKey failed: no signer")

  71. 			return "", ErrGPGInvalidTokenSignature{

  72. 				ID: key.KeyID,

  73. 			}

  74. 		}

  75. 

  76. 		if signer.PrimaryKeyID != key.KeyID && signer.KeyID != key.KeyID {

  77. 			return "", ErrGPGKeyNotExist{}

  78. 		}

  79. 

  80. 		key.Verified = true

  81. 		if _, err := db.GetEngine(ctx).ID(key.ID).SetExpr("verified", true).Update(new(GPGKey)); err != nil {

  82. 			return "", err

  83. 		}

  84. 

  85. 		return key.KeyID, nil

  86. 	})

  87. }

  88. 

  89. // VerificationToken returns token for the user that will be valid in minutes (time)

  90. func VerificationToken(user *user_model.User, minutes int) string {

  91. 	return base.EncodeSha256(

  92. 		time.Now().Truncate(1*time.Minute).Add(time.Duration(minutes)*time.Minute).Format(

  93. 			time.RFC1123Z) + ":" +

  94. 			user.CreatedUnix.Format(time.RFC1123Z) + ":" +

  95. 			user.Name + ":" +

  96. 			user.Email + ":" +

  97. 			strconv.FormatInt(user.ID, 10))

  98. }