simonvareille/keyserver
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Rename files

Browse Source
This commit is contained in:
Tankred Hase
2016-05-28 15:11:28 +02:00
parent dcd2d0df0c
commit 2f789eeb42
9 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

113
src/route/hkp.js Normal file
View File

@@ -0,0 +1,113 @@
/**
* Mailvelope - secure email with OpenPGP encryption for Webmail
* Copyright (C) 2016 Mailvelope GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License version 3
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
'use strict';
const parse = require('co-body');
const util = require('../ctrl/util');
/**
* An implementation of the OpenPGP HTTP Keyserver Protocol (HKP)
* See https://tools.ietf.org/html/draft-shaw-openpgp-hkp-00
*/
class HKP {
/**
* Create an instance of the HKP server
* @param {Object} publicKey An instance of the public key controller
*/
constructor(publicKey) {
this._publicKey = publicKey;
}
/**
* Public key upload via http POST
* @param {Object} ctx The koa request/response context
*/
*add(ctx) {
let body = yield parse.form(ctx, { limit: '1mb' });
if (!util.validatePublicKey(body.keytext)) {
ctx.throw(400, 'Invalid request!');
}
yield this._publicKey.put({ publicKeyArmored:body.keytext });
}
/**
* Public key lookup via http GET
* @param {Object} ctx The koa request/response context
*/
*lookup(ctx) {
let params = this.parseQueryString(ctx);
let key = yield this._publicKey.get(params);
this.setGetHeaders(ctx, params);
ctx.body = key.publicKeyArmored;
}
/**
* Parse the query string for a lookup request and set a corresponding
* error code if the requests is not supported or invalid.
* @param {Object} ctx The koa request/response context
* @return {Object} The query parameters or undefined for an invalid request
*/
parseQueryString(ctx) {
let params = {
op: ctx.query.op, // operation ... only 'get' is supported
mr: ctx.query.options === 'mr' // machine readable
};
if (this.checkId(ctx.query.search)) {
params.keyid = ctx.query.search.replace(/^0x/, '');
} else if(util.validateAddress(ctx.query.search)) {
params.email = ctx.query.search;
}
if (params.op !== 'get') {
ctx.throw(501, 'Not implemented!');
} else if (!params.keyid && !params.email) {
ctx.throw(400, 'Invalid request!');
}
return params;
}
/**
* Checks for a valid key id in the query string. A key must be prepended
* with '0x' and can be between 8 and 40 hex characters long.
* @param {String} keyid The key id
* @return {Boolean} If the key id is valid
*/
checkId(keyid) {
if (!util.isString(keyid)) {
return false;
}
return /^0x[a-fA-F0-9]{8,40}$/.test(keyid);
}
/**
* Set HTTP headers for a GET requests with 'mr' (machine readable) options.
* @param {Object} ctx The koa request/response context
* @param {Object} params The parsed query string parameters
*/
setGetHeaders(ctx, params) {
if (params.mr) {
ctx.set('Content-Type', 'application/pgp-keys; charset=UTF-8');
ctx.set('Content-Disposition', 'attachment; filename=openpgpkey.asc');
}
}
}
module.exports = HKP;

90
src/route/rest.js Normal file
View File

@@ -0,0 +1,90 @@
/**
* Mailvelope - secure email with OpenPGP encryption for Webmail
* Copyright (C) 2016 Mailvelope GmbH
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License version 3
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
'use strict';
const parse = require('co-body');
const util = require('../ctrl/util');
/**
* The REST api to provide additional functionality on top of HKP
*/
class REST {
/**
* Create an instance of the REST server
* @param {Object} publicKey An instance of the public key controller
*/
constructor(publicKey) {
this._publicKey = publicKey;
}
/**
* Public key upload via http POST
* @param {Object} ctx The koa request/response context
*/
*create(ctx) {
let pk = yield parse.json(ctx, { limit: '1mb' });
if ((pk.primaryEmail && !util.validateAddress(pk.primaryEmail)) ||
!util.validatePublicKey(pk.publicKeyArmored)) {
ctx.throw(400, 'Invalid request!');
}
yield this._publicKey(pk);
}
*verify(ctx) {
ctx.throw(501, 'Not implemented!');
yield;
}
/**
* Public key fetch via http GET
* @param {Object} ctx The koa request/response context
*/
*read(ctx) {
let q = { keyid:ctx.query.keyid, email:ctx.query.email };
if (!util.validateKeyId(q.keyid) && !util.validateAddress(q.email)) {
ctx.throw(400, 'Invalid request!');
}
ctx.body = yield this._publicKey.get(q);
}
/**
* Public key fetch via http GET (shorthand link for sharing)
* @param {Object} ctx The koa request/response context
*/
*share(ctx) {
let q = { email:ctx.params.email };
if (!util.validateAddress(q.email)) {
ctx.throw(400, 'Invalid request!');
}
ctx.body = (yield this._publicKey.get(q)).publicKeyArmored;
}
*remove(ctx) {
ctx.throw(501, 'Not implemented!');
yield;
}
*verifyRemove(ctx) {
ctx.throw(501, 'Not implemented!');
yield;
}
}
module.exports = REST;