keyproofs/pkg/opgp/util.go

package opgp

import (
	"bytes"
	"context"
	"crypto/sha1"
	"fmt"
	"io"
	"net/http"
	"net/mail"
	"net/url"
	"strings"

	"github.com/rs/zerolog/log"
	"github.com/sour-is/crypto/openpgp"
	"github.com/sour-is/keyproofs/pkg/opgp/entity"
	"github.com/tv42/zbase32"
	"golang.org/x/crypto/openpgp/armor"
)

func GetKey(ctx context.Context, id string) (entity *entity.Entity, err error) {
	if isFingerprint(id) {
		addr := "https://keys.openpgp.org/vks/v1/by-fingerprint/" + strings.ToUpper(id)
		return getEntityHTTP(ctx, addr, true)
	} else if email, err := mail.ParseAddress(id); err == nil {
		addr, advAddr := getWKDPubKeyAddr(email)
		req, err := getEntityHTTP(ctx, addr, false)
		if err == nil {
			return req, err
		}

		req, err = getEntityHTTP(ctx, advAddr, false)
		if err == nil {
			return req, err
		}

		addr = "https://keys.openpgp.org/vks/v1/by-email/" + url.QueryEscape(id)
		return getEntityHTTP(ctx, addr, true)
	} else {
		return entity, fmt.Errorf("Parse address: %w", err)
	}
}

func getEntityHTTP(ctx context.Context, url string, useArmored bool) (entity *entity.Entity, err error) {
	log := log.Ctx(ctx)

	req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)
	if err != nil {
		return entity, err
	}
	cl := http.Client{}
	resp, err := cl.Do(req)
	if err != nil {
		return entity, fmt.Errorf("Requesting key: %w\nRemote URL: %v", err, url)
	}
	log.Debug().
		Bool("useArmored", useArmored).
		Str("status", resp.Status).
		Str("url", url).
		Msg("getEntityHTTP")

	if resp.StatusCode != 200 {
		return entity, fmt.Errorf("bad response from remote: %s\nRemote URL: %v", resp.Status, url)
	}

	defer resp.Body.Close()

	if resp.Header.Get("Content-Type") == "application/pgp-keys" {
		useArmored = true
	}

	return ReadKey(resp.Body, useArmored)
}

func ReadKey(r io.Reader, useArmored bool) (e *entity.Entity, err error) {
	var buf bytes.Buffer

	var w io.Writer = &buf
	e = &entity.Entity{}

	defer func() {
		if e != nil {
			e.ArmorText = buf.String()
		}
	}()

	if !useArmored {
		var aw io.WriteCloser
		aw, err = armor.Encode(&buf, "PGP PUBLIC KEY BLOCK", nil)
		if err != nil {
			return e, fmt.Errorf("Read key: %w", err)
		}
		defer aw.Close()

		w = aw
	}

	r = io.TeeReader(r, w)

	var lis openpgp.EntityList

	if useArmored {
		lis, err = openpgp.ReadArmoredKeyRing(r)
	} else {
		lis, err = openpgp.ReadKeyRing(r)
	}
	if err != nil {
		return e, fmt.Errorf("Read key: %w", err)
	}

	e, err = entity.GetOne(lis)
	if err != nil {
		return e, fmt.Errorf("Parse key: %w", err)
	}

	return
}

func isFingerprint(s string) bool {
	for _, r := range s {
		switch r {
		case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'A', 'B', 'C', 'D', 'E', 'F':
		default:
			return false
		}
	}

	return true
}

func getWKDPubKeyAddr(email *mail.Address) (string, string) {
	parts := strings.SplitN(email.Address, "@", 2)
	hash := sha1.Sum([]byte(parts[0]))
	lp := zbase32.EncodeToString(hash[:])

	return fmt.Sprintf("https://%s/.well-known/openpgpkey/hu/%s", parts[1], lp),
		fmt.Sprintf("https://openpgpkey.%s/.well-known/openpgpkey/hu/%s/%s", parts[1], parts[1], lp)
}
refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`package opgp`
initial commit 2020-11-23 13:58:19 -07:00
			`import (`
			`"bytes"`
			`"context"`
			`"crypto/sha1"`
			`"fmt"`
			`"io"`
			`"net/http"`
			`"net/mail"`
			`"net/url"`
			`"strings"`

			`"github.com/rs/zerolog/log"`
			`"github.com/sour-is/crypto/openpgp"`
refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`"github.com/sour-is/keyproofs/pkg/opgp/entity"`
initial commit 2020-11-23 13:58:19 -07:00			`"github.com/tv42/zbase32"`
			`"golang.org/x/crypto/openpgp/armor"`
			`)`

refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`func GetKey(ctx context.Context, id string) (entity *entity.Entity, err error) {`
initial commit 2020-11-23 13:58:19 -07:00			`if isFingerprint(id) {`
			`addr := "https://keys.openpgp.org/vks/v1/by-fingerprint/" + strings.ToUpper(id)`
			`return getEntityHTTP(ctx, addr, true)`
			`} else if email, err := mail.ParseAddress(id); err == nil {`
add image resize, default avatars, and other fixes 2020-11-30 11:54:37 -07:00			`addr, advAddr := getWKDPubKeyAddr(email)`
initial commit 2020-11-23 13:58:19 -07:00			`req, err := getEntityHTTP(ctx, addr, false)`
			`if err == nil {`
			`return req, err`
			`}`

add image resize, default avatars, and other fixes 2020-11-30 11:54:37 -07:00			`req, err = getEntityHTTP(ctx, advAddr, false)`
			`if err == nil {`
			`return req, err`
			`}`

initial commit 2020-11-23 13:58:19 -07:00			`addr = "https://keys.openpgp.org/vks/v1/by-email/" + url.QueryEscape(id)`
			`return getEntityHTTP(ctx, addr, true)`
			`} else {`
			`return entity, fmt.Errorf("Parse address: %w", err)`
			`}`
			`}`

refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`func getEntityHTTP(ctx context.Context, url string, useArmored bool) (entity *entity.Entity, err error) {`
initial commit 2020-11-23 13:58:19 -07:00			`log := log.Ctx(ctx)`

			`req, err := http.NewRequestWithContext(ctx, http.MethodGet, url, nil)`
			`if err != nil {`
			`return entity, err`
			`}`
			`cl := http.Client{}`
			`resp, err := cl.Do(req)`
add image resize, default avatars, and other fixes 2020-11-30 11:54:37 -07:00			`if err != nil {`
			`return entity, fmt.Errorf("Requesting key: %w\nRemote URL: %v", err, url)`
			`}`
initial commit 2020-11-23 13:58:19 -07:00			`log.Debug().`
			`Bool("useArmored", useArmored).`
			`Str("status", resp.Status).`
			`Str("url", url).`
			`Msg("getEntityHTTP")`

			`if resp.StatusCode != 200 {`
			`return entity, fmt.Errorf("bad response from remote: %s\nRemote URL: %v", resp.Status, url)`
			`}`

			`defer resp.Body.Close()`

			`if resp.Header.Get("Content-Type") == "application/pgp-keys" {`
			`useArmored = true`
			`}`

			`return ReadKey(resp.Body, useArmored)`
			`}`

refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`func ReadKey(r io.Reader, useArmored bool) (e *entity.Entity, err error) {`
initial commit 2020-11-23 13:58:19 -07:00			`var buf bytes.Buffer`

			`var w io.Writer = &buf`
refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`e = &entity.Entity{}`
initial commit 2020-11-23 13:58:19 -07:00
finish wkd store. add hkp key updates. 2020-12-03 12:32:24 -07:00			`defer func() {`
			`if e != nil {`
			`e.ArmorText = buf.String()`
			`}`
			`}()`
fixes to gpg key and twt proofs 2020-12-02 09:24:07 -07:00
initial commit 2020-11-23 13:58:19 -07:00			`if !useArmored {`
			`var aw io.WriteCloser`
			`aw, err = armor.Encode(&buf, "PGP PUBLIC KEY BLOCK", nil)`
			`if err != nil {`
			`return e, fmt.Errorf("Read key: %w", err)`
			`}`
finish wkd store. add hkp key updates. 2020-12-03 12:32:24 -07:00			`defer aw.Close()`
initial commit 2020-11-23 13:58:19 -07:00
			`w = aw`
			`}`

			`r = io.TeeReader(r, w)`

			`var lis openpgp.EntityList`

			`if useArmored {`
			`lis, err = openpgp.ReadArmoredKeyRing(r)`
			`} else {`
			`lis, err = openpgp.ReadKeyRing(r)`
			`}`
			`if err != nil {`
			`return e, fmt.Errorf("Read key: %w", err)`
			`}`

refactor out into packages for easier unit test writing 2020-12-04 11:36:24 -07:00			`e, err = entity.GetOne(lis)`
initial commit 2020-11-23 13:58:19 -07:00			`if err != nil {`
			`return e, fmt.Errorf("Parse key: %w", err)`
			`}`

			`return`
			`}`

			`func isFingerprint(s string) bool {`
			`for _, r := range s {`
			`switch r {`
			`case '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f', 'A', 'B', 'C', 'D', 'E', 'F':`
			`default:`
			`return false`
			`}`
			`}`

			`return true`
			`}`

add image resize, default avatars, and other fixes 2020-11-30 11:54:37 -07:00			`func getWKDPubKeyAddr(email *mail.Address) (string, string) {`
initial commit 2020-11-23 13:58:19 -07:00			`parts := strings.SplitN(email.Address, "@", 2)`
			`hash := sha1.Sum([]byte(parts[0]))`
			`lp := zbase32.EncodeToString(hash[:])`

add image resize, default avatars, and other fixes 2020-11-30 11:54:37 -07:00			`return fmt.Sprintf("https://%s/.well-known/openpgpkey/hu/%s", parts[1], lp),`
			`fmt.Sprintf("https://openpgpkey.%s/.well-known/openpgpkey/hu/%s/%s", parts[1], parts[1], lp)`
initial commit 2020-11-23 13:58:19 -07:00			`}`