mirror of
				https://codeberg.org/forgejo/forgejo.git
				synced 2025-10-24 19:12:24 +00:00 
			
		
		
		
	- We were previously using `github.com/keybase/go-crypto`, because the package for openpgp by Go itself is deprecated and no longer maintained. This library provided a maintained version of the openpgp package. However, it hasn't seen any activity for the last five years, and I would therefore consider this also unmaintained. - This patch switches the package to `github.com/ProtonMail/go-crypto` which provides a maintained version of the openpgp package and was already being used in the tests. - Adds unit tests, I've carefully checked the callstacks to ensure the OpenPGP-related code was covered under either a unit test or integration tests to avoid regression, as this can easily turn into security vulnerabilities if a regression happens here. - Small behavior update, revocations are now checked correctly instead of checking if they merely exist and the expiry time of a subkey is used if one is provided (this is just cosmetic and doesn't impact security). - One more dependency eliminated :D
		
			
				
	
	
		
			167 lines
		
	
	
	
		
			4.2 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
			
		
		
	
	
			167 lines
		
	
	
	
		
			4.2 KiB
		
	
	
	
		
			Go
		
	
	
	
	
	
| // Copyright 2021 The Gitea Authors. All rights reserved.
 | |
| // SPDX-License-Identifier: MIT
 | |
| 
 | |
| package asymkey
 | |
| 
 | |
| import (
 | |
| 	"context"
 | |
| 	"strings"
 | |
| 
 | |
| 	"code.gitea.io/gitea/models/db"
 | |
| 	"code.gitea.io/gitea/modules/log"
 | |
| 
 | |
| 	"github.com/ProtonMail/go-crypto/openpgp"
 | |
| )
 | |
| 
 | |
| //   __________________  ________   ____  __.
 | |
| //  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
 | |
| // /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
 | |
| // \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
 | |
| //  \______  /|____|    \______  / |____|__ \___  > ____|
 | |
| //         \/                  \/          \/   \/\/
 | |
| //    _____       .___  .___
 | |
| //   /  _  \    __| _/__| _/
 | |
| //	/  /_\  \  / __ |/ __ |
 | |
| // /    |    \/ /_/ / /_/ |
 | |
| // \____|__  /\____ \____ |
 | |
| //         \/      \/    \/
 | |
| 
 | |
| // This file contains functions relating to adding GPG Keys
 | |
| 
 | |
| // addGPGKey add key, import and subkeys to database
 | |
| func addGPGKey(ctx context.Context, key *GPGKey, content string) (err error) {
 | |
| 	// Add GPGKeyImport
 | |
| 	if err = db.Insert(ctx, &GPGKeyImport{
 | |
| 		KeyID:   key.KeyID,
 | |
| 		Content: content,
 | |
| 	}); err != nil {
 | |
| 		return err
 | |
| 	}
 | |
| 	// Save GPG primary key.
 | |
| 	if err = db.Insert(ctx, key); err != nil {
 | |
| 		return err
 | |
| 	}
 | |
| 	// Save GPG subs key.
 | |
| 	for _, subkey := range key.SubsKey {
 | |
| 		if err := addGPGSubKey(ctx, subkey); err != nil {
 | |
| 			return err
 | |
| 		}
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // addGPGSubKey add subkeys to database
 | |
| func addGPGSubKey(ctx context.Context, key *GPGKey) (err error) {
 | |
| 	// Save GPG primary key.
 | |
| 	if err = db.Insert(ctx, key); err != nil {
 | |
| 		return err
 | |
| 	}
 | |
| 	// Save GPG subs key.
 | |
| 	for _, subkey := range key.SubsKey {
 | |
| 		if err := addGPGSubKey(ctx, subkey); err != nil {
 | |
| 			return err
 | |
| 		}
 | |
| 	}
 | |
| 	return nil
 | |
| }
 | |
| 
 | |
| // AddGPGKey adds new public key to database.
 | |
| func AddGPGKey(ctx context.Context, ownerID int64, content, token, signature string) ([]*GPGKey, error) {
 | |
| 	ekeys, err := checkArmoredGPGKeyString(content)
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 
 | |
| 	ctx, committer, err := db.TxContext(ctx)
 | |
| 	if err != nil {
 | |
| 		return nil, err
 | |
| 	}
 | |
| 	defer committer.Close()
 | |
| 
 | |
| 	keys := make([]*GPGKey, 0, len(ekeys))
 | |
| 
 | |
| 	verified := false
 | |
| 	// Handle provided signature
 | |
| 	if signature != "" {
 | |
| 		signer, err := openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token), strings.NewReader(signature), nil)
 | |
| 		if err != nil {
 | |
| 			signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\n"), strings.NewReader(signature), nil)
 | |
| 		}
 | |
| 		if err != nil {
 | |
| 			signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\r\n"), strings.NewReader(signature), nil)
 | |
| 		}
 | |
| 		if err != nil {
 | |
| 			log.Error("Unable to validate token signature. Error: %v", err)
 | |
| 			return nil, ErrGPGInvalidTokenSignature{
 | |
| 				ID:      ekeys[0].PrimaryKey.KeyIdString(),
 | |
| 				Wrapped: err,
 | |
| 			}
 | |
| 		}
 | |
| 		ekeys = []*openpgp.Entity{signer}
 | |
| 		verified = true
 | |
| 	}
 | |
| 
 | |
| 	if len(ekeys) > 1 {
 | |
| 		id2key := map[string]*openpgp.Entity{}
 | |
| 		newEKeys := make([]*openpgp.Entity, 0, len(ekeys))
 | |
| 		for _, ekey := range ekeys {
 | |
| 			id := ekey.PrimaryKey.KeyIdString()
 | |
| 			if original, has := id2key[id]; has {
 | |
| 				// Coalesce this with the other one
 | |
| 				for _, subkey := range ekey.Subkeys {
 | |
| 					if subkey.PublicKey == nil {
 | |
| 						continue
 | |
| 					}
 | |
| 					found := false
 | |
| 
 | |
| 					for _, originalSubkey := range original.Subkeys {
 | |
| 						if originalSubkey.PublicKey == nil {
 | |
| 							continue
 | |
| 						}
 | |
| 						if originalSubkey.PublicKey.KeyId == subkey.PublicKey.KeyId {
 | |
| 							found = true
 | |
| 							break
 | |
| 						}
 | |
| 					}
 | |
| 					if !found {
 | |
| 						original.Subkeys = append(original.Subkeys, subkey)
 | |
| 					}
 | |
| 				}
 | |
| 				for name, identity := range ekey.Identities {
 | |
| 					if _, has := original.Identities[name]; has {
 | |
| 						continue
 | |
| 					}
 | |
| 					original.Identities[name] = identity
 | |
| 				}
 | |
| 				continue
 | |
| 			}
 | |
| 			id2key[id] = ekey
 | |
| 			newEKeys = append(newEKeys, ekey)
 | |
| 		}
 | |
| 		ekeys = newEKeys
 | |
| 	}
 | |
| 
 | |
| 	for _, ekey := range ekeys {
 | |
| 		// Key ID cannot be duplicated.
 | |
| 		has, err := db.GetEngine(ctx).Where("key_id=?", ekey.PrimaryKey.KeyIdString()).
 | |
| 			Get(new(GPGKey))
 | |
| 		if err != nil {
 | |
| 			return nil, err
 | |
| 		} else if has {
 | |
| 			return nil, ErrGPGKeyIDAlreadyUsed{ekey.PrimaryKey.KeyIdString()}
 | |
| 		}
 | |
| 
 | |
| 		// Get DB session
 | |
| 
 | |
| 		key, err := parseGPGKey(ctx, ownerID, ekey, verified)
 | |
| 		if err != nil {
 | |
| 			return nil, err
 | |
| 		}
 | |
| 
 | |
| 		if err = addGPGKey(ctx, key, content); err != nil {
 | |
| 			return nil, err
 | |
| 		}
 | |
| 		keys = append(keys, key)
 | |
| 	}
 | |
| 	return keys, committer.Commit()
 | |
| }
 |