simple-gnupg-keyserver 1.3.0 → 2.0.0

data/lib/simpleHKP/keys.rb

@@ -0,0 +1,239 @@
+
+module SimpleHKP
+
+  module Keys
+
+    def saveLastKey(lastKey)
+      lastKey['colonData'].gsub!(/\\x3a/,':') if 
+        lastKey.has_key?('colonData')
+      pp lastKey if @debug
+      @keyLookupData[lastKey['keyID']] = lastKey unless 
+        lastKey.empty? || lastKey['keyID'].empty?
+    end
+
+    def loadKeys
+      @keyLookupData = Hash.new
+      puts "SimpleHKP: loading keys" if @debug
+      gpg2cmd = "gpg2 --homedir #{@keyDir} --with-fingerprint --with-colons --list-sigs"
+      puts gpg2cmd if @debug
+      lastKey = Hash.new
+      IO.popen(gpg2cmd, 'r').readlines.each do | aLine |
+        next if aLine =~ /^tru/
+        if aLine =~ /^pub/ then
+          saveLastKey(lastKey)
+          lastKey = Hash.new
+          keyData = aLine.split(/:/)
+          lastKey['userID']    = keyData[9].gsub(/\\x3a/,':') # user ID
+          lastKey['keyID']     = keyData[4] #  key ID
+          lastKey['algorithm'] = keyData[3] #  key type (algorithm)
+          lastKey['len']       = keyData[2] #  key length
+          lastKey['created']   = keyData[5] #  creation date
+          lastKey['expires']   = keyData[6] #  expiration date
+          lastKey['flags']     = keyData[1] #  flags
+          lastKey['colonData'] = aLine
+          next
+        end
+        lastKey['userID'] = aLine.split(/:/)[9].gsub(/\\x3a/,':') if
+          aLine =~ /^uid/ && lastKey['userID'].empty?
+        lastKey['colonData'] << aLine
+      end
+      saveLastKey(lastKey)
+      @keyLookupData.each_pair do | key, value |
+        value['humanData'] = `gpg2 --list-sig #{key}`
+      end
+      pp @keyLookupData if @debug
+      puts "SimpleHKP: finished loading keys" if @debug
+    end
+
+    def storeKey(env)
+      #
+      # decode the post data
+      #
+      keys = URI.decode_www_form(env['rack.input'].read)
+      #
+      # ensure we are being sent a key
+      #
+      return replyBadRequest("No keytext field in post data") unless
+        keys[0][0] =~ /keytext/
+      pp keys[0][1] if @debug
+      #
+      # send the key data through gpg2 to import it
+      #
+      gpgStdErr  = ""
+      Open3.popen3("gpg2 --homedir #{@keyDir} --import") do | stdin, stdout, stderr, wait_thread |
+        stdin.write(keys[0][1])
+        stdin.close
+        gpgStdErr  = stderr.read
+      end
+      #
+      # check to see if the key has already been imported and/or changed
+      #
+      puts "[[#{gpgStdErr}]]" if @debug
+      keyChanged = "changed"
+      if gpgStdErr =~ /not\s+changed/ then
+        keyChanged = "unchanged"
+      else
+        # something has changed to re-load the keys 
+        loadKeys
+      end
+      #
+      # send the key data through gpg2 (again ;-( to extract the keyID
+      #
+      gpgKeyData = ""
+      IO.popen('gpg2 --with-fingerprint --with-colons -', 'r+') do | pipe |
+        puts 'gpg2 --with-fingerprint --with-colons -' if @debug
+        pipe.write(keys[0][1])
+        pipe.close_write
+        gpgKeyData = pipe.read
+      end
+      puts gpgKeyData if @debug
+      #
+      # look for the keyID of the public key
+      #
+      keyID = nil
+      gpgKeyData.each_line do | aLine |
+        keyData = aLine.split(/:/)
+        next unless keyData[0] =~ /pub/
+        keyID = keyData[4]
+        break
+      end
+      return replyBadRequest("No keyID found in gpg2 result using uploaded keytext data") if keyID.nil?
+      #
+      # return OK
+      #
+      @statusCode = 200
+      @body << @headerHtml
+      @body << "<h1 class=\"simpleHKP-storedKey\">Stored key: [#{keyID}]</h1>"
+      @body << "<p>key #{keyChanged}</p>"
+      @body << "<h2 class=\"simpleHKP-keyDataKeyID\">Key data for key: [#{keyID}]</h2>"
+      @body << '<pre class="simpleHKP-keyData">'+@keyLookupData[keyID]['colonData']+"</pre>\n"
+      @body << '<pre class="simpleHKP-keyData">'+@keyLookupData[keyID]['humanData']+"</pre>\n"
+      @body << @footer
+    end
+
+    def lookUpKey(queryString)
+      return replyBadRequest("No search field in queryString") unless
+        queryString.has_key?('search')
+      #
+      # normalize the search string
+      #
+      searchString = queryString['search']
+      searchString.gsub!(/0x/,'')
+      searchRegexp = Regexp.new(searchString,
+                                Regexp::IGNORECASE | Regexp::MULTILINE)
+      puts searchRegexp if @debug
+      #
+      # (linearly) look through the hash of known keys
+      # looking for the FIRST match
+      #
+      keyID = nil
+      @keyLookupData.each_pair do | key, keyData |
+        next unless keyData['colonData'] =~ searchRegexp
+        puts "FOUND #{key} (#{keyData})" if @debug
+        keyID = key
+        break
+      end
+      return replyNotFound if keyID.nil?
+
+      if queryString.has_key?('options') &&
+        queryString['options'] == 'mr' then
+        #
+        # return the key data in machine readable format
+        #
+        @header = {
+          'Content-Type' => 'application/pgp-keys; charset=utf-8',
+          'Content-Disposition' =>
+            'attachment; filename=' + keyID
+        }
+        puts @header if @debug
+        @body << `gpg2 --homedir #{@keyDir} --armor --export #{keyID}`
+      else
+        #
+        # return the key data for a human to read
+        #
+        @body << @headerHtml
+        @body << @lookupKeysForm
+        @body << '<h1 class="simpleHKP-keyAsckeyId">Key: '+keyID+'</h1>'
+        @body << '<h2 class="simpleHKP-keyDataTitle">Key data:</h2>'
+        @body << '<pre class="simpleHKP-keyData">'
+        @body << @keyLookupData[keyID]['humanData']
+        @body << '</pre>'
+        @body << '<h2 class="simpleHKP-keyAscTitle">Key contents:</h2>'
+        @body << '<pre class="simpleHKP-keyAsc">'
+        @body << `gpg2 --homedir #{@keyDir} --armor --export #{keyID}`
+        @body << '</pre>'
+        @body << @footer
+      end
+    end
+
+    def indexKeys(queryString)
+      return replyBadRequest("No search field in queryString") unless
+        queryString.has_key?('search')
+      #
+      # normalize the search string
+      #
+      searchString = queryString['search']
+      searchString.gsub!(/0x/,'')
+      searchRegexp = Regexp.new(searchString,
+                                Regexp::IGNORECASE | Regexp::MULTILINE)
+      puts searchRegexp if @debug
+      #
+      # accumulate the keyIDs of any keys that match the serach
+      #
+      keys = Array.new
+      @keyLookupData.each_pair do | key, keyData |
+        next unless keyData['colonData'] =~ searchRegexp
+        puts "FOUND #{key} (#{keyData})" if @debug
+        keys.push(key)
+      end
+
+      if queryString.has_key?('options') &&
+        queryString['options'] == 'mr' then
+        #
+        # return a machine readable list of the keys found
+        #
+        @header = { 'Content-Type' => 'text/plain' }
+        @body << "info:1:#{keys.size}\n"
+        keys.each do | aKey |
+          next unless @keyLookupData.has_key?(aKey)
+          keyData   = @keyLookupData[aKey]
+          pubData = [ "pub" ]
+          pubData << aKey
+          pubData << keyData['algorithm']
+          pubData << keyData['len']
+          pubData << keyData['created']
+          pubData << keyData['expires']
+          pubData << keyData['flags']
+          @body << pubData.join(':')
+          @body << "\n"
+          uidData = [ "uid" ]
+          uidData << keyData['userID'].gsub(/:/, '\x3a')
+          uidData << keyData['created']
+          uidData << keyData['expires']
+          uidData << keyData['flags']
+          @body << uidData.join(':')
+          @body << "\n"
+        end
+      else
+        #
+        # return a (simple) human readable list of the keys found
+        #
+        @body << @headerHtml
+        @body << @lookupKeysForm
+        @body << '<h1 class="simpleHKP-searchString">Keys matching: ['+searchString+']</h1><ul class="simpleHKP-searchList">'
+        keys.each do | aKey |
+          next unless @keyLookupData.has_key?(aKey)
+          keyData   = @keyLookupData[aKey]
+          keyStr = "  <li class=\"simpleHKP-searchItem\"><a href=\"lookup?op=get&search=#{aKey}\">#{aKey}:&nbsp;"
+          keyStr << keyData['userID']
+          keyStr <<  "</a></li>\n"
+          @body << keyStr
+        end
+        @body << '</ul>'
+        @body << @footer
+      end
+      pp @body if @debug
+    end
+
+  end
+end

data/lib/simpleHKP/server.rb

@@ -0,0 +1,349 @@
+# Copyright (C) 2015 Stephen Gaito
+#
+# (The MIT License)
+#
+# Copyright (c) 2015 Stephen Gaito
+#
+# Permission is hereby granted, free of charge, to any person obtaining a
+# copy of this software and associated documentation files (the
+# 'Software'), to deal in the Software without restriction, including
+# without limitation the rights to use, copy, modify, merge, publish,
+# distribute, sublicense, and/or sell copies of the Software, and to
+# permit persons to whom the Software is furnished to do so, subject to
+# the following conditions:
+#
+# The above copyright notice and this permission notice shall be included
+# in all copies or substantial portions of the Software.
+#
+# THE SOFTWARE IS PROVIDED 'AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS
+# OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+# MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.
+# IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY
+# CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT,
+# TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE
+# SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+
+module SimpleHKP
+  class Server
+    include Keys
+    include Identities
+
+    def loadHtml
+      puts "SimpleHKP: loading html partials" if @debug
+      Dir.chdir(@htmlDir) do
+        @headerHtml =  "<html><head>"
+        @headerHtml << "  <title>#{@title}</title>\n"
+        @headerHtml << "</head><body class=\"simpleHKP-body\">\n"
+        @headerHtml << "<p><a href=\"/\">#{@title}</a></p>"
+        @headerHtml = File.open('header.html','r').read if
+          File.exists?('header.html')
+        puts @headerHtml if @debug
+
+        @defaultBody = ""
+        @defaultBody << "<h1 class=\"simpleHKP-welcome\">Welcome to SimpleHKP</h1>\n"
+        @defaultBody << "<ul class=\"simpleHKP-tasksList\">\n"
+        @defaultBody << "  <li class=\"simpleHKP-taskItem\"><a href=\"/pks/lookup?op=form\">Search keys</a></li>\n"
+        @defaultBody << "  <li class=\"simpleHKP-taskItem\"><a href=\"/pks/add\">Upload new key</a></li>\n"
+        @defaultBody << "  <li class=\"simpleHKP-taskItem\"><a href=\"/pis/lookup?op=form\">Search identities</a></li>\n"
+        @defaultBody << "  <li class=\"simpleHKP-taskItem\"><a href=\"/pis/add\">Upload new identity</a></li>\n"
+        @defaultBody << "  <li class=\"simpleHKP-taskItem\"><a href=\"reload\">Reload existing keys and identities</a></li>\n"
+        @defaultBody << "</ul>\n"
+        @defaultBody = File.open('defaultBody.html','r').read if
+          File.exists?('defaultBody.html')
+        puts @defaultBody if @debug
+
+        @lookupKeysForm = ""
+        @lookupKeysForm << "<div class=\"simpleHKP-lookupKeysFormDiv\">\n"
+        @lookupKeysForm << "  <h1 class=\"simpleHKP-lookupKeysFormTitle\">Search GnuPG keys</h1>\n"
+        @lookupKeysForm << "  <form action=\"/pks/lookup\" method=\"get\" id=\"simpleHKP-lookupKeysForm\">\n"
+        @lookupKeysForm << "    <input type=\"text\" name=\"search\" size=\"80\" />\n"
+        @lookupKeysForm << "    <input type=\"hidden\" name=\"op\" value=\"index\" />\n"
+        @lookupKeysForm << "    <input type=\"submit\" value=\"Search\" />\n"
+        @lookupKeysForm << "  </form>\n"
+        @lookupKeysForm << "</div>\n"
+        @lookupKeysForm = File.open('lookupKeysForm.html','r').read if
+          File.exists?('lookupKeysForm.html')
+        puts @lookupKeysForm if @debug
+
+        @lookupIdentitiesForm = ""
+        @lookupIdentitiesForm << "<div class=\"simpleHKP-lookupIdentitiesFormDiv\">\n"
+        @lookupIdentitiesForm << "  <h1 class=\"simpleHKP-lookupIdentitiesFormTitle\">Search GnuPG keys</h1>\n"
+        @lookupIdentitiesForm << "  <form action=\"/pis/lookup\" method=\"get\" id=\"simpleHKP-lookupIdentitiesForm\">\n"
+        @lookupIdentitiesForm << "    <input type=\"text\" name=\"search\" size=\"80\" />\n"
+        @lookupIdentitiesForm << "    <input type=\"hidden\" name=\"op\" value=\"index\" />\n"
+        @lookupIdentitiesForm << "    <input type=\"submit\" value=\"Search\" />\n"
+        @lookupIdentitiesForm << "  </form>\n"
+        @lookupIdentitiesForm << "</div>\n"
+        @lookupIdentitiesForm = File.open('lookupIdentitiesForm.html','r').read if
+          File.exists?('lookupIdentitiesForm.html')
+        puts @lookupIdentitiesForm if @debug
+
+        @uploadKeyForm = ""
+        @uploadKeyForm << "<div class=\"simpleHKP-uploadKeyFormDiv\">\n"
+        @uploadKeyForm << "  <h1 class=\"simpleHKP-uploadKeyFormTitle\">Paste GnuPG key to be uploaded below</h1>\n"
+        @uploadKeyForm << "  <form action=\"/pks/add\" method=\"post\" id=\"simpleHKP-uploadKeyForm\">\n"
+        @uploadKeyForm << "    <textarea name=\"keytext\" form=\"simpleHKP-uploadKeyForm\" rows = \"30\" cols=\"70\" ></textarea>\n"
+        @uploadKeyForm << "    <input type=\"submit\" value=\"Upload\" />\n"
+        @uploadKeyForm << "  </form>\n"
+        @uploadKeyForm << "</div>\n"
+        @uploadKeyForm = File.open('uploadKeyForm.html','r').read if
+          File.exists?('uploadKeyForm.html')
+        puts @uploadKeyForm if @debug
+
+        @uploadIdentityForm = ""
+        @uploadIdentityForm << "<div class=\"simpleHKP-uploadIdentityFormDiv\">\n"
+        @uploadIdentityForm << "  <h1 class=\"simpleHKP-uploadIdentityFormTitle\">Paste GnuPG encrypted identity to be uploaded below</h1>\n"
+        @uploadIdentityForm << "  <form action=\"/pis/add\" method=\"post\" id=\"simpleHKP-uploadIdentityForm\">\n"
+        @uploadIdentityForm << "    <textarea name=\"keytext\" form=\"simpleHKP-uploadIdentityForm\" rows = \"30\" cols=\"70\" ></textarea>\n"
+        @uploadIdentityForm << "    <input type=\"submit\" value=\"Upload\" />\n"
+        @uploadIdentityForm << "  </form>\n"
+        @uploadIdentityForm << "</div>\n"
+        @uploadIdentityForm = File.open('uploadIdentityForm.html','r').read if
+          File.exists?('uploadIdentityForm.html')
+        puts @uploadIdentityForm if @debug
+
+        @footer = "<p style=\"color:grey\">SimpleHKP version: #{SimpleHKP::VERSION}</p></body></html>\n"
+        @footer = File.open('footer.html','r').read if
+         File.exists?('footer.html')
+        puts @footer if @debug
+      end
+      puts "SimpleHKP: finished loading html partials" if @debug
+    end
+
+    def initialize(options = {})
+      #
+      # setup the default options
+      #
+      defaultOptions = {
+        'debug'        => false,
+        'title'        => 'SimpleHKP',
+        'simpleHKPdir' => 'simpleHKP',
+        'keyDir'       => 'keys',
+        'idDir'        => 'identities',
+#        'idIndex'      => 'identities/idIndex.yaml',
+        'mediaDir'     => 'media',
+        'htmlDir'      => 'html',
+        'mimeMap'      => {
+          'css'  => 'text/css',
+          'html' => 'text/html',
+          'js'   => 'text/javascript'
+        }
+      }
+      #
+      # merge the options mimeMap into the default options mimeMap
+      #
+      defaultOptions['mimeMap'].merge!(delete(options['mimeMap'])) if
+        options.has_key?('mimeMap')
+      #
+      # merge in the rest of the options into the default options
+      #
+      @options  = defaultOptions.merge(options)
+      #
+      # setup the required variables
+      #
+      @debug    = @options['debug']
+      @title    = @options['title']
+      @baseDir  = @options['simpleHKPdir']
+      @keyDir   = @baseDir+'/'+@options['keyDir']
+      @idDir    = @baseDir+'/'+@options['idDir']
+#      @idIndex  = @baseDir+'/'+@options['idIndex']
+      @mediaDir = @baseDir+'/'+@options['mediaDir']
+      @htmlDir  = @baseDir+'/'+@options['htmlDir']
+      @mimeMap  = @options['mimeMap']
+      if @debug then
+        puts "SimpleHKP options:"
+        pp @options
+      end
+      #
+      # ensure the required directories all exist
+      #
+      FileUtils.mkdir_p(@keyDir)
+      FileUtils.chmod(0700, @keyDir)
+      FileUtils.mkdir_p(@idDir)
+      FileUtils.chmod(0700, @idDir)
+      FileUtils.mkdir_p(@mediaDir)
+      FileUtils.mkdir_p(@htmlDir)
+      #
+      # load the existing keys and the html partials
+      loadKeys
+      loadIdentities
+      loadHtml
+    end
+
+    def ppEnv(env)
+      Dir.pwd+' '+
+#      '['+URI.decode_www_form(env["rack.input"].rewind.read).pretty_inspect+']'+
+      env.pretty_inspect
+    end
+
+    def replyInternalError(env, exception)
+      @statusCode = 500
+      @body << @headerHtml
+      @body << "<p>Internal server error!</p>\n"
+      @body << "<pre>#{exception}</pre>\n" if @debug
+      @body << @footer
+      if @debug then
+        puts "\n\n-----------------------------------------------------------"
+        puts exception
+        puts "-----------------------------------------------------------"
+        puts ppEnv(env)
+        puts "-----------------------------------------------------------\n\n"
+      end
+    end
+
+    def replyNotImplemented
+      @statusCode = 501
+      @body << @headerHtml
+      @body << '<p>Not implemented!<p>'
+      @body << @footer
+    end
+
+    def replyBadRequest(message)
+      @statusCode = 400
+      @body << @headerHtml
+      @body << '<p>Bad request!</p>'
+      @body << "<p>#{message}</p>"
+      @body << @footer
+    end
+
+    def replyNotFound
+      @statusCode = 404
+      @body << @headerHtml
+      @body << '<p>Not found!</p>'
+      @body << @footer
+    end
+
+    def replyDefaultBody
+      @body << @headerHtml
+      @body << @defaultBody
+      @body << @footer
+    end
+
+    def replyKeyLookupForm
+      @body << @headerHtml
+      @body << @lookupKeysForm
+      @body << @footer
+    end
+
+    def replyIdentityLookupForm
+      @body << @headerHtml
+      @body << @lookupIdentitiesForm
+      @body << @footer
+    end
+
+    def replyKeyUploadForm
+      @body << @headerHtml
+      @body << @uploadKeyForm
+      @body << @footer
+    end
+
+    def replyIdentityUploadForm
+      @body << @headerHtml
+      @body << @uploadIdentityForm
+      @body << @footer
+    end
+
+    def replyFile(env)
+      fileName = env['REQUEST_PATH'].sub(/^.*\/media\//,'')
+      if File.exists?(fileName) then
+        fileExt = File.extname(fileName).sub(/^\./,'')
+        @header['Content-Type'] = @mimeMap[fileExt] if
+          @mimeMap.has_key?(fileExt)
+        @body << File.open(fileName,'r').read
+      end
+    end
+
+    def decodeQueryString(env)
+      queryHash = Hash.new
+      URI.decode_www_form(env['QUERY_STRING']).each do | aKeyValue |
+        queryHash[aKeyValue[0]] = aKeyValue[1]
+      end
+      queryHash
+    end
+
+    def call(env)
+      #
+      # initialize the response parts
+      #
+      @statusCode = 200
+      @header     = {"Content-Type" => "text/html; charset=utf-8"}
+      @body       = Array.new
+      #
+      # decode the request
+      #
+      begin
+        puts ppEnv(env) if @debug
+        case env['REQUEST_METHOD']
+        when 'POST'
+          case env['REQUEST_PATH'] 
+          when /^\/pks\/add$/i
+            storeKey(env)
+          when /^\/pis\/add$/i
+            storeIdentity(env)
+          else 
+            replyNotImplemented
+          end
+        when 'GET'
+          case env['REQUEST_PATH'] 
+          when /^\/pks\/add$/i
+            replyKeyUploadForm
+          when /^\/pis\/add$/i
+            replyIdentityUploadForm
+          when /^\/pks\/lookup$/i
+            queryString = decodeQueryString(env)
+            if queryString.has_key?('op') then
+              case queryString['op']
+              when /get/i
+                lookUpKey(queryString)
+              when /index/i
+                indexKeys(queryString)
+              else
+                replyKeyLookupForm
+              end
+            else
+              replyBadRequest("No op field in queryString")
+            end
+          when /^\/pis\/lookup$/i
+            queryString = decodeQueryString(env)
+            if queryString.has_key?('op') then
+              case queryString['op']
+              when /get/i
+                lookUpIdentity(queryString)
+              when /index/i
+                indexIdentities(queryString)
+              else
+                replyIdentityLookupForm
+              end
+            else
+              replyBadRequest("No op field in queryString")
+            end
+          when /media\//i
+            replyFile(env)
+          when /reload$/i
+            loadKeys
+            loadIdentities
+            loadHtml
+            replyDefaultBody
+          else
+            replyDefaultBody
+          end
+        else
+          replyBadRequest("Unknown request method")
+        end
+      rescue Exception => exception
+        replyInternalError(env, exception)
+      end
+      #
+      # send the response
+      #
+      if @debug then
+        puts "SimpleHKP reply:"
+        pp @statusCode
+        pp @header
+        puts @body.join("\n")
+      end
+      [ @statusCode, @header, @body.flatten ]
+    end
+
+  end
+end