gerrit-gpg/src/main/java/com/google/gerrit/gpg/server/GpgKeys.java

// Copyright (C) 2015 The Android Open Source Project
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.

package com.google.gerrit.gpg.server;

import static com.google.gerrit.reviewdb.client.AccountExternalId.SCHEME_GPGKEY;
import static java.nio.charset.StandardCharsets.UTF_8;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.base.CharMatcher;
import com.google.common.base.Predicate;
import com.google.common.collect.FluentIterable;
import com.google.common.collect.ImmutableList;
import com.google.common.io.BaseEncoding;
import com.google.gerrit.extensions.common.GpgKeyInfo;
import com.google.gerrit.extensions.registration.DynamicMap;
import com.google.gerrit.extensions.restapi.AuthException;
import com.google.gerrit.extensions.restapi.ChildCollection;
import com.google.gerrit.extensions.restapi.IdString;
import com.google.gerrit.extensions.restapi.ResourceNotFoundException;
import com.google.gerrit.extensions.restapi.RestReadView;
import com.google.gerrit.extensions.restapi.RestView;
import com.google.gerrit.gpg.BouncyCastleUtil;
import com.google.gerrit.gpg.CheckResult;
import com.google.gerrit.gpg.Fingerprint;
import com.google.gerrit.gpg.GerritPublicKeyChecker;
import com.google.gerrit.gpg.PublicKeyChecker;
import com.google.gerrit.gpg.PublicKeyStore;
import com.google.gerrit.reviewdb.client.Account;
import com.google.gerrit.reviewdb.client.AccountExternalId;
import com.google.gerrit.reviewdb.server.ReviewDb;
import com.google.gerrit.server.account.AccountResource;
import com.google.gwtorm.server.OrmException;
import com.google.inject.Inject;
import com.google.inject.Provider;
import com.google.inject.Singleton;

import org.bouncycastle.bcpg.ArmoredOutputStream;
import org.bouncycastle.openpgp.PGPException;
import org.bouncycastle.openpgp.PGPPublicKey;
import org.bouncycastle.openpgp.PGPPublicKeyRing;
import org.eclipse.jgit.util.NB;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;

@Singleton
public class GpgKeys implements
    ChildCollection<AccountResource, GpgKey> {
  private static final Logger log = LoggerFactory.getLogger(GpgKeys.class);

  public static String MIME_TYPE = "application/pgp-keys";

  private final DynamicMap<RestView<GpgKey>> views;
  private final Provider<ReviewDb> db;
  private final Provider<PublicKeyStore> storeProvider;
  private final GerritPublicKeyChecker.Factory checkerFactory;

  @Inject
  GpgKeys(DynamicMap<RestView<GpgKey>> views,
      Provider<ReviewDb> db,
      Provider<PublicKeyStore> storeProvider,
      GerritPublicKeyChecker.Factory checkerFactory) {
    this.views = views;
    this.db = db;
    this.storeProvider = storeProvider;
    this.checkerFactory = checkerFactory;
  }

  @Override
  public ListGpgKeys list()
      throws ResourceNotFoundException, AuthException {
    checkEnabled();
    return new ListGpgKeys();
  }

  @Override
  public GpgKey parse(AccountResource parent, IdString id)
      throws ResourceNotFoundException, PGPException, OrmException,
      IOException {
    checkEnabled();
    String str = CharMatcher.WHITESPACE.removeFrom(id.get()).toUpperCase();
    if ((str.length() != 8 && str.length() != 40)
        || !CharMatcher.anyOf("0123456789ABCDEF").matchesAllOf(str)) {
      throw new ResourceNotFoundException(id);
    }

    byte[] fp = parseFingerprint(id.get(), getGpgExtIds(parent));
    try (PublicKeyStore store = storeProvider.get()) {
      long keyId = keyId(fp);
      for (PGPPublicKeyRing keyRing : store.get(keyId)) {
        PGPPublicKey key = keyRing.getPublicKey();
        if (Arrays.equals(key.getFingerprint(), fp)) {
          return new GpgKey(parent.getUser(), keyRing);
        }
      }
    }

    throw new ResourceNotFoundException(id);
  }

  static byte[] parseFingerprint(String str,
      Iterable<AccountExternalId> existingExtIds)
      throws ResourceNotFoundException {
    str = CharMatcher.WHITESPACE.removeFrom(str).toUpperCase();
    if ((str.length() != 8 && str.length() != 40)
        || !CharMatcher.anyOf("0123456789ABCDEF").matchesAllOf(str)) {
      throw new ResourceNotFoundException(str);
    }
    byte[] fp = null;
    for (AccountExternalId extId : existingExtIds) {
      String fpStr = extId.getSchemeRest();
      if (!fpStr.endsWith(str)) {
        continue;
      } else if (fp != null) {
        throw new ResourceNotFoundException("Multiple keys found for " + str);
      }
      fp = BaseEncoding.base16().decode(fpStr);
      if (str.length() == 40) {
        break;
      }
    }
    if (fp == null) {
      throw new ResourceNotFoundException(str);
    }
    return fp;
  }

  @Override
  public DynamicMap<RestView<GpgKey>> views() {
    return views;
  }

  public class ListGpgKeys implements RestReadView<AccountResource> {
    @Override
    public Map<String, GpgKeyInfo> apply(AccountResource rsrc)
        throws OrmException, PGPException, IOException {
      Map<String, GpgKeyInfo> keys = new HashMap<>();
      try (PublicKeyStore store = storeProvider.get()) {
        for (AccountExternalId extId : getGpgExtIds(rsrc)) {
          String fpStr = extId.getSchemeRest();
          byte[] fp = BaseEncoding.base16().decode(fpStr);
          boolean found = false;
          for (PGPPublicKeyRing keyRing : store.get(keyId(fp))) {
            if (Arrays.equals(keyRing.getPublicKey().getFingerprint(), fp)) {
              found = true;
              GpgKeyInfo info = toJson(
                  keyRing.getPublicKey(),
                  checkerFactory.create(rsrc.getUser(), store),
                  store);
              keys.put(info.id, info);
              info.id = null;
              break;
            }
          }
          if (!found) {
            log.warn("No public key stored for fingerprint {}",
                Fingerprint.toString(fp));
          }
        }
      }
      return keys;
    }
  }

  @Singleton
  public static class Get implements RestReadView<GpgKey> {
    private final Provider<PublicKeyStore> storeProvider;
    private final GerritPublicKeyChecker.Factory checkerFactory;

    @Inject
    Get(Provider<PublicKeyStore> storeProvider,
        GerritPublicKeyChecker.Factory checkerFactory) {
      this.storeProvider = storeProvider;
      this.checkerFactory = checkerFactory;
    }

    @Override
    public GpgKeyInfo apply(GpgKey rsrc) throws IOException {
      try (PublicKeyStore store = storeProvider.get()) {
        return toJson(
            rsrc.getKeyRing().getPublicKey(),
            checkerFactory.create().setExpectedUser(rsrc.getUser()),
            store);
      }
    }
  }

  @VisibleForTesting
  public static FluentIterable<AccountExternalId> getGpgExtIds(ReviewDb db,
      Account.Id accountId) throws OrmException {
    return FluentIterable
        .from(db.accountExternalIds().byAccount(accountId))
        .filter(new Predicate<AccountExternalId>() {
          @Override
          public boolean apply(AccountExternalId in) {
            return in.isScheme(SCHEME_GPGKEY);
          }
        });
  }

  private Iterable<AccountExternalId> getGpgExtIds(AccountResource rsrc)
      throws OrmException {
    return getGpgExtIds(db.get(), rsrc.getUser().getAccountId());
  }

  private static long keyId(byte[] fp) {
    return NB.decodeInt64(fp, fp.length - 8);
  }

  static void checkEnabled() throws ResourceNotFoundException {
    if (!BouncyCastleUtil.havePGP()) {
      throw new ResourceNotFoundException("GPG not enabled");
    }
  }

  public static GpgKeyInfo toJson(PGPPublicKey key, CheckResult checkResult)
      throws IOException {
    GpgKeyInfo info = new GpgKeyInfo();

    if (key != null) {
      info.id = PublicKeyStore.keyIdToString(key.getKeyID());
      info.fingerprint = Fingerprint.toString(key.getFingerprint());
      @SuppressWarnings("unchecked")
      Iterator<String> userIds = key.getUserIDs();
      info.userIds = ImmutableList.copyOf(userIds);

      try (ByteArrayOutputStream out = new ByteArrayOutputStream(4096);
          ArmoredOutputStream aout = new ArmoredOutputStream(out)) {
        // This is not exactly the key stored in the store, but is equivalent. In
        // particular, it will have a Bouncy Castle version string. The armored
        // stream reader in PublicKeyStore doesn't give us an easy way to extract
        // the original ASCII armor.
        key.encode(aout);
        info.key = new String(out.toByteArray(), UTF_8);
      }
    }

    info.status = checkResult.getStatus();
    info.problems = checkResult.getProblems();

    return info;
  }

  static GpgKeyInfo toJson(PGPPublicKey key, PublicKeyChecker checker,
      PublicKeyStore store) throws IOException {
    return toJson(key, checker.setStore(store).check(key));
  }

  public static void toJson(GpgKeyInfo info, CheckResult checkResult) {
    info.status = checkResult.getStatus();
    info.problems = checkResult.getProblems();
  }
}