Changeset View
Changeset View
Standalone View
Standalone View
src/app/Backends/PGP.php
<?php | <?php | ||||
namespace App\Backends; | namespace App\Backends; | ||||
use App\User; | use App\User; | ||||
use Illuminate\Support\Facades\DB; | |||||
use Illuminate\Support\Facades\Storage; | use Illuminate\Support\Facades\Storage; | ||||
class PGP | class PGP | ||||
{ | { | ||||
/** @var \Crypt_GPG GnuPG engine instance */ | /** @var \Crypt_GPG GnuPG engine instance */ | ||||
private static $gpg; | private static $gpg; | ||||
/** @var array Crypt_GPG configuration */ | /** @var array Crypt_GPG configuration */ | ||||
▲ Show 20 Lines • Show All 63 Lines • ▼ Show 20 Lines | public static function keypairCreate(User $user, string $email): void | ||||
// Register the public key in DNS | // Register the public key in DNS | ||||
self::keyRegister($email, $armor); | self::keyRegister($email, $armor); | ||||
// FIXME: Should we remove the files from the worker filesystem? | // FIXME: Should we remove the files from the worker filesystem? | ||||
// They are still in database and Roundcube hosts' filesystem | // They are still in database and Roundcube hosts' filesystem | ||||
} | } | ||||
/** | /** | ||||
* Deleta a keypair from DNS and Enigma keyring. | |||||
* | |||||
* @param \App\User $user User object | |||||
* @param string $email Email address of the key | |||||
* | |||||
* @throws \Exception | |||||
*/ | |||||
public static function keyDelete(User $user, string $email): void | |||||
{ | |||||
// Start with the DNS, it's more important | |||||
self::keyUnregister($email); | |||||
// Remove the whole Enigma keyring (if it's a delete user account) | |||||
if ($user->email === $email) { | |||||
self::homedirCleanup($user); | |||||
} else { | |||||
// TODO: remove only the alias key from Enigma keyring | |||||
} | |||||
} | |||||
/** | |||||
* List (public and private) keys from a user keyring. | * List (public and private) keys from a user keyring. | ||||
* | * | ||||
* @param \App\User $user User object | * @param \App\User $user User object | ||||
* | * | ||||
* @returns \Crypt_GPG_Key[] List of keys | * @returns \Crypt_GPG_Key[] List of keys | ||||
* @throws \Exception | * @throws \Exception | ||||
*/ | */ | ||||
public static function listKeys(User $user): array | public static function listKeys(User $user): array | ||||
Show All 12 Lines | class PGP | ||||
} | } | ||||
/** | /** | ||||
* Register the key in the WOAT DNS system | * Register the key in the WOAT DNS system | ||||
* | * | ||||
* @param string $email Email address | * @param string $email Email address | ||||
* @param string $key The ASCII-armored key content | * @param string $key The ASCII-armored key content | ||||
*/ | */ | ||||
public static function keyRegister(string $email, string $key) | private static function keyRegister(string $email, string $key): void | ||||
{ | { | ||||
// TODO | list($local, $domain) = explode('@', $email); | ||||
DB::beginTransaction(); | |||||
$domain = \App\PowerDNS\Domain::firstOrCreate([ | |||||
'name' => '_woat.' . $domain, | |||||
]); | |||||
// remove parts behind a recipient delimiter ("jeroen+Trash" => "jeroen") | |||||
$local = explode('+', $local, 2)[0]; | |||||
$fqdn = sha1($local) . '.' . $domain->name; | |||||
\App\PowerDNS\Record::create([ | |||||
'domain_id' => $domain->id, | |||||
'name' => $fqdn, | |||||
'type' => 'TXT', | |||||
'content' => 'v=woat1,public_key=' . $key | |||||
]); | |||||
DB::commit(); | |||||
} | } | ||||
/** | /** | ||||
* Remove the key from the WOAT DNS system | * Remove the key from the WOAT DNS system | ||||
* | * | ||||
* @param string $email Email address | * @param string $email Email address | ||||
*/ | */ | ||||
public static function keyUnregister(string $email) | private static function keyUnregister(string $email): void | ||||
{ | { | ||||
// TODO | list($local, $domain) = explode('@', $email); | ||||
$domain = \App\PowerDNS\Domain::where('name', '_woat.' . $domain)->first(); | |||||
if ($domain) { | |||||
// remove parts behind a recipient delimiter ("jeroen+Trash" => "jeroen") | |||||
$local = explode('+', $local, 2)[0]; | |||||
$fqdn = sha1($local) . '.' . $domain->name; | |||||
// For now we support only one WOAT key record | |||||
$domain->records()->where('name', $fqdn)->delete(); | |||||
} | |||||
} | } | ||||
/** | /** | ||||
* Prepare Crypt_GPG configuration | * Prepare Crypt_GPG configuration | ||||
*/ | */ | ||||
private static function initConfig(User $user, $nosync = false): void | private static function initConfig(User $user, $nosync = false): void | ||||
{ | { | ||||
if (!empty(self::$config) && self::$config['email'] == $user->email) { | if (!empty(self::$config) && self::$config['email'] == $user->email) { | ||||
▲ Show 20 Lines • Show All 75 Lines • Show Last 20 Lines |