diff --git a/apiconfig.php b/apiconfig.php index 23eceb6..31061ed 100644 --- a/apiconfig.php +++ b/apiconfig.php @@ -84,5 +84,17 @@ $APIS = [ "domain" => "/\b((?=[a-z0-9-]{1,63}\.)(xn--)?[a-z0-9]+(-[a-z0-9]+)*\.)+[a-z]{2,63}\b/", "nocache (optional)" => "" ] + ], + "notary/publishkey" => [ + "load" => "notary.publishkey.php", + "vars" => [ + "key" => "/-----BEGIN PGP PUBLIC KEY BLOCK-----(\n.*)+-----END PGP PUBLIC KEY BLOCK-----/" + ] + ], + "notary/fetchkey" => [ + "load" => "notary.fetchkey.php", + "vars" => [ + "fingerprint" => "/[a-fA-F0-9]+/" + ] ] ]; diff --git a/composer.json b/composer.json index 104d5f9..366c2ec 100644 --- a/composer.json +++ b/composer.json @@ -5,6 +5,7 @@ "geoip2/geoip2": "^2.11", "shippo/shippo-php": "^1.4", "easypost/easypost-php": "^3.5", - "bogdaan/open-location-code": "dev-master" + "bogdaan/open-location-code": "dev-master", + "singpolyma/openpgp-php": "^0.5.0" } } diff --git a/composer.lock b/composer.lock index ac1d71e..c34d5bb 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies", "This file is @generated automatically" ], - "content-hash": "56a7b51650928bd0c6c4eb301df2ccd9", + "content-hash": "d376050c7d4fdf9dd835d99448acdf0b", "packages": [ { "name": "bogdaan/open-location-code", @@ -493,6 +493,115 @@ }, "time": "2020-11-02T17:00:53+00:00" }, + { + "name": "phpseclib/phpseclib", + "version": "2.0.32", + "source": { + "type": "git", + "url": "https://github.com/phpseclib/phpseclib.git", + "reference": "f5c4c19880d45d0be3e7d24ae8ac434844a898cd" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/phpseclib/phpseclib/zipball/f5c4c19880d45d0be3e7d24ae8ac434844a898cd", + "reference": "f5c4c19880d45d0be3e7d24ae8ac434844a898cd", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "require-dev": { + "phing/phing": "~2.7", + "phpunit/phpunit": "^4.8.35|^5.7|^6.0|^9.4", + "squizlabs/php_codesniffer": "~2.0" + }, + "suggest": { + "ext-gmp": "Install the GMP (GNU Multiple Precision) extension in order to speed up arbitrary precision integer arithmetic operations.", + "ext-libsodium": "SSH2/SFTP can make use of some algorithms provided by the libsodium-php extension.", + "ext-mcrypt": "Install the Mcrypt extension in order to speed up a few other cryptographic operations.", + "ext-openssl": "Install the OpenSSL extension in order to speed up a wide variety of cryptographic operations." + }, + "type": "library", + "autoload": { + "files": [ + "phpseclib/bootstrap.php" + ], + "psr-4": { + "phpseclib\\": "phpseclib/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Jim Wigginton", + "email": "terrafrost@php.net", + "role": "Lead Developer" + }, + { + "name": "Patrick Monnerat", + "email": "pm@datasphere.ch", + "role": "Developer" + }, + { + "name": "Andreas Fischer", + "email": "bantu@phpbb.com", + "role": "Developer" + }, + { + "name": "Hans-Jürgen Petrich", + "email": "petrich@tronic-media.com", + "role": "Developer" + }, + { + "name": "Graham Campbell", + "email": "graham@alt-three.com", + "role": "Developer" + } + ], + "description": "PHP Secure Communications Library - Pure-PHP implementations of RSA, AES, SSH2, SFTP, X.509 etc.", + "homepage": "http://phpseclib.sourceforge.net", + "keywords": [ + "BigInteger", + "aes", + "asn.1", + "asn1", + "blowfish", + "crypto", + "cryptography", + "encryption", + "rsa", + "security", + "sftp", + "signature", + "signing", + "ssh", + "twofish", + "x.509", + "x509" + ], + "support": { + "issues": "https://github.com/phpseclib/phpseclib/issues", + "source": "https://github.com/phpseclib/phpseclib/tree/2.0.32" + }, + "funding": [ + { + "url": "https://github.com/terrafrost", + "type": "github" + }, + { + "url": "https://www.patreon.com/phpseclib", + "type": "patreon" + }, + { + "url": "https://tidelift.com/funding/github/packagist/phpseclib/phpseclib", + "type": "tidelift" + } + ], + "time": "2021-06-12T12:12:59+00:00" + }, { "name": "shippo/shippo-php", "version": "v1.4.4", @@ -551,6 +660,71 @@ }, "time": "2020-09-14T13:26:17+00:00" }, + { + "name": "singpolyma/openpgp-php", + "version": "0.5.0", + "source": { + "type": "git", + "url": "https://github.com/singpolyma/openpgp-php.git", + "reference": "69292f6a46ed7f687083bfb8974b161a41ab213c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/singpolyma/openpgp-php/zipball/69292f6a46ed7f687083bfb8974b161a41ab213c", + "reference": "69292f6a46ed7f687083bfb8974b161a41ab213c", + "shasum": "" + }, + "require": { + "php": "^5.6 || ^7.0 || ^8.0", + "phpseclib/phpseclib": "^2.0 !=2.0.8" + }, + "require-dev": { + "phpunit/phpunit": "^9.0" + }, + "suggest": { + "ext-mcrypt": "required if you use encryption cast5" + }, + "type": "library", + "autoload": { + "classmap": [ + "lib/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Unlicense" + ], + "authors": [ + { + "name": "Arto Bendiken", + "email": "arto.bendiken@gmail.com" + }, + { + "name": "Stephen Paul Weber", + "email": "singpolyma@singpolyma.net" + } + ], + "description": "Pure-PHP implementation of the OpenPGP Message Format (RFC 4880)", + "support": { + "issues": "https://github.com/singpolyma/openpgp-php/issues", + "source": "https://github.com/singpolyma/openpgp-php/tree/0.5.0" + }, + "funding": [ + { + "url": "https://github.com/singpolyma", + "type": "github" + }, + { + "url": "https://liberapay.com/singpolyma", + "type": "liberapay" + }, + { + "url": "https://www.patreon.com/singpolyma", + "type": "patreon" + } + ], + "time": "2021-05-26T00:35:20+00:00" + }, { "name": "symfony/polyfill-mbstring", "version": "v1.22.1", diff --git a/database.mwb b/database.mwb index 8e5aa8d..136c143 100644 Binary files a/database.mwb and b/database.mwb differ diff --git a/database.mwb.bak b/database.mwb.bak index a661c34..6eab250 100644 Binary files a/database.mwb.bak and b/database.mwb.bak differ diff --git a/endpoints/notary.fetchkey.php b/endpoints/notary.fetchkey.php new file mode 100644 index 0000000..41dff6c --- /dev/null +++ b/endpoints/notary.fetchkey.php @@ -0,0 +1,43 @@ + $fp]; +} else if (strlen($fp) == 16) { + $where = ["fingerprint_short" => $fp]; +} else { + $where = ["fingerprint[~]" => "%$fp"]; +} + +$results = $database->select("notary_registry", '*', $where); + +$out = []; + +foreach ($results as $r) { + $out[] = [ + "fingerprint" => $r["fingerprint"], + "name" => $r["name"], + "email" => $r["email"], + "location" => $r["location"], + "commissionexpires" => (is_null($r["commissionexpires"]) ? null : strtotime($r["commissionexpires"])), + "idnumber" => $r["idnumber"], + "state" => $r["state"], + "publickey" => $r["publickey"] + ]; +} + +exitWithJson([ + "status" => "OK", + "query" => $fp, + "count" => count($results), + "results" => $out +]); \ No newline at end of file diff --git a/endpoints/notary.publishkey.php b/endpoints/notary.publishkey.php new file mode 100644 index 0000000..95b104f --- /dev/null +++ b/endpoints/notary.publishkey.php @@ -0,0 +1,48 @@ +packets as $pkt) { + if ($pkt instanceof OpenPGP_PublicKeyPacket) { + $fingerprint = $pkt->fingerprint; + } else if ($pkt instanceof OpenPGP_UserIDPacket) { + $name = $pkt->name ?? $name; + $email = $pkt->email ?? $email; + } +} + +if ($database->has("notary_registry", ["fingerprint" => $fingerprint])) { + sendJsonResp("A public key with fingerprint $fingerprint has already been submitted to the registry. If you need to make changes to the information in the registry, put your old and new information in a PDF file, sign it with your private key, and email the PDF to notary@netsyms.com.", "ERROR"); +} + +$database->insert("notary_registry", [ + "fingerprint" => $fingerprint, + "fingerprint_short" => substr($fingerprint, -16), + "fingerprint_tiny" => substr($fingerprint, -8), + "name" => $name, + "email" => $email, + "location" => $location, + "commissionexpires" => $commissionexpires, + "idnumber" => $idnumber, + "state" => $state, + "publickey" => $pubkey +]); + +sendJsonResp("Your public key and notary profile have been submitted to the registry.", "OK"); \ No newline at end of file