Fix HKP index, accept fingerprint for lookup

2016-06-02 22:55:32 +02:00 · 2016-06-02 22:55:32 +02:00 · 41cbd55d9e
commit 41cbd55d9e
parent 20145d3a11
3 changed files with 41 additions and 11 deletions
--- a/src/route/hkp.js
+++ b/src/route/hkp.js
@ -122,17 +122,16 @@ class HKP {
    if (params.op === 'get') {
      ctx.body = key.publicKeyArmored;
    } else if (params.op === 'index' && params.mr) {
-      const VERSION = 1;
-      const COUNT = 1; // number of keys
+      const VERSION = 1, COUNT = 1; // number of keys
      let algo = (key.algorithm.indexOf('rsa') !== -1) ? 1 : '';
      let created = key.created ? (key.created.getTime() / 1000) : '';
-      let uid = key.userIds.map(u => u.name + ' <' + u.email + '>').join(', ');

-      ctx.body =
-        'info:' + VERSION + ':' + COUNT + '\n' +
-        'pub:' + key.keyid + ':' + algo + ':' + key.keylen + ':' + created + '::\n' +
-        'uid:' + encodeURIComponent(uid) + ':' + created + '::\n' +
-        key.publicKeyArmored;
+      ctx.body = 'info:' + VERSION + ':' + COUNT + '\n' +
+        'pub:' + key.fingerprint + ':' + algo + ':' + key.keylen + ':' + created + '::\n';
+
+      for (let uid of key.userIds) {
+        ctx.body += 'uid:' + encodeURIComponent(uid.name + ' <' + uid.email + '>') + ':::\n';
+      }
    }
  }

--- a/src/service/public-key.js
+++ b/src/service/public-key.js
@ -154,8 +154,8 @@ class PublicKey {
  *get(options) {
    let keyid = options.keyid, email = options.email;
    let verified = yield this._userId.getVerfied({
-      keyid: keyid ? keyid.toUpperCase() : undefined,
-      userIds: email ? [{ email:email.toLowerCase() }] : undefined
+      keyid: this._formatKeyId(keyid),
+      userIds: this._formatUserIds(email)
    });
    if (!verified) {
      util.throw(404, 'Key not found');
@ -166,6 +166,29 @@ class PublicKey {
    return params;
  }

+  /**
+   * Convert key id to the format used in the database.
+   * @param  {string} keyid   the public key id
+   * @return {string}         the formatted key id
+   */
+  _formatKeyId(keyid) {
+    if (!util.isString(keyid)) {
+      return;
+    }
+    keyid = keyid.toUpperCase(); // use uppercase key ids
+    let len = keyid.length;
+    return (len > 16) ? keyid.substr(len - 16, len) : keyid; // shorten to 16 bytes
+  }
+
+  /**
+   * Format the email address to the format used in the database.
+   * @param  {[type]} email [description]
+   * @return {[type]}       [description]
+   */
+  _formatUserIds(email) {
+    return email ? [{ email:email.toLowerCase() }] : undefined;
+  }
+
  /**
   * Request removal of the public key by flagging all user ids and sending
   * a verification email to the primary email address. Only one email
--- a/test/integration/app-test.js
+++ b/test/integration/app-test.js
@ -22,6 +22,7 @@ describe('Koa App (HTTP Server) Integration Tests', function() {
  const DB_TYPE_PUB_KEY = 'publickey';
  const DB_TYPE_USER_ID = 'userid';
  const primaryEmail = 'safewithme.testuser@gmail.com';
+  const fingerprint = '4277257930867231CE393FB8DBC0B3D92B1B86E9';

  before(function *() {
    publicKeyArmored = fs.readFileSync(__dirname + '/../key1.asc', 'utf8');
@ -374,13 +375,20 @@ describe('Koa App (HTTP Server) Integration Tests', function() {
          .end(done);
        });

-        it('should return 200 for a valid request', done => {
+        it('should return 200 for key id', done => {
          request(app.listen())
          .get('/pks/lookup?op=get&search=0x' + emailParams.keyid)
          .expect(200, publicKeyArmored)
          .end(done);
        });

+        it('should return 200 for fingerprint', done => {
+          request(app.listen())
+          .get('/pks/lookup?op=get&search=0x' + fingerprint)
+          .expect(200, publicKeyArmored)
+          .end(done);
+        });
+
        it('should return 200 for correct email address', done => {
          request(app.listen())
          .get('/pks/lookup?op=get&search=' + primaryEmail)