mirror of https://github.com/MISP/MISP
PGP key selection on fetch, fixes #554
- MISP will now fetch a list of all keys matching the e-mail address from the MIT server from the user edit view - A popup will present all the matching keys (with the creation date, key ID, email addresses associated - and the fingerprint when hovering over them) - Once the admin clicks on one, it will fetch the desired key - future enhancement possibility: move the second stage (the actual key fetch) to the server side instead of a direct ajax query from the user's browserpull/567/head
parent
d01783761a
commit
ea0dd2a33f
|
@ -944,4 +944,17 @@ class UsersController extends AppController {
|
||||||
$user_results = $this->User->verifyGPG();
|
$user_results = $this->User->verifyGPG();
|
||||||
$this->set('users', $user_results);
|
$this->set('users', $user_results);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function fetchPGPKey($email) {
|
||||||
|
if (!$this->_isAdmin()) throw new Exception('Administrators only.');
|
||||||
|
$keys = $this->User->fetchPGPKey($email);
|
||||||
|
if (is_numeric($keys)) {
|
||||||
|
|
||||||
|
throw new NotFoundException('Could not retrieved any keys from the key server.');
|
||||||
|
}
|
||||||
|
$this->set('keys', $keys);
|
||||||
|
$this->autorender = false;
|
||||||
|
$this->layout = false;
|
||||||
|
$this->render('ajax/fetchpgpkey');
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -524,4 +524,45 @@ class User extends AppModel {
|
||||||
}
|
}
|
||||||
return $message;
|
return $message;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public function fetchPGPKey($email) {
|
||||||
|
App::uses('HttpSocket', 'Network/Http');
|
||||||
|
$HttpSocket = new HttpSocket();
|
||||||
|
$response = $HttpSocket->get('https://pgp.mit.edu/pks/lookup?search=' . $email . '&op=index&fingerprint=on');
|
||||||
|
if ($response->code != 200) return $response->code;
|
||||||
|
$string = str_replace(array("\r", "\n"), "", $response->body);
|
||||||
|
$result = preg_match_all('/<pre>pub(.*?)<\/pre>/', $string, $matches);
|
||||||
|
$results = $this->__extractPGPInfo($matches[1]);
|
||||||
|
return $results;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function __extractPGPInfo($lines) {
|
||||||
|
$extractionRules = array(
|
||||||
|
'key_id' => array('regex' => '/\">(.*?)<\/a>/', 'all' => false, 'alternate' => false),
|
||||||
|
'date' => array('regex' => '/([0-9]{4}\-[0-9]{2}\-[0-9]{2})/', 'all' => false, 'alternate' => false),
|
||||||
|
'fingerprint' => array('regex' => '/Fingerprint=(.*)$/m', 'all' => false, 'alternate' => false),
|
||||||
|
'uri' => array('regex' => '/<a href=\"(.*?)\">/', 'all' => false, 'alternate' => false),
|
||||||
|
'address' => array('regex' => '/<a href="\/pks\/lookup\?op=vindex[^>]*>([^\<]*)<\/a>(.*)Fingerprint/s', 'all' => true, 'alternate' => true),
|
||||||
|
);
|
||||||
|
$final = array();
|
||||||
|
foreach ($lines as $line) {
|
||||||
|
if (strpos($line, 'KEY REVOKED')) continue;
|
||||||
|
$temp = array();
|
||||||
|
foreach ($extractionRules as $ruleName => $rule) {
|
||||||
|
if ($rule['all']) preg_match_all($rule['regex'], $line, ${$ruleName});
|
||||||
|
else preg_match($rule['regex'], $line, ${$ruleName});
|
||||||
|
if ($rule['alternate'] && isset(${$ruleName}[2]) && trim(${$ruleName}[2][0]) != '') $temp[$ruleName] = ${$ruleName}[2];
|
||||||
|
else $temp[$ruleName] = ${$ruleName}[1];
|
||||||
|
if ($rule['all']) $temp[$ruleName] = $temp[$ruleName][0];
|
||||||
|
$temp[$ruleName] = html_entity_decode($temp[$ruleName]);
|
||||||
|
}
|
||||||
|
$temp['address'] = preg_replace('/\s{2,}/', PHP_EOL, trim($temp['address']));
|
||||||
|
$final[] = $temp;
|
||||||
|
}
|
||||||
|
return $final;
|
||||||
|
}
|
||||||
|
|
||||||
|
private function __fetchPGPKey() {
|
||||||
|
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -1383,10 +1383,12 @@ function freetextImportResultsSubmit(id, count) {
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
function lookupPGPKey(emailFieldName) {
|
function pgpChoiceSelect(uri) {
|
||||||
|
$("#popover_form").fadeOut();
|
||||||
|
$("#gray_out").fadeOut();
|
||||||
$.ajax({
|
$.ajax({
|
||||||
type: "get",
|
type: "get",
|
||||||
url: "https://pgp.mit.edu/pks/lookup?op=get&search=" + $('#' + emailFieldName).val(),
|
url: "https://pgp.mit.edu/" + uri,
|
||||||
success: function (data) {
|
success: function (data) {
|
||||||
var result = data.split("<pre>")[1].split("</pre>")[0];
|
var result = data.split("<pre>")[1].split("</pre>")[0];
|
||||||
$("#UserGpgkey").val(result);
|
$("#UserGpgkey").val(result);
|
||||||
|
@ -1397,3 +1399,18 @@ function lookupPGPKey(emailFieldName) {
|
||||||
}
|
}
|
||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function lookupPGPKey(emailFieldName) {
|
||||||
|
$.ajax({
|
||||||
|
type: "get",
|
||||||
|
url: "/users/fetchPGPKey/" + $('#' + emailFieldName).val(),
|
||||||
|
success: function (data) {
|
||||||
|
$("#popover_form").fadeIn();
|
||||||
|
$("#gray_out").fadeIn();
|
||||||
|
$("#popover_form").html(data);
|
||||||
|
},
|
||||||
|
error: function (data, textStatus, errorThrown) {
|
||||||
|
showMessage('fail', textStatus + ": " + errorThrown);
|
||||||
|
}
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in New Issue