-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathuploadsignedkey.lsp.template
executable file
·100 lines (100 loc) · 3.42 KB
/
uploadsignedkey.lsp.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!___NEWLISPPATH___
(load "wot.lsp")
(print "Content-type: text/html\n\n")
(set (quote sponsoremail) (CGI:get "sponsoremail"))
(set (quote applicantemail) (CGI:get "applicantemail"))
(wot:checkemailaddress sponsoremail)
(wot:checkemailaddress applicantemail)
;(wot:verifypassword applicantemail (CGI:get "applicantpassword"))
(set (quote signedapplicantpubkey) (CGI:get "signedapplicantpubkey"))
(set (quote badfound) (catch (wot:checkkey signedapplicantpubkey)))
(if (!= badfound nil)
(begin
;(print signedapplicantpubkey)
(CGI:put-page "uploadfailed.html")
(exit)
)
)
(set (quote runstring) (string wot:MKTEMP " --tmpdir=" wot:TEMPDIR))
(set (quote keyfile) (trim (nth 1 (catch (wot:runit runstring nil 20)))))
(replace " " signedapplicantpubkey "+")
(replace "\r" signedapplicantpubkey "")
(replace "-----BEGIN+PGP+PUBLIC+KEY+BLOCK-----" signedapplicantpubkey "-----BEGIN PGP PUBLIC KEY BLOCK-----")
(replace "-----END+PGP+PUBLIC+KEY+BLOCK-----" signedapplicantpubkey "-----END PGP PUBLIC KEY BLOCK-----")
(write-file keyfile signedapplicantpubkey)
(set (quote runstring) (string wot:MKTEMP " --tmpdir=" wot:TEMPDIR))
(set (quote pubringfile) (trim (nth 1 (catch (wot:runit runstring nil 20)))))
(set (quote runstring) (string wot:MKTEMP " --tmpdir=" wot:TEMPDIR))
(set (quote secringfile) (trim (nth 1 (catch (wot:runit runstring nil 20)))))
(set (quote runstring) (string wot:MKTEMP " --tmpdir=" wot:TEMPDIR))
(set (quote trustdbfile) (trim (nth 1 (catch (wot:runit runstring nil 20)))))
(copy-file wot:PUBTRUSTDB trustdbfile)
(set (quote runitlist) (catch (wot:importkey keyfile pubringfile secringfile trustdbfile)))
;(replace "<" runitlist "<")
;(replace ">" runitlist ">")
;(print runitlist)
(set (quote runitlist) (catch (wot:listkeys applicantemail pubringfile secringfile trustdbfile)))
(if
(or
(= runitlist nil)
(= (length runitlist) 0)
)
(begin
;(print runitlist)
(CGI:put-page "emailmismatch.html")
(exit)
)
)
(set (quote sponsorkeyfile) (catch (wot:exportkey sponsoremail)))
; import to testdb, then check sig
(set (quote runitlist) (catch (wot:importkey sponsorkeyfile pubringfile secringfile trustdbfile)))
(if (= (int (nth 0 runitlist)) 0)
(begin
(CGI:put-page "uploadfailed.html")
(exit)
)
)
; check to see if email address in applicantkey matches imported key
(set (quote runitlist) (catch (wot:getsiginfo applicantemail pubringfile secringfile trustdbfile)))
(dolist (x (find-all (string "sig:!.*(" sponsoremail ").*") runitlist $1 ))
(begin
(set (quote sponsorsigfound) true)
;(print "found match: " x)
)
)
(if (= sponsorsigfound nil)
(begin
(CGI:put-page "uploadfailed.html")
(exit)
)
)
(dolist (x (find-all {pub:\S:\d+:\d:([a-zA-Z0-9]{16}):\d\d\d\d-\d\d-\d\d} runitlist $1))
(begin
(set (quote keyid) x)
)
)
;(print keyid "<br>")
; at this point, a signature has been found for sponsoremail
; go ahead and import key into real keyrings, then trust key
(delete-file pubringfile)
(delete-file secringfile)
(delete-file trustdbfile)
(set (quote runitlist) (catch (wot:importkey keyfile)))
;(print runitlist "<br>")
(delete-file keyfile)
;(set (quote runitlist) (catch (wot:trustkey keyid)))
;(print runitlist "<br>")
(set (quote trustfound) (catch (wot:checktrust applicantemail)))
(if (!= (nth 0 trustfound) nil)
(begin
(CGI:put-page "keyuploaded.html")
(exit)
)
(begin
(CGI:put-page "uploadfailed.html")
(exit)
)
)
;(print "</body>\n")
;(print "</html>\n")
(exit)