partial

internalapi/createboltcard.go

@@ -0,0 +1,141 @@
+package main
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"github.com/boltcard/boltcard/db"
+	"github.com/boltcard/boltcard/resp_err"
+	log "github.com/sirupsen/logrus"
+	"net/http"
+	"strconv"
+	"strings"
+)
+
+func random_hex() string {
+	b := make([]byte, 16)
+	_, err := rand.Read(b)
+	if err != nil {
+		log.Warn(err.Error())
+		return ""
+	}
+
+	return hex.EncodeToString(b)
+}
+
+func createboltcard(w http.ResponseWriter, r *http.Request) {
+	if db.Get_setting("FUNCTION_INTERNAL_API") != "ENABLE" {
+		msg := "createboltcard: internal API function is not enabled"
+		log.Debug(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	tx_max_str := r.URL.Query().Get("tx_max")
+	tx_max, err := strconv.Atoi(tx_max_str)
+	if err != nil {
+		msg := "createboltcard: tx_max is not a valid integer"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	day_max_str := r.URL.Query().Get("day_max")
+	day_max, err := strconv.Atoi(day_max_str)
+	if err != nil {
+		msg := "createboltcard: day_max is not a valid integer"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	enable_flag_str := r.URL.Query().Get("enable")
+	enable_flag, err := strconv.ParseBool(enable_flag_str)
+	if err != nil {
+		msg := "createboltcard: enable is not a valid boolean"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	card_name := r.URL.Query().Get("card_name")
+
+	uid_privacy_flag_str := r.URL.Query().Get("uid_privacy")
+	uid_privacy_flag, err := strconv.ParseBool(uid_privacy_flag_str)
+	if err != nil {
+		msg := "createboltcard: uid_privacy is not a valid boolean"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	allow_neg_bal_flag_str := r.URL.Query().Get("allow_neg_bal")
+	allow_neg_bal_flag, err := strconv.ParseBool(allow_neg_bal_flag_str)
+	if err != nil {
+		msg := "createboltcard: allow_neg_bal is not a valid boolean"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	// check if card_name already exists
+
+	card_count, err := db.Get_card_name_count(card_name)
+	if err != nil {
+		log.Warn(err.Error())
+		return
+	}
+
+	if card_count > 0 {
+		msg := "createboltcard: the card name already exists in the database"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	// log the request
+
+	log.WithFields(log.Fields{
+		"card_name": card_name, "tx_max": tx_max, "day_max": day_max,
+		"enable": enable_flag, "uid_privacy": uid_privacy_flag,
+		"allow_neg_bal": allow_neg_bal_flag}).Info("createboltcard API request")
+
+	// create the keys
+
+	one_time_code := random_hex()
+	k0_auth_key := random_hex()
+	k2_cmac_key := random_hex()
+	k3 := random_hex()
+	k4 := random_hex()
+
+	// create the new card record
+
+	err = db.Insert_card(one_time_code, k0_auth_key, k2_cmac_key, k3, k4,
+		tx_max, day_max, enable_flag, card_name,
+		uid_privacy_flag, allow_neg_bal_flag)
+	if err != nil {
+		log.Warn(err.Error())
+		return
+	}
+
+	// return the URI + one_time_code
+
+	hostdomain := db.Get_setting("HOST_DOMAIN")
+	url := ""
+	if strings.HasSuffix(hostdomain, ".onion") {
+		url = "http://" + hostdomain + "/new?a=" + one_time_code
+	} else {
+		url = "https://" + hostdomain + "/new?a=" + one_time_code
+	}
+
+	// log the response
+
+	log.WithFields(log.Fields{
+		"card_name": card_name, "url": url}).Info("createboltcard API response")
+
+	jsonData := []byte(`{"status":"OK",` +
+		`"url":"` + url + `"}`)
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write(jsonData)
+}

internalapi/updateboltcard.go

@@ -0,0 +1,100 @@
+package main
+
+import (
+	"crypto/rand"
+	"encoding/hex"
+	"github.com/boltcard/boltcard/db"
+	"github.com/boltcard/boltcard/resp_err"
+	log "github.com/sirupsen/logrus"
+	"net/http"
+	"strconv"
+	"strings"
+)
+
+func updateboltcard(w http.ResponseWriter, r *http.Request) {
+	if db.Get_setting("FUNCTION_INTERNAL_API") != "ENABLE" {
+		msg := "updateboltcard: internal API function is not enabled"
+		log.Debug(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	tx_max_str := r.URL.Query().Get("tx_max")
+	tx_max, err := strconv.Atoi(tx_max_str)
+	if err != nil {
+		msg := "updateboltcard: tx_max is not a valid integer"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	enable_flag_str := r.URL.Query().Get("enable")
+	enable_flag, err := strconv.ParseBool(enable_flag_str)
+	if err != nil {
+		msg := "updateboltcard: enable is not a valid boolean"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	card_name := r.URL.Query().Get("card_name")
+
+	// check if card_name already exists
+//TODO: allow multiple deactivated cards with the same card_name
+	card_count, err := db.Get_card_name_count(card_name)
+	if err != nil {
+		log.Warn(err.Error())
+		return
+	}
+
+	if card_count == 0 {
+		msg := "updateboltcard: the card name does not exist in the database"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	// log the request
+
+	log.WithFields(log.Fields{
+		"card_name": card_name, "tx_max": tx_max,
+		"enable": enable_flag}).Info("createboltcard API request")
+
+	// create the keys
+
+	one_time_code := random_hex()
+	k0_auth_key := random_hex()
+	k2_cmac_key := random_hex()
+	k3 := random_hex()
+	k4 := random_hex()
+
+	// update the card record
+
+	err = db.Update_card(card_name, tx_max, enable_flag)
+	if err != nil {
+		log.Warn(err.Error())
+		return
+	}
+
+	// return the URI + one_time_code
+
+	hostdomain := db.Get_setting("HOST_DOMAIN")
+	url := ""
+	if strings.HasSuffix(hostdomain, ".onion") {
+		url = "http://" + hostdomain + "/new?a=" + one_time_code
+	} else {
+		url = "https://" + hostdomain + "/new?a=" + one_time_code
+	}
+
+	// log the response
+
+	log.WithFields(log.Fields{
+		"card_name": card_name, "url": url}).Info("updateboltcard API response")
+
+	jsonData := []byte(`{"status":"OK",` +
+		`"url":"` + url + `"}`)
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write(jsonData)
+}

internalapi/wipeboltcard.go

@@ -0,0 +1,75 @@
+package main
+
+import (
+	"github.com/boltcard/boltcard/db"
+	"github.com/boltcard/boltcard/resp_err"
+	log "github.com/sirupsen/logrus"
+	"net/http"
+	"strconv"
+)
+
+func wipeboltcard(w http.ResponseWriter, r *http.Request) {
+	if db.Get_setting("FUNCTION_INTERNAL_API") != "ENABLE" {
+		msg := "wipeboltcard: internal API function is not enabled"
+		log.Debug(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	card_name := r.URL.Query().Get("card_name")
+
+	// check if card_name has been given
+
+	if card_name == "" {
+		msg := "wipeboltcard: the card name must be set"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	// check if card_name exists
+
+	card_count, err := db.Get_card_name_count(card_name)
+
+	if card_count == 0 {
+		msg := "the card name does not exist in the database"
+		log.Warn(msg)
+		resp_err.Write_message(w, msg)
+		return
+	}
+
+	// set the card as wiped and disabled, get the keys
+
+	card_wipe_info_values, err := db.Wipe_card(card_name)
+	if err != nil {
+		log.Warn(err.Error())
+		return
+	}
+
+	// log the request
+
+	log.WithFields(log.Fields{
+		"card_name": card_name}).Info("wipeboltcard API request")
+
+	// generate a response
+
+	jsonData := `{"status":"OK",` +
+		`"action": "wipe",` +
+		`"id": ` + strconv.Itoa(card_wipe_info_values.Id) + `,` +
+		`"k0": "` + card_wipe_info_values.K0 + `",` +
+		`"k1": "` + card_wipe_info_values.K1 + `",` +
+		`"k2": "` + card_wipe_info_values.K2 + `",` +
+		`"k3": "` + card_wipe_info_values.K3 + `",` +
+		`"k4": "` + card_wipe_info_values.K4 + `",` +
+		`"uid": "` + card_wipe_info_values.Uid + `",` +
+		`"version": 1}`
+
+	// log the response
+
+	log.WithFields(log.Fields{
+		"card_name": card_name, "response": jsonData}).Info("wipeboltcard API response")
+
+	w.Header().Set("Content-Type", "application/json")
+	w.WriteHeader(http.StatusOK)
+	w.Write([]byte(jsonData))
+}