Validate PGP keys with GnuPG when a new robot is created

api/logics.py

@@ -7,9 +7,10 @@ from api.models import Order, LNPayment, MarketTick, User, Currency
 from api.tasks import send_message
 from decouple import config
 
+import gnupg
+
 import math
 import ast
-import time
 
 FEE = float(config("FEE"))
 MAKER_FEE_SPLIT = float(config("MAKER_FEE_SPLIT"))
@@ -31,6 +32,7 @@ FIAT_EXCHANGE_DURATION = int(config("FIAT_EXCHANGE_DURATION"))
 
 
 class Logics:
+
     @classmethod
     def validate_already_maker_or_taker(cls, user):
         """Validates if a use is already not part of an active order"""
@@ -88,6 +90,44 @@ class Logics:
 
         return True, None, None
 
+    def validate_pgp_keys(pub_key, enc_priv_key):
+        ''' Validates PGP valid keys. Formats them in a way understandable by the frontend '''
+        gpg = gnupg.GPG()
+
+        # Uniform format as linux linebreaks. Windows users submitting their own keys have \r\n breaks.
+        enc_priv_key = enc_priv_key.replace('\r\n', '\n')
+        pub_key = pub_key.replace('\r\n', '\n')
+
+        # Try to import and export the public key (without passphrase)
+        try:
+            import_pub_result = gpg.import_keys(pub_key)
+            pub_key = gpg.export_keys(import_pub_result.fingerprints[0])
+        except:
+            return (
+                False,
+                {
+                    "bad_request":
+                    "Your PGP public key does not seem valid"
+                }, 
+                None, 
+                None)
+
+        # Try to import the encrypted private key (without passphrase)
+        try:
+            import_priv_result = gpg.import_keys(enc_priv_key)
+        except:
+            return (
+                False,
+                {
+                    "bad_request":
+                    "Your PGP private key does not seem valid"
+                }, 
+                None, 
+                None)
+
+
+        return True, None, pub_key, enc_priv_key
+
     @classmethod
     def validate_order_size(cls, order):
         """Validates if order size in Sats is within limits at t0"""

api/models.py

@@ -425,15 +425,16 @@ def delete_lnpayment_at_order_deletion(sender, instance, **kwargs):
 class Profile(models.Model):
     user = models.OneToOneField(User, on_delete=models.CASCADE)
 
-    # PGP keys, used for E2E chat encrytion. Priv key is encrypted with user's passphrase (highEntropyToken)
+    # PGP keys, used for E2E chat encryption. Priv key is encrypted with user's passphrase (highEntropyToken)
     public_key = models.TextField(
-        max_length=999,
+        # Actualy only 400-500 characters for ECC, but other types might be longer
+        max_length=2000,
         null=True,
         default=None,
         blank=True,
     )
     encrypted_private_key = models.TextField(
-        max_length=999,
+        max_length=2000,
         null=True,
         default=None,
         blank=True,

api/views.py

@@ -635,6 +635,10 @@ class UserView(APIView):
         encrypted_private_key = serializer.data.get("encrypted_private_key")
         ref_code = serializer.data.get("ref_code")
         
+        valid, bad_keys_context, public_key, encrypted_private_key = Logics.validate_pgp_keys(public_key, encrypted_private_key)
+        if not valid:
+            return Response(bad_keys_context, status.HTTP_400_BAD_REQUEST)
+
         if not public_key or not encrypted_private_key:
             context["bad_request"] = "Must provide valid 'pub' and 'enc_priv' PGP keys"
             return Response(context, status.HTTP_400_BAD_REQUEST)

frontend/src/components/FlagWithProps/FlagWithProps.tsx

@@ -18,10 +18,12 @@ const FlagWithProps = ({ code }: Props): JSX.Element => {
   if(code === 'AUD') flag = <Flags.AU {...defaultProps}/>;
   if(code === 'ARS') flag = <Flags.AR {...defaultProps}/>;
   if(code === 'BRL') flag = <Flags.BR {...defaultProps}/>;
+  if(code === 'BYN') flag = <Flags.BY {...defaultProps}/>;
   if(code === 'CAD') flag = <Flags.CA {...defaultProps}/>;
   if(code === 'CHF') flag = <Flags.CH {...defaultProps}/>;
   if(code === 'CLP') flag = <Flags.CL {...defaultProps}/>;
   if(code === 'CNY') flag = <Flags.CN {...defaultProps}/>;
+  if(code === 'EGP') flag = <Flags.EG {...defaultProps}/>;
   if(code === 'EUR') flag = <Flags.EU {...defaultProps}/>;
   if(code === 'HRK') flag = <Flags.HR {...defaultProps}/>;
   if(code === 'CZK') flag = <Flags.CZ {...defaultProps}/>;
@@ -33,6 +35,8 @@ const FlagWithProps = ({ code }: Props): JSX.Element => {
   if(code === 'ISK') flag = <Flags.IS {...defaultProps}/>;
   if(code === 'JPY') flag = <Flags.JP {...defaultProps}/>;
   if(code === 'KRW') flag = <Flags.KR {...defaultProps}/>;
+  if(code === 'LKR') flag = <Flags.LK {...defaultProps}/>;
+  if(code === 'MAD') flag = <Flags.MA {...defaultProps}/>;
   if(code === 'MXN') flag = <Flags.MX {...defaultProps}/>;
   if(code === 'NOK') flag = <Flags.NO {...defaultProps}/>;
   if(code === 'NZD') flag = <Flags.NZ {...defaultProps}/>;

frontend/static/assets/currencies.json

@@ -14,7 +14,7 @@
 	"13":"SGD",
 	"14":"NOK",
 	"15":"MXN",
-	"16":"KRW",
+	"16":"BYN",
 	"17":"RUB",
 	"18":"ZAR",
 	"19":"TRY",
@@ -63,6 +63,9 @@
 	"62":"TZS",
 	"63":"XAF",
 	"64":"UAH",
+	"65":"EGP",
+	"66":"LKR",
+	"67":"MAD",
 	"300":"XAU",
 	"1000":"BTC"
 }

requirements.txt

@@ -10,8 +10,8 @@ djangorestframework==3.13.1
 channels==3.0.4
 channels-redis==3.3.1
 celery==5.2.3
-googleapis-common-protos==1.53.0
 grpcio==1.43.0
+googleapis-common-protos==1.53.0
 grpcio-tools==1.43.0
 numpy==1.22.2
 Pillow==7.0.0
@@ -25,3 +25,4 @@ psycopg2==2.9.3
 SQLAlchemy==1.4.31
 django-import-export==2.7.1
 requests[socks]
+python-gnupg==0.4.9