Add option to provide signature for a token to verify key ownership (#14054)

* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>

integrations/api_gpg_keys_test.go

@@ -29,10 +29,10 @@ func TestGPGKeys(t *testing.T) {
 		results     []int
 	}{
 		{name: "NoLogin", makeRequest: MakeRequest, token: "",
-			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
+			results: []int{http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized, http.StatusUnauthorized},
 		},
 		{name: "LoggedAsUser2", makeRequest: session.MakeRequest, token: token,
-			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusCreated}},
+			results: []int{http.StatusOK, http.StatusOK, http.StatusNotFound, http.StatusNoContent, http.StatusUnprocessableEntity, http.StatusNotFound, http.StatusCreated, http.StatusNotFound, http.StatusCreated}},
 	}
 
 	for _, tc := range tt {
@@ -60,7 +60,7 @@ func TestGPGKeys(t *testing.T) {
 			t.Run("CreateValidGPGKey", func(t *testing.T) {
 				testCreateValidGPGKey(t, tc.makeRequest, tc.token, tc.results[6])
 			})
-			t.Run("CreateValidSecondaryEmailGPGKey", func(t *testing.T) {
+			t.Run("CreateValidSecondaryEmailGPGKeyNotActivated", func(t *testing.T) {
 				testCreateValidSecondaryEmailGPGKey(t, tc.makeRequest, tc.token, tc.results[7])
 			})
 		})
@@ -74,6 +74,7 @@ func TestGPGKeys(t *testing.T) {
 		req := NewRequest(t, "GET", "/api/v1/user/gpg_keys?token="+token) //GET all keys
 		resp := session.MakeRequest(t, req, http.StatusOK)
 		DecodeJSON(t, resp, &keys)
+		assert.Len(t, keys, 1)
 
 		primaryKey1 := keys[0] //Primary key 1
 		assert.EqualValues(t, "38EA3BCED732982C", primaryKey1.KeyID)
@@ -85,12 +86,6 @@ func TestGPGKeys(t *testing.T) {
 		assert.EqualValues(t, "70D7C694D17D03AD", subKey.KeyID)
 		assert.Empty(t, subKey.Emails)
 
-		primaryKey2 := keys[1] //Primary key 2
-		assert.EqualValues(t, "3CEF46EF40BEFC3E", primaryKey2.KeyID)
-		assert.Len(t, primaryKey2.Emails, 1)
-		assert.EqualValues(t, "user2-2@example.com", primaryKey2.Emails[0].Email)
-		assert.False(t, primaryKey2.Emails[0].Verified)
-
 		var key api.GPGKey
 		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey1.ID, 10)+"?token="+token) //Primary key 1
 		resp = session.MakeRequest(t, req, http.StatusOK)
@@ -105,15 +100,6 @@ func TestGPGKeys(t *testing.T) {
 		DecodeJSON(t, resp, &key)
 		assert.EqualValues(t, "70D7C694D17D03AD", key.KeyID)
 		assert.Empty(t, key.Emails)
-
-		req = NewRequest(t, "GET", "/api/v1/user/gpg_keys/"+strconv.FormatInt(primaryKey2.ID, 10)+"?token="+token) //Primary key 2
-		resp = session.MakeRequest(t, req, http.StatusOK)
-		DecodeJSON(t, resp, &key)
-		assert.EqualValues(t, "3CEF46EF40BEFC3E", key.KeyID)
-		assert.Len(t, key.Emails, 1)
-		assert.EqualValues(t, "user2-2@example.com", key.Emails[0].Email)
-		assert.False(t, key.Emails[0].Verified)
-
 	})
 
 	//Check state after basic add

models/error.go

@@ -451,6 +451,7 @@ func (err ErrKeyNameAlreadyUsed) Error() string {
 // ErrGPGNoEmailFound represents a "ErrGPGNoEmailFound" kind of error.
 type ErrGPGNoEmailFound struct {
 	FailedEmails []string
+	ID           string
 }
 
 // IsErrGPGNoEmailFound checks if an error is a ErrGPGNoEmailFound.
@@ -463,6 +464,22 @@ func (err ErrGPGNoEmailFound) Error() string {
 	return fmt.Sprintf("none of the emails attached to the GPG key could be found: %v", err.FailedEmails)
 }
 
+// ErrGPGInvalidTokenSignature represents a "ErrGPGInvalidTokenSignature" kind of error.
+type ErrGPGInvalidTokenSignature struct {
+	Wrapped error
+	ID      string
+}
+
+// IsErrGPGInvalidTokenSignature checks if an error is a ErrGPGInvalidTokenSignature.
+func IsErrGPGInvalidTokenSignature(err error) bool {
+	_, ok := err.(ErrGPGInvalidTokenSignature)
+	return ok
+}
+
+func (err ErrGPGInvalidTokenSignature) Error() string {
+	return "the provided signature does not sign the token with the provided key"
+}
+
 // ErrGPGKeyParsing represents a "ErrGPGKeyParsing" kind of error.
 type ErrGPGKeyParsing struct {
 	ParseError error

models/gpg_key.go

@@ -5,27 +5,25 @@
 package models
 
 import (
-	"bytes"
-	"container/list"
-	"crypto"
-	"encoding/base64"
 	"fmt"
-	"hash"
-	"io"
 	"strings"
 	"time"
 
-	"code.gitea.io/gitea/modules/git"
 	"code.gitea.io/gitea/modules/log"
-	"code.gitea.io/gitea/modules/setting"
 	"code.gitea.io/gitea/modules/timeutil"
 
 	"github.com/keybase/go-crypto/openpgp"
-	"github.com/keybase/go-crypto/openpgp/armor"
 	"github.com/keybase/go-crypto/openpgp/packet"
 	"xorm.io/xorm"
 )
 
+//   __________________  ________   ____  __.
+//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
+// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
+// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
+//	\______  /|____|    \______  / |____|__ \___  > ____|
+//				 \/                  \/          \/   \/\/
+
 // GPGKey represents a GPG key.
 type GPGKey struct {
 	ID                int64              `xorm:"pk autoincr"`
@@ -38,18 +36,13 @@ type GPGKey struct {
 	AddedUnix         timeutil.TimeStamp
 	SubsKey           []*GPGKey `xorm:"-"`
 	Emails            []*EmailAddress
+	Verified          bool `xorm:"NOT NULL DEFAULT false"`
 	CanSign           bool
 	CanEncryptComms   bool
 	CanEncryptStorage bool
 	CanCertify        bool
 }
 
-// GPGKeyImport the original import of key
-type GPGKeyImport struct {
-	KeyID   string `xorm:"pk CHAR(16) NOT NULL"`
-	Content string `xorm:"TEXT NOT NULL"`
-}
-
 // BeforeInsert will be invoked by XORM before inserting a record
 func (key *GPGKey) BeforeInsert() {
 	key.AddedUnix = timeutil.TimeStampNow()
@@ -96,131 +89,6 @@ func GetGPGKeysByKeyID(keyID string) ([]*GPGKey, error) {
 	return keys, x.Where("key_id=?", keyID).Find(&keys)
 }
 
-// GetGPGImportByKeyID returns the import public armored key by given KeyID.
-func GetGPGImportByKeyID(keyID string) (*GPGKeyImport, error) {
-	key := new(GPGKeyImport)
-	has, err := x.ID(keyID).Get(key)
-	if err != nil {
-		return nil, err
-	} else if !has {
-		return nil, ErrGPGKeyImportNotExist{keyID}
-	}
-	return key, nil
-}
-
-// checkArmoredGPGKeyString checks if the given key string is a valid GPG armored key.
-// The function returns the actual public key on success
-func checkArmoredGPGKeyString(content string) (openpgp.EntityList, error) {
-	list, err := openpgp.ReadArmoredKeyRing(strings.NewReader(content))
-	if err != nil {
-		return nil, ErrGPGKeyParsing{err}
-	}
-	return list, nil
-}
-
-// addGPGKey add key, import and subkeys to database
-func addGPGKey(e Engine, key *GPGKey, content string) (err error) {
-	// Add GPGKeyImport
-	if _, err = e.Insert(GPGKeyImport{
-		KeyID:   key.KeyID,
-		Content: content,
-	}); err != nil {
-		return err
-	}
-	// Save GPG primary key.
-	if _, err = e.Insert(key); err != nil {
-		return err
-	}
-	// Save GPG subs key.
-	for _, subkey := range key.SubsKey {
-		if err := addGPGSubKey(e, subkey); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// addGPGSubKey add subkeys to database
-func addGPGSubKey(e Engine, key *GPGKey) (err error) {
-	// Save GPG primary key.
-	if _, err = e.Insert(key); err != nil {
-		return err
-	}
-	// Save GPG subs key.
-	for _, subkey := range key.SubsKey {
-		if err := addGPGSubKey(e, subkey); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// AddGPGKey adds new public key to database.
-func AddGPGKey(ownerID int64, content string) ([]*GPGKey, error) {
-	ekeys, err := checkArmoredGPGKeyString(content)
-	if err != nil {
-		return nil, err
-	}
-	sess := x.NewSession()
-	defer sess.Close()
-	if err = sess.Begin(); err != nil {
-		return nil, err
-	}
-	keys := make([]*GPGKey, 0, len(ekeys))
-	for _, ekey := range ekeys {
-		// Key ID cannot be duplicated.
-		has, err := sess.Where("key_id=?", ekey.PrimaryKey.KeyIdString()).
-			Get(new(GPGKey))
-		if err != nil {
-			return nil, err
-		} else if has {
-			return nil, ErrGPGKeyIDAlreadyUsed{ekey.PrimaryKey.KeyIdString()}
-		}
-
-		// Get DB session
-
-		key, err := parseGPGKey(ownerID, ekey)
-		if err != nil {
-			return nil, err
-		}
-
-		if err = addGPGKey(sess, key, content); err != nil {
-			return nil, err
-		}
-		keys = append(keys, key)
-	}
-	return keys, sess.Commit()
-}
-
-// base64EncPubKey encode public key content to base 64
-func base64EncPubKey(pubkey *packet.PublicKey) (string, error) {
-	var w bytes.Buffer
-	err := pubkey.Serialize(&w)
-	if err != nil {
-		return "", err
-	}
-	return base64.StdEncoding.EncodeToString(w.Bytes()), nil
-}
-
-// base64DecPubKey decode public key content from base 64
-func base64DecPubKey(content string) (*packet.PublicKey, error) {
-	b, err := readerFromBase64(content)
-	if err != nil {
-		return nil, err
-	}
-	// Read key
-	p, err := packet.Read(b)
-	if err != nil {
-		return nil, err
-	}
-	// Check type
-	pkey, ok := p.(*packet.PublicKey)
-	if !ok {
-		return nil, fmt.Errorf("key is not a public key")
-	}
-	return pkey, nil
-}
-
 // GPGKeyToEntity retrieve the imported key and the traducted entity
 func GPGKeyToEntity(k *GPGKey) (*openpgp.Entity, error) {
 	impKey, err := GetGPGImportByKeyID(k.KeyID)
@@ -254,27 +122,8 @@ func parseSubGPGKey(ownerID int64, primaryID string, pubkey *packet.PublicKey, e
 	}, nil
 }
 
-// getExpiryTime extract the expire time of primary key based on sig
-func getExpiryTime(e *openpgp.Entity) time.Time {
-	expiry := time.Time{}
-	// Extract self-sign for expire date based on : https://github.com/golang/crypto/blob/master/openpgp/keys.go#L165
-	var selfSig *packet.Signature
-	for _, ident := range e.Identities {
-		if selfSig == nil {
-			selfSig = ident.SelfSignature
-		} else if ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
-			selfSig = ident.SelfSignature
-			break
-		}
-	}
-	if selfSig.KeyLifetimeSecs != nil {
-		expiry = e.PrimaryKey.CreationTime.Add(time.Duration(*selfSig.KeyLifetimeSecs) * time.Second)
-	}
-	return expiry
-}
-
 // parseGPGKey parse a PrimaryKey entity (primary key + subs keys + self-signature)
-func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) {
+func parseGPGKey(ownerID int64, e *openpgp.Entity, verified bool) (*GPGKey, error) {
 	pubkey := e.PrimaryKey
 	expiry := getExpiryTime(e)
 
@@ -301,20 +150,22 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) {
 		}
 		email := strings.ToLower(strings.TrimSpace(ident.UserId.Email))
 		for _, e := range userEmails {
-			if e.LowerEmail == email {
+			if e.IsActivated && e.LowerEmail == email {
 				emails = append(emails, e)
 				break
 			}
 		}
 	}
 
-	// In the case no email as been found
+	if !verified {
-	if len(emails) == 0 {
+		// In the case no email as been found
-		failedEmails := make([]string, 0, len(e.Identities))
+		if len(emails) == 0 {
-		for _, ident := range e.Identities {
+			failedEmails := make([]string, 0, len(e.Identities))
-			failedEmails = append(failedEmails, ident.UserId.Email)
+			for _, ident := range e.Identities {
+				failedEmails = append(failedEmails, ident.UserId.Email)
+			}
+			return nil, ErrGPGNoEmailFound{failedEmails, e.PrimaryKey.KeyIdString()}
 		}
-		return nil, ErrGPGNoEmailFound{failedEmails}
 	}
 
 	content, err := base64EncPubKey(pubkey)
@@ -330,6 +181,7 @@ func parseGPGKey(ownerID int64, e *openpgp.Entity) (*GPGKey, error) {
 		ExpiredUnix:       timeutil.TimeStamp(expiry.Unix()),
 		Emails:            emails,
 		SubsKey:           subkeys,
+		Verified:          verified,
 		CanSign:           pubkey.CanSign(),
 		CanEncryptComms:   pubkey.PubKeyAlgo.CanEncrypt(),
 		CanEncryptStorage: pubkey.PubKeyAlgo.CanEncrypt(),
@@ -378,545 +230,32 @@ func DeleteGPGKey(doer *User, id int64) (err error) {
 	return sess.Commit()
 }
 
-// CommitVerification represents a commit validation of signature
+func checkKeyEmails(email string, keys ...*GPGKey) (bool, string) {
-type CommitVerification struct {
+	uid := int64(0)
-	Verified       bool
+	var userEmails []*EmailAddress
-	Warning        bool
+	var user *User
-	Reason         string
-	SigningUser    *User
-	CommittingUser *User
-	SigningEmail   string
-	SigningKey     *GPGKey
-	TrustStatus    string
-}
-
-// SignCommit represents a commit with validation of signature.
-type SignCommit struct {
-	Verification *CommitVerification
-	*UserCommit
-}
-
-const (
-	// BadSignature is used as the reason when the signature has a KeyID that is in the db
-	// but no key that has that ID verifies the signature. This is a suspicious failure.
-	BadSignature = "gpg.error.probable_bad_signature"
-	// BadDefaultSignature is used as the reason when the signature has a KeyID that matches the
-	// default Key but is not verified by the default key. This is a suspicious failure.
-	BadDefaultSignature = "gpg.error.probable_bad_default_signature"
-	// NoKeyFound is used as the reason when no key can be found to verify the signature.
-	NoKeyFound = "gpg.error.no_gpg_keys_found"
-)
-
-func readerFromBase64(s string) (io.Reader, error) {
-	bs, err := base64.StdEncoding.DecodeString(s)
-	if err != nil {
-		return nil, err
-	}
-	return bytes.NewBuffer(bs), nil
-}
-
-func populateHash(hashFunc crypto.Hash, msg []byte) (hash.Hash, error) {
-	h := hashFunc.New()
-	if _, err := h.Write(msg); err != nil {
-		return nil, err
-	}
-	return h, nil
-}
-
-// readArmoredSign read an armored signature block with the given type. https://sourcegraph.com/github.com/golang/crypto/-/blob/openpgp/read.go#L24:6-24:17
-func readArmoredSign(r io.Reader) (body io.Reader, err error) {
-	block, err := armor.Decode(r)
-	if err != nil {
-		return
-	}
-	if block.Type != openpgp.SignatureType {
-		return nil, fmt.Errorf("expected '" + openpgp.SignatureType + "', got: " + block.Type)
-	}
-	return block.Body, nil
-}
-
-func extractSignature(s string) (*packet.Signature, error) {
-	r, err := readArmoredSign(strings.NewReader(s))
-	if err != nil {
-		return nil, fmt.Errorf("Failed to read signature armor")
-	}
-	p, err := packet.Read(r)
-	if err != nil {
-		return nil, fmt.Errorf("Failed to read signature packet")
-	}
-	sig, ok := p.(*packet.Signature)
-	if !ok {
-		return nil, fmt.Errorf("Packet is not a signature")
-	}
-	return sig, nil
-}
-
-func verifySign(s *packet.Signature, h hash.Hash, k *GPGKey) error {
-	// Check if key can sign
-	if !k.CanSign {
-		return fmt.Errorf("key can not sign")
-	}
-	// Decode key
-	pkey, err := base64DecPubKey(k.Content)
-	if err != nil {
-		return err
-	}
-	return pkey.VerifySignature(h, s)
-}
-
-func hashAndVerify(sig *packet.Signature, payload string, k *GPGKey, committer, signer *User, email string) *CommitVerification {
-	// Generating hash of commit
-	hash, err := populateHash(sig.Hash, []byte(payload))
-	if err != nil { // Skipping failed to generate hash
-		log.Error("PopulateHash: %v", err)
-		return &CommitVerification{
-			CommittingUser: committer,
-			Verified:       false,
-			Reason:         "gpg.error.generate_hash",
-		}
-	}
-
-	if err := verifySign(sig, hash, k); err == nil {
-		return &CommitVerification{ // Everything is ok
-			CommittingUser: committer,
-			Verified:       true,
-			Reason:         fmt.Sprintf("%s / %s", signer.Name, k.KeyID),
-			SigningUser:    signer,
-			SigningKey:     k,
-			SigningEmail:   email,
-		}
-	}
-	return nil
-}
-
-func hashAndVerifyWithSubKeys(sig *packet.Signature, payload string, k *GPGKey, committer, signer *User, email string) *CommitVerification {
-	commitVerification := hashAndVerify(sig, payload, k, committer, signer, email)
-	if commitVerification != nil {
-		return commitVerification
-	}
-
-	// And test also SubsKey
-	for _, sk := range k.SubsKey {
-		commitVerification := hashAndVerify(sig, payload, sk, committer, signer, email)
-		if commitVerification != nil {
-			return commitVerification
-		}
-	}
-	return nil
-}
-
-func hashAndVerifyForKeyID(sig *packet.Signature, payload string, committer *User, keyID, name, email string) *CommitVerification {
-	if keyID == "" {
-		return nil
-	}
-	keys, err := GetGPGKeysByKeyID(keyID)
-	if err != nil {
-		log.Error("GetGPGKeysByKeyID: %v", err)
-		return &CommitVerification{
-			CommittingUser: committer,
-			Verified:       false,
-			Reason:         "gpg.error.failed_retrieval_gpg_keys",
-		}
-	}
-	if len(keys) == 0 {
-		return nil
-	}
 	for _, key := range keys {
-		var primaryKeys []*GPGKey
+		for _, e := range key.Emails {
-		if key.PrimaryKeyID != "" {
+			if e.IsActivated && (email == "" || strings.EqualFold(e.Email, email)) {
-			primaryKeys, err = GetGPGKeysByKeyID(key.PrimaryKeyID)
+				return true, e.Email
-			if err != nil {
-				log.Error("GetGPGKeysByKeyID: %v", err)
-				return &CommitVerification{
-					CommittingUser: committer,
-					Verified:       false,
-					Reason:         "gpg.error.failed_retrieval_gpg_keys",
-				}
 			}
 		}
-		activated := false
+		if key.Verified && key.OwnerID != 0 {
-		if len(email) != 0 {
+			if uid != key.OwnerID {
-			for _, e := range key.Emails {
+				userEmails, _ = GetEmailAddresses(key.OwnerID)
-				if e.IsActivated && strings.EqualFold(e.Email, email) {
+				uid = key.OwnerID
-					activated = true
+				user = &User{ID: uid}
-					email = e.Email
+				_, _ = GetUser(user)
-					break
+			}
+			for _, e := range userEmails {
+				if e.IsActivated && (email == "" || strings.EqualFold(e.Email, email)) {
+					return true, e.Email
 				}
 			}
-			if !activated {
+			if user.KeepEmailPrivate && strings.EqualFold(email, user.GetEmail()) {
-				for _, pkey := range primaryKeys {
+				return true, user.GetEmail()
-					for _, e := range pkey.Emails {
-						if e.IsActivated && strings.EqualFold(e.Email, email) {
-							activated = true
-							email = e.Email
-							break
-						}
-					}
-					if activated {
-						break
-					}
-				}
 			}
-		} else {
-			for _, e := range key.Emails {
-				if e.IsActivated {
-					activated = true
-					email = e.Email
-					break
-				}
-			}
-			if !activated {
-				for _, pkey := range primaryKeys {
-					for _, e := range pkey.Emails {
-						if e.IsActivated {
-							activated = true
-							email = e.Email
-							break
-						}
-					}
-					if activated {
-						break
-					}
-				}
-			}
-		}
-
-		if !activated {
-			continue
-		}
-		signer := &User{
-			Name:  name,
-			Email: email,
-		}
-		if key.OwnerID != 0 {
-			owner, err := GetUserByID(key.OwnerID)
-			if err == nil {
-				signer = owner
-			} else if !IsErrUserNotExist(err) {
-				log.Error("Failed to GetUserByID: %d for key ID: %d (%s) %v", key.OwnerID, key.ID, key.KeyID, err)
-				return &CommitVerification{
-					CommittingUser: committer,
-					Verified:       false,
-					Reason:         "gpg.error.no_committer_account",
-				}
-			}
-		}
-		commitVerification := hashAndVerifyWithSubKeys(sig, payload, key, committer, signer, email)
-		if commitVerification != nil {
-			return commitVerification
 		}
 	}
-	// This is a bad situation ... We have a key id that is in our database but the signature doesn't match.
+	return false, email
-	return &CommitVerification{
-		CommittingUser: committer,
-		Verified:       false,
-		Warning:        true,
-		Reason:         BadSignature,
-	}
-}
-
-// ParseCommitWithSignature check if signature is good against keystore.
-func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
-	var committer *User
-	if c.Committer != nil {
-		var err error
-		// Find Committer account
-		committer, err = GetUserByEmail(c.Committer.Email) // This finds the user by primary email or activated email so commit will not be valid if email is not
-		if err != nil {                                    // Skipping not user for committer
-			committer = &User{
-				Name:  c.Committer.Name,
-				Email: c.Committer.Email,
-			}
-			// We can expect this to often be an ErrUserNotExist. in the case
-			// it is not, however, it is important to log it.
-			if !IsErrUserNotExist(err) {
-				log.Error("GetUserByEmail: %v", err)
-				return &CommitVerification{
-					CommittingUser: committer,
-					Verified:       false,
-					Reason:         "gpg.error.no_committer_account",
-				}
-			}
-
-		}
-	}
-
-	// If no signature just report the committer
-	if c.Signature == nil {
-		return &CommitVerification{
-			CommittingUser: committer,
-			Verified:       false,                         // Default value
-			Reason:         "gpg.error.not_signed_commit", // Default value
-		}
-	}
-
-	// Parsing signature
-	sig, err := extractSignature(c.Signature.Signature)
-	if err != nil { // Skipping failed to extract sign
-		log.Error("SignatureRead err: %v", err)
-		return &CommitVerification{
-			CommittingUser: committer,
-			Verified:       false,
-			Reason:         "gpg.error.extract_sign",
-		}
-	}
-
-	keyID := ""
-	if sig.IssuerKeyId != nil && (*sig.IssuerKeyId) != 0 {
-		keyID = fmt.Sprintf("%X", *sig.IssuerKeyId)
-	}
-	if keyID == "" && sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) > 0 {
-		keyID = fmt.Sprintf("%X", sig.IssuerFingerprint[12:20])
-	}
-	defaultReason := NoKeyFound
-
-	// First check if the sig has a keyID and if so just look at that
-	if commitVerification := hashAndVerifyForKeyID(
-		sig,
-		c.Signature.Payload,
-		committer,
-		keyID,
-		setting.AppName,
-		""); commitVerification != nil {
-		if commitVerification.Reason == BadSignature {
-			defaultReason = BadSignature
-		} else {
-			return commitVerification
-		}
-	}
-
-	// Now try to associate the signature with the committer, if present
-	if committer.ID != 0 {
-		keys, err := ListGPGKeys(committer.ID, ListOptions{})
-		if err != nil { // Skipping failed to get gpg keys of user
-			log.Error("ListGPGKeys: %v", err)
-			return &CommitVerification{
-				CommittingUser: committer,
-				Verified:       false,
-				Reason:         "gpg.error.failed_retrieval_gpg_keys",
-			}
-		}
-
-		for _, k := range keys {
-			// Pre-check (& optimization) that emails attached to key can be attached to the committer email and can validate
-			canValidate := false
-			email := ""
-			for _, e := range k.Emails {
-				if e.IsActivated && strings.EqualFold(e.Email, c.Committer.Email) {
-					canValidate = true
-					email = e.Email
-					break
-				}
-			}
-			if !canValidate {
-				continue // Skip this key
-			}
-
-			commitVerification := hashAndVerifyWithSubKeys(sig, c.Signature.Payload, k, committer, committer, email)
-			if commitVerification != nil {
-				return commitVerification
-			}
-		}
-	}
-
-	if setting.Repository.Signing.SigningKey != "" && setting.Repository.Signing.SigningKey != "default" && setting.Repository.Signing.SigningKey != "none" {
-		// OK we should try the default key
-		gpgSettings := git.GPGSettings{
-			Sign:  true,
-			KeyID: setting.Repository.Signing.SigningKey,
-			Name:  setting.Repository.Signing.SigningName,
-			Email: setting.Repository.Signing.SigningEmail,
-		}
-		if err := gpgSettings.LoadPublicKeyContent(); err != nil {
-			log.Error("Error getting default signing key: %s %v", gpgSettings.KeyID, err)
-		} else if commitVerification := verifyWithGPGSettings(&gpgSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
-			if commitVerification.Reason == BadSignature {
-				defaultReason = BadSignature
-			} else {
-				return commitVerification
-			}
-		}
-	}
-
-	defaultGPGSettings, err := c.GetRepositoryDefaultPublicGPGKey(false)
-	if err != nil {
-		log.Error("Error getting default public gpg key: %v", err)
-	} else if defaultGPGSettings == nil {
-		log.Warn("Unable to get defaultGPGSettings for unattached commit: %s", c.ID.String())
-	} else if defaultGPGSettings.Sign {
-		if commitVerification := verifyWithGPGSettings(defaultGPGSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
-			if commitVerification.Reason == BadSignature {
-				defaultReason = BadSignature
-			} else {
-				return commitVerification
-			}
-		}
-	}
-
-	return &CommitVerification{ // Default at this stage
-		CommittingUser: committer,
-		Verified:       false,
-		Warning:        defaultReason != NoKeyFound,
-		Reason:         defaultReason,
-		SigningKey: &GPGKey{
-			KeyID: keyID,
-		},
-	}
-}
-
-func verifyWithGPGSettings(gpgSettings *git.GPGSettings, sig *packet.Signature, payload string, committer *User, keyID string) *CommitVerification {
-	// First try to find the key in the db
-	if commitVerification := hashAndVerifyForKeyID(sig, payload, committer, gpgSettings.KeyID, gpgSettings.Name, gpgSettings.Email); commitVerification != nil {
-		return commitVerification
-	}
-
-	// Otherwise we have to parse the key
-	ekeys, err := checkArmoredGPGKeyString(gpgSettings.PublicKeyContent)
-	if err != nil {
-		log.Error("Unable to get default signing key: %v", err)
-		return &CommitVerification{
-			CommittingUser: committer,
-			Verified:       false,
-			Reason:         "gpg.error.generate_hash",
-		}
-	}
-	for _, ekey := range ekeys {
-		pubkey := ekey.PrimaryKey
-		content, err := base64EncPubKey(pubkey)
-		if err != nil {
-			return &CommitVerification{
-				CommittingUser: committer,
-				Verified:       false,
-				Reason:         "gpg.error.generate_hash",
-			}
-		}
-		k := &GPGKey{
-			Content: content,
-			CanSign: pubkey.CanSign(),
-			KeyID:   pubkey.KeyIdString(),
-		}
-		for _, subKey := range ekey.Subkeys {
-			content, err := base64EncPubKey(subKey.PublicKey)
-			if err != nil {
-				return &CommitVerification{
-					CommittingUser: committer,
-					Verified:       false,
-					Reason:         "gpg.error.generate_hash",
-				}
-			}
-			k.SubsKey = append(k.SubsKey, &GPGKey{
-				Content: content,
-				CanSign: subKey.PublicKey.CanSign(),
-				KeyID:   subKey.PublicKey.KeyIdString(),
-			})
-		}
-		if commitVerification := hashAndVerifyWithSubKeys(sig, payload, k, committer, &User{
-			Name:  gpgSettings.Name,
-			Email: gpgSettings.Email,
-		}, gpgSettings.Email); commitVerification != nil {
-			return commitVerification
-		}
-		if keyID == k.KeyID {
-			// This is a bad situation ... We have a key id that matches our default key but the signature doesn't match.
-			return &CommitVerification{
-				CommittingUser: committer,
-				Verified:       false,
-				Warning:        true,
-				Reason:         BadSignature,
-			}
-		}
-	}
-	return nil
-}
-
-// ParseCommitsWithSignature checks if signaute of commits are corresponding to users gpg keys.
-func ParseCommitsWithSignature(oldCommits *list.List, repository *Repository) *list.List {
-	var (
-		newCommits = list.New()
-		e          = oldCommits.Front()
-	)
-	keyMap := map[string]bool{}
-
-	for e != nil {
-		c := e.Value.(UserCommit)
-		signCommit := SignCommit{
-			UserCommit:   &c,
-			Verification: ParseCommitWithSignature(c.Commit),
-		}
-
-		_ = CalculateTrustStatus(signCommit.Verification, repository, &keyMap)
-
-		newCommits.PushBack(signCommit)
-		e = e.Next()
-	}
-	return newCommits
-}
-
-// CalculateTrustStatus will calculate the TrustStatus for a commit verification within a repository
-func CalculateTrustStatus(verification *CommitVerification, repository *Repository, keyMap *map[string]bool) (err error) {
-	if !verification.Verified {
-		return
-	}
-
-	// There are several trust models in Gitea
-	trustModel := repository.GetTrustModel()
-
-	// In the Committer trust model a signature is trusted if it matches the committer
-	// - it doesn't matter if they're a collaborator, the owner, Gitea or Github
-	// NB: This model is commit verification only
-	if trustModel == CommitterTrustModel {
-		// default to "unmatched"
-		verification.TrustStatus = "unmatched"
-
-		// We can only verify against users in our database but the default key will match
-		// against by email if it is not in the db.
-		if (verification.SigningUser.ID != 0 &&
-			verification.CommittingUser.ID == verification.SigningUser.ID) ||
-			(verification.SigningUser.ID == 0 && verification.CommittingUser.ID == 0 &&
-				verification.SigningUser.Email == verification.CommittingUser.Email) {
-			verification.TrustStatus = "trusted"
-		}
-		return
-	}
-
-	// Now we drop to the more nuanced trust models...
-	verification.TrustStatus = "trusted"
-
-	if verification.SigningUser.ID == 0 {
-		// This commit is signed by the default key - but this key is not assigned to a user in the DB.
-
-		// However in the CollaboratorCommitterTrustModel we cannot mark this as trusted
-		// unless the default key matches the email of a non-user.
-		if trustModel == CollaboratorCommitterTrustModel && (verification.CommittingUser.ID != 0 ||
-			verification.SigningUser.Email != verification.CommittingUser.Email) {
-			verification.TrustStatus = "untrusted"
-		}
-		return
-	}
-
-	var isMember bool
-	if keyMap != nil {
-		var has bool
-		isMember, has = (*keyMap)[verification.SigningKey.KeyID]
-		if !has {
-			isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID)
-			(*keyMap)[verification.SigningKey.KeyID] = isMember
-		}
-	} else {
-		isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID)
-	}
-
-	if !isMember {
-		verification.TrustStatus = "untrusted"
-		if verification.CommittingUser.ID != verification.SigningUser.ID {
-			// The committing user and the signing user are not the same
-			// This should be marked as questionable unless the signing user is a collaborator/team member etc.
-			verification.TrustStatus = "unmatched"
-		}
-	} else if trustModel == CollaboratorCommitterTrustModel && verification.CommittingUser.ID != verification.SigningUser.ID {
-		// The committing user and the signing user are not the same and our trustmodel states that they must match
-		verification.TrustStatus = "unmatched"
-	}
-
-	return
 }

models/gpg_key_add.go

@@ -0,0 +1,125 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"strings"
+
+	"code.gitea.io/gitea/modules/log"
+
+	"github.com/keybase/go-crypto/openpgp"
+)
+
+//   __________________  ________   ____  __.
+//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
+// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
+// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
+//  \______  /|____|    \______  / |____|__ \___  > ____|
+//         \/                  \/          \/   \/\/
+//    _____       .___  .___
+//   /  _  \    __| _/__| _/
+//	/  /_\  \  / __ |/ __ |
+// /    |    \/ /_/ / /_/ |
+// \____|__  /\____ \____ |
+//         \/      \/    \/
+
+// This file contains functions relating to adding GPG Keys
+
+// addGPGKey add key, import and subkeys to database
+func addGPGKey(e Engine, key *GPGKey, content string) (err error) {
+	// Add GPGKeyImport
+	if _, err = e.Insert(GPGKeyImport{
+		KeyID:   key.KeyID,
+		Content: content,
+	}); err != nil {
+		return err
+	}
+	// Save GPG primary key.
+	if _, err = e.Insert(key); err != nil {
+		return err
+	}
+	// Save GPG subs key.
+	for _, subkey := range key.SubsKey {
+		if err := addGPGSubKey(e, subkey); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// addGPGSubKey add subkeys to database
+func addGPGSubKey(e Engine, key *GPGKey) (err error) {
+	// Save GPG primary key.
+	if _, err = e.Insert(key); err != nil {
+		return err
+	}
+	// Save GPG subs key.
+	for _, subkey := range key.SubsKey {
+		if err := addGPGSubKey(e, subkey); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// AddGPGKey adds new public key to database.
+func AddGPGKey(ownerID int64, content, token, signature string) ([]*GPGKey, error) {
+	ekeys, err := checkArmoredGPGKeyString(content)
+	if err != nil {
+		return nil, err
+	}
+
+	sess := x.NewSession()
+	defer sess.Close()
+	if err = sess.Begin(); err != nil {
+		return nil, err
+	}
+	keys := make([]*GPGKey, 0, len(ekeys))
+
+	verified := false
+	// Handle provided signature
+	if signature != "" {
+		signer, err := openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token), strings.NewReader(signature))
+		if err != nil {
+			signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\n"), strings.NewReader(signature))
+		}
+		if err != nil {
+			signer, err = openpgp.CheckArmoredDetachedSignature(ekeys, strings.NewReader(token+"\r\n"), strings.NewReader(signature))
+		}
+		if err != nil {
+			log.Error("Unable to validate token signature. Error: %v", err)
+			return nil, ErrGPGInvalidTokenSignature{
+				ID:      ekeys[0].PrimaryKey.KeyIdString(),
+				Wrapped: err,
+			}
+		}
+		ekeys = []*openpgp.Entity{signer}
+		verified = true
+	}
+
+	for _, ekey := range ekeys {
+		// Key ID cannot be duplicated.
+		has, err := sess.Where("key_id=?", ekey.PrimaryKey.KeyIdString()).
+			Get(new(GPGKey))
+		if err != nil {
+			return nil, err
+		} else if has {
+			return nil, ErrGPGKeyIDAlreadyUsed{ekey.PrimaryKey.KeyIdString()}
+		}
+
+		// Get DB session
+
+		key, err := parseGPGKey(ownerID, ekey, verified)
+		if err != nil {
+			return nil, err
+		}
+
+		if err = addGPGKey(sess, key, content); err != nil {
+			return nil, err
+		}
+		keys = append(keys, key)
+	}
+	return keys, sess.Commit()
+}

models/gpg_key_commit_verification.go

@@ -0,0 +1,520 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"container/list"
+	"fmt"
+	"hash"
+	"strings"
+
+	"code.gitea.io/gitea/modules/git"
+	"code.gitea.io/gitea/modules/log"
+	"code.gitea.io/gitea/modules/setting"
+
+	"github.com/keybase/go-crypto/openpgp/packet"
+)
+
+//   __________________  ________   ____  __.
+//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
+// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
+// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
+//  \______  /|____|    \______  / |____|__ \___  > ____|
+//         \/                  \/          \/   \/\/
+// _________                        .__  __
+// \_   ___ \  ____   _____   _____ |__|/  |_
+// /    \  \/ /  _ \ /     \ /     \|  \   __\
+// \     \___(  <_> )  Y Y  \  Y Y  \  ||  |
+//  \______  /\____/|__|_|  /__|_|  /__||__|
+//         \/             \/      \/
+// ____   ____           .__  _____.__               __  .__
+// \   \ /   /___________|__|/ ____\__| ____ _____ _/  |_|__| ____   ____
+//  \   Y   // __ \_  __ \  \   __\|  |/ ___\\__  \\   __\  |/  _ \ /    \
+//   \     /\  ___/|  | \/  ||  |  |  \  \___ / __ \|  | |  (  <_> )   |  \
+//    \___/  \___  >__|  |__||__|  |__|\___  >____  /__| |__|\____/|___|  /
+//               \/                        \/     \/                    \/
+
+// This file provides functions relating commit verification
+
+// CommitVerification represents a commit validation of signature
+type CommitVerification struct {
+	Verified       bool
+	Warning        bool
+	Reason         string
+	SigningUser    *User
+	CommittingUser *User
+	SigningEmail   string
+	SigningKey     *GPGKey
+	TrustStatus    string
+}
+
+// SignCommit represents a commit with validation of signature.
+type SignCommit struct {
+	Verification *CommitVerification
+	*UserCommit
+}
+
+const (
+	// BadSignature is used as the reason when the signature has a KeyID that is in the db
+	// but no key that has that ID verifies the signature. This is a suspicious failure.
+	BadSignature = "gpg.error.probable_bad_signature"
+	// BadDefaultSignature is used as the reason when the signature has a KeyID that matches the
+	// default Key but is not verified by the default key. This is a suspicious failure.
+	BadDefaultSignature = "gpg.error.probable_bad_default_signature"
+	// NoKeyFound is used as the reason when no key can be found to verify the signature.
+	NoKeyFound = "gpg.error.no_gpg_keys_found"
+)
+
+// ParseCommitsWithSignature checks if signaute of commits are corresponding to users gpg keys.
+func ParseCommitsWithSignature(oldCommits *list.List, repository *Repository) *list.List {
+	var (
+		newCommits = list.New()
+		e          = oldCommits.Front()
+	)
+	keyMap := map[string]bool{}
+
+	for e != nil {
+		c := e.Value.(UserCommit)
+		signCommit := SignCommit{
+			UserCommit:   &c,
+			Verification: ParseCommitWithSignature(c.Commit),
+		}
+
+		_ = CalculateTrustStatus(signCommit.Verification, repository, &keyMap)
+
+		newCommits.PushBack(signCommit)
+		e = e.Next()
+	}
+	return newCommits
+}
+
+// ParseCommitWithSignature check if signature is good against keystore.
+func ParseCommitWithSignature(c *git.Commit) *CommitVerification {
+	var committer *User
+	if c.Committer != nil {
+		var err error
+		// Find Committer account
+		committer, err = GetUserByEmail(c.Committer.Email) // This finds the user by primary email or activated email so commit will not be valid if email is not
+		if err != nil {                                    // Skipping not user for committer
+			committer = &User{
+				Name:  c.Committer.Name,
+				Email: c.Committer.Email,
+			}
+			// We can expect this to often be an ErrUserNotExist. in the case
+			// it is not, however, it is important to log it.
+			if !IsErrUserNotExist(err) {
+				log.Error("GetUserByEmail: %v", err)
+				return &CommitVerification{
+					CommittingUser: committer,
+					Verified:       false,
+					Reason:         "gpg.error.no_committer_account",
+				}
+			}
+
+		}
+	}
+
+	// If no signature just report the committer
+	if c.Signature == nil {
+		return &CommitVerification{
+			CommittingUser: committer,
+			Verified:       false,                         // Default value
+			Reason:         "gpg.error.not_signed_commit", // Default value
+		}
+	}
+
+	// Parsing signature
+	sig, err := extractSignature(c.Signature.Signature)
+	if err != nil { // Skipping failed to extract sign
+		log.Error("SignatureRead err: %v", err)
+		return &CommitVerification{
+			CommittingUser: committer,
+			Verified:       false,
+			Reason:         "gpg.error.extract_sign",
+		}
+	}
+
+	keyID := ""
+	if sig.IssuerKeyId != nil && (*sig.IssuerKeyId) != 0 {
+		keyID = fmt.Sprintf("%X", *sig.IssuerKeyId)
+	}
+	if keyID == "" && sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) > 0 {
+		keyID = fmt.Sprintf("%X", sig.IssuerFingerprint[12:20])
+	}
+	defaultReason := NoKeyFound
+
+	// First check if the sig has a keyID and if so just look at that
+	if commitVerification := hashAndVerifyForKeyID(
+		sig,
+		c.Signature.Payload,
+		committer,
+		keyID,
+		setting.AppName,
+		""); commitVerification != nil {
+		if commitVerification.Reason == BadSignature {
+			defaultReason = BadSignature
+		} else {
+			return commitVerification
+		}
+	}
+
+	// Now try to associate the signature with the committer, if present
+	if committer.ID != 0 {
+		keys, err := ListGPGKeys(committer.ID, ListOptions{})
+		if err != nil { // Skipping failed to get gpg keys of user
+			log.Error("ListGPGKeys: %v", err)
+			return &CommitVerification{
+				CommittingUser: committer,
+				Verified:       false,
+				Reason:         "gpg.error.failed_retrieval_gpg_keys",
+			}
+		}
+
+		committerEmailAddresses, _ := GetEmailAddresses(committer.ID)
+		activated := false
+		for _, e := range committerEmailAddresses {
+			if e.IsActivated && strings.EqualFold(e.Email, c.Committer.Email) {
+				activated = true
+				break
+			}
+		}
+
+		for _, k := range keys {
+			// Pre-check (& optimization) that emails attached to key can be attached to the committer email and can validate
+			canValidate := false
+			email := ""
+			if k.Verified && activated {
+				canValidate = true
+				email = c.Committer.Email
+			}
+			if !canValidate {
+				for _, e := range k.Emails {
+					if e.IsActivated && strings.EqualFold(e.Email, c.Committer.Email) {
+						canValidate = true
+						email = e.Email
+						break
+					}
+				}
+			}
+			if !canValidate {
+				continue // Skip this key
+			}
+
+			commitVerification := hashAndVerifyWithSubKeysCommitVerification(sig, c.Signature.Payload, k, committer, committer, email)
+			if commitVerification != nil {
+				return commitVerification
+			}
+		}
+	}
+
+	if setting.Repository.Signing.SigningKey != "" && setting.Repository.Signing.SigningKey != "default" && setting.Repository.Signing.SigningKey != "none" {
+		// OK we should try the default key
+		gpgSettings := git.GPGSettings{
+			Sign:  true,
+			KeyID: setting.Repository.Signing.SigningKey,
+			Name:  setting.Repository.Signing.SigningName,
+			Email: setting.Repository.Signing.SigningEmail,
+		}
+		if err := gpgSettings.LoadPublicKeyContent(); err != nil {
+			log.Error("Error getting default signing key: %s %v", gpgSettings.KeyID, err)
+		} else if commitVerification := verifyWithGPGSettings(&gpgSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
+			if commitVerification.Reason == BadSignature {
+				defaultReason = BadSignature
+			} else {
+				return commitVerification
+			}
+		}
+	}
+
+	defaultGPGSettings, err := c.GetRepositoryDefaultPublicGPGKey(false)
+	if err != nil {
+		log.Error("Error getting default public gpg key: %v", err)
+	} else if defaultGPGSettings == nil {
+		log.Warn("Unable to get defaultGPGSettings for unattached commit: %s", c.ID.String())
+	} else if defaultGPGSettings.Sign {
+		if commitVerification := verifyWithGPGSettings(defaultGPGSettings, sig, c.Signature.Payload, committer, keyID); commitVerification != nil {
+			if commitVerification.Reason == BadSignature {
+				defaultReason = BadSignature
+			} else {
+				return commitVerification
+			}
+		}
+	}
+
+	return &CommitVerification{ // Default at this stage
+		CommittingUser: committer,
+		Verified:       false,
+		Warning:        defaultReason != NoKeyFound,
+		Reason:         defaultReason,
+		SigningKey: &GPGKey{
+			KeyID: keyID,
+		},
+	}
+}
+
+func verifyWithGPGSettings(gpgSettings *git.GPGSettings, sig *packet.Signature, payload string, committer *User, keyID string) *CommitVerification {
+	// First try to find the key in the db
+	if commitVerification := hashAndVerifyForKeyID(sig, payload, committer, gpgSettings.KeyID, gpgSettings.Name, gpgSettings.Email); commitVerification != nil {
+		return commitVerification
+	}
+
+	// Otherwise we have to parse the key
+	ekeys, err := checkArmoredGPGKeyString(gpgSettings.PublicKeyContent)
+	if err != nil {
+		log.Error("Unable to get default signing key: %v", err)
+		return &CommitVerification{
+			CommittingUser: committer,
+			Verified:       false,
+			Reason:         "gpg.error.generate_hash",
+		}
+	}
+	for _, ekey := range ekeys {
+		pubkey := ekey.PrimaryKey
+		content, err := base64EncPubKey(pubkey)
+		if err != nil {
+			return &CommitVerification{
+				CommittingUser: committer,
+				Verified:       false,
+				Reason:         "gpg.error.generate_hash",
+			}
+		}
+		k := &GPGKey{
+			Content: content,
+			CanSign: pubkey.CanSign(),
+			KeyID:   pubkey.KeyIdString(),
+		}
+		for _, subKey := range ekey.Subkeys {
+			content, err := base64EncPubKey(subKey.PublicKey)
+			if err != nil {
+				return &CommitVerification{
+					CommittingUser: committer,
+					Verified:       false,
+					Reason:         "gpg.error.generate_hash",
+				}
+			}
+			k.SubsKey = append(k.SubsKey, &GPGKey{
+				Content: content,
+				CanSign: subKey.PublicKey.CanSign(),
+				KeyID:   subKey.PublicKey.KeyIdString(),
+			})
+		}
+		if commitVerification := hashAndVerifyWithSubKeysCommitVerification(sig, payload, k, committer, &User{
+			Name:  gpgSettings.Name,
+			Email: gpgSettings.Email,
+		}, gpgSettings.Email); commitVerification != nil {
+			return commitVerification
+		}
+		if keyID == k.KeyID {
+			// This is a bad situation ... We have a key id that matches our default key but the signature doesn't match.
+			return &CommitVerification{
+				CommittingUser: committer,
+				Verified:       false,
+				Warning:        true,
+				Reason:         BadSignature,
+			}
+		}
+	}
+	return nil
+}
+
+func verifySign(s *packet.Signature, h hash.Hash, k *GPGKey) error {
+	// Check if key can sign
+	if !k.CanSign {
+		return fmt.Errorf("key can not sign")
+	}
+	// Decode key
+	pkey, err := base64DecPubKey(k.Content)
+	if err != nil {
+		return err
+	}
+	return pkey.VerifySignature(h, s)
+}
+
+func hashAndVerify(sig *packet.Signature, payload string, k *GPGKey) (*GPGKey, error) {
+	// Generating hash of commit
+	hash, err := populateHash(sig.Hash, []byte(payload))
+	if err != nil { // Skipping as failed to generate hash
+		log.Error("PopulateHash: %v", err)
+		return nil, err
+	}
+	// We will ignore errors in verification as they don't need to be propagated up
+	err = verifySign(sig, hash, k)
+	if err != nil {
+		return nil, nil
+	}
+	return k, nil
+}
+
+func hashAndVerifyWithSubKeys(sig *packet.Signature, payload string, k *GPGKey) (*GPGKey, error) {
+	verified, err := hashAndVerify(sig, payload, k)
+	if err != nil || verified != nil {
+		return verified, err
+	}
+	for _, sk := range k.SubsKey {
+		verified, err := hashAndVerify(sig, payload, sk)
+		if err != nil || verified != nil {
+			return verified, err
+		}
+	}
+	return nil, nil
+}
+
+func hashAndVerifyWithSubKeysCommitVerification(sig *packet.Signature, payload string, k *GPGKey, committer, signer *User, email string) *CommitVerification {
+	key, err := hashAndVerifyWithSubKeys(sig, payload, k)
+	if err != nil { // Skipping failed to generate hash
+		return &CommitVerification{
+			CommittingUser: committer,
+			Verified:       false,
+			Reason:         "gpg.error.generate_hash",
+		}
+	}
+
+	if key != nil {
+		return &CommitVerification{ // Everything is ok
+			CommittingUser: committer,
+			Verified:       true,
+			Reason:         fmt.Sprintf("%s / %s", signer.Name, key.KeyID),
+			SigningUser:    signer,
+			SigningKey:     key,
+			SigningEmail:   email,
+		}
+	}
+	return nil
+}
+
+func hashAndVerifyForKeyID(sig *packet.Signature, payload string, committer *User, keyID, name, email string) *CommitVerification {
+	if keyID == "" {
+		return nil
+	}
+	keys, err := GetGPGKeysByKeyID(keyID)
+	if err != nil {
+		log.Error("GetGPGKeysByKeyID: %v", err)
+		return &CommitVerification{
+			CommittingUser: committer,
+			Verified:       false,
+			Reason:         "gpg.error.failed_retrieval_gpg_keys",
+		}
+	}
+	if len(keys) == 0 {
+		return nil
+	}
+	for _, key := range keys {
+		var primaryKeys []*GPGKey
+		if key.PrimaryKeyID != "" {
+			primaryKeys, err = GetGPGKeysByKeyID(key.PrimaryKeyID)
+			if err != nil {
+				log.Error("GetGPGKeysByKeyID: %v", err)
+				return &CommitVerification{
+					CommittingUser: committer,
+					Verified:       false,
+					Reason:         "gpg.error.failed_retrieval_gpg_keys",
+				}
+			}
+		}
+
+		activated, email := checkKeyEmails(email, append([]*GPGKey{key}, primaryKeys...)...)
+		if !activated {
+			continue
+		}
+
+		signer := &User{
+			Name:  name,
+			Email: email,
+		}
+		if key.OwnerID != 0 {
+			owner, err := GetUserByID(key.OwnerID)
+			if err == nil {
+				signer = owner
+			} else if !IsErrUserNotExist(err) {
+				log.Error("Failed to GetUserByID: %d for key ID: %d (%s) %v", key.OwnerID, key.ID, key.KeyID, err)
+				return &CommitVerification{
+					CommittingUser: committer,
+					Verified:       false,
+					Reason:         "gpg.error.no_committer_account",
+				}
+			}
+		}
+		commitVerification := hashAndVerifyWithSubKeysCommitVerification(sig, payload, key, committer, signer, email)
+		if commitVerification != nil {
+			return commitVerification
+		}
+	}
+	// This is a bad situation ... We have a key id that is in our database but the signature doesn't match.
+	return &CommitVerification{
+		CommittingUser: committer,
+		Verified:       false,
+		Warning:        true,
+		Reason:         BadSignature,
+	}
+}
+
+// CalculateTrustStatus will calculate the TrustStatus for a commit verification within a repository
+func CalculateTrustStatus(verification *CommitVerification, repository *Repository, keyMap *map[string]bool) (err error) {
+	if !verification.Verified {
+		return
+	}
+
+	// There are several trust models in Gitea
+	trustModel := repository.GetTrustModel()
+
+	// In the Committer trust model a signature is trusted if it matches the committer
+	// - it doesn't matter if they're a collaborator, the owner, Gitea or Github
+	// NB: This model is commit verification only
+	if trustModel == CommitterTrustModel {
+		// default to "unmatched"
+		verification.TrustStatus = "unmatched"
+
+		// We can only verify against users in our database but the default key will match
+		// against by email if it is not in the db.
+		if (verification.SigningUser.ID != 0 &&
+			verification.CommittingUser.ID == verification.SigningUser.ID) ||
+			(verification.SigningUser.ID == 0 && verification.CommittingUser.ID == 0 &&
+				verification.SigningUser.Email == verification.CommittingUser.Email) {
+			verification.TrustStatus = "trusted"
+		}
+		return
+	}
+
+	// Now we drop to the more nuanced trust models...
+	verification.TrustStatus = "trusted"
+
+	if verification.SigningUser.ID == 0 {
+		// This commit is signed by the default key - but this key is not assigned to a user in the DB.
+
+		// However in the CollaboratorCommitterTrustModel we cannot mark this as trusted
+		// unless the default key matches the email of a non-user.
+		if trustModel == CollaboratorCommitterTrustModel && (verification.CommittingUser.ID != 0 ||
+			verification.SigningUser.Email != verification.CommittingUser.Email) {
+			verification.TrustStatus = "untrusted"
+		}
+		return
+	}
+
+	var isMember bool
+	if keyMap != nil {
+		var has bool
+		isMember, has = (*keyMap)[verification.SigningKey.KeyID]
+		if !has {
+			isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID)
+			(*keyMap)[verification.SigningKey.KeyID] = isMember
+		}
+	} else {
+		isMember, err = repository.IsOwnerMemberCollaborator(verification.SigningUser.ID)
+	}
+
+	if !isMember {
+		verification.TrustStatus = "untrusted"
+		if verification.CommittingUser.ID != verification.SigningUser.ID {
+			// The committing user and the signing user are not the same
+			// This should be marked as questionable unless the signing user is a collaborator/team member etc.
+			verification.TrustStatus = "unmatched"
+		}
+	} else if trustModel == CollaboratorCommitterTrustModel && verification.CommittingUser.ID != verification.SigningUser.ID {
+		// The committing user and the signing user are not the same and our trustmodel states that they must match
+		verification.TrustStatus = "unmatched"
+	}
+
+	return
+}

models/gpg_key_common.go

@@ -0,0 +1,137 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"bytes"
+	"crypto"
+	"encoding/base64"
+	"fmt"
+	"hash"
+	"io"
+	"strings"
+	"time"
+
+	"github.com/keybase/go-crypto/openpgp"
+	"github.com/keybase/go-crypto/openpgp/armor"
+	"github.com/keybase/go-crypto/openpgp/packet"
+)
+
+//   __________________  ________   ____  __.
+//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
+// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
+// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
+//  \______  /|____|    \______  / |____|__ \___  > ____|
+//         \/                  \/          \/   \/\/
+// _________
+// \_   ___ \  ____   _____   _____   ____   ____
+// /    \  \/ /  _ \ /     \ /     \ /  _ \ /    \
+// \     \___(  <_> )  Y Y  \  Y Y  (  <_> )   |  \
+//  \______  /\____/|__|_|  /__|_|  /\____/|___|  /
+//         \/             \/      \/            \/
+
+// This file provides common functions relating to GPG Keys
+
+// checkArmoredGPGKeyString checks if the given key string is a valid GPG armored key.
+// The function returns the actual public key on success
+func checkArmoredGPGKeyString(content string) (openpgp.EntityList, error) {
+	list, err := openpgp.ReadArmoredKeyRing(strings.NewReader(content))
+	if err != nil {
+		return nil, ErrGPGKeyParsing{err}
+	}
+	return list, nil
+}
+
+// base64EncPubKey encode public key content to base 64
+func base64EncPubKey(pubkey *packet.PublicKey) (string, error) {
+	var w bytes.Buffer
+	err := pubkey.Serialize(&w)
+	if err != nil {
+		return "", err
+	}
+	return base64.StdEncoding.EncodeToString(w.Bytes()), nil
+}
+
+func readerFromBase64(s string) (io.Reader, error) {
+	bs, err := base64.StdEncoding.DecodeString(s)
+	if err != nil {
+		return nil, err
+	}
+	return bytes.NewBuffer(bs), nil
+}
+
+// base64DecPubKey decode public key content from base 64
+func base64DecPubKey(content string) (*packet.PublicKey, error) {
+	b, err := readerFromBase64(content)
+	if err != nil {
+		return nil, err
+	}
+	// Read key
+	p, err := packet.Read(b)
+	if err != nil {
+		return nil, err
+	}
+	// Check type
+	pkey, ok := p.(*packet.PublicKey)
+	if !ok {
+		return nil, fmt.Errorf("key is not a public key")
+	}
+	return pkey, nil
+}
+
+// getExpiryTime extract the expire time of primary key based on sig
+func getExpiryTime(e *openpgp.Entity) time.Time {
+	expiry := time.Time{}
+	// Extract self-sign for expire date based on : https://github.com/golang/crypto/blob/master/openpgp/keys.go#L165
+	var selfSig *packet.Signature
+	for _, ident := range e.Identities {
+		if selfSig == nil {
+			selfSig = ident.SelfSignature
+		} else if ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
+			selfSig = ident.SelfSignature
+			break
+		}
+	}
+	if selfSig.KeyLifetimeSecs != nil {
+		expiry = e.PrimaryKey.CreationTime.Add(time.Duration(*selfSig.KeyLifetimeSecs) * time.Second)
+	}
+	return expiry
+}
+
+func populateHash(hashFunc crypto.Hash, msg []byte) (hash.Hash, error) {
+	h := hashFunc.New()
+	if _, err := h.Write(msg); err != nil {
+		return nil, err
+	}
+	return h, nil
+}
+
+// readArmoredSign read an armored signature block with the given type. https://sourcegraph.com/github.com/golang/crypto/-/blob/openpgp/read.go#L24:6-24:17
+func readArmoredSign(r io.Reader) (body io.Reader, err error) {
+	block, err := armor.Decode(r)
+	if err != nil {
+		return
+	}
+	if block.Type != openpgp.SignatureType {
+		return nil, fmt.Errorf("expected '" + openpgp.SignatureType + "', got: " + block.Type)
+	}
+	return block.Body, nil
+}
+
+func extractSignature(s string) (*packet.Signature, error) {
+	r, err := readArmoredSign(strings.NewReader(s))
+	if err != nil {
+		return nil, fmt.Errorf("Failed to read signature armor")
+	}
+	p, err := packet.Read(r)
+	if err != nil {
+		return nil, fmt.Errorf("Failed to read signature packet")
+	}
+	sig, ok := p.(*packet.Signature)
+	if !ok {
+		return nil, fmt.Errorf("Packet is not a signature")
+	}
+	return sig, nil
+}

models/gpg_key_import.go

@@ -0,0 +1,38 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+//    __________________  ________   ____  __.
+//   /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
+//  /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
+//  \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
+//   \______  /|____|    \______  / |____|__ \___  > ____|
+//          \/                  \/          \/   \/\/
+//  .___                              __
+//  |   | _____ ______   ____________/  |_
+//  |   |/     \\____ \ /  _ \_  __ \   __\
+//  |   |  Y Y  \  |_> >  <_> )  | \/|  |
+//  |___|__|_|  /   __/ \____/|__|   |__|
+//            \/|__|
+
+// This file contains functions related to the original import of a key
+
+// GPGKeyImport the original import of key
+type GPGKeyImport struct {
+	KeyID   string `xorm:"pk CHAR(16) NOT NULL"`
+	Content string `xorm:"TEXT NOT NULL"`
+}
+
+// GetGPGImportByKeyID returns the import public armored key by given KeyID.
+func GetGPGImportByKeyID(keyID string) (*GPGKeyImport, error) {
+	key := new(GPGKeyImport)
+	has, err := x.ID(keyID).Get(key)
+	if err != nil {
+		return nil, err
+	} else if !has {
+		return nil, ErrGPGKeyImportNotExist{keyID}
+	}
+	return key, nil
+}

models/gpg_key_test.go

@@ -227,7 +227,7 @@ Q0KHb+QcycSgbDx0ZAvdIacuKvBBcbxrsmFUI4LR+oIup0G9gUc0roPvr014jYQL
 =zHo9
 -----END PGP PUBLIC KEY BLOCK-----`
 
-	keys, err := AddGPGKey(1, testEmailWithUpperCaseLetters)
+	keys, err := AddGPGKey(1, testEmailWithUpperCaseLetters, "", "")
 	assert.NoError(t, err)
 	if assert.NotEmpty(t, keys) {
 		key := keys[0]

models/gpg_key_verify.go

@@ -0,0 +1,113 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package models
+
+import (
+	"strconv"
+	"time"
+
+	"code.gitea.io/gitea/modules/base"
+	"code.gitea.io/gitea/modules/log"
+)
+
+//   __________________  ________   ____  __.
+//  /  _____/\______   \/  _____/  |    |/ _|____ ___.__.
+// /   \  ___ |     ___/   \  ___  |      <_/ __ <   |  |
+// \    \_\  \|    |   \    \_\  \ |    |  \  ___/\___  |
+//  \______  /|____|    \______  / |____|__ \___  > ____|
+//         \/                  \/          \/   \/\/
+// ____   ____           .__  _____
+// \   \ /   /___________|__|/ ____\__.__.
+//  \   Y   // __ \_  __ \  \   __<   |  |
+//   \     /\  ___/|  | \/  ||  |  \___  |
+//    \___/  \___  >__|  |__||__|  / ____|
+//               \/                \/
+
+// This file provides functions relating verifying gpg keys
+
+// VerifyGPGKey marks a GPG key as verified
+func VerifyGPGKey(ownerID int64, keyID, token, signature string) (string, error) {
+	sess := x.NewSession()
+	defer sess.Close()
+	if err := sess.Begin(); err != nil {
+		return "", err
+	}
+
+	key := new(GPGKey)
+
+	has, err := sess.Where("owner_id = ? AND key_id = ?", ownerID, keyID).Get(key)
+	if err != nil {
+		return "", err
+	} else if !has {
+		return "", ErrGPGKeyNotExist{}
+	}
+
+	sig, err := extractSignature(signature)
+	if err != nil {
+		return "", ErrGPGInvalidTokenSignature{
+			ID:      key.KeyID,
+			Wrapped: err,
+		}
+	}
+
+	signer, err := hashAndVerifyWithSubKeys(sig, token, key)
+	if err != nil {
+		return "", ErrGPGInvalidTokenSignature{
+			ID:      key.KeyID,
+			Wrapped: err,
+		}
+	}
+	if signer == nil {
+		signer, err = hashAndVerifyWithSubKeys(sig, token+"\n", key)
+
+		if err != nil {
+			return "", ErrGPGInvalidTokenSignature{
+				ID:      key.KeyID,
+				Wrapped: err,
+			}
+		}
+	}
+	if signer == nil {
+		signer, err = hashAndVerifyWithSubKeys(sig, token+"\n\n", key)
+		if err != nil {
+			return "", ErrGPGInvalidTokenSignature{
+				ID:      key.KeyID,
+				Wrapped: err,
+			}
+		}
+	}
+
+	if signer == nil {
+		log.Error("Unable to validate token signature. Error: %v", err)
+		return "", ErrGPGInvalidTokenSignature{
+			ID: key.KeyID,
+		}
+	}
+
+	if signer.PrimaryKeyID != key.KeyID && signer.KeyID != key.KeyID {
+		return "", ErrGPGKeyNotExist{}
+	}
+
+	key.Verified = true
+	if _, err := sess.ID(key.ID).SetExpr("verified", true).Update(new(GPGKey)); err != nil {
+		return "", err
+	}
+
+	if err := sess.Commit(); err != nil {
+		return "", err
+	}
+
+	return key.KeyID, nil
+}
+
+// VerificationToken returns token for the user that will be valid in minutes (time)
+func VerificationToken(user *User, minutes int) string {
+	return base.EncodeSha256(
+		time.Now().Truncate(1*time.Minute).Add(time.Duration(minutes)*time.Minute).Format(time.RFC1123Z) + ":" +
+			user.CreatedUnix.FormatLong() + ":" +
+			user.Name + ":" +
+			user.Email + ":" +
+			strconv.FormatInt(user.ID, 10))
+}

models/migrations/migrations.go

@@ -325,6 +325,8 @@ var migrations = []Migration{
 	NewMigration("Create protected tag table", createProtectedTagTable),
 	// v187 -> v188
 	NewMigration("Drop unneeded webhook related columns", dropWebhookColumns),
+	// v188 -> v189
+	NewMigration("Add key is verified to gpg key", addKeyIsVerified),
 }
 
 // GetCurrentDBVersion returns the current db version

models/migrations/v188.go

@@ -0,0 +1,15 @@
+// Copyright 2021 The Gitea Authors. All rights reserved.
+// Use of this source code is governed by a MIT-style
+// license that can be found in the LICENSE file.
+
+package migrations
+
+import "xorm.io/xorm"
+
+func addKeyIsVerified(x *xorm.Engine) error {
+	type GPGKey struct {
+		Verified bool `xorm:"NOT NULL DEFAULT false"`
+	}
+
+	return x.Sync(new(GPGKey))
+}

modules/convert/convert.go

@@ -191,6 +191,7 @@ func ToGPGKey(key *models.GPGKey) *api.GPGKey {
 			CanEncryptComms:   k.CanEncryptComms,
 			CanEncryptStorage: k.CanEncryptStorage,
 			CanCertify:        k.CanSign,
+			Verified:          k.Verified,
 		}
 	}
 	emails := make([]*api.GPGKeyEmail, len(key.Emails))
@@ -210,6 +211,7 @@ func ToGPGKey(key *models.GPGKey) *api.GPGKey {
 		CanEncryptComms:   key.CanEncryptComms,
 		CanEncryptStorage: key.CanEncryptStorage,
 		CanCertify:        key.CanSign,
+		Verified:          key.Verified,
 	}
 }
 

modules/structs/user_gpgkey.go

@@ -20,6 +20,7 @@ type GPGKey struct {
 	CanEncryptComms   bool           `json:"can_encrypt_comms"`
 	CanEncryptStorage bool           `json:"can_encrypt_storage"`
 	CanCertify        bool           `json:"can_certify"`
+	Verified          bool           `json:"verified"`
 	// swagger:strfmt date-time
 	Created time.Time `json:"created_at,omitempty"`
 	// swagger:strfmt date-time
@@ -40,4 +41,14 @@ type CreateGPGKeyOption struct {
 	// required: true
 	// unique: true
 	ArmoredKey string `json:"armored_public_key" binding:"Required"`
+	Signature  string `json:"armored_signature,omitempty"`
+}
+
+// VerifyGPGKeyOption options verifies user GPG key
+type VerifyGPGKeyOption struct {
+	// An Signature for a GPG key token
+	//
+	// required: true
+	KeyID     string `json:"key_id" binding:"Required"`
+	Signature string `json:"armored_signature" binding:"Required"`
 }

options/locale/locale_en-US.ini

@@ -595,7 +595,20 @@ ssh_key_been_used = This SSH key has already been added to the server.
 ssh_key_name_used = An SSH key with same name already exists on your account.
 ssh_principal_been_used = This principal has already been added to the server.
 gpg_key_id_used = A public GPG key with same ID already exists.
-gpg_no_key_email_found = This GPG key is not usable with any email address associated with your account.
+gpg_no_key_email_found = This GPG key does not match any activated email address associated with your account. It may still be added if you sign the provided token.
+gpg_key_matched_identities = Matched Identities:
+gpg_key_matched_identities_long=The embedded identities in this key match the following activated email addresses for this user and commits matching these email addresses can be verified with this key.
+gpg_key_verified=Verified Key
+gpg_key_verified_long=Key has been verified with a token and can be used to verify commits matching any activated email addresses for this user in addition to any matched identities for this key.
+gpg_key_verify=Verify
+gpg_invalid_token_signature = The provided GPG key, signature and token do not match or token is out-of-date.
+gpg_token_required = You must provide a signature for the below token
+gpg_token = Token
+gpg_token_help = You can generate a signature using:
+gpg_token_code = echo "%s" | gpg -a --default-key %s --detach-sig
+gpg_token_signature = Armored GPG signature
+key_signature_gpg_placeholder = Begins with '-----BEGIN PGP SIGNATURE-----'
+verify_gpg_key_success = The GPG key '%s' has been verified.
 subkeys = Subkeys
 key_id = Key ID
 key_name = Key Name

routers/api/v1/api.go

@@ -686,6 +686,9 @@ func Routes() *web.Route {
 					Delete(user.DeleteGPGKey)
 			})
 
+			m.Get("/gpg_key_token", user.GetVerificationToken)
+			m.Post("/gpg_key_verify", bind(api.VerifyGPGKeyOption{}), user.VerifyUserGPGKey)
+
 			m.Combo("/repos").Get(user.ListMyRepos).
 				Post(bind(api.CreateRepoOption{}), repo.Create)
 

routers/api/v1/user/gpg_key.go

@@ -5,6 +5,7 @@
 package user
 
 import (
+	"fmt"
 	"net/http"
 
 	"code.gitea.io/gitea/models"
@@ -119,14 +120,84 @@ func GetGPGKey(ctx *context.APIContext) {
 
 // CreateUserGPGKey creates new GPG key to given user by ID.
 func CreateUserGPGKey(ctx *context.APIContext, form api.CreateGPGKeyOption, uid int64) {
-	keys, err := models.AddGPGKey(uid, form.ArmoredKey)
+	token := models.VerificationToken(ctx.User, 1)
+	lastToken := models.VerificationToken(ctx.User, 0)
+
+	keys, err := models.AddGPGKey(uid, form.ArmoredKey, token, form.Signature)
+	if err != nil && models.IsErrGPGInvalidTokenSignature(err) {
+		keys, err = models.AddGPGKey(uid, form.ArmoredKey, lastToken, form.Signature)
+	}
 	if err != nil {
-		HandleAddGPGKeyError(ctx, err)
+		HandleAddGPGKeyError(ctx, err, token)
 		return
 	}
 	ctx.JSON(http.StatusCreated, convert.ToGPGKey(keys[0]))
 }
 
+// GetVerificationToken returns the current token to be signed for this user
+func GetVerificationToken(ctx *context.APIContext) {
+	// swagger:operation GET /user/gpg_key_token user getVerificationToken
+	// ---
+	// summary: Get a Token to verify
+	// produces:
+	// - text/plain
+	// parameters:
+	// responses:
+	//   "200":
+	//     "$ref": "#/responses/string"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+
+	token := models.VerificationToken(ctx.User, 1)
+	ctx.PlainText(http.StatusOK, []byte(token))
+}
+
+// VerifyUserGPGKey creates new GPG key to given user by ID.
+func VerifyUserGPGKey(ctx *context.APIContext) {
+	// swagger:operation POST /user/gpg_key_verify user userVerifyGPGKey
+	// ---
+	// summary: Verify a GPG key
+	// consumes:
+	// - application/json
+	// produces:
+	// - application/json
+	// responses:
+	//   "201":
+	//     "$ref": "#/responses/GPGKey"
+	//   "404":
+	//     "$ref": "#/responses/notFound"
+	//   "422":
+	//     "$ref": "#/responses/validationError"
+
+	form := web.GetForm(ctx).(*api.VerifyGPGKeyOption)
+	token := models.VerificationToken(ctx.User, 1)
+	lastToken := models.VerificationToken(ctx.User, 0)
+
+	_, err := models.VerifyGPGKey(ctx.User.ID, form.KeyID, token, form.Signature)
+	if err != nil && models.IsErrGPGInvalidTokenSignature(err) {
+		_, err = models.VerifyGPGKey(ctx.User.ID, form.KeyID, lastToken, form.Signature)
+	}
+
+	if err != nil {
+		if models.IsErrGPGInvalidTokenSignature(err) {
+			ctx.Error(http.StatusUnprocessableEntity, "GPGInvalidSignature", fmt.Sprintf("The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: %s", token))
+			return
+		}
+		ctx.Error(http.StatusInternalServerError, "VerifyUserGPGKey", err)
+	}
+
+	key, err := models.GetGPGKeysByKeyID(form.KeyID)
+	if err != nil {
+		if models.IsErrGPGKeyNotExist(err) {
+			ctx.NotFound()
+		} else {
+			ctx.Error(http.StatusInternalServerError, "GetGPGKeysByKeyID", err)
+		}
+		return
+	}
+	ctx.JSON(http.StatusOK, convert.ToGPGKey(key[0]))
+}
+
 // swagger:parameters userCurrentPostGPGKey
 type swaggerUserCurrentPostGPGKey struct {
 	// in:body
@@ -189,7 +260,7 @@ func DeleteGPGKey(ctx *context.APIContext) {
 }
 
 // HandleAddGPGKeyError handle add GPGKey error
-func HandleAddGPGKeyError(ctx *context.APIContext, err error) {
+func HandleAddGPGKeyError(ctx *context.APIContext, err error, token string) {
 	switch {
 	case models.IsErrGPGKeyAccessDenied(err):
 		ctx.Error(http.StatusUnprocessableEntity, "GPGKeyAccessDenied", "You do not have access to this GPG key")
@@ -198,7 +269,9 @@ func HandleAddGPGKeyError(ctx *context.APIContext, err error) {
 	case models.IsErrGPGKeyParsing(err):
 		ctx.Error(http.StatusUnprocessableEntity, "GPGKeyParsing", err)
 	case models.IsErrGPGNoEmailFound(err):
-		ctx.Error(http.StatusNotFound, "GPGNoEmailFound", err)
+		ctx.Error(http.StatusNotFound, "GPGNoEmailFound", fmt.Sprintf("None of the emails attached to the GPG key could be found. It may still be added if you provide a valid signature for the token: %s", token))
+	case models.IsErrGPGInvalidTokenSignature(err):
+		ctx.Error(http.StatusUnprocessableEntity, "GPGInvalidSignature", fmt.Sprintf("The provided GPG key, signature and token do not match or token is out of date. Provide a valid signature for the token: %s", token))
 	default:
 		ctx.Error(http.StatusInternalServerError, "AddGPGKey", err)
 	}

routers/web/user/setting/keys.go

@@ -76,7 +76,13 @@ func KeysPost(ctx *context.Context) {
 		ctx.Flash.Success(ctx.Tr("settings.add_principal_success", form.Content))
 		ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 	case "gpg":
-		keys, err := models.AddGPGKey(ctx.User.ID, form.Content)
+		token := models.VerificationToken(ctx.User, 1)
+		lastToken := models.VerificationToken(ctx.User, 0)
+
+		keys, err := models.AddGPGKey(ctx.User.ID, form.Content, token, form.Signature)
+		if err != nil && models.IsErrGPGInvalidTokenSignature(err) {
+			keys, err = models.AddGPGKey(ctx.User.ID, form.Content, lastToken, form.Signature)
+		}
 		if err != nil {
 			ctx.Data["HasGPGError"] = true
 			switch {
@@ -88,10 +94,18 @@ func KeysPost(ctx *context.Context) {
 
 				ctx.Data["Err_Content"] = true
 				ctx.RenderWithErr(ctx.Tr("settings.gpg_key_id_used"), tplSettingsKeys, &form)
+			case models.IsErrGPGInvalidTokenSignature(err):
+				loadKeysData(ctx)
+				ctx.Data["Err_Content"] = true
+				ctx.Data["Err_Signature"] = true
+				ctx.Data["KeyID"] = err.(models.ErrGPGInvalidTokenSignature).ID
+				ctx.RenderWithErr(ctx.Tr("settings.gpg_invalid_token_signature"), tplSettingsKeys, &form)
 			case models.IsErrGPGNoEmailFound(err):
 				loadKeysData(ctx)
 
 				ctx.Data["Err_Content"] = true
+				ctx.Data["Err_Signature"] = true
+				ctx.Data["KeyID"] = err.(models.ErrGPGNoEmailFound).ID
 				ctx.RenderWithErr(ctx.Tr("settings.gpg_no_key_email_found"), tplSettingsKeys, &form)
 			default:
 				ctx.ServerError("AddPublicKey", err)
@@ -108,6 +122,29 @@ func KeysPost(ctx *context.Context) {
 		}
 		ctx.Flash.Success(ctx.Tr("settings.add_gpg_key_success", keyIDs))
 		ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
+	case "verify_gpg":
+		token := models.VerificationToken(ctx.User, 1)
+		lastToken := models.VerificationToken(ctx.User, 0)
+
+		keyID, err := models.VerifyGPGKey(ctx.User.ID, form.KeyID, token, form.Signature)
+		if err != nil && models.IsErrGPGInvalidTokenSignature(err) {
+			keyID, err = models.VerifyGPGKey(ctx.User.ID, form.KeyID, lastToken, form.Signature)
+		}
+		if err != nil {
+			ctx.Data["HasGPGVerifyError"] = true
+			switch {
+			case models.IsErrGPGInvalidTokenSignature(err):
+				loadKeysData(ctx)
+				ctx.Data["VerifyingID"] = form.KeyID
+				ctx.Data["Err_Signature"] = true
+				ctx.Data["KeyID"] = err.(models.ErrGPGInvalidTokenSignature).ID
+				ctx.RenderWithErr(ctx.Tr("settings.gpg_invalid_token_signature"), tplSettingsKeys, &form)
+			default:
+				ctx.ServerError("VerifyGPG", err)
+			}
+		}
+		ctx.Flash.Success(ctx.Tr("settings.verify_gpg_key_success", keyID))
+		ctx.Redirect(setting.AppSubURL + "/user/settings/keys")
 	case "ssh":
 		content, err := models.CheckPublicKeyString(form.Content)
 		if err != nil {
@@ -216,6 +253,10 @@ func loadKeysData(ctx *context.Context) {
 		return
 	}
 	ctx.Data["GPGKeys"] = gpgkeys
+	tokenToSign := models.VerificationToken(ctx.User, 1)
+
+	// generate a new aes cipher using the csrfToken
+	ctx.Data["TokenToSign"] = tokenToSign
 
 	principals, err := models.ListPrincipalKeys(ctx.User.ID, models.ListOptions{})
 	if err != nil {
@@ -223,4 +264,6 @@ func loadKeysData(ctx *context.Context) {
 		return
 	}
 	ctx.Data["Principals"] = principals
+
+	ctx.Data["VerifyingID"] = ctx.Query("verify_gpg")
 }

services/forms/user_form.go

@@ -326,6 +326,8 @@ type AddKeyForm struct {
 	Type       string `binding:"OmitEmpty"`
 	Title      string `binding:"Required;MaxSize(50)"`
 	Content    string `binding:"Required"`
+	Signature  string `binding:"OmitEmpty"`
+	KeyID      string `binding:"OmitEmpty"`
 	IsWritable bool
 }
 

templates/swagger/v1_json.tmpl

@@ -10714,6 +10714,52 @@
         }
       }
     },
+    "/user/gpg_key_token": {
+      "get": {
+        "produces": [
+          "text/plain"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Get a Token to verify",
+        "operationId": "getVerificationToken",
+        "responses": {
+          "200": {
+            "$ref": "#/responses/string"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          }
+        }
+      }
+    },
+    "/user/gpg_key_verify": {
+      "post": {
+        "consumes": [
+          "application/json"
+        ],
+        "produces": [
+          "application/json"
+        ],
+        "tags": [
+          "user"
+        ],
+        "summary": "Verify a GPG key",
+        "operationId": "userVerifyGPGKey",
+        "responses": {
+          "201": {
+            "$ref": "#/responses/GPGKey"
+          },
+          "404": {
+            "$ref": "#/responses/notFound"
+          },
+          "422": {
+            "$ref": "#/responses/validationError"
+          }
+        }
+      }
+    },
     "/user/gpg_keys": {
       "get": {
         "produces": [
@@ -12826,6 +12872,10 @@
           "type": "string",
           "uniqueItems": true,
           "x-go-name": "ArmoredKey"
+        },
+        "armored_signature": {
+          "type": "string",
+          "x-go-name": "Signature"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"
@@ -14484,6 +14534,10 @@
             "$ref": "#/definitions/GPGKey"
           },
           "x-go-name": "SubsKey"
+        },
+        "verified": {
+          "type": "boolean",
+          "x-go-name": "Verified"
         }
       },
       "x-go-package": "code.gitea.io/gitea/modules/structs"

templates/user/settings/keys_gpg.tmpl

@@ -15,12 +15,20 @@
 					<button class="ui red tiny button delete-button" id="delete-gpg" data-url="{{$.Link}}/delete?type=gpg" data-id="{{.ID}}">
 						{{$.i18n.Tr "settings.delete_key"}}
 					</button>
+					{{if and (not .Verified) (ne $.VerifyingID .KeyID)}}
+						<a class="ui blue tiny show-panel button" href="{{$.Link}}?verify_gpg={{.KeyID}}">{{$.i18n.Tr "settings.gpg_key_verify"}}</a>
+					{{end}}
 				</div>
 				<div class="left floated content">
 					<span class="{{if or .ExpiredUnix.IsZero ($.PageStartTime.Before .ExpiredUnix.AsTime)}}green{{end}}">{{svg "octicon-key" 32}}</span>
 				</div>
 				<div class="content">
-					{{range .Emails}}<strong>{{.Email}} </strong>{{end}}
+					{{if .Verified}}
+						<span class="poping up" data-content="{{$.i18n.Tr "settings.gpg_key_verified_long"}}">{{svg "octicon-shield-check"}} <strong>{{$.i18n.Tr "settings.gpg_key_verified"}}</strong></span>
+					{{end}}
+					{{if gt (len .Emails) 0}}
+						<span class="poping up" data-content="{{$.i18n.Tr "settings.gpg_key_matched_identities_long"}}">{{svg "octicon-mail"}} {{$.i18n.Tr "settings.gpg_key_matched_identities"}} {{range .Emails}}<strong>{{.Email}} </strong>{{end}}</span>
+					{{end}}
 					<div class="print meta">
 						<b>{{$.i18n.Tr "settings.key_id"}}:</b> {{.KeyID}}
 						<b>{{$.i18n.Tr "settings.subkeys"}}:</b> {{range .SubsKey}} {{.KeyID}} {{end}}
@@ -32,6 +40,37 @@
 					</div>
 				</div>
 			</div>
+			{{if and (not .Verified) (eq $.VerifyingID .KeyID)}}
+				<div class="ui  segment">
+					<h4>{{$.i18n.Tr "settings.gpg_token_required"}}</h4>
+					<form class="ui form{{if $.HasGPGVerifyError}} error{{end}}" action="{{$.Link}}" method="post">
+						{{$.CsrfTokenHtml}}
+						<input type="hidden" name="title" value="none">
+						<input type="hidden" name="content" value="{{.KeyID}}">
+						<input type="hidden" name="key_id" value="{{.KeyID}}">
+						<div class="field">
+							<label for="token">{{$.i18n.Tr "settings.gpg_token"}}</label>
+							<input readonly="" value="{{$.TokenToSign}}">
+							<div class="help">
+								<p>{{$.i18n.Tr "settings.gpg_token_help"}}</p>
+								<p><code>{{$.i18n.Tr "settings.gpg_token_code" $.TokenToSign .KeyID}}</code></p>
+							</div>
+							<br>
+						</div>
+						<div class="field">
+							<label for="signature">{{$.i18n.Tr "settings.gpg_token_signature"}}</label>
+							<textarea id="gpg-key-signature" name="signature" placeholder="{{$.i18n.Tr "settings.key_signature_gpg_placeholder"}}" required>{{$.signature}}</textarea>
+						</div>
+						<input name="type" type="hidden" value="verify_gpg">
+						<button class="ui green button">
+							{{$.i18n.Tr "settings.gpg_key_verify"}}
+						</button>
+						<a class="ui red button" href="{{$.Link}}">
+							{{$.i18n.Tr "settings.cancel"}}
+						</a>
+					</form>
+				</div>
+			{{end}}
 		{{end}}
 	</div>
 </div>
@@ -42,13 +81,30 @@
 		{{.i18n.Tr "settings.add_new_gpg_key"}}
 	</h4>
 	<div class="ui attached segment">
-		<form class="ui form" action="{{.Link}}" method="post">
+		<form class="ui form{{if .HasGPGError}} error{{end}}" action="{{.Link}}" method="post">
 			{{.CsrfTokenHtml}}
 			<input type="hidden" name="title" value="none">
 			<div class="field {{if .Err_Content}}error{{end}}">
 				<label for="content">{{.i18n.Tr "settings.key_content"}}</label>
 				<textarea id="gpg-key-content" name="content" placeholder="{{.i18n.Tr "settings.key_content_gpg_placeholder"}}" required>{{.content}}</textarea>
 			</div>
+			{{if .Err_Signature}}
+				<div class="ui error message">
+					<p>{{.i18n.Tr "settings.gpg_token_required"}}</p>
+				</div>
+				<div class="field">
+					<label for="token">{{.i18n.Tr "setting.gpg_token"}}
+					<input readonly="" value="{{.TokenToSign}}">
+					<div class="help">
+						<p>{{.i18n.Tr "settings.gpg_token_help"}}</p>
+						<p><code>{{$.i18n.Tr "settings.gpg_token_code" .TokenToSign .KeyID}}</code></p>
+					</div>
+				</div>
+				<div class="field">
+					<label for="signature">{{.i18n.Tr "settings.gpg_token_signature"}}</label>
+					<textarea id="gpg-key-signature" name="signature" placeholder="{{.i18n.Tr "settings.key_signature_gpg_placeholder"}}" required>{{.signature}}</textarea>
+				</div>
+			{{end}}
 			<input name="type" type="hidden" value="gpg">
 			<button class="ui green button">
 				{{.i18n.Tr "settings.add_key"}}