(ns com.bebop.gate (:gen-class) (:import [java.security KeyPair KeyPairGenerato

1. (ns com.bebop.gate (:gen-class)
2. (:import [java.security KeyPair KeyPairGenerator]
3. [org.jasypt.util.password StrongPasswordEncryptor]
4. [org.apache.commons.codec.binary Base64])
5. (:use dk.bestinclass.clojureql)
6. (:require [dk.bestinclass.clojureql.backend.derby :as derby]))
7.  
8. (def *conn-info* (make-connection-info "derby" ".gate/db;create=true"))
9.  
10. (defmacro dosql [& forms] `(run *conn-info* ~@forms))
11.  
12. (defn setup
13. []
14. (try (dosql
15. (create-table
16. users
17. [id int
18. username "varchar(64)"
19. password "varchar(64)"
20. public_key "varchar(1024)"
21. private_key "varchar(1024)"]
22. :primary-key id
23. :auto-inc id
24. :unique username
25. :not-nulls [id username password public_key private_key])
26. )
27. (catch java.sql.SQLException e
28. (when (empty? (re-seq #"exists" (.getMessage e))) (throw e)))
29. ))
30.  
31. (defn generate-keys
32. "Generates RSA Keys of a given bit length."
33. ([algo length]
34. (let [gen (doto (KeyPairGenerator/getInstance algo) (.initialize 1024))
35. keypair (.generateKeyPair gen)
36. ders (doall (map #(.encode %1) [(.getPublic keypair) (.getPrivate keypair)]))
37. b64ders (doall (map #(Base64/encodeBase64 %1) ders))
38. surround #(str "-----BEGIN " %1 " KEY-----\n" %2 "-----END " %1 " KEY-----\n")]
39. [(surround "PUBLIC" (String. (first b64ders)))
40. (surround "PRIVATE" (String. (second b64ders)))]
41. ))
42. ([length] (generate-keys "rsa" length))
43. ([] (generate-keys 1024)))
44.  
45. (def *password-encryptor* (new StrongPasswordEncryptor))
46. (def password-encryptor (constantly *password-encryptor*))
47.  
48. (defn hash-password
49. "Strongly hash password"
50. [pword]
51. (-> (password-encryptor) (.encryptPassword pword)))
52.  
53. (defn lookup
54. "Retrieves login record optionally with public private keys"
55. ([username withpublic withprivate]
56. (dosql
57. (cond
58. (and withpublic withprivate) (query [username password] users (= username ~username))
59. withpublic (query users [username password public_key] (= username ~username))
60. withprivate (query users [username password withprivate] (= username ~username))
61. :else (query users * (= username ~username))
62. )))
63. ([username withpublic] (lookup username withpublic false))
64. ([username] (lookup username false false)))
65.  
66. (defn insert
67. "Write user to the Database"
68. [username password publickey privatekey]
69. (let [hpword (hash-password password)]
70. (dosql (insert-into users
71. [username ~username
72. password ~hpword
73. public_key ~publickey
74. private_key ~privatekey]))))
75.  
76. (defn register
77. "Registers a new username and password."
78. [username password]
79. (when-not (lookup username false false)
80. (let [[pub priv] (generate-keys)]
81. (dosql (insert username password pub priv)))
82. ))
83.  
84. (defn check-password
85. "Checks supplied password against hashed password in database."
86. [supplied hashed]
87. (-> (password-encryptor) (.checkPassword supplied hashed)))
88.  
89. (defn login
90. "Check username against password. Returns the public and private key."
91. [username password]
92. (when-let [user (lookup username)]
93. (if (check-password password (user :password))
94. user
95. false)))
96.  
97. (defn reset-keys
98. [username password]
99. (when (login username)
100. (let [[pub priv] (generate-keys)]
101. (dosql (update users [public_key ~pub private_key ~priv] (= username ~username)))
102. )))