Added --keypairs support to export-public.

2 files changed, 30 insertions, 13 deletions

diff --git a/KeyRing.hs b/KeyRing.hs
index b164527..53a1a34 100644
--- a/KeyRing.hs
+++ b/KeyRing.hs
@@ -2158,7 +2158,9 @@ rsaPrivateKeyFromPacket pkt@(SecretKeyPacket {}) = do
         , rsaCoefficient = coefficient }
 rsaPrivateKeyFromPacket _ = Nothing
 
-secretPemFromPacket packet =
+secretPemFromPacket packet = pemFromPacket Sec packet
+
+pemFromPacket Sec packet =
     case key_algorithm packet of
      RSA -> do
         rsa <- rsaPrivateKeyFromPacket packet -- RSAPrivateKey
@@ -2168,11 +2170,24 @@ secretPemFromPacket packet =
             output = writePEM "RSA PRIVATE KEY" dta
         Just output
      algo -> Nothing
+pemFromPacket Pub packet =
+    case key_algorithm packet of
+     RSA -> do
+        rsa <- rsaKeyFromPacket packet
+        let asn1 = toASN1 (pkcs8 rsa) []
+            bs = encodeASN1 DER asn1
+            dta = Base64.encode (L.unpack bs)
+            output = writePEM "PUBLIC KEY" dta
+        Just output
+     algo -> Nothing
+pemFromPacket AutoAccess p@(PublicKeyPacket {}) = pemFromPacket Pub p
+pemFromPacket AutoAccess p@(SecretKeyPacket {}) = pemFromPacket Sec p
+pemFromPacket AutoAccess _ = Nothing
 
 writeKeyToFile ::
-  Bool -> FileType -> InputFile -> Packet -> IO [(InputFile, KikiReportAction)]
-writeKeyToFile False PEMFile fname packet = do
-    case secretPemFromPacket packet of
+  Bool -> StreamInfo -> InputFile -> Packet -> IO [(InputFile, KikiReportAction)]
+writeKeyToFile False stream@(StreamInfo { typ = PEMFile }) fname packet = do
+    case pemFromPacket (access stream) packet of
      Just output -> do
         let stamp = toEnum . fromEnum $ timestamp packet
         handleIO_ (return [(fname, FailedFileWrite)]) $ do
@@ -2184,7 +2199,7 @@ writeKeyToFile False PEMFile fname packet = do
             return [(fname, ExportedSubkey)]
      Nothing -> return [(fname, UnableToExport (key_algorithm packet) $ fingerprint packet)]
 
-writeKeyToFile False DNSPresentation fname packet = do
+writeKeyToFile False StreamInfo { typ = DNSPresentation } fname packet = do
     case key_algorithm packet of
      RSA -> do
         flip (maybe (return []))
@@ -2232,12 +2247,14 @@ writePEMKeys doDecrypt db exports = do
     let ds' = map functorToEither ds
     if null (lefts ds')
         then do
-            rs <- mapM (\(f,stream,p) -> writeKeyToFile False (typ stream) (ArgFile f) p)
+            rs <- mapM (\(f,stream,p) -> writeKeyToFile False stream (ArgFile f) p)
                        (rights ds')
             return $ KikiSuccess (map (first $ resolveForReport Nothing) $ concat rs)
         else do
             return (head $ lefts ds')
  where
+    decryptKeys (fname,subspec,[p],stream@(StreamInfo { access=Pub }))
+        = return $ KikiSuccess (fname,stream,packet p) -- public keys are never encrypted.
     decryptKeys (fname,subspec,[p],stream) = do
         pun <- doDecrypt p
         try pun $ \pun -> do
diff --git a/kiki.hs b/kiki.hs
index 7c0c4b2..8ee88c6 100644
--- a/kiki.hs
+++ b/kiki.hs
@@ -804,8 +804,7 @@ documentAutoSignFlag bExport bImport bSecret =
                     ,"                'tor' subkey corresponding to the address HOSTNAME.onion."
                     ,""]
 documentKeyPairsOption :: Bool -> Bool -> Bool -> [String]
-documentKeyPairsOption bExport bImport False = []
-documentKeyPairsOption bExport bImport bSecret@True  = 
+documentKeyPairsOption bExport bImport bSecret = 
             ["    --keypairs [KEYSPEC ...]"
             ,"                A keypair is a secret key coupled with it's corresponding public"
             ,"                key, both of which are ordinarily stored in a single file in PEM"
@@ -1041,7 +1040,7 @@ buildStreamInfo rtyp ftyp = StreamInfo { typ = ftyp
 --  bImport: --import and --import-if-authentic
 sync :: Bool -> Bool -> Bool -> String -> [String] -> IO ()
 sync bExport bImport bSecret cmdarg args_raw = do
-    let (sargs,margs) = processArgs sargspec polyVariadicArgs "--keyrings" args_raw
+    let (sargs,margs) = processArgs sargspec polyVariadicArgs "--keypairs" args_raw
         sargspec = [ ("--show-wk",0)
                    , ("--autosign",0)
                    {-, ("--show-all",0)
@@ -1054,9 +1053,10 @@ sync bExport bImport bSecret cmdarg args_raw = do
                    ++ do guard bImport
                          [ ("--import",0), ("--import-if-authentic",0) ]
         polyVariadicArgs = ["--keyrings"
-                           ,"--hosts" ]
+                           ,"--hosts"
+                           ,"--keypairs"]
                            ++ do guard bSecret
-                                 [ "--keypairs", "--wallets" ]
+                                 [ "--wallets" ]
     -- putStrLn $ "margs = " ++ show (Map.assocs margs)
     unkeysRef <- newIORef Map.empty
     pwRef <- newIORef Nothing
@@ -1087,7 +1087,7 @@ sync bExport bImport bSecret cmdarg args_raw = do
                                                        , typ = if "dns-" `isPrefixOf` usage
                                                                     then DNSPresentation
                                                                     else PEMFile
-                                                       , access = Sec
+                                                       , access = if bSecret then Sec else Pub
                                                        , initializer = cmd'
                                                        , transforms = []
                                                        } )
@@ -1121,7 +1121,7 @@ sync bExport bImport bSecret cmdarg args_raw = do
                                              KeyRingFile )
                 ]
                 ++ rings
-                ++ if bSecret then pems else []
+                ++ pems
                 ++ if bSecret then walts else []
                 ++ hosts
             , opPassphrases = do pfile <- maybeToList passfd