diff options
| author | joe <joe@jerkface.net> | 2014-04-16 03:43:49 -0400 |
|---|---|---|
| committer | joe <joe@jerkface.net> | 2014-04-16 03:43:49 -0400 |
| commit | 80cd56e64d6c506d9ede50ac357ceec47df8393e (patch) | |
| tree | 588898385dbc581a9796d2e25c8c443bd3a65637 | |
| parent | 8703df51a7f8c0dc9b71ea4fc0dc985776dace5a (diff) | |
fixes related to creating key files via external commands
| -rw-r--r-- | KeyRing.hs | 166 | ||||
| -rw-r--r-- | kiki.hs | 67 |
2 files changed, 130 insertions, 103 deletions
| @@ -529,6 +529,70 @@ parseSpec grip spec = (topspec,subspec) | |||
| 529 | filterMatches :: KeySpec -> [(KeyKey,KeyData)] -> [(KeyKey,KeyData)] | 529 | filterMatches :: KeySpec -> [(KeyKey,KeyData)] -> [(KeyKey,KeyData)] |
| 530 | filterMatches spec ks = filter (matchSpec spec) ks | 530 | filterMatches spec ks = filter (matchSpec spec) ks |
| 531 | 531 | ||
| 532 | selectSecretKey :: (KeySpec,Maybe String) -> KeyDB -> Maybe Packet | ||
| 533 | selectSecretKey (spec,mtag) db = selectKey0 False (spec,mtag) db | ||
| 534 | |||
| 535 | selectPublicKey :: (KeySpec,Maybe String) -> KeyDB -> Maybe Packet | ||
| 536 | selectPublicKey (spec,mtag) db = selectKey0 True (spec,mtag) db | ||
| 537 | |||
| 538 | selectKey0 :: Bool -> (KeySpec,Maybe String) -> KeyDB -> Maybe Packet | ||
| 539 | selectKey0 wantPublic (spec,mtag) db = do | ||
| 540 | let Message ps = flattenKeys wantPublic db | ||
| 541 | ys = snd $ seek_key spec ps | ||
| 542 | flip (maybe (listToMaybe ys)) mtag $ \tag -> do | ||
| 543 | let (subspec,ys1) = (KeyTag y tag,ys1) where y:ys1 = ys | ||
| 544 | zs = snd $ seek_key subspec ys1 | ||
| 545 | listToMaybe zs | ||
| 546 | |||
| 547 | seek_key :: KeySpec -> [Packet] -> ([Packet],[Packet]) | ||
| 548 | seek_key (KeyGrip grip) sec = (pre, subs) | ||
| 549 | where | ||
| 550 | (pre,subs) = break pred sec | ||
| 551 | pred p@(SecretKeyPacket {}) = matchpr grip p == grip | ||
| 552 | pred p@(PublicKeyPacket {}) = matchpr grip p == grip | ||
| 553 | pred _ = False | ||
| 554 | |||
| 555 | seek_key (KeyTag key tag) ps = if null bs | ||
| 556 | then (ps,[]) | ||
| 557 | else if null qs | ||
| 558 | then let (as',bs') = seek_key (KeyTag key tag) (tail bs) | ||
| 559 | in (as ++ (head bs:as'), bs') | ||
| 560 | else (reverse (tail qs), head qs : reverse rs ++ bs) | ||
| 561 | where | ||
| 562 | (as,bs) = break (\p -> isSignaturePacket p | ||
| 563 | && has_tag tag p | ||
| 564 | && isJust (signature_issuer p) | ||
| 565 | && matchpr (fromJust $ signature_issuer p) key == fromJust (signature_issuer p) ) | ||
| 566 | ps | ||
| 567 | (rs,qs) = break isKey (reverse as) | ||
| 568 | |||
| 569 | has_tag tag p = tag `elem` mapMaybe usage (hashed_subpackets p) | ||
| 570 | || tag `elem` map usageString (mapMaybe keyflags (hashed_subpackets p)) | ||
| 571 | |||
| 572 | seek_key (KeyUidMatch pat) ps = if null bs | ||
| 573 | then (ps,[]) | ||
| 574 | else if null qs | ||
| 575 | then let (as',bs') = seek_key (KeyUidMatch pat) (tail bs) | ||
| 576 | in (as ++ (head bs:as'), bs') | ||
| 577 | else (reverse (tail qs), head qs : reverse rs ++ bs) | ||
| 578 | where | ||
| 579 | (as,bs) = break (isInfixOf pat . uidStr) | ||
| 580 | ps | ||
| 581 | (rs,qs) = break isKey (reverse as) | ||
| 582 | |||
| 583 | uidStr (UserIDPacket s) = s | ||
| 584 | uidStr _ = "" | ||
| 585 | |||
| 586 | |||
| 587 | importPEMKey db' tup = do | ||
| 588 | try db' $ \(db',report0) -> do | ||
| 589 | r <- doImport doDecrypt | ||
| 590 | db' | ||
| 591 | tup | ||
| 592 | try r $ \(db'',report) -> do | ||
| 593 | return $ KikiSuccess (db'', report0 ++ report) | ||
| 594 | where doDecrypt = todo | ||
| 595 | |||
| 532 | 596 | ||
| 533 | buildKeyDB :: FilePath -> FilePath -> Maybe String -> KeyRingData | 597 | buildKeyDB :: FilePath -> FilePath -> Maybe String -> KeyRingData |
| 534 | -> IO (KikiCondition ((KeyDB,Maybe String,Maybe Packet),[(FilePath,KikiReportAction)])) | 598 | -> IO (KikiCondition ((KeyDB,Maybe String,Maybe Packet),[(FilePath,KikiReportAction)])) |
| @@ -559,14 +623,6 @@ buildKeyDB secring pubring grip0 keyring = do | |||
| 559 | try r $ \(db'',report) -> do | 623 | try r $ \(db'',report) -> do |
| 560 | return $ KikiSuccess (db'', report0 ++ report) | 624 | return $ KikiSuccess (db'', report0 ++ report) |
| 561 | 625 | ||
| 562 | importPEMKey db' tup = do | ||
| 563 | try db' $ \(db',report0) -> do | ||
| 564 | r <- doImport doDecrypt | ||
| 565 | db' | ||
| 566 | tup | ||
| 567 | try r $ \(db'',report) -> do | ||
| 568 | return $ KikiSuccess (db'', report0 ++ report) | ||
| 569 | |||
| 570 | doDecrypt = todo | 626 | doDecrypt = todo |
| 571 | 627 | ||
| 572 | -- KeyRings (todo: KikiCondition reporting?) | 628 | -- KeyRings (todo: KikiCondition reporting?) |
| @@ -929,46 +985,71 @@ runKeyRing keyring = do | |||
| 929 | if not $ null failed_locks | 985 | if not $ null failed_locks |
| 930 | then return $ KikiResult (FailedToLock failed_locks) [] | 986 | then return $ KikiResult (FailedToLock failed_locks) [] |
| 931 | else do | 987 | else do |
| 988 | |||
| 989 | let doDecrypt = todo | ||
| 990 | |||
| 991 | -- merge all keyrings, PEM files, and wallets | ||
| 992 | bresult <- buildKeyDB secring pubring grip0 keyring | ||
| 993 | |||
| 994 | try' bresult $ \((db,grip,wk),report_imports) -> do | ||
| 995 | |||
| 996 | nonexistents <- | ||
| 997 | filterM (fmap not . doesFileExist . fst) | ||
| 998 | $ do (f,t) <- Map.toList (kFiles keyring) | ||
| 999 | f <- resolveInputFile secring pubring f | ||
| 1000 | return (f,t) | ||
| 1001 | |||
| 1002 | |||
| 932 | -- create nonexistent files via external commands | 1003 | -- create nonexistent files via external commands |
| 933 | report_externals <- do | 1004 | externals_ret <- do |
| 934 | let cmds = do | 1005 | let cmds = do |
| 935 | (f,(rtyp,ftyp)) <- Map.toList (kFiles keyring) | 1006 | (fname,(rtyp,ftyp)) <- nonexistents |
| 936 | cmd <- maybeToList (initializer rtyp) | 1007 | cmd <- maybeToList (initializer rtyp) |
| 937 | (_,subspec) <- fmap (parseSpec "") $ getUsage ftyp | 1008 | (topspec,subspec) <- fmap (parseSpec $ maybe "" id grip) |
| 938 | fname <- resolveInputFile secring pubring f | 1009 | $ getUsage ftyp |
| 939 | return (fname,maybe "" id subspec,cmd) | 1010 | let ms = map fst $ filterMatches topspec (Map.toList db) |
| 940 | forM cmds $ \(fname,usage,cmd) -> do | 1011 | guard $ isNothing $ selectPublicKey (topspec,subspec) db |
| 1012 | return (fname,subspec,ms,cmd) | ||
| 1013 | rs <- forM cmds $ \tup@(fname,subspec,ms,cmd) -> do | ||
| 941 | e <- systemEnv [ ("file",fname) | 1014 | e <- systemEnv [ ("file",fname) |
| 942 | , ("usage",usage) ] | 1015 | , ("usage",maybe "" id subspec) ] |
| 943 | cmd | 1016 | cmd |
| 944 | case e of | 1017 | case e of |
| 945 | ExitFailure num -> return (fname,FailedExternal num) | 1018 | ExitFailure num -> return (tup,FailedExternal num) |
| 946 | ExitSuccess -> return (fname,ExternallyGeneratedFile) | 1019 | ExitSuccess -> return (tup,ExternallyGeneratedFile) |
| 947 | 1020 | ||
| 948 | -- merge all keyrings, PEM files, and wallets | 1021 | v <- foldM importPEMKey (KikiSuccess (db,[])) $ do |
| 949 | bresult <- buildKeyDB secring pubring grip0 keyring | 1022 | (tup,r) <- rs |
| 1023 | guard $ case r of | ||
| 1024 | ExternallyGeneratedFile -> True | ||
| 1025 | _ -> False | ||
| 1026 | return tup | ||
| 950 | 1027 | ||
| 951 | try' bresult $ \((db,grip,wk),report_imports) -> do | 1028 | try v $ \(db,import_rs) -> do |
| 952 | let a = KeyRingRuntime | 1029 | return $ KikiSuccess (db, map (\((f,_,_,_),r)->(f,r)) rs |
| 953 | { rtPubring = pubring | 1030 | ++ import_rs) |
| 954 | , rtSecring = secring | ||
| 955 | , rtGrip = grip | ||
| 956 | , rtKeyDB = db | ||
| 957 | } | ||
| 958 | 1031 | ||
| 959 | r <- writeWalletKeys keyring db wk | 1032 | try' externals_ret $ \(db,report_externals) -> do |
| 960 | try' r $ \report_wallets -> do | ||
| 961 | 1033 | ||
| 962 | r <- writeRingKeys keyring db wk secring pubring | 1034 | r <- writeWalletKeys keyring db wk |
| 963 | try' r $ \report_rings -> do | 1035 | try' r $ \report_wallets -> do |
| 964 | 1036 | ||
| 965 | -- todo writePEMKeys | 1037 | r <- writeRingKeys keyring db wk secring pubring |
| 1038 | try' r $ \report_rings -> do | ||
| 966 | 1039 | ||
| 967 | return $ KikiResult (KikiSuccess a) | 1040 | -- todo writePEMKeys |
| 968 | $ concat [ report_externals | 1041 | |
| 969 | , report_imports | 1042 | let rt = KeyRingRuntime |
| 970 | , report_wallets | 1043 | { rtPubring = pubring |
| 971 | , report_rings ] | 1044 | , rtSecring = secring |
| 1045 | , rtGrip = grip | ||
| 1046 | , rtKeyDB = db | ||
| 1047 | } | ||
| 1048 | return $ KikiResult (KikiSuccess rt) | ||
| 1049 | $ concat [ report_imports | ||
| 1050 | , report_externals | ||
| 1051 | , report_wallets | ||
| 1052 | , report_rings ] | ||
| 972 | 1053 | ||
| 973 | forM_ lked $ \(Just lk, fname) -> dotlock_release lk | 1054 | forM_ lked $ \(Just lk, fname) -> dotlock_release lk |
| 974 | 1055 | ||
| @@ -1524,6 +1605,19 @@ sortByHint fname f = sortBy (comparing gethint) | |||
| 1524 | gethint = maybe defnum originalNum . Map.lookup fname . locations . f | 1605 | gethint = maybe defnum originalNum . Map.lookup fname . locations . f |
| 1525 | defnum = -1 | 1606 | defnum = -1 |
| 1526 | 1607 | ||
| 1608 | flattenKeys :: Bool -> KeyDB -> Message | ||
| 1609 | flattenKeys isPublic db = Message $ concatMap (map packet . flattenTop "" isPublic . snd) (prefilter . Map.assocs $ db) | ||
| 1610 | where | ||
| 1611 | prefilter = if isPublic then id else filter isSecret | ||
| 1612 | where | ||
| 1613 | isSecret (_,(KeyData | ||
| 1614 | (MappedPacket { packet=(SecretKeyPacket {})}) | ||
| 1615 | _ | ||
| 1616 | _ | ||
| 1617 | _)) = True | ||
| 1618 | isSecret _ = False | ||
| 1619 | |||
| 1620 | |||
| 1527 | flattenTop :: FilePath -> Bool -> KeyData -> [MappedPacket] | 1621 | flattenTop :: FilePath -> Bool -> KeyData -> [MappedPacket] |
| 1528 | flattenTop fname ispub (KeyData key sigs uids subkeys) = | 1622 | flattenTop fname ispub (KeyData key sigs uids subkeys) = |
| 1529 | unk ispub key : | 1623 | unk ispub key : |
| @@ -650,19 +650,6 @@ getPassphrase cmd = | |||
| 650 | 650 | ||
| 651 | #define HOMEOPTION (def &= explicit &= name "homedir" &= typDir ) | 651 | #define HOMEOPTION (def &= explicit &= name "homedir" &= typDir ) |
| 652 | 652 | ||
| 653 | flattenKeys :: Bool -> KeyDB -> Message | ||
| 654 | flattenKeys isPublic db = Message $ concatMap (map packet . flattenTop "" isPublic . snd) (prefilter . Map.assocs $ db) | ||
| 655 | where | ||
| 656 | prefilter = if isPublic then id else filter isSecret | ||
| 657 | where | ||
| 658 | isSecret (_,(KeyData | ||
| 659 | (MappedPacket { packet=(SecretKeyPacket {})}) | ||
| 660 | _ | ||
| 661 | _ | ||
| 662 | _)) = True | ||
| 663 | isSecret _ = False | ||
| 664 | |||
| 665 | |||
| 666 | writeOutKeyrings :: Map.Map FilePath t -> KeyDB -> IO () | 653 | writeOutKeyrings :: Map.Map FilePath t -> KeyDB -> IO () |
| 667 | writeOutKeyrings lkmap db = do | 654 | writeOutKeyrings lkmap db = do |
| 668 | let ks = Map.elems db | 655 | let ks = Map.elems db |
| @@ -1704,60 +1691,6 @@ isTopKey p@(SecretKeyPacket {}) | not (is_subkey p) = True | |||
| 1704 | isTopKey p@(PublicKeyPacket {}) | not (is_subkey p) = True | 1691 | isTopKey p@(PublicKeyPacket {}) | not (is_subkey p) = True |
| 1705 | isTopKey _ = False | 1692 | isTopKey _ = False |
| 1706 | 1693 | ||
| 1707 | selectSecretKey :: (KeySpec,Maybe String) -> KeyDB -> Maybe Packet | ||
| 1708 | selectSecretKey (spec,mtag) db = selectKey0 False (spec,mtag) db | ||
| 1709 | |||
| 1710 | selectPublicKey :: (KeySpec,Maybe String) -> KeyDB -> Maybe Packet | ||
| 1711 | selectPublicKey (spec,mtag) db = selectKey0 True (spec,mtag) db | ||
| 1712 | |||
| 1713 | selectKey0 :: Bool -> (KeySpec,Maybe String) -> KeyDB -> Maybe Packet | ||
| 1714 | selectKey0 wantPublic (spec,mtag) db = do | ||
| 1715 | let Message ps = flattenKeys wantPublic db | ||
| 1716 | ys = snd $ seek_key spec ps | ||
| 1717 | flip (maybe (listToMaybe ys)) mtag $ \tag -> do | ||
| 1718 | let (subspec,ys1) = (KeyTag y tag,ys1) where y:ys1 = ys | ||
| 1719 | zs = snd $ seek_key subspec ys1 | ||
| 1720 | listToMaybe zs | ||
| 1721 | |||
| 1722 | seek_key :: KeySpec -> [Packet] -> ([Packet],[Packet]) | ||
| 1723 | seek_key (KeyGrip grip) sec = (pre, subs) | ||
| 1724 | where | ||
| 1725 | (pre,subs) = break pred sec | ||
| 1726 | pred p@(SecretKeyPacket {}) = matchpr grip p == grip | ||
| 1727 | pred p@(PublicKeyPacket {}) = matchpr grip p == grip | ||
| 1728 | pred _ = False | ||
| 1729 | |||
| 1730 | seek_key (KeyTag key tag) ps = if null bs | ||
| 1731 | then (ps,[]) | ||
| 1732 | else if null qs | ||
| 1733 | then let (as',bs') = seek_key (KeyTag key tag) (tail bs) | ||
| 1734 | in (as ++ (head bs:as'), bs') | ||
| 1735 | else (reverse (tail qs), head qs : reverse rs ++ bs) | ||
| 1736 | where | ||
| 1737 | (as,bs) = break (\p -> isSignaturePacket p | ||
| 1738 | && has_tag tag p | ||
| 1739 | && isJust (signature_issuer p) | ||
| 1740 | && matchpr (fromJust $ signature_issuer p) key == fromJust (signature_issuer p) ) | ||
| 1741 | ps | ||
| 1742 | (rs,qs) = break isKey (reverse as) | ||
| 1743 | |||
| 1744 | has_tag tag p = tag `elem` mapMaybe usage (hashed_subpackets p) | ||
| 1745 | || tag `elem` map usageString (mapMaybe keyflags (hashed_subpackets p)) | ||
| 1746 | |||
| 1747 | seek_key (KeyUidMatch pat) ps = if null bs | ||
| 1748 | then (ps,[]) | ||
| 1749 | else if null qs | ||
| 1750 | then let (as',bs') = seek_key (KeyUidMatch pat) (tail bs) | ||
| 1751 | in (as ++ (head bs:as'), bs') | ||
| 1752 | else (reverse (tail qs), head qs : reverse rs ++ bs) | ||
| 1753 | where | ||
| 1754 | (as,bs) = break (isInfixOf pat . uidStr) | ||
| 1755 | ps | ||
| 1756 | (rs,qs) = break isKey (reverse as) | ||
| 1757 | |||
| 1758 | uidStr (UserIDPacket s) = s | ||
| 1759 | uidStr _ = "" | ||
| 1760 | |||
| 1761 | groupTops ps = groupBy (\_ b -> not (isTopKey b)) ps | 1694 | groupTops ps = groupBy (\_ b -> not (isTopKey b)) ps |
| 1762 | 1695 | ||
| 1763 | 1696 | ||