diff options
| author | joe <joe@jerkface.net> | 2014-05-09 23:25:50 -0400 |
|---|---|---|
| committer | joe <joe@jerkface.net> | 2014-05-09 23:25:50 -0400 |
| commit | f4d32f7692b2699e7136e5dd267382193b005bb4 (patch) | |
| tree | 8c985c4a49b0dc4b885442f663d0d2968758a6fe /KeyRing.hs | |
| parent | 073f2a99552a75e27c7fbe3fe8c328d2bf7277c6 (diff) | |
doImport now capable of handling multiple keys from a single pem.
Diffstat (limited to 'KeyRing.hs')
| -rw-r--r-- | KeyRing.hs | 25 |
1 files changed, 14 insertions, 11 deletions
| @@ -1454,8 +1454,8 @@ decodeBlob cert = | |||
| 1454 | key = maybe "" (encodeASN1 DER . flip toASN1 []) $ rsaKeyFromPacket $ pcertKey cert | 1454 | key = maybe "" (encodeASN1 DER . flip toASN1 []) $ rsaKeyFromPacket $ pcertKey cert |
| 1455 | 1455 | ||
| 1456 | 1456 | ||
| 1457 | readKeyFromFile :: Bool -> String -> InputFile -> IO [SecretPEMData] | 1457 | readSecretPEMFile :: InputFile -> IO [SecretPEMData] |
| 1458 | readKeyFromFile False "PEM" fname = do | 1458 | readSecretPEMFile fname = do |
| 1459 | -- warn $ fname ++ ": reading ..." | 1459 | -- warn $ fname ++ ": reading ..." |
| 1460 | let ctx = InputFileContext "" "" | 1460 | let ctx = InputFileContext "" "" |
| 1461 | -- Note: The key's timestamp is included in it's fingerprint. | 1461 | -- Note: The key's timestamp is included in it's fingerprint. |
| @@ -1493,7 +1493,6 @@ readKeyFromFile False "PEM" fname = do | |||
| 1493 | , is_subkey = True | 1493 | , is_subkey = True |
| 1494 | } | 1494 | } |
| 1495 | return dta | 1495 | return dta |
| 1496 | readKeyFromFile is_public fmt filename = error ("unimplemented key type: "++fmt) | ||
| 1497 | 1496 | ||
| 1498 | doImport | 1497 | doImport |
| 1499 | :: Ord k => | 1498 | :: Ord k => |
| @@ -1502,17 +1501,21 @@ doImport | |||
| 1502 | -> (FilePath, Maybe [Char], [k], t) | 1501 | -> (FilePath, Maybe [Char], [k], t) |
| 1503 | -> IO (KikiCondition (Map.Map k KeyData, [(FilePath,KikiReportAction)])) | 1502 | -> IO (KikiCondition (Map.Map k KeyData, [(FilePath,KikiReportAction)])) |
| 1504 | doImport doDecrypt db (fname,subspec,ms,_) = do | 1503 | doImport doDecrypt db (fname,subspec,ms,_) = do |
| 1505 | let fetchkey = readKeyFromFile False "PEM" (ArgFile fname) | ||
| 1506 | flip (maybe $ return CannotImportMasterKey) | 1504 | flip (maybe $ return CannotImportMasterKey) |
| 1507 | subspec $ \tag -> do | 1505 | subspec $ \tag -> do |
| 1508 | ps <- fetchkey | 1506 | ps <- readSecretPEMFile (ArgFile fname) |
| 1509 | let parsedkey = mapMaybe spemPacket ps | 1507 | let parsedkey = mapMaybe spemPacket ps |
| 1510 | flip (maybe $ return $ KikiSuccess (db,[])) | 1508 | foldM (importPemThing tag) (KikiSuccess (db,[])) parsedkey |
| 1511 | (listToMaybe parsedkey) $ \key -> do | 1509 | where |
| 1512 | let (m0,tailms) = splitAt 1 ms | 1510 | importPemThing tag prior key = do |
| 1513 | if (not (null tailms) || null m0) | 1511 | try prior $ \(db,report) -> do |
| 1514 | then return $ AmbiguousKeySpec fname | 1512 | let (m0,tailms) = splitAt 1 ms |
| 1515 | else doImportG doDecrypt db m0 tag fname key | 1513 | if (not (null tailms) || null m0) |
| 1514 | then return $ AmbiguousKeySpec fname | ||
| 1515 | else do | ||
| 1516 | r <- doImportG doDecrypt db m0 tag fname key | ||
| 1517 | try r $ \(db',report') -> do | ||
| 1518 | return $ KikiSuccess (db',report++report') | ||
| 1516 | 1519 | ||
| 1517 | doImportG | 1520 | doImportG |
| 1518 | :: Ord k => | 1521 | :: Ord k => |