Added --secrets support to tar file export.

author: joe <joe@jerkface.net> 2016-04-23 02:19:30 -0400
committer: joe <joe@jerkface.net> 2016-04-23 02:19:30 -0400
commit: 59b38a6070707e77b0e7b4b22c928806eb9415d3 (patch)
tree: 5d4ae61422130cd8d61de7390f12fb011dd32729 /KeyRing.hs
parent: 64202f804429053058ac3efce527f77c2e12948b (diff)
1 files changed, 17 insertions, 12 deletions
diff --git a/KeyRing.hs b/KeyRing.hs
index d4bb099..620f9ad 100644
--- a/KeyRing.hs
+++ b/KeyRing.hs
@@ -45,6 +45,7 @@ module KeyRing
    , KeyFilter(..)
    -- * Results of a KeyRing Operation
    , KeyRingRuntime(..)
+    , MappedPacket(..)
    , KeyDB
    , KeyData(..)
    , SubKey(..)
@@ -97,6 +98,7 @@ module KeyRing
    , keyPacket
    , KeySpec(..)
    , getHostnames
+    , secretPemFromPacket
    ) where
 import System.Environment
@@ -132,7 +134,7 @@ import qualified Data.Map as Map
 import qualified Data.ByteString.Lazy as L ( unpack, null, readFile, writeFile
        , ByteString, toChunks, hGetContents, hPut, concat, fromChunks, splitAt
        , index, break, pack )
-import qualified Data.ByteString      as S ( ByteString, unpack, splitAt, concat, cons, spanEnd, hGetContents, readFile, breakSubstring, drop, length, null, putStr, singleton, unfoldr, reverse )
+import qualified Data.ByteString      as S ( ByteString, unpack, splitAt, concat, cons, spanEnd, hGetContents, readFile, breakSubstring, drop, length, null, hPutStr, singleton, unfoldr, reverse )
 import qualified Codec.Binary.Base32 as Base32
 import qualified Codec.Binary.Base64 as Base64
 #if !defined(VERSION_cryptonite)
@@ -166,7 +168,7 @@ import Foreign.C.Error ( throwErrnoIfMinus1_ )
 import Foreign.Storable
 #endif
 import System.FilePath ( takeDirectory )
-import System.IO (hPutStrLn,withFile,IOMode(..), Handle, hPutStr)
+import System.IO (hPutStrLn,withFile,IOMode(..), Handle, hPutStr, stderr)
 import Data.IORef
 import System.Posix.IO ( fdToHandle )
 import qualified Data.Traversable as Traversable
@@ -1181,7 +1183,7 @@ cachedContents maybePrompt ctx fd = do
        pw <- readIORef ref
        flip (flip maybe return) pw $ do
            if fd == FileDesc 0 then case maybePrompt of
-                                    Just prompt -> S.putStr prompt
+                                    Just prompt -> S.hPutStr stderr prompt
                                    Nothing -> return ()
                               else return ()
            pw <- fmap trimCR $ readInputFileS ctx fd
@@ -2059,20 +2061,23 @@ rsaPrivateKeyFromPacket pkt@(SecretKeyPacket {}) = do
        , rsaCoefficient = coefficient }
 rsaPrivateKeyFromPacket _ = Nothing
+secretPemFromPacket packet =
-writeKeyToFile ::
-  Bool -> FileType -> InputFile -> Packet -> IO [(InputFile, KikiReportAction)]
-writeKeyToFile False PEMFile fname packet = do
    case key_algorithm packet of
     RSA -> do
-        flip (maybe (return []))
+        rsa <- rsaPrivateKeyFromPacket packet -- RSAPrivateKey
-             (rsaPrivateKeyFromPacket packet) -- RSAPrivateKey
-            $ \rsa -> do
        let asn1 = toASN1 rsa []
            bs = encodeASN1 DER asn1
            dta = Base64.encode (L.unpack bs)
            output = writePEM "RSA PRIVATE KEY" dta
-            stamp = toEnum . fromEnum $ timestamp packet
+        Just output
+     algo -> Nothing
+writeKeyToFile ::
+  Bool -> FileType -> InputFile -> Packet -> IO [(InputFile, KikiReportAction)]
+writeKeyToFile False PEMFile fname packet = do
+    case secretPemFromPacket packet of
+     Just output -> do
+        let stamp = toEnum . fromEnum $ timestamp packet
        handleIO_ (return [(fname, FailedFileWrite)]) $ do
            saved_mask <- setFileCreationMask 0o077
            -- Note: The key's timestamp is included in it's fingerprint.
@@ -2080,7 +2085,7 @@ writeKeyToFile False PEMFile fname packet = do
            writeStamped (InputFileContext "" "") fname stamp output
            setFileCreationMask saved_mask
            return [(fname, ExportedSubkey)]
-     algo -> return [(fname, UnableToExport algo $ fingerprint packet)]
+     Nothing -> return [(fname, UnableToExport (key_algorithm packet) $ fingerprint packet)]
 writeKeyToFile False DNSPresentation fname packet = do
    case key_algorithm packet of
author	joe <joe@jerkface.net>	2016-04-23 02:19:30 -0400
committer	joe <joe@jerkface.net>	2016-04-23 02:19:30 -0400
commit	59b38a6070707e77b0e7b4b22c928806eb9415d3 (patch)
tree	5d4ae61422130cd8d61de7390f12fb011dd32729 /KeyRing.hs
parent	64202f804429053058ac3efce527f77c2e12948b (diff)

diff --git a/KeyRing.hs b/KeyRing.hs index d4bb099..620f9ad 100644 --- a/KeyRing.hs +++ b/KeyRing.hs
@@ -45,6 +45,7 @@ module KeyRing
45	, KeyFilter(..)	45	, KeyFilter(..)
46	-- * Results of a KeyRing Operation	46	-- * Results of a KeyRing Operation
47	, KeyRingRuntime(..)	47	, KeyRingRuntime(..)
		48	, MappedPacket(..)
48	, KeyDB	49	, KeyDB
49	, KeyData(..)	50	, KeyData(..)
50	, SubKey(..)	51	, SubKey(..)
@@ -97,6 +98,7 @@ module KeyRing
97	, keyPacket	98	, keyPacket
98	, KeySpec(..)	99	, KeySpec(..)
99	, getHostnames	100	, getHostnames
		101	, secretPemFromPacket
100	) where	102	) where
101		103
102	import System.Environment	104	import System.Environment
@@ -132,7 +134,7 @@ import qualified Data.Map as Map
132	import qualified Data.ByteString.Lazy as L ( unpack, null, readFile, writeFile	134	import qualified Data.ByteString.Lazy as L ( unpack, null, readFile, writeFile
133	, ByteString, toChunks, hGetContents, hPut, concat, fromChunks, splitAt	135	, ByteString, toChunks, hGetContents, hPut, concat, fromChunks, splitAt
134	, index, break, pack )	136	, index, break, pack )
135	import qualified Data.ByteString as S ( ByteString, unpack, splitAt, concat, cons, spanEnd, hGetContents, readFile, breakSubstring, drop, length, null, putStr, singleton, unfoldr, reverse )	137	import qualified Data.ByteString as S ( ByteString, unpack, splitAt, concat, cons, spanEnd, hGetContents, readFile, breakSubstring, drop, length, null, hPutStr, singleton, unfoldr, reverse )
136	import qualified Codec.Binary.Base32 as Base32	138	import qualified Codec.Binary.Base32 as Base32
137	import qualified Codec.Binary.Base64 as Base64	139	import qualified Codec.Binary.Base64 as Base64
138	#if !defined(VERSION_cryptonite)	140	#if !defined(VERSION_cryptonite)
@@ -166,7 +168,7 @@ import Foreign.C.Error ( throwErrnoIfMinus1_ )
166	import Foreign.Storable	168	import Foreign.Storable
167	#endif	169	#endif
168	import System.FilePath ( takeDirectory )	170	import System.FilePath ( takeDirectory )
169	import System.IO (hPutStrLn,withFile,IOMode(..), Handle, hPutStr)	171	import System.IO (hPutStrLn,withFile,IOMode(..), Handle, hPutStr, stderr)
170	import Data.IORef	172	import Data.IORef
171	import System.Posix.IO ( fdToHandle )	173	import System.Posix.IO ( fdToHandle )
172	import qualified Data.Traversable as Traversable	174	import qualified Data.Traversable as Traversable
@@ -1181,7 +1183,7 @@ cachedContents maybePrompt ctx fd = do
1181	pw <- readIORef ref	1183	pw <- readIORef ref
1182	flip (flip maybe return) pw $ do	1184	flip (flip maybe return) pw $ do
1183	if fd == FileDesc 0 then case maybePrompt of	1185	if fd == FileDesc 0 then case maybePrompt of
1184	Just prompt -> S.putStr prompt	1186	Just prompt -> S.hPutStr stderr prompt
1185	Nothing -> return ()	1187	Nothing -> return ()
1186	else return ()	1188	else return ()
1187	pw <- fmap trimCR $ readInputFileS ctx fd	1189	pw <- fmap trimCR $ readInputFileS ctx fd
@@ -2059,20 +2061,23 @@ rsaPrivateKeyFromPacket pkt@(SecretKeyPacket {}) = do
2059	, rsaCoefficient = coefficient }	2061	, rsaCoefficient = coefficient }
2060	rsaPrivateKeyFromPacket _ = Nothing	2062	rsaPrivateKeyFromPacket _ = Nothing
2061		2063
2062		2064	secretPemFromPacket packet =
2063	writeKeyToFile ::
2064	Bool -> FileType -> InputFile -> Packet -> IO [(InputFile, KikiReportAction)]
2065	writeKeyToFile False PEMFile fname packet = do
2066	case key_algorithm packet of	2065	case key_algorithm packet of
2067	RSA -> do	2066	RSA -> do
2068	flip (maybe (return []))	2067	rsa <- rsaPrivateKeyFromPacket packet -- RSAPrivateKey
2069	(rsaPrivateKeyFromPacket packet) -- RSAPrivateKey
2070	$ \rsa -> do
2071	let asn1 = toASN1 rsa []	2068	let asn1 = toASN1 rsa []
2072	bs = encodeASN1 DER asn1	2069	bs = encodeASN1 DER asn1
2073	dta = Base64.encode (L.unpack bs)	2070	dta = Base64.encode (L.unpack bs)
2074	output = writePEM "RSA PRIVATE KEY" dta	2071	output = writePEM "RSA PRIVATE KEY" dta
2075	stamp = toEnum . fromEnum $ timestamp packet	2072	Just output
		2073	algo -> Nothing
		2074
		2075	writeKeyToFile ::
		2076	Bool -> FileType -> InputFile -> Packet -> IO [(InputFile, KikiReportAction)]
		2077	writeKeyToFile False PEMFile fname packet = do
		2078	case secretPemFromPacket packet of
		2079	Just output -> do
		2080	let stamp = toEnum . fromEnum $ timestamp packet
2076	handleIO_ (return [(fname, FailedFileWrite)]) $ do	2081	handleIO_ (return [(fname, FailedFileWrite)]) $ do
2077	saved_mask <- setFileCreationMask 0o077	2082	saved_mask <- setFileCreationMask 0o077
2078	-- Note: The key's timestamp is included in it's fingerprint.	2083	-- Note: The key's timestamp is included in it's fingerprint.
@@ -2080,7 +2085,7 @@ writeKeyToFile False PEMFile fname packet = do
2080	writeStamped (InputFileContext "" "") fname stamp output	2085	writeStamped (InputFileContext "" "") fname stamp output
2081	setFileCreationMask saved_mask	2086	setFileCreationMask saved_mask
2082	return [(fname, ExportedSubkey)]	2087	return [(fname, ExportedSubkey)]
2083	algo -> return [(fname, UnableToExport algo $ fingerprint packet)]	2088	Nothing -> return [(fname, UnableToExport (key_algorithm packet) $ fingerprint packet)]
2084		2089
2085	writeKeyToFile False DNSPresentation fname packet = do	2090	writeKeyToFile False DNSPresentation fname packet = do
2086	case key_algorithm packet of	2091	case key_algorithm packet of