New command to rename subkeys.

author: joe <joe@jerkface.net> 2016-08-31 22:16:21 -0400
committer: joe <joe@jerkface.net> 2016-08-31 22:16:21 -0400
commit: d8950d3ccdf51f308aa93f06c16f26b15a6c55c4 (patch)
tree: a44064fbfc52d5ca1d51cfd0229625c6049bbfa0 /lib/KeyRing.hs
parent: fae3728a6b7e8ee13ed009e7c9cf3918eb4b89d7 (diff)
1 files changed, 0 insertions, 184 deletions
diff --git a/lib/KeyRing.hs b/lib/KeyRing.hs
index bb32a2e..87b38bf 100644
--- a/lib/KeyRing.hs
+++ b/lib/KeyRing.hs
@@ -2333,190 +2333,6 @@ readPacketsFromFile ctx fname = do
    return $ decode input
 #endif
-- | Get the time stamp of a signature.
--
-- Warning: This function checks unhashed_subpackets if no timestamp occurs in
-- the hashed section.  TODO: change this?
--
-signature_time :: SignatureOver -> Word32
-signature_time ov = case (if null cs then ds else cs) of
-                                [] -> minBound
-                                xs -> maximum xs
-          where
-            ps = signatures_over ov
-            ss = filter isSignaturePacket ps
-            cs = concatMap (concatMap creationTime . hashed_subpackets) ss
-            ds = concatMap (concatMap creationTime . unhashed_subpackets) ss
-            creationTime (SignatureCreationTimePacket t) = [t]
-            creationTime _                               = []
-splitAtMinBy :: (t -> t -> Ordering) -> [t] -> ([t], [t])
-splitAtMinBy comp xs = minimumBy comp' xxs
- where
-    xxs = zip (inits xs) (tails xs)
-    comp' (_,as) (_,bs) = compM (listToMaybe as) (listToMaybe bs)
-    compM (Just a) (Just b) = comp a b
-    compM Nothing  mb       = GT
-    compM _        _        = LT
-- | Given list of subpackets, a master key, one of its subkeys and a
-- list of signatures on that subkey, yields:
--
--   * preceding list of signatures
--
--   * The most recent valid signature made by the master key along with a
--   flag that indicates whether or not all of the supplied subpackets occur in
--   it or, if no valid signature from the working key is present, Nothing.
--
--   * following list of signatures
--
-findTag ::
-  [SignatureSubpacket]
-  -> Packet
-  -> Packet
-  -> [(MappedPacket, b)]
-  -> ([(MappedPacket, b)],
-      Maybe (Bool, (MappedPacket, b)),
-      [(MappedPacket, b)])
-findTag tag topk subkey subsigs = (xs',minsig,ys')
-         where
-            vs = map (\sig ->
-                          (sig, do
-                                sig <- Just (packet . fst $ sig)
-                                guard (isSignaturePacket sig)
-                                guard $ flip isSuffixOf
-                                             (fingerprint topk)
-                                        . fromMaybe "%bad%" 
-                                        . signature_issuer
-                                        $ sig
-                                listToMaybe $
-                                  map (signature_time . verify (Message [topk]))
-                                      (signatures $ Message [topk,subkey,sig])))
-                     subsigs
-            (xs,ys) = splitAtMinBy (comparing (Down . snd)) vs
-            xs' = map fst xs
-            ys' = map fst $ if isNothing minsig then ys else drop 1 ys
-            minsig = do
-                (sig,ov) <- listToMaybe ys
-                ov
-                let hshed = hashed_subpackets $ packet $ fst sig
-                return ( null $ tag \\ hshed, sig)
-mkUsage :: String -> SignatureSubpacket
-mkUsage tag | Just flags <- lookup tag specials
-  = KeyFlagsPacket
-        { certify_keys          = fromEnum flags .&. 0x1 /= 0
-        , sign_data             = fromEnum flags .&. 0x2 /= 0
-        , encrypt_communication = fromEnum flags .&. 0x4 /= 0
-        , encrypt_storage       = fromEnum flags .&. 0x8 /= 0
-        , split_key             = False
-        , authentication        = False
-        , group_key             = False
-        }
- where
-    flagsets = [Special .. VouchSignEncrypt]
-    specials = map (\f -> (usageString f, f)) flagsets
-mkUsage tag = NotationDataPacket
-                { human_readable = True
-                , notation_name = "usage@"
-                , notation_value = tag
-                }
-makeSig ::
-  (PacketDecrypter)
-  -> MappedPacket
-  -> [Char]
-  -> MappedPacket
-  -> [SignatureSubpacket]
-  -> Maybe (MappedPacket, Map.Map k a)
-  -> IO (KikiCondition ((MappedPacket, Map.Map k a), [KikiReportAction]))
-makeSig doDecrypt top fname subkey_p tags mbsig = do
-    let wk = packet top
-    wkun <- doDecrypt top
-    try wkun $ \wkun -> do
-    let grip = fingerprint wk
-        addOrigin new_sig =
-            flip (maybe $ return FailedToMakeSignature)
-                 (new_sig >>= listToMaybe . signatures_over)
-                 $ \new_sig -> do
-            let mp' = mappedPacket fname new_sig
-            return $ KikiSuccess (mp', Map.empty)
-        parsedkey = [packet subkey_p]
-        hashed0 | any isFlagsPacket tags = tags
-                | otherwise
-                  = KeyFlagsPacket
-                    { certify_keys = False
-                    , sign_data = False
-                    , encrypt_communication = False
-                    , encrypt_storage = False
-                    , split_key = False
-                    , authentication = True
-                    , group_key = False }
-                    : tags
-                    -- implicitly added:
-                    -- , SignatureCreationTimePacket (fromIntegral timestamp)
-        isFlagsPacket (KeyFlagsPacket {}) = True
-        isFlagsPacket _                   = False
-        subgrip = fingerprint (head parsedkey)
-    back_sig <- pgpSign (Message parsedkey)
-                        (SubkeySignature wk
-                                         (head parsedkey)
-                                         (sigpackets 0x19
-                                                     hashed0
-                                                     [IssuerPacket subgrip]))
-                        (if key_algorithm (head parsedkey)==ECDSA
-                            then SHA256
-                            else SHA1)
-                        subgrip
-    let iss = IssuerPacket (fingerprint wk)
-        cons_iss back_sig = iss : map EmbeddedSignaturePacket (signatures_over back_sig)
-        unhashed0 = maybe [iss] cons_iss back_sig
-    new_sig <- pgpSign (Message [wkun])
-                       (SubkeySignature wk
-                                        (head parsedkey)
-                                        (sigpackets 0x18
-                                                   hashed0
-                                                   unhashed0))
-                      SHA1
-                      grip
-    let newSig = do
-            r <- addOrigin new_sig
-            return $ fmap (,[]) r
-    flip (maybe newSig) mbsig $ \(mp,trustmap) -> do
-    let sig = packet mp
-        isCreation (SignatureCreationTimePacket {}) = True
-        isCreation _ = False
-        isExpiration (SignatureExpirationTimePacket {}) = True
-        isExpiration _ = False
-        (cs,ps) = partition isCreation (hashed_subpackets sig)
-        (es,qs) = partition isExpiration ps
-        stamp = listToMaybe . sortBy (comparing Down) $
-                 map unwrap cs where unwrap (SignatureCreationTimePacket x) = x
-        exp = listToMaybe $ sort $
-                 map unwrap es where unwrap (SignatureExpirationTimePacket x) = x
-        expires = liftA2 (+) stamp exp
-    timestamp <- now
-    if fmap ( (< timestamp) . fromIntegral) expires == Just True then
-        return $ KikiSuccess ((mp,trustmap), [ UnableToUpdateExpiredSignature ] )
-    else do
-        let times = (:) (SignatureExpirationTimePacket (fromIntegral timestamp))
-                        $ maybeToList $ do
-                            e <- expires
-                            return $ SignatureExpirationTimePacket (e - fromIntegral timestamp)
-            sig' = sig { hashed_subpackets = times ++ (qs `union` tags) }
-        new_sig <- pgpSign (Message [wkun])
-                           (SubkeySignature wk
-                                            (packet subkey_p)
-                                            [sig'] )
-                           SHA1
-                           (fingerprint wk)
-        newsig <- addOrigin new_sig
-        return $ fmap (,[]) newsig
 merge :: KeyDB -> InputFile -> Message -> KeyDB
 merge db inputfile (Message ps) = merge_ db filename qs
author	joe <joe@jerkface.net>	2016-08-31 22:16:21 -0400
committer	joe <joe@jerkface.net>	2016-08-31 22:16:21 -0400
commit	d8950d3ccdf51f308aa93f06c16f26b15a6c55c4 (patch)
tree	a44064fbfc52d5ca1d51cfd0229625c6049bbfa0 /lib/KeyRing.hs
parent	fae3728a6b7e8ee13ed009e7c9cf3918eb4b89d7 (diff)

diff --git a/lib/KeyRing.hs b/lib/KeyRing.hs index bb32a2e..87b38bf 100644 --- a/lib/KeyRing.hs +++ b/lib/KeyRing.hs
@@ -2333,190 +2333,6 @@ readPacketsFromFile ctx fname = do
2333	return $ decode input	2333	return $ decode input
2334	#endif	2334	#endif
2335		2335
2336	-- \| Get the time stamp of a signature.
2337	--
2338	-- Warning: This function checks unhashed_subpackets if no timestamp occurs in
2339	-- the hashed section. TODO: change this?
2340	--
2341	signature_time :: SignatureOver -> Word32
2342	signature_time ov = case (if null cs then ds else cs) of
2343	[] -> minBound
2344	xs -> maximum xs
2345	where
2346	ps = signatures_over ov
2347	ss = filter isSignaturePacket ps
2348	cs = concatMap (concatMap creationTime . hashed_subpackets) ss
2349	ds = concatMap (concatMap creationTime . unhashed_subpackets) ss
2350	creationTime (SignatureCreationTimePacket t) = [t]
2351	creationTime _ = []
2352
2353	splitAtMinBy :: (t -> t -> Ordering) -> [t] -> ([t], [t])
2354	splitAtMinBy comp xs = minimumBy comp' xxs
2355	where
2356	xxs = zip (inits xs) (tails xs)
2357	comp' (_,as) (_,bs) = compM (listToMaybe as) (listToMaybe bs)
2358	compM (Just a) (Just b) = comp a b
2359	compM Nothing mb = GT
2360	compM _ _ = LT
2361
2362
2363
2364	-- \| Given list of subpackets, a master key, one of its subkeys and a
2365	-- list of signatures on that subkey, yields:
2366	--
2367	-- * preceding list of signatures
2368	--
2369	-- * The most recent valid signature made by the master key along with a
2370	-- flag that indicates whether or not all of the supplied subpackets occur in
2371	-- it or, if no valid signature from the working key is present, Nothing.
2372	--
2373	-- * following list of signatures
2374	--
2375	findTag ::
2376	[SignatureSubpacket]
2377	-> Packet
2378	-> Packet
2379	-> [(MappedPacket, b)]
2380	-> ([(MappedPacket, b)],
2381	Maybe (Bool, (MappedPacket, b)),
2382	[(MappedPacket, b)])
2383	findTag tag topk subkey subsigs = (xs',minsig,ys')
2384	where
2385	vs = map (\sig ->
2386	(sig, do
2387	sig <- Just (packet . fst $ sig)
2388	guard (isSignaturePacket sig)
2389	guard $ flip isSuffixOf
2390	(fingerprint topk)
2391	. fromMaybe "%bad%"
2392	. signature_issuer
2393	$ sig
2394	listToMaybe $
2395	map (signature_time . verify (Message [topk]))
2396	(signatures $ Message [topk,subkey,sig])))
2397	subsigs
2398	(xs,ys) = splitAtMinBy (comparing (Down . snd)) vs
2399	xs' = map fst xs
2400	ys' = map fst $ if isNothing minsig then ys else drop 1 ys
2401	minsig = do
2402	(sig,ov) <- listToMaybe ys
2403	ov
2404	let hshed = hashed_subpackets $ packet $ fst sig
2405	return ( null $ tag \\ hshed, sig)
2406
2407	mkUsage :: String -> SignatureSubpacket
2408	mkUsage tag \| Just flags <- lookup tag specials
2409	= KeyFlagsPacket
2410	{ certify_keys = fromEnum flags .&. 0x1 /= 0
2411	, sign_data = fromEnum flags .&. 0x2 /= 0
2412	, encrypt_communication = fromEnum flags .&. 0x4 /= 0
2413	, encrypt_storage = fromEnum flags .&. 0x8 /= 0
2414	, split_key = False
2415	, authentication = False
2416	, group_key = False
2417	}
2418	where
2419	flagsets = [Special .. VouchSignEncrypt]
2420	specials = map (\f -> (usageString f, f)) flagsets
2421
2422	mkUsage tag = NotationDataPacket
2423	{ human_readable = True
2424	, notation_name = "usage@"
2425	, notation_value = tag
2426	}
2427
2428	makeSig ::
2429	(PacketDecrypter)
2430	-> MappedPacket
2431	-> [Char]
2432	-> MappedPacket
2433	-> [SignatureSubpacket]
2434	-> Maybe (MappedPacket, Map.Map k a)
2435	-> IO (KikiCondition ((MappedPacket, Map.Map k a), [KikiReportAction]))
2436	makeSig doDecrypt top fname subkey_p tags mbsig = do
2437	let wk = packet top
2438	wkun <- doDecrypt top
2439	try wkun $ \wkun -> do
2440	let grip = fingerprint wk
2441	addOrigin new_sig =
2442	flip (maybe $ return FailedToMakeSignature)
2443	(new_sig >>= listToMaybe . signatures_over)
2444	$ \new_sig -> do
2445	let mp' = mappedPacket fname new_sig
2446	return $ KikiSuccess (mp', Map.empty)
2447	parsedkey = [packet subkey_p]
2448	hashed0 \| any isFlagsPacket tags = tags
2449	\| otherwise
2450	= KeyFlagsPacket
2451	{ certify_keys = False
2452	, sign_data = False
2453	, encrypt_communication = False
2454	, encrypt_storage = False
2455	, split_key = False
2456	, authentication = True
2457	, group_key = False }
2458	: tags
2459	-- implicitly added:
2460	-- , SignatureCreationTimePacket (fromIntegral timestamp)
2461	isFlagsPacket (KeyFlagsPacket {}) = True
2462	isFlagsPacket _ = False
2463	subgrip = fingerprint (head parsedkey)
2464
2465	back_sig <- pgpSign (Message parsedkey)
2466	(SubkeySignature wk
2467	(head parsedkey)
2468	(sigpackets 0x19
2469	hashed0
2470	[IssuerPacket subgrip]))
2471	(if key_algorithm (head parsedkey)==ECDSA
2472	then SHA256
2473	else SHA1)
2474	subgrip
2475	let iss = IssuerPacket (fingerprint wk)
2476	cons_iss back_sig = iss : map EmbeddedSignaturePacket (signatures_over back_sig)
2477	unhashed0 = maybe [iss] cons_iss back_sig
2478
2479	new_sig <- pgpSign (Message [wkun])
2480	(SubkeySignature wk
2481	(head parsedkey)
2482	(sigpackets 0x18
2483	hashed0
2484	unhashed0))
2485	SHA1
2486	grip
2487	let newSig = do
2488	r <- addOrigin new_sig
2489	return $ fmap (,[]) r
2490	flip (maybe newSig) mbsig $ \(mp,trustmap) -> do
2491	let sig = packet mp
2492	isCreation (SignatureCreationTimePacket {}) = True
2493	isCreation _ = False
2494	isExpiration (SignatureExpirationTimePacket {}) = True
2495	isExpiration _ = False
2496	(cs,ps) = partition isCreation (hashed_subpackets sig)
2497	(es,qs) = partition isExpiration ps
2498	stamp = listToMaybe . sortBy (comparing Down) $
2499	map unwrap cs where unwrap (SignatureCreationTimePacket x) = x
2500	exp = listToMaybe $ sort $
2501	map unwrap es where unwrap (SignatureExpirationTimePacket x) = x
2502	expires = liftA2 (+) stamp exp
2503	timestamp <- now
2504	if fmap ( (< timestamp) . fromIntegral) expires == Just True then
2505	return $ KikiSuccess ((mp,trustmap), [ UnableToUpdateExpiredSignature ] )
2506	else do
2507	let times = (:) (SignatureExpirationTimePacket (fromIntegral timestamp))
2508	$ maybeToList $ do
2509	e <- expires
2510	return $ SignatureExpirationTimePacket (e - fromIntegral timestamp)
2511	sig' = sig { hashed_subpackets = times ++ (qs `union` tags) }
2512	new_sig <- pgpSign (Message [wkun])
2513	(SubkeySignature wk
2514	(packet subkey_p)
2515	[sig'] )
2516	SHA1
2517	(fingerprint wk)
2518	newsig <- addOrigin new_sig
2519	return $ fmap (,[]) newsig
2520		2336
2521	merge :: KeyDB -> InputFile -> Message -> KeyDB	2337	merge :: KeyDB -> InputFile -> Message -> KeyDB
2522	merge db inputfile (Message ps) = merge_ db filename qs	2338	merge db inputfile (Message ps) = merge_ db filename qs