diff options
-rw-r--r-- | KeyRing.hs | 79 | ||||
-rw-r--r-- | kiki.hs | 8 |
2 files changed, 51 insertions, 36 deletions
@@ -5,12 +5,15 @@ | |||
5 | -- Maintainer : joe@jerkface.net | 5 | -- Maintainer : joe@jerkface.net |
6 | -- Stability : experimental | 6 | -- Stability : experimental |
7 | -- | 7 | -- |
8 | -- kiki is a command-line utility for manipulating GnuPG's keyring files. | 8 | -- kiki is a command-line utility for manipulating GnuPG's keyring files. This |
9 | -- This module is the programmer-facing API it uses to do that. | 9 | -- module is the programmer-facing API it uses to do that. |
10 | -- | 10 | -- |
11 | -- Note: This is *not* a public facing API. I (the author) consider this | 11 | -- Note: This is *not* a public facing API. I (the author) consider this |
12 | -- library to be internal to kiki and subject to change at my whim. | 12 | -- library to be internal to kiki and subject to change at my whim. |
13 | -- | 13 | -- |
14 | -- Typically, a client to this module would prepare a 'KeyRingOperation' | ||
15 | -- describing what he wants done, and then invoke 'runKeyRing' to make it | ||
16 | -- happen. | ||
14 | {-# LANGUAGE CPP #-} | 17 | {-# LANGUAGE CPP #-} |
15 | {-# LANGUAGE TupleSections #-} | 18 | {-# LANGUAGE TupleSections #-} |
16 | {-# LANGUAGE ViewPatterns #-} | 19 | {-# LANGUAGE ViewPatterns #-} |
@@ -25,28 +28,32 @@ module KeyRing | |||
25 | KikiResult(..) | 28 | KikiResult(..) |
26 | , KikiCondition(..) | 29 | , KikiCondition(..) |
27 | , KikiReportAction(..) | 30 | , KikiReportAction(..) |
31 | , errorString | ||
32 | , reportString | ||
28 | -- * Manipulating Keyrings | 33 | -- * Manipulating Keyrings |
29 | , runKeyRing | 34 | , runKeyRing |
30 | , KeyRingOperation(..) | 35 | , KeyRingOperation(..) |
31 | , StreamInfo(..) | ||
32 | , PassphraseSpec(..) | 36 | , PassphraseSpec(..) |
33 | , Transform(..) | 37 | , Transform(..) |
38 | , PacketUpdate(..) | ||
39 | , noManip | ||
40 | , guardAuthentic | ||
41 | -- * Describing File Operations | ||
42 | , StreamInfo(..) | ||
34 | , Access(..) | 43 | , Access(..) |
44 | , FileType(..) | ||
45 | , InputFile(..) | ||
35 | , KeyFilter(..) | 46 | , KeyFilter(..) |
36 | , errorString | 47 | -- * Results of a KeyRing Operation |
37 | , reportString | ||
38 | , KeyRingRuntime(..) | 48 | , KeyRingRuntime(..) |
39 | , InputFile(..) | ||
40 | , FileType(..) | ||
41 | , importPublic | ||
42 | , importSecret | ||
43 | , subkeysOnly | ||
44 | , PacketUpdate(..) | ||
45 | , noManip | ||
46 | , KeyDB | 49 | , KeyDB |
47 | , KeyData(..) | 50 | , KeyData(..) |
51 | , UserIDRecord(..) | ||
48 | , SubKey(..) | 52 | , SubKey(..) |
49 | , packet | 53 | , packet |
54 | , locations | ||
55 | , keyflags | ||
56 | -- * Miscelaneous Utilities | ||
50 | , isKey | 57 | , isKey |
51 | , derRSA | 58 | , derRSA |
52 | , derToBase32 | 59 | , derToBase32 |
@@ -54,11 +61,8 @@ module KeyRing | |||
54 | , filterMatches | 61 | , filterMatches |
55 | , flattenKeys | 62 | , flattenKeys |
56 | , flattenTop | 63 | , flattenTop |
57 | , guardAuthentic | ||
58 | , Hosts.Hosts | 64 | , Hosts.Hosts |
59 | , isCryptoCoinKey | 65 | , isCryptoCoinKey |
60 | , keyflags | ||
61 | , locations | ||
62 | , matchpr | 66 | , matchpr |
63 | , parseSpec | 67 | , parseSpec |
64 | , parseUID | 68 | , parseUID |
@@ -68,7 +72,6 @@ module KeyRing | |||
68 | , secretToPublic | 72 | , secretToPublic |
69 | , selectPublicKey | 73 | , selectPublicKey |
70 | , selectSecretKey | 74 | , selectSecretKey |
71 | , UserIDRecord(..) | ||
72 | , usage | 75 | , usage |
73 | , usageString | 76 | , usageString |
74 | , walletImportFormat | 77 | , walletImportFormat |
@@ -204,6 +207,10 @@ data FileType = KeyRingFile (Maybe PasswordFile) | |||
204 | | WalletFile -- (Maybe UsageTag) | 207 | | WalletFile -- (Maybe UsageTag) |
205 | | Hosts | 208 | | Hosts |
206 | 209 | ||
210 | -- | Use this type to indicate whether a file of type 'KeyRingFile' is expected | ||
211 | -- to contain secret or public PGP key packets. Note that it is not supported | ||
212 | -- to mix both in the same file and that the secret key packets include all of | ||
213 | -- the information contained in their corresponding public key packets. | ||
207 | data Access = AutoAccess -- ^ secret or public as appropriate based on existing content | 214 | data Access = AutoAccess -- ^ secret or public as appropriate based on existing content |
208 | | Sec -- ^ secret information | 215 | | Sec -- ^ secret information |
209 | | Pub -- ^ public information | 216 | | Pub -- ^ public information |
@@ -218,8 +225,7 @@ data KeyFilter = KF_None -- ^ No keys will be imported. | |||
218 | | KF_All -- ^ All keys will be imported. | 225 | | KF_All -- ^ All keys will be imported. |
219 | 226 | ||
220 | -- | This type describes how 'runKeyRing' will treat a file. | 227 | -- | This type describes how 'runKeyRing' will treat a file. |
221 | data StreamInfo = StreamInfo | 228 | data StreamInfo = StreamInfo { access :: Access |
222 | { access :: Access | ||
223 | -- ^ Indicates whether the file is allowed to contain secret information. | 229 | -- ^ Indicates whether the file is allowed to contain secret information. |
224 | , typ :: FileType | 230 | , typ :: FileType |
225 | -- ^ Indicates the format and content type of the file. | 231 | -- ^ Indicates the format and content type of the file. |
@@ -242,25 +248,29 @@ data StreamInfo = StreamInfo | |||
242 | -- | 248 | -- |
243 | -- * 'KF_None' - The file's contents will not be shared. | 249 | -- * 'KF_None' - The file's contents will not be shared. |
244 | -- | 250 | -- |
245 | -- * 'KF_Match' - The file's key will be shared with the specified | 251 | -- * 'KF_Match' - The file's key will be shared with the specified owner |
246 | -- owner key and usage tag. | 252 | -- key and usage tag. |
247 | -- | 253 | -- |
248 | -- * otherwise - Unspecified. Do not use. | 254 | -- * otherwise - Unspecified. Do not use. |
249 | -- | 255 | -- |
250 | -- 'WalletFile': The 'spill' setting is ignored and the file's | 256 | -- 'WalletFile': |
251 | -- contents are shared. (TODO) | 257 | -- |
258 | -- * The 'spill' setting is ignored and the file's contents are shared. | ||
259 | -- (TODO) | ||
260 | -- | ||
261 | -- 'Hosts': | ||
252 | -- | 262 | -- |
253 | -- 'Hosts': The 'spill' setting is ignored and the file's | 263 | -- * The 'spill' setting is ignored and the file's contents are shared. |
254 | -- contents are shared. (TODO) | 264 | -- (TODO) |
255 | -- | 265 | -- |
256 | , initializer :: Maybe String | 266 | , initializer :: Maybe String |
257 | -- ^ If 'typ' is 'PEMFile' and an 'initializer' string is set, then it is | 267 | -- ^ If 'typ' is 'PEMFile' and an 'initializer' string is set, then it is |
258 | -- interpretted as a shell command that may be used to create the key if it | 268 | -- interpretted as a shell command that may be used to create the key if |
259 | -- does not exist. | 269 | -- it does not exist. |
260 | , transforms :: [Transform] | 270 | , transforms :: [Transform] |
261 | -- ^ Ignored. TODO: The intention is that we may indicate per-file | 271 | -- ^ Ignored. TODO: The intention is that we may indicate per-file |
262 | -- transformations that occur before a file's contents are spilled into the | 272 | -- transformations that occur before the contents of a file are spilled |
263 | -- common pool. | 273 | -- into the common pool. |
264 | } | 274 | } |
265 | 275 | ||
266 | 276 | ||
@@ -294,11 +304,24 @@ usageFromFilter _ = mzero | |||
294 | 304 | ||
295 | data KeyRingRuntime = KeyRingRuntime | 305 | data KeyRingRuntime = KeyRingRuntime |
296 | { rtPubring :: FilePath | 306 | { rtPubring :: FilePath |
307 | -- ^ Path to the file represented by 'HomePub' | ||
297 | , rtSecring :: FilePath | 308 | , rtSecring :: FilePath |
309 | -- ^ Path to the file represented by 'HomeSec' | ||
298 | , rtGrip :: Maybe String | 310 | , rtGrip :: Maybe String |
311 | -- ^ Fingerprint or portion of a fingerprint used | ||
312 | -- to identify the working GnuPG identity used to | ||
313 | -- make signatures. | ||
299 | , rtWorkingKey :: Maybe Packet | 314 | , rtWorkingKey :: Maybe Packet |
315 | -- ^ The master key of the working GnuPG identity. | ||
300 | , rtKeyDB :: KeyDB | 316 | , rtKeyDB :: KeyDB |
317 | -- ^ The common information pool where files spilled | ||
318 | -- their content and from which they received new | ||
319 | -- content. | ||
301 | , rtRingAccess :: Map.Map FilePath Access | 320 | , rtRingAccess :: Map.Map FilePath Access |
321 | -- ^ The 'Access' values used for files of type | ||
322 | -- 'KeyRingFile'. If 'AutoAccess' was specified | ||
323 | -- for a file, this 'Map.Map' will indicate the | ||
324 | -- detected value that was used by the algorithm. | ||
302 | } | 325 | } |
303 | 326 | ||
304 | -- | TODO: Packet Update should have deletion action | 327 | -- | TODO: Packet Update should have deletion action |
@@ -739,14 +739,6 @@ sync bExport bImport bSecret cmdarg args_raw = do | |||
739 | keyrings_ | 739 | keyrings_ |
740 | hosts = maybe [] (map decorate) $ Map.lookup "--hosts" margs | 740 | hosts = maybe [] (map decorate) $ Map.lookup "--hosts" margs |
741 | where decorate fname = (ArgFile fname, buildStreamInfo reftyp Hosts) | 741 | where decorate fname = (ArgFile fname, buildStreamInfo reftyp Hosts) |
742 | importStyle = maybe (\_ _ -> subkeysOnly) | ||
743 | (\f rt kd -> f rt kd >> importPublic) | ||
744 | $ mplus import_f importifauth_f | ||
745 | where | ||
746 | import_f = do Map.lookup "--import" margs | ||
747 | return $ \rt kd -> Just () | ||
748 | importifauth_f = do Map.lookup "--import-if-authentic" margs | ||
749 | return guardAuthentic | ||
750 | pubfill = maybe KF_Subkeys id | 742 | pubfill = maybe KF_Subkeys id |
751 | $ mplus import_f importifauth_f | 743 | $ mplus import_f importifauth_f |
752 | where | 744 | where |