diff options
Diffstat (limited to 'lib/Transforms.hs')
-rw-r--r-- | lib/Transforms.hs | 38 |
1 files changed, 30 insertions, 8 deletions
diff --git a/lib/Transforms.hs b/lib/Transforms.hs index e7097ba..f3cd5e3 100644 --- a/lib/Transforms.hs +++ b/lib/Transforms.hs | |||
@@ -16,6 +16,7 @@ import Data.Ord | |||
16 | import Data.OpenPGP | 16 | import Data.OpenPGP |
17 | import Data.OpenPGP.Util | 17 | import Data.OpenPGP.Util |
18 | import Data.Word | 18 | import Data.Word |
19 | import qualified IntMapClass as I | ||
19 | import KeyDB | 20 | import KeyDB |
20 | import KeyRing.Types | 21 | import KeyRing.Types |
21 | import FunctorToMaybe | 22 | import FunctorToMaybe |
@@ -236,12 +237,19 @@ has_tag tag p = isSignaturePacket p | |||
236 | 237 | ||
237 | 238 | ||
238 | 239 | ||
239 | verifyBindings :: [Packet] -> [Packet] -> ([SignatureOver], [SignatureOver]) | 240 | verifyBindings :: I.IMap KeyGrip [Packet] -> [Packet] -> ([SignatureOver], [SignatureOver]) |
240 | verifyBindings keys nonkeys = (top ++ filter isSubkeySignature embedded,othersigs) | 241 | verifyBindings gmap nonkeys = (top ++ filter isSubkeySignature embedded,othersigs) |
241 | where | 242 | where |
242 | verified = do | 243 | verified = do |
243 | sig <- signatures (Message nonkeys) | 244 | sigs <- signatures (Message nonkeys) |
244 | let v = verify (Message keys) sig | 245 | sig <- signatures_over sigs |
246 | let grip = issuerGrip sig | ||
247 | gks = concat [ ks | g <- maybeToList grip | ||
248 | , ks <- maybeToList $ I.lookup g gmap ] | ||
249 | kmsg = Message | ||
250 | $ if null gks then maybe (concat $ I.elems gmap) (const []) grip | ||
251 | else gks | ||
252 | v = verify kmsg (sigs { signatures_over = [sig] }) | ||
245 | guard (not . null $ signatures_over v) | 253 | guard (not . null $ signatures_over v) |
246 | return v | 254 | return v |
247 | (top,othersigs) = partition isSubkeySignature verified | 255 | (top,othersigs) = partition isSubkeySignature verified |
@@ -292,13 +300,15 @@ getBindings :: | |||
292 | getBindings pkts = (sigs,bindings) | 300 | getBindings pkts = (sigs,bindings) |
293 | where | 301 | where |
294 | (sigs,concat->bindings) = unzip $ do | 302 | (sigs,concat->bindings) = unzip $ do |
295 | keys <- disjoint_fp (filter isKey pkts) | 303 | keys <- take 1 $ disjoint_fp (filter isKey pkts) |
296 | let (bs,sigs) = verifyBindings keys pkts | 304 | let gmap = buildGripMap keys |
305 | (bs,sigs) = verifyBindings gmap pkts | ||
297 | return . ((keys,sigs),) $ do | 306 | return . ((keys,sigs),) $ do |
298 | b <- bs -- trace ("sigs = "++show (map (map signature_issuer . signatures_over) sigs)) bs | 307 | b <- bs -- trace ("sigs = "++show (map (map signature_issuer . signatures_over) sigs)) bs |
299 | i <- map signature_issuer (signatures_over b) | 308 | i <- map signature_issuer (signatures_over b) |
300 | i <- maybeToList i | 309 | i <- maybeToList i |
301 | who <- maybeToList $ find_key (show . fingerprint) (Message keys) i | 310 | g <- maybeToList $ smallprGrip i |
311 | who <- take 1 $ concat $ maybeToList $ I.lookup g gmap | ||
302 | let (code,claimants) = | 312 | let (code,claimants) = |
303 | case () of | 313 | case () of |
304 | _ | who == topkey b -> (1,[]) | 314 | _ | who == topkey b -> (1,[]) |
@@ -627,7 +637,19 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do | |||
627 | 637 | ||
628 | -- TODO: Use fingerprint to narrow candidates. | 638 | -- TODO: Use fingerprint to narrow candidates. |
629 | candidateSignerKeys :: KeyDB -> Packet -> [Packet] | 639 | candidateSignerKeys :: KeyDB -> Packet -> [Packet] |
630 | candidateSignerKeys db sig = map keyPacket $ keyData db | 640 | candidateSignerKeys db sig = |
641 | case issuerGrip sig of | ||
642 | Just g -> concatMap (map packet . associatedKeys) $ lookupByGrip g db | ||
643 | _ -> map keyPacket $ keyData db | ||
644 | |||
645 | issuerGrip :: Packet -> Maybe KeyGrip | ||
646 | issuerGrip sig = do | ||
647 | IssuerPacket hexfp <- find isIssuer (hashed_subpackets sig ++ unhashed_subpackets sig) | ||
648 | smallprGrip hexfp | ||
649 | |||
650 | isIssuer :: SignatureSubpacket -> Bool | ||
651 | isIssuer (IssuerPacket _) = True | ||
652 | isIssuer _ = False | ||
631 | 653 | ||
632 | performManipulations :: | 654 | performManipulations :: |
633 | (PacketDecrypter) | 655 | (PacketDecrypter) |