summaryrefslogtreecommitdiff
path: root/lib/Transforms.hs
diff options
context:
space:
mode:
Diffstat (limited to 'lib/Transforms.hs')
-rw-r--r--lib/Transforms.hs38
1 files changed, 30 insertions, 8 deletions
diff --git a/lib/Transforms.hs b/lib/Transforms.hs
index e7097ba..f3cd5e3 100644
--- a/lib/Transforms.hs
+++ b/lib/Transforms.hs
@@ -16,6 +16,7 @@ import Data.Ord
16import Data.OpenPGP 16import Data.OpenPGP
17import Data.OpenPGP.Util 17import Data.OpenPGP.Util
18import Data.Word 18import Data.Word
19import qualified IntMapClass as I
19import KeyDB 20import KeyDB
20import KeyRing.Types 21import KeyRing.Types
21import FunctorToMaybe 22import FunctorToMaybe
@@ -236,12 +237,19 @@ has_tag tag p = isSignaturePacket p
236 237
237 238
238 239
239verifyBindings :: [Packet] -> [Packet] -> ([SignatureOver], [SignatureOver]) 240verifyBindings :: I.IMap KeyGrip [Packet] -> [Packet] -> ([SignatureOver], [SignatureOver])
240verifyBindings keys nonkeys = (top ++ filter isSubkeySignature embedded,othersigs) 241verifyBindings gmap nonkeys = (top ++ filter isSubkeySignature embedded,othersigs)
241 where 242 where
242 verified = do 243 verified = do
243 sig <- signatures (Message nonkeys) 244 sigs <- signatures (Message nonkeys)
244 let v = verify (Message keys) sig 245 sig <- signatures_over sigs
246 let grip = issuerGrip sig
247 gks = concat [ ks | g <- maybeToList grip
248 , ks <- maybeToList $ I.lookup g gmap ]
249 kmsg = Message
250 $ if null gks then maybe (concat $ I.elems gmap) (const []) grip
251 else gks
252 v = verify kmsg (sigs { signatures_over = [sig] })
245 guard (not . null $ signatures_over v) 253 guard (not . null $ signatures_over v)
246 return v 254 return v
247 (top,othersigs) = partition isSubkeySignature verified 255 (top,othersigs) = partition isSubkeySignature verified
@@ -292,13 +300,15 @@ getBindings ::
292getBindings pkts = (sigs,bindings) 300getBindings pkts = (sigs,bindings)
293 where 301 where
294 (sigs,concat->bindings) = unzip $ do 302 (sigs,concat->bindings) = unzip $ do
295 keys <- disjoint_fp (filter isKey pkts) 303 keys <- take 1 $ disjoint_fp (filter isKey pkts)
296 let (bs,sigs) = verifyBindings keys pkts 304 let gmap = buildGripMap keys
305 (bs,sigs) = verifyBindings gmap pkts
297 return . ((keys,sigs),) $ do 306 return . ((keys,sigs),) $ do
298 b <- bs -- trace ("sigs = "++show (map (map signature_issuer . signatures_over) sigs)) bs 307 b <- bs -- trace ("sigs = "++show (map (map signature_issuer . signatures_over) sigs)) bs
299 i <- map signature_issuer (signatures_over b) 308 i <- map signature_issuer (signatures_over b)
300 i <- maybeToList i 309 i <- maybeToList i
301 who <- maybeToList $ find_key (show . fingerprint) (Message keys) i 310 g <- maybeToList $ smallprGrip i
311 who <- take 1 $ concat $ maybeToList $ I.lookup g gmap
302 let (code,claimants) = 312 let (code,claimants) =
303 case () of 313 case () of
304 _ | who == topkey b -> (1,[]) 314 _ | who == topkey b -> (1,[])
@@ -627,7 +637,19 @@ makeSig doDecrypt top fname subkey_p tags mbsig = do
627 637
628-- TODO: Use fingerprint to narrow candidates. 638-- TODO: Use fingerprint to narrow candidates.
629candidateSignerKeys :: KeyDB -> Packet -> [Packet] 639candidateSignerKeys :: KeyDB -> Packet -> [Packet]
630candidateSignerKeys db sig = map keyPacket $ keyData db 640candidateSignerKeys db sig =
641 case issuerGrip sig of
642 Just g -> concatMap (map packet . associatedKeys) $ lookupByGrip g db
643 _ -> map keyPacket $ keyData db
644
645issuerGrip :: Packet -> Maybe KeyGrip
646issuerGrip sig = do
647 IssuerPacket hexfp <- find isIssuer (hashed_subpackets sig ++ unhashed_subpackets sig)
648 smallprGrip hexfp
649
650isIssuer :: SignatureSubpacket -> Bool
651isIssuer (IssuerPacket _) = True
652isIssuer _ = False
631 653
632performManipulations :: 654performManipulations ::
633 (PacketDecrypter) 655 (PacketDecrypter)
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-15 12:39:05 +0000