From 8c56ffda40444e777d5442135dd75b6858ff0843 Mon Sep 17 00:00:00 2001 From: joe Date: Fri, 13 Dec 2013 04:02:20 -0500 Subject: OpenPGP module to insulate the code from Data.OpenPGP.CryptoAPI --- OpenPGP.hs | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) create mode 100644 OpenPGP.hs (limited to 'OpenPGP.hs') diff --git a/OpenPGP.hs b/OpenPGP.hs new file mode 100644 index 0000000..7fef0b5 --- /dev/null +++ b/OpenPGP.hs @@ -0,0 +1,42 @@ +module OpenPGP + ( verify + , fingerprint + , pgpSign + , decryptSecretKey + ) where + +import Data.OpenPGP as OpenPGP +import Data.OpenPGP.CryptoAPI (verify,fingerprint,sign,decryptSecretKey) +import Data.Time.Clock.POSIX +import Control.Applicative ( (<$>) ) +import Crypto.Random (newGenIO,SystemRandom) + +now = floor <$> Data.Time.Clock.POSIX.getPOSIXTime + +stampit timestamp sig = sig { hashed_subpackets = hashed' } + where + hashed_stamps = filter isStamp (hashed_subpackets sig) + unhashed_stamps = filter isStamp (unhashed_subpackets sig) + hashed' = case hashed_stamps ++ unhashed_stamps of + [] -> SignatureCreationTimePacket (fromIntegral timestamp) + : hashed_subpackets sig + _ -> hashed_subpackets sig + isStamp (SignatureCreationTimePacket {}) = True + isStamp _ = False + +-- | Make a signature +-- +-- In order to set more options on a signature, pass in a signature packet. +pgpSign :: + OpenPGP.Message -- ^ SecretKeys, one of which will be used + -> OpenPGP.SignatureOver -- ^ Data to sign, and optional signature packet + -> OpenPGP.HashAlgorithm -- ^ HashAlgorithm to use in signature + -> String -- ^ KeyID of key to choose + -> IO OpenPGP.SignatureOver +pgpSign seckeys dta hash_algo keyid = do + timestamp <- now + g <- newGenIO :: IO SystemRandom + let sigs = map (stampit timestamp) $ signatures_over dta + dta' = dta { signatures_over = sigs } + let (r,g') = sign seckeys dta' hash_algo keyid timestamp g + return r -- cgit v1.2.3