diff options
author | Joey Hess <joeyh@joeyh.name> | 2017-04-27 15:55:46 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2017-04-27 15:55:46 -0400 |
commit | fd2cb3cd3608401f42d3d0d06b7f961bb0b1ebb4 (patch) | |
tree | 773c9c76095fe2ee1d583229cb4ec62bcd8c7990 | |
parent | 686dcc8b172b77e3e612ba4badbb88879d0f5599 (diff) | |
download | debug-me-fd2cb3cd3608401f42d3d0d06b7f961bb0b1ebb4.tar.gz |
put the hash of the publickey in the clearsigned gpg message
This way changes to JSON won't risk breaking that.
-rw-r--r-- | Crypto.hs | 8 | ||||
-rw-r--r-- | Types.hs | 3 |
2 files changed, 4 insertions, 7 deletions
@@ -5,14 +5,12 @@ module Crypto where import Val import Hash import Types -import JSON import qualified Crypto.PubKey.Ed25519 as Ed25519 import Crypto.Error import Crypto.Random.Entropy import Data.ByteArray (convert) import qualified Data.ByteString as B -import qualified Data.ByteString.Lazy as L import System.IO import System.Process import System.Exit @@ -104,7 +102,7 @@ gpgSign pk = do { std_in = CreatePipe , std_out = CreatePipe } - L.hPut hin $ encode pk + B.hPut hin $ val $ hashValue $ hash pk hClose hin hSetBinaryMode hout True sig <- GpgSig . Val <$> B.hGetContents hout @@ -131,11 +129,11 @@ gpgVerify gpgopts (GpgSigned pk (GpgSig (Val sig))) = do B.hPut hin sig hClose hin hSetBinaryMode hout True - out <- L.hGetContents hout + signeddata <- B.hGetContents hout st <- waitForProcess pid return $ case st of ExitFailure _ -> False - ExitSuccess -> Just pk == decode out + ExitSuccess -> val (hashValue (hash pk)) == signeddata where extraopts = if any ("--keyserver" `isPrefixOf`) gpgopts then gpgopts @@ -3,8 +3,7 @@ {- | Main types for debug-me - - Note that changing types in ways that change the JSON serialization - - changes debug-me's log format, and in some cases also changes the wire - - format. + - changes debug-me's log format. -} module Types ( |