put the hash of the publickey in the clearsigned gpg message

This way changes to JSON won't risk breaking that.

2 files changed, 4 insertions, 7 deletions

diff --git a/Crypto.hs b/Crypto.hs
index 1c898e7..800b0d2 100644
--- a/Crypto.hs
+++ b/Crypto.hs
@@ -5,14 +5,12 @@ module Crypto where
 import Val
 import Hash
 import Types
-import JSON
 
 import qualified Crypto.PubKey.Ed25519 as Ed25519
 import Crypto.Error
 import Crypto.Random.Entropy
 import Data.ByteArray (convert)
 import qualified Data.ByteString as B
-import qualified Data.ByteString.Lazy as L
 import System.IO
 import System.Process
 import System.Exit
@@ -104,7 +102,7 @@ gpgSign pk = do
 			{ std_in = CreatePipe
 			, std_out = CreatePipe
 			}
-	L.hPut hin $ encode pk
+	B.hPut hin $ val $ hashValue $ hash pk
 	hClose hin
 	hSetBinaryMode hout True
 	sig <- GpgSig . Val <$> B.hGetContents hout
@@ -131,11 +129,11 @@ gpgVerify gpgopts (GpgSigned pk (GpgSig (Val sig))) = do
 	B.hPut hin sig
 	hClose hin
 	hSetBinaryMode hout True
-	out <- L.hGetContents hout
+	signeddata <- B.hGetContents hout
 	st <- waitForProcess pid
 	return $ case st of
 		ExitFailure _ -> False
-		ExitSuccess -> Just pk == decode out
+		ExitSuccess -> val (hashValue (hash pk)) == signeddata
   where
 	extraopts = if any ("--keyserver" `isPrefixOf`) gpgopts
 		then gpgopts
diff --git a/Types.hs b/Types.hs
index 1335cdc..bcd1311 100644
--- a/Types.hs
+++ b/Types.hs
@@ -3,8 +3,7 @@
 {- | Main types for debug-me
  -
  - Note that changing types in ways that change the JSON serialization
- - changes debug-me's log format, and in some cases also changes the wire
- - format.
+ - changes debug-me's log format.
  -}
 
 module Types (