diff options
| author | Joey Hess <joeyh@joeyh.name> | 2017-04-26 17:31:30 -0400 |
|---|---|---|
| committer | Joey Hess <joeyh@joeyh.name> | 2017-04-26 18:13:40 -0400 |
| commit | 3c7d3b3a2088cfe3698c3b055822c2b9fa67468a (patch) | |
| tree | ea059c1d13981e12d461bb7485406aaea0d2ba1c /Role/User.hs | |
| parent | 8f2d5a67911ae22ff5bf0a191aa63cbb61da32ac (diff) | |
| download | debug-me-3c7d3b3a2088cfe3698c3b055822c2b9fa67468a.tar.gz | |
gpg sign developer session key
And part of what we need to have users verify them.
This commit was sponsored by andrea rota.
Diffstat (limited to 'Role/User.hs')
| -rw-r--r-- | Role/User.hs | 16 |
1 files changed, 11 insertions, 5 deletions
diff --git a/Role/User.hs b/Role/User.hs index fc6eaea..51688af 100644 --- a/Role/User.hs +++ b/Role/User.hs @@ -80,7 +80,7 @@ startProtocol starttxt ochan logger = do atomically $ writeTMChan ochan msg logger $ User msg sk <- genMySessionKey - pk <- myPublicKey sk + pk <- myPublicKey sk (GpgSign False) let c = mkSigned sk $ Control (SessionKey pk) initialmessage $ ControlMessage c let starttxt' = rawLine starttxt @@ -209,8 +209,10 @@ getDeveloperMessage' :: Message Entered -> TMChan (Message Seen) -> TVar UserSta getDeveloperMessage' msg ochan us now = do st <- readTVar us case msg of - ControlMessage (Control (SessionKey pk) _) -> do - let sigverifier = mkSigVerifier pk + ControlMessage (Control (SessionKey spk) _) -> do + let sigverifier = mkSigVerifier $ case spk of + GpgSigned pk _ -> pk + UnSigned pk -> pk if verifySigned sigverifier msg then return (InputMessage msg) else return (BadlySignedMessage msg) @@ -236,8 +238,8 @@ getDeveloperMessage' msg ochan us now = do -- | Check if the public key a developer presented is one we want to use, -- and if so, add it to the sigVerifier. -checkDeveloperPublicKey :: TMChan (Message Seen) -> TVar UserState -> Logger -> PublicKey -> IO () -checkDeveloperPublicKey ochan us logger pk = do +checkDeveloperPublicKey :: TMChan (Message Seen) -> TVar UserState -> Logger -> PerhapsSigned PublicKey -> IO () +checkDeveloperPublicKey ochan us logger spk = do now <- getPOSIXTime -- TODO check gpg sig.. msg <- atomically $ do @@ -248,6 +250,10 @@ checkDeveloperPublicKey ochan us logger pk = do writeTVar us st' sendDeveloper ochan us (SessionKeyAccepted pk) now logger $ User msg + where + pk = case spk of + GpgSigned k _ -> k + UnSigned k -> k -- | Truncate the Backlog to remove entries older than the one -- that the Activity Entered refers to, but only if the referred |