gpg sign developer session key

And part of what we need to have users verify them.

This commit was sponsored by andrea rota.

1 files changed, 20 insertions, 4 deletions

diff --git a/Types.hs b/Types.hs
index c202f14..2dc5d28 100644
--- a/Types.hs
+++ b/Types.hs
@@ -85,7 +85,7 @@ instance DataSize Control where
 data ControlAction
 	= Rejected (Activity Entered)
 	-- ^ sent by user to indicate when an Entered value was rejected.
-	| SessionKey PublicKey
+	| SessionKey (PerhapsSigned PublicKey)
 	-- ^ sent by user at start, and later by developer,
 	-- to indicate their session key
 	| SessionKeyAccepted PublicKey
@@ -126,13 +126,22 @@ instance DataSize Signature where
 	dataSize (OtherSignature v) = dataSize v
 
 -- | A public key used for a debug-me session.
--- It may be signed with a gpg key.
-data PublicKey = PublicKey Val (Maybe GpgSig)
+data PublicKey = PublicKey Val
 	deriving (Show, Generic, Eq)
 
 instance DataSize PublicKey where
 	-- ed25519 public keys are 32 bytes
-	dataSize (PublicKey _ ms) = 32 + maybe 0 dataSize ms
+	dataSize (PublicKey _) = 32
+
+-- | A value that may be gpg signed.
+data PerhapsSigned a
+	= GpgSigned a GpgSig
+	| UnSigned a
+	deriving (Show, Generic, Eq)
+
+instance DataSize a => DataSize (PerhapsSigned a) where
+	dataSize (GpgSigned a sig) = dataSize a + dataSize sig
+	dataSize (UnSigned a) = dataSize a
 
 -- | A signature made with a gpg key.
 newtype GpgSig = GpgSig Val
@@ -226,3 +235,10 @@ instance ToJSON ControlAction where
 	toEncoding = genericToEncoding sumOptions
 instance FromJSON ControlAction where
 	parseJSON = genericParseJSON sumOptions
+
+instance Binary (PerhapsSigned PublicKey)
+instance ToJSON (PerhapsSigned PublicKey) where
+	toJSON = genericToJSON sumOptions
+	toEncoding = genericToEncoding sumOptions
+instance FromJSON (PerhapsSigned PublicKey) where
+	parseJSON = genericParseJSON sumOptions