From 3c7d3b3a2088cfe3698c3b055822c2b9fa67468a Mon Sep 17 00:00:00 2001
From: Joey Hess <joeyh@joeyh.name>
Date: Wed, 26 Apr 2017 17:31:30 -0400
Subject: gpg sign developer session key

And part of what we need to have users verify them.

This commit was sponsored by andrea rota.
---
 Role/User.hs | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

(limited to 'Role/User.hs')

diff --git a/Role/User.hs b/Role/User.hs
index fc6eaea..51688af 100644
--- a/Role/User.hs
+++ b/Role/User.hs
@@ -80,7 +80,7 @@ startProtocol starttxt ochan logger = do
 		atomically $ writeTMChan ochan msg
 		logger $ User msg
 	sk <- genMySessionKey
-	pk <- myPublicKey sk
+	pk <- myPublicKey sk (GpgSign False)
 	let c = mkSigned sk $ Control (SessionKey pk)
 	initialmessage $ ControlMessage c
 	let starttxt' = rawLine starttxt
@@ -209,8 +209,10 @@ getDeveloperMessage' :: Message Entered -> TMChan (Message Seen) -> TVar UserSta
 getDeveloperMessage' msg ochan us now = do
 	st <- readTVar us
 	case msg of
-		ControlMessage (Control (SessionKey pk) _) -> do
-			let sigverifier = mkSigVerifier pk
+		ControlMessage (Control (SessionKey spk) _) -> do
+			let sigverifier = mkSigVerifier $ case spk of
+				GpgSigned pk _ -> pk
+				UnSigned pk -> pk
 			if verifySigned sigverifier msg
 				then return (InputMessage msg)
 				else return (BadlySignedMessage msg)
@@ -236,8 +238,8 @@ getDeveloperMessage' msg ochan us now = do
 
 -- | Check if the public key a developer presented is one we want to use,
 -- and if so, add it to the sigVerifier.
-checkDeveloperPublicKey :: TMChan (Message Seen) -> TVar UserState -> Logger -> PublicKey -> IO ()
-checkDeveloperPublicKey ochan us logger pk = do
+checkDeveloperPublicKey :: TMChan (Message Seen) -> TVar UserState -> Logger -> PerhapsSigned PublicKey -> IO ()
+checkDeveloperPublicKey ochan us logger spk = do
 	now <- getPOSIXTime
 	-- TODO check gpg sig..
 	msg <- atomically $ do
@@ -248,6 +250,10 @@ checkDeveloperPublicKey ochan us logger pk = do
 		writeTVar us st'
 		sendDeveloper ochan us (SessionKeyAccepted pk) now
 	logger $ User msg
+  where
+	pk = case spk of
+		GpgSigned k _ -> k
+		UnSigned k -> k
 
 -- | Truncate the Backlog to remove entries older than the one
 -- that the Activity Entered refers to, but only if the referred
-- 
cgit v1.2.3