func (e *Kex2Provisionee) saveKeys() error { _, err := libkb.WriteLksSKBToKeyring(e.eddsa, e.lks, nil) if err != nil { return err } _, err = libkb.WriteLksSKBToKeyring(e.dh, e.lks, nil) if err != nil { return err } return nil }
func (e *loginProvision) tryGPG(ctx *Context) error { key, method, err := e.chooseGPGKeyAndMethod(ctx) if err != nil { return err } // depending on the method, get a signing key var signingKey libkb.GenericKey switch method { case keybase1.GPGMethod_GPG_IMPORT: signingKey, err = e.gpgImportKey(ctx, key.GetFingerprint()) if err != nil { // there was an error importing the key. // so offer to switch to using gpg to sign // the provisioning statement: signingKey, err = e.switchToGPGSign(ctx, key, err) if err != nil { return err } method = keybase1.GPGMethod_GPG_SIGN } case keybase1.GPGMethod_GPG_SIGN: signingKey, err = e.gpgSignKey(ctx, key.GetFingerprint()) if err != nil { return err } default: return fmt.Errorf("invalid gpg provisioning method: %v", method) } // After obtaining login session, this will be called before the login state is released. // It signs this new device with the selected gpg key. var afterLogin = func(lctx libkb.LoginContext) error { ctx.LoginContext = lctx if err := e.makeDeviceKeysWithSigner(ctx, signingKey); err != nil { return err } if err := lctx.LocalSession().SetDeviceProvisioned(e.G().Env.GetDeviceID()); err != nil { // not a fatal error, session will stay in memory e.G().Log.Warning("error saving session file: %s", err) } if method == keybase1.GPGMethod_GPG_IMPORT { // store the key in lksec _, err := libkb.WriteLksSKBToKeyring(e.G(), signingKey, e.lks, lctx) if err != nil { e.G().Log.Warning("error saving exported gpg key in lksec: %s", err) return err } } return nil } // need a session to continue to provision return e.G().LoginState().LoginWithPrompt(e.arg.User.GetName(), ctx.LoginUI, ctx.SecretUI, afterLogin) }
func (e *PGPKeyImportEngine) saveLKS(ctx *Context) (err error) { e.G().Log.Debug("+ PGPKeyImportEngine::saveLKS") defer func() { e.G().Log.Debug("- PGPKeyImportEngine::saveLKS -> %v", libkb.ErrToOk(err)) }() lks := e.arg.Lks if lks == nil { lks, err = libkb.NewLKSForEncrypt(ctx.SecretUI, e.me.GetUID(), e.G()) if err != nil { return err } } _, err = libkb.WriteLksSKBToKeyring(e.bundle, lks, ctx.LoginContext) return }
// gpg attempts to provision the device via a gpg key. func (e *LoginProvision) gpg(ctx *Context, method keybase1.ProvisionMethod) error { var getKey func(*Context) (libkb.GenericKey, error) switch method { case keybase1.ProvisionMethod_GPG_SIGN: getKey = e.chooseGPGKey case keybase1.ProvisionMethod_GPG_IMPORT: getKey = e.chooseAndExportGPGKey default: return fmt.Errorf("invalid gpg provisioning method: %v", method) } key, err := getKey(ctx) if err != nil { return err } e.G().Log.Debug("using gpg key %s", key.GetKID()) // After obtaining login session, this will be called before the login state is released. // It signs this new device with the gpg key in bundle. var afterLogin = func(lctx libkb.LoginContext) error { ctx.LoginContext = lctx if err := e.makeDeviceKeysWithSigner(ctx, key); err != nil { return err } if err := lctx.LocalSession().SetDeviceProvisioned(e.G().Env.GetDeviceID()); err != nil { // not a fatal error, session will stay in memory e.G().Log.Warning("error saving session file: %s", err) } if method == keybase1.ProvisionMethod_GPG_IMPORT { // store the key in lksec _, err := libkb.WriteLksSKBToKeyring(e.G(), key, e.lks, lctx) if err != nil { e.G().Log.Warning("error saving exported gpg key in lksec: %s", err) return err } } return nil } // need a session to continue to provision return e.G().LoginState().LoginWithPrompt(e.user.GetName(), ctx.LoginUI, ctx.SecretUI, afterLogin) }