예제 #1
0
// Add adds bundle to the keyset.  If a key already exists, it
// will be ignored.
func (k *keyset) Add(bundle *libkb.PGPKeyBundle) {
	kid := bundle.GetKID()
	if _, ok := k.keys[kid]; ok {
		return
	}
	k.keys[kid] = bundle
	k.index = append(k.index, kid)
}
예제 #2
0
func (d *Locksmith) deviceSignPGP(ctx *Context) (err error) {
	d.G().Log.Debug("+ deviceSignPGP")
	defer func() {
		d.G().Log.Debug("- deviceSignPGP -> %s", libkb.ErrToOk(err))
	}()
	pgpKeys := d.arg.User.GetActivePGPKeys(false)
	if len(pgpKeys) == 0 {
		err = errors.New("no active PGP keys unexpectedly")
		return err
	}
	var selected *libkb.PGPKeyBundle
	if len(pgpKeys) > 1 {
		// show a list of pgp keys and let them select which one to use
		selected, err = d.selectPGPKey(ctx, pgpKeys)
		if err != nil {
			return err
		}
		if selected == nil {
			err = fmt.Errorf("no key selected")
			return err
		}
	} else {
		selected = pgpKeys[0]
	}

	ctx.LogUI.Debug("selected pgp key: %s", selected.VerboseDescription())
	ctx.LogUI.Debug("selected pgp key kid: %s", selected.GetKID())

	var pk libkb.ServerPrivateKey
	var ok bool
	if ctx.LoginContext != nil {
		pk, ok = ctx.LoginContext.SecretSyncer().FindPrivateKey(selected.GetKID().String())
	} else {
		err = d.G().LoginState().SecretSyncer(func(ss *libkb.SecretSyncer) {
			pk, ok = ss.FindPrivateKey(selected.GetKID().String())
		}, "Locksmith - deviceSignPGP - FindPrivateKey")
		if err != nil {
			return err
		}
	}
	if ok {
		d.G().Log.Debug("| found synced secret key, unlocking it")
		skb, serr := pk.ToSKB(d.G())
		if serr != nil {
			err = serr
			return err
		}

		pgpk, perr := skb.PromptAndUnlock(ctx.LoginContext, "sign new device", "keybase", nil, ctx.SecretUI, nil, d.arg.User)
		if perr != nil {
			err = perr
			return err
		}
		return d.deviceSignPGPNext(ctx, pgpk)
	}

	// use gpg to unlock it
	gpg := d.G().GetGpgClient()
	if err = gpg.Configure(); err != nil {
		return err
	}

	bundle, ierr := gpg.ImportKey(true, selected.GetFingerprint())
	if ierr != nil {
		err = ierr
		return err
	}

	if err = bundle.Unlock("adding this device to your account", ctx.SecretUI); err != nil {
		err = fmt.Errorf("bundle Unlock error: %s", err)
		return err
	}

	return d.deviceSignPGPNext(ctx, bundle)
}