// Add adds bundle to the keyset. If a key already exists, it
// will be ignored.
func (k *keyset) Add(bundle *libkb.PGPKeyBundle) {
kid := bundle.GetKID()
if _, ok := k.keys[kid]; ok {
return
}
k.keys[kid] = bundle
k.index = append(k.index, kid)
}
func (d *Locksmith) deviceSignPGP(ctx *Context) (err error) {
d.G().Log.Debug("+ deviceSignPGP")
defer func() {
d.G().Log.Debug("- deviceSignPGP -> %s", libkb.ErrToOk(err))
}()
pgpKeys := d.arg.User.GetActivePGPKeys(false)
if len(pgpKeys) == 0 {
err = errors.New("no active PGP keys unexpectedly")
return err
}
var selected *libkb.PGPKeyBundle
if len(pgpKeys) > 1 {
// show a list of pgp keys and let them select which one to use
selected, err = d.selectPGPKey(ctx, pgpKeys)
if err != nil {
return err
}
if selected == nil {
err = fmt.Errorf("no key selected")
return err
}
} else {
selected = pgpKeys[0]
}
ctx.LogUI.Debug("selected pgp key: %s", selected.VerboseDescription())
ctx.LogUI.Debug("selected pgp key kid: %s", selected.GetKID())
var pk libkb.ServerPrivateKey
var ok bool
if ctx.LoginContext != nil {
pk, ok = ctx.LoginContext.SecretSyncer().FindPrivateKey(selected.GetKID().String())
} else {
err = d.G().LoginState().SecretSyncer(func(ss *libkb.SecretSyncer) {
pk, ok = ss.FindPrivateKey(selected.GetKID().String())
}, "Locksmith - deviceSignPGP - FindPrivateKey")
if err != nil {
return err
}
}
if ok {
d.G().Log.Debug("| found synced secret key, unlocking it")
skb, serr := pk.ToSKB(d.G())
if serr != nil {
err = serr
return err
}
pgpk, perr := skb.PromptAndUnlock(ctx.LoginContext, "sign new device", "keybase", nil, ctx.SecretUI, nil, d.arg.User)
if perr != nil {
err = perr
return err
}
return d.deviceSignPGPNext(ctx, pgpk)
}
// use gpg to unlock it
gpg := d.G().GetGpgClient()
if err = gpg.Configure(); err != nil {
return err
}
bundle, ierr := gpg.ImportKey(true, selected.GetFingerprint())
if ierr != nil {
err = ierr
return err
}
if err = bundle.Unlock("adding this device to your account", ctx.SecretUI); err != nil {
err = fmt.Errorf("bundle Unlock error: %s", err)
return err
}
return d.deviceSignPGPNext(ctx, bundle)
}