my $foundfprstr = Crypt::OpenSSL::Bignum->new_from_bin($foundfpr)->to_hex();
# left-pad with 0's to bring up to full 40-char (160-bit) fingerprint:
$foundfprstr = sprintf("%040s", $foundfprstr);
+ my $matched = 0;
# is this a match?
if ((!defined($data->{target}->{fpr})) ||
}
$data->{key} = { 'rsa' => $pubkey,
'timestamp' => $key_timestamp };
+ $matched = 1;
}
if ($tag != $packet_types->{seckey} &&
}
return;
}
- if (!defined($data->{key})) {
+ if (!$matched) {
# we don't think the public part of this key matches
if ($readbytes < $packetlen) {
read($instr, $dummy, $packetlen - $readbytes) or die "Could not skip past this packet.\n";
return $data->{key}->{rsa};
}
+sub findkeyfprs {
+ my $data = shift;
+ my $instr = shift;
+ my $tag = shift;
+ my $packetlen = shift;
+
+ findkey($data, $instr, $tag, $packetlen);
+ if (defined($data->{key})) {
+ if (defined($data->{key}->{rsa}) && defined($data->{key}->{timestamp})) {
+ $data->{keys}->{fingerprint($data->{key}->{rsa}, $data->{key}->{timestamp})} = $data->{key};
+ } else {
+ die "should have found some key here";
+ }
+ undef($data->{key});
+ }
+};
+
+sub getallprimarykeys {
+ my $instr = shift;
+
+ my $subs = { $packet_types->{pubkey} => \&findkeyfprs,
+ $packet_types->{seckey} => \&findkeyfprs,
+ };
+ my $data = {target => { } };
+
+ packetwalk($instr, $subs, $data);
+
+ if (defined $data->{keys}) {
+ return $data->{keys};
+ } else {
+ return {};
+ }
+}
+
sub adduserid {
my $instr = shift;
my $fpr = shift;
});
print $newuid;
+ } elsif (/^listfprs$/) {
+ my $instream;
+ open($instream,'-');
+ binmode($instream, ":bytes");
+ my $keys = getallprimarykeys($instream);
+ printf("%s\n", join("\n", map { uc(unpack('H*', $_)) } keys(%{$keys})));
} else {
die "Unrecognized subcommand. keytrans subcommands are not a stable interface!\n";
}
<(hd "$TEMPDIR"/secret.key) \
<(hd "$TEMPDIR"/converted.secret.key)
-
-KEYID=$(gpg --fingerprint --with-colons --list-keys | grep ^fpr | cut -f10 -d: | cut -b25-40)
+KEYFPR=$(gpg --fingerprint --with-colons --list-keys | grep ^fpr | cut -f10 -d:)
+KEYID=$(printf "%s" "$KEYFPR" | cut -b25-40)
echo "conversions look good!"
diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons --fixed-list-mode | grep -v ^tru)
+echo "##################################################"
+echo "### test working with two primary keys ... "
+
+ssh-keygen -t rsa -b 1024 -N '' -f "$TEMPDIR"/newkey
+
+PEM2OPENPGP_USAGE_FLAGS=authenticate,certify \
+PEM2OPENPGP_TIMESTAMP="$(( $timestamp + 1 ))" pem2openpgp fubar \
+ < "$TEMPDIR"/newkey > "$TEMPDIR"/newkey.gpg
+
+NEWKEYFPR=$(< "$TEMPDIR"/newkey.gpg keytrans listfprs)
+NEWKEYID=$( printf "%s" "$NEWKEYFPR" | cut -b25-40)
+
+< "$TEMPDIR"/newkey.gpg gpg --import
+
+< "$TEMPDIR"/secring.gpg \
+PEM2OPENPGP_TIMESTAMP="$timestamp" \
+ keytrans adduserid "$KEYID" "baz" | gpg --import
+
+gpg --check-sigs --with-colons --fixed-list-mode
+
+cat >"$TEMPDIR"/expectedout <<EOF
+pub:u:1024:1:$KEYID:$timestamp:::u:::scSC:
+uid:u::::$timestamp::E90EC72E68C6C2A0751DADC70F54F60D27B88C3D::monkeymonkey:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+uid:r::::::8200BD0425CC70C7D698DF3FE412044EAAB83F94::testtest:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+rev:!::1:$KEYID:$revtime::::monkeymonkey:30x:
+uid:u::::$timestamp::EDDC32D783E7F4C7B6982D9AE5DC4A61000648BA::baz:
+sig:!::1:$KEYID:$timestamp::::monkeymonkey:13x:
+pub:-:1024:1:$NEWKEYID:$(($timestamp + 1)):::-:::caCA:
+uid:-::::$(($timestamp + 1))::A0D708F51CC257DEFC01AEDE1E0A5F329DFD8F16::fubar:
+sig:!::1:$NEWKEYID:$(($timestamp + 1))::::fubar:13x:
+EOF
+
+diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons --fixed-list-mode | grep -v ^tru)
+
+cat >"$TEMPDIR"/expectedout <<EOF
+$KEYFPR
+$NEWKEYFPR
+EOF
+
+diff -u "$TEMPDIR"/expectedout <( < "$TEMPDIR"/secring.gpg keytrans listfprs)
+
## FIXME: addtest: not testing subkeys at the moment.
projects / monkeysphere.git / commitdiff