From 8bdeded365a07a48114ab80be6d6b51660cec005 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Wed, 4 Feb 2009 01:47:16 -0500 Subject: pem2openpgp: avoid dumping garbage to stderr --- src/keytrans/pem2openpgp | 3 --- 1 file changed, 3 deletions(-) (limited to 'src') diff --git a/src/keytrans/pem2openpgp b/src/keytrans/pem2openpgp index e905644..c765002 100755 --- a/src/keytrans/pem2openpgp +++ b/src/keytrans/pem2openpgp @@ -495,11 +495,8 @@ my $datatosign = $sig_data_to_be_hashed. $trailer; -print STDERR $datatosign; - my $data_hash = Digest::SHA1::sha1_hex($datatosign); - my $issuer_packet = pack('CCa8', 9, $subpacket_types->{issuer}, $keyid); my $sig = Crypt::OpenSSL::Bignum->new_from_bin($rsa->sign($datatosign)); -- cgit v1.2.3 From 5b27a01c0f34d12118bfee293ec5d2bc8a51c822 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 5 Feb 2009 14:11:04 -0500 Subject: pem2openpgp now supports generating the key as an alternative to reading it from stdin. --- src/keytrans/pem2openpgp | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) (limited to 'src') diff --git a/src/keytrans/pem2openpgp b/src/keytrans/pem2openpgp index c765002..2631da6 100755 --- a/src/keytrans/pem2openpgp +++ b/src/keytrans/pem2openpgp @@ -347,13 +347,16 @@ sub fingerprint { return Digest::SHA1::sha1(pack('Cn', 0x99, length($rsabody)).$rsabody); } -# we're just not dealing with newline business right now. slurp in -# the whole file. -undef $/; -my $buf = ; - -my $rsa = Crypt::OpenSSL::RSA->new_private_key($buf); +my $rsa; +if (defined $ENV{PEM2OPENPGP_NEWKEY}) { + $rsa = Crypt::OpenSSL::RSA->generate_key($ENV{PEM2OPENPGP_NEWKEY}); +} else { + # we're just not dealing with newline business right now. slurp in + # the whole file. + undef $/; + $rsa = Crypt::OpenSSL::RSA->new_private_key(); +} $rsa->use_sha1_hash(); -- cgit v1.2.3 From 3e9fd04d34bed8a8c6b43bf111a8b8bbbbe8663f Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 5 Feb 2009 14:24:49 -0500 Subject: updated pem2openpgp invocation in m-h import-key --- src/share/mh/import_key | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/share/mh/import_key b/src/share/mh/import_key index 2e73a8c..93afb0a 100644 --- a/src/share/mh/import_key +++ b/src/share/mh/import_key @@ -17,7 +17,7 @@ local hostName local userID local fingerprint -# check for presense of secret key +# check for presence of secret key # FIXME: is this the proper test to be doing here? fingerprint_host_key >/dev/null \ && failure "An OpenPGP host key already exists." @@ -32,8 +32,7 @@ chmod 700 "$GNUPGHOME_HOST" log verbose "importing ssh key..." # translate ssh key to a private key -(umask 077 && \ - pem2openpgp "$userID" | gpg_host --import) +PEM2OPENPGP_USAGE_FLAGS=authenticate pem2openpgp "$userID" | gpg_host --import # find the key fingerprint of the newly converted key fingerprint=$(fingerprint_host_key) -- cgit v1.2.3 From 9aee235639e1475cd8aa476c7f2335b3c9ae9884 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 5 Feb 2009 15:16:05 -0500 Subject: m-a setup: take advantage of the new ability of pem2openpgp to generate its own key. --- src/share/ma/setup | 13 ++----------- 1 file changed, 2 insertions(+), 11 deletions(-) (limited to 'src') diff --git a/src/share/ma/setup b/src/share/ma/setup index 422cfd3..034f047 100644 --- a/src/share/ma/setup +++ b/src/share/ma/setup @@ -53,17 +53,8 @@ EOF local CORE_UID=$(printf "Monkeysphere authentication trust core UID (random string: %s)" $(head -c21