From be27ae1503f55a18b3b5813186248e4b182a60d9 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 11 Nov 2014 13:00:14 -0400 Subject: changelog --- doc/todo/multi_gpg_key_privdata.mdwn | 2 ++ 1 file changed, 2 insertions(+) (limited to 'doc') diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn index 754aa7e9..9804196d 100644 --- a/doc/todo/multi_gpg_key_privdata.mdwn +++ b/doc/todo/multi_gpg_key_privdata.mdwn @@ -4,3 +4,5 @@ To support multiple gpg keys added with --add-key, propellor should listed in `privdata/keyring.gpg` * When --add-key adds a new key, it should re-encrypt the privdata, so that this new key can access it. + +[[done]] -- cgit v1.2.3 From 51cb668e5caf482698bba34c52eaf10a604b1752 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 11 Nov 2014 13:30:29 -0400 Subject: unundo --- doc/todo/multi_gpg_key_privdata.mdwn | 2 -- 1 file changed, 2 deletions(-) (limited to 'doc') diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn index 9804196d..754aa7e9 100644 --- a/doc/todo/multi_gpg_key_privdata.mdwn +++ b/doc/todo/multi_gpg_key_privdata.mdwn @@ -4,5 +4,3 @@ To support multiple gpg keys added with --add-key, propellor should listed in `privdata/keyring.gpg` * When --add-key adds a new key, it should re-encrypt the privdata, so that this new key can access it. - -[[done]] -- cgit v1.2.3 From 4c19e8407dc80bea9f3fd9559338bbc68ee0678d Mon Sep 17 00:00:00 2001 From: Arnaud Bailly Date: Wed, 12 Nov 2014 00:37:53 +0800 Subject: added some details to multipe gpg keys issue --- doc/todo/multi_gpg_key_privdata.mdwn | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) (limited to 'doc') diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn index 754aa7e9..1d9b05a4 100644 --- a/doc/todo/multi_gpg_key_privdata.mdwn +++ b/doc/todo/multi_gpg_key_privdata.mdwn @@ -1,6 +1,11 @@ To support multiple gpg keys added with --add-key, propellor should * When it encrypts the privdata after a change, encrypt it to all keys - listed in `privdata/keyring.gpg` + listed in `privdata/keyring.gpg`. See [this + post](http://laurent.bachelier.name/2013/03/gpg-encryption-to-multiple-recipients/) + explaining why and how encryption with multiple recipients work. * When --add-key adds a new key, it should re-encrypt the privdata, so that this new key can access it. +* When --add-key on behalf of another user, do not modify the signing key for + local git. This entails either splitting this command in two, `--add-key` and + `--set-signing-key`, or adding another command `--add-foreign-key`. -- cgit v1.2.3 From e4f9df8404b8a7a2358e920dc2a231a3df823d6d Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 11 Nov 2014 13:41:25 -0400 Subject: avoid configuring git signing key when there's no secret key Also, nice display for --add-key steps --- doc/todo/multi_gpg_key_privdata.mdwn | 3 ++- src/Propellor/Gpg.hs | 31 ++++++++++++++++++++++--------- 2 files changed, 24 insertions(+), 10 deletions(-) (limited to 'doc') diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn index 1d9b05a4..f7475c13 100644 --- a/doc/todo/multi_gpg_key_privdata.mdwn +++ b/doc/todo/multi_gpg_key_privdata.mdwn @@ -8,4 +8,5 @@ To support multiple gpg keys added with --add-key, propellor should so that this new key can access it. * When --add-key on behalf of another user, do not modify the signing key for local git. This entails either splitting this command in two, `--add-key` and - `--set-signing-key`, or adding another command `--add-foreign-key`. + `--set-signing-key`, or adding another command `--add-foreign-key`, + or perhaps determining if the key being added has a known secret key. diff --git a/src/Propellor/Gpg.hs b/src/Propellor/Gpg.hs index e478f610..572be190 100644 --- a/src/Propellor/Gpg.hs +++ b/src/Propellor/Gpg.hs @@ -8,6 +8,7 @@ import Data.Maybe import Data.List.Utils import Propellor.PrivData.Paths +import Propellor.Message import Utility.SafeCommand import Utility.Process import Utility.Monad @@ -19,6 +20,7 @@ type KeyId = String keyring :: FilePath keyring = privDataDir "keyring.gpg" +-- Lists the keys in propellor's keyring. listPubKeys :: IO [KeyId] listPubKeys = parse . lines <$> readProcess "gpg" listopts where @@ -36,10 +38,15 @@ useKeyringOpts = ] addKey :: KeyId -> IO () -addKey keyid = exitBool =<< allM id - [ gpg, gitadd keyring, reencryptprivdata, gitconfig, gitcommit ] +addKey keyid = exitBool =<< allM (uncurry actionMessage) + [ ("adding key to propellor's keyring", addkeyring) + , ("staging propellor's keyring", gitadd keyring) + , ("updating encryption of any privdata", reencryptprivdata) + , ("configuring git signing to use key", gitconfig) + , ("committing changes", gitcommit) + ] where - gpg = do + addkeyring = do createDirectoryIfMissing True privDataDir boolSystem "sh" [ Param "-c" @@ -59,11 +66,16 @@ addKey keyid = exitBool =<< allM id , File f ] - gitconfig = boolSystem "git" - [ Param "config" - , Param "user.signingkey" - , Param keyid - ] + gitconfig = ifM (snd <$> processTranscript "gpg" ["--list-secret-keys", keyid] Nothing) + ( boolSystem "git" + [ Param "config" + , Param "user.signingkey" + , Param keyid + ] + , do + warningMessage $ "Cannot find a secret key for key " ++ keyid ++ ", so not configuring git user.signingkey to use this key." + return True + ) gitcommit = gitCommit [ File keyring @@ -71,7 +83,7 @@ addKey keyid = exitBool =<< allM id , Param "propellor addkey" ] -{- Automatically sign the commit if there'a a keyring. -} +-- Automatically sign the commit if there'a a keyring. gitCommit :: [CommandParam] -> IO Bool gitCommit ps = do k <- doesFileExist keyring @@ -86,6 +98,7 @@ gpgDecrypt f = ifM (doesFileExist f) , return "" ) +-- Encrypt file to all keys in propellor's keyring. gpgEncrypt :: FilePath -> String -> IO () gpgEncrypt f s = do keyids <- listPubKeys -- cgit v1.2.3 From 05a793dd5916a3d21cbec783e26bd629891ad7f1 Mon Sep 17 00:00:00 2001 From: Joey Hess Date: Tue, 11 Nov 2014 13:47:22 -0400 Subject: should be fixed --- doc/todo/multi_gpg_key_privdata.mdwn | 2 ++ 1 file changed, 2 insertions(+) (limited to 'doc') diff --git a/doc/todo/multi_gpg_key_privdata.mdwn b/doc/todo/multi_gpg_key_privdata.mdwn index f7475c13..3ee6b3b8 100644 --- a/doc/todo/multi_gpg_key_privdata.mdwn +++ b/doc/todo/multi_gpg_key_privdata.mdwn @@ -10,3 +10,5 @@ To support multiple gpg keys added with --add-key, propellor should local git. This entails either splitting this command in two, `--add-key` and `--set-signing-key`, or adding another command `--add-foreign-key`, or perhaps determining if the key being added has a known secret key. + +[[done]] -- cgit v1.2.3