Skip to content
Commits on Source (3)
Show whitespace changes
Inline Side-by-side
src/monkeysphere
View file @ 54ce0b7f
......@@ -279,7 +279,7 @@ case $COMMAND in
'sshfprs-for-userid')
CHECK_KEYSERVER=${MONKEYSPHERE_CHECK_KEYSERVER:=${CHECK_KEYSERVER:="true"}}
source "${MSHAREDIR}/keys_for_userid"
keys_for_userid "$@" | "$SYSSHAREDIR/keytrans" sshfpr
keys_for_userid "$@" | ssh-keygen -l -f - | awk '{ print $2 }'
;;
'keys-from-userid')
......
src/share/keytrans
View file @ 54ce0b7f
......@@ -212,24 +212,6 @@ sub simple_checksum {
}
# calculate/print the fingerprint of an openssh-style keyblob:
sub sshfpr {
sshfpr_sha256(shift);
}
sub sshfpr_md5 {
my $keyblob = shift;
use Digest::MD5;
return 'MD5:'.join(':', map({unpack("H*", $_)} split('', Digest::MD5::md5($keyblob))));
}
sub sshfpr_sha256 {
my $keyblob = shift;
use Digest::SHA;
return 'SHA256:'.Digest::SHA::sha256_base64($keyblob);
}
# calculate the multiplicative inverse of a mod b this is euclid's
# extended algorithm. For more information see:
# https://en.wikipedia.org/wiki/Extended_Euclidean_algorithm the
......@@ -854,23 +836,6 @@ sub findkeyfprs {
}
};
sub getallprimarykeys {
my $instr = shift;
my $subs = { $packet_types->{pubkey} => \&findkeyfprs,
$packet_types->{seckey} => \&findkeyfprs,
};
my $data = {target => { } };
packetwalk($instr, $subs, $data);
if (defined $data->{keys}) {
return $data->{keys};
} else {
return {};
}
}
sub packetwalk {
my $instr = shift;
my $subs = shift;
......@@ -1029,41 +994,8 @@ for (basename($0)) {
elsif (/^keytrans$/) {
# subcommands when keytrans is invoked directly are UNSUPPORTED,
# UNDOCUMENTED, and WILL NOT BE MAINTAINED.
my $subcommand = shift;
for ($subcommand) {
if (/^listfprs$/) {
my $instream;
open($instream,'-');
binmode($instream, ":bytes");
my $keys = getallprimarykeys($instream);
printf("%s\n", join("\n", map { uc(unpack('H*', $_)) } keys(%{$keys})));
} elsif (/^sshfpr$/) {
use MIME::Base64;
while (<STDIN>) {
my ($dummy,$b64keyblob) = split(/ /, $_);
printf("%s\n", sshfpr(decode_base64($b64keyblob)));
}
} elsif (/^openpgp2sshfpr$/) {
my $fpr = shift;
my $instream;
open($instream,'-');
binmode($instream, ":bytes");
my $key = openpgp2rsa($instream, $fpr);
if (defined($key)) {
# openssh uses MD5 for key fingerprints:
printf("%d %s %s\n",
$key->size() * 8, # size() is in bytes -- we want bits
sshfpr(openssh_pubkey_pack($key)),
'(RSA)', # FIXME when we support other than RSA.
);
} else {
die "No matching key found.\n";
}
} else {
die "Unrecognized subcommand. keytrans subcommands are not a stable interface!\n";
}
}
}
else {
die "Unrecognized keytrans call.\n";
}
......
src/share/m/ssh_proxycommand
View file @ 54ce0b7f
......@@ -153,7 +153,7 @@ show_key_info() {
local otherUids
# get the ssh key of the gpg key
sshFingerprint=$(gpg2ssh "$keyid" | "$SYSSHAREDIR/keytrans" sshfpr)
sshFingerprint=$(gpg2ssh "$keyid" | ssh-keygen -l -f - | awk '{ print $2 }')
# get the sigs for the matching key
gpgSigOut=$(gpg_user --check-sigs \
......
tests/keytrans
View file @ 54ce0b7f
......@@ -145,7 +145,7 @@ PEM2OPENPGP_USAGE_FLAGS=authenticate,certify \
PEM2OPENPGP_TIMESTAMP="$(( $timestamp + 1 ))" pem2openpgp fubar \
< "$TEMPDIR"/newkey > "$TEMPDIR"/newkey.gpg
NEWKEYFPR=$(< "$TEMPDIR"/newkey.gpg keytrans listfprs)
NEWKEYFPR=$(< "$TEMPDIR"/newkey.gpg gpg --with-colons --import-options import-show --dry-run --import | awk -F: '/^fpr:/{ print $10 }' )
NEWKEYID=$( printf "%s" "$NEWKEYFPR" | cut -b25-40)
< "$TEMPDIR"/newkey.gpg gpg --import
......@@ -166,14 +166,6 @@ EOF
echo "test: diff expected gpg list output"
diff -u "$TEMPDIR"/expectedout <(gpg --check-sigs --with-colons | grep -vE '^(tru|fpr):' | cut -d: -f1-16 | sed 's/:*$//')
sort >"$TEMPDIR"/expectedout <<EOF
$KEYFPR
$NEWKEYFPR
EOF
echo "test: diff expected keytrans listfpr output"
diff -u "$TEMPDIR"/expectedout <( gpg --export-secret-keys | keytrans listfprs | sort )
## FIXME: addtest: not testing subkeys at the moment.
......