# # # patch "README.encapsulation" # from [e2aef6a23dd4e3a6b85d97016639544a45fa8946] # to [fa22691802a1b7e837d1b0aa5bee26dc4cd2590c] # # patch "cert.cc" # from [a709e1d88c567067dd47f7e4cc0c89e8323a6e84] # to [8efdf5262106e9d115474197d131e3fe886953fa] # # patch "cert.hh" # from [f9a33063ada94aee63e595e5802d9b1d51edf728] # to [649b22d9e89e9a64a894ddb3b68c82db0b8f22f2] # # patch "cmd_key_cert.cc" # from [368ba5326304c4ddb7e403dc1df455d05ab31a73] # to [5d8ada54b68b3ea0634beb8f1072644172c4dad0] # # patch "keys.cc" # from [02b3c0f70fb1f2a2123351590d5b3c42e9240fa9] # to [7472ecab5f0641259a167d7b1c66c258d52846c8] # ============================================================ --- README.encapsulation e2aef6a23dd4e3a6b85d97016639544a45fa8946 +++ README.encapsulation fa22691802a1b7e837d1b0aa5bee26dc4cd2590c @@ -25,7 +25,6 @@ revision.cc: build_roster_style_revs_from_manifest_style_revs() - app.db.... needs: anc_graph() needs: get_user_key() @@ -38,3 +37,22 @@ revision.cc: needs: get_user_key() needs: require_password() needs: erase_bogus_certs() + + +cert.cc: + + erase_bogus_certs(): + app.db... + app.lua.hook_get_manifest_cert_trust + + load_key_pair(): + app.keys... + app.loa.hook + + calculate_cert(): + app.db... + needs: load_key_pair() (i.e. keys, lua.hook_persist_phrase_ok) + needs: make_signature() + + + ============================================================ --- cert.cc a709e1d88c567067dd47f7e4cc0c89e8323a6e84 +++ cert.cc 8efdf5262106e9d115474197d131e3fe886953fa @@ -63,7 +63,7 @@ bogus_cert_p bogus_cert_p { app_state & app; - bogus_cert_p(app_state & a) : app(a) {}; + bogus_cert_p(app_state & app) : app(app) {}; bool cert_is_bogus(cert const & c) const { @@ -360,10 +360,10 @@ bool } bool -priv_key_exists(app_state & app, rsa_keypair_id const & id) +priv_key_exists(key_store & keys, rsa_keypair_id const & id) { - return app.keys.key_pair_exists(id); + return keys.key_pair_exists(id); } // Loads a key pair for a given key id, from either a lua hook ============================================================ --- cert.hh f9a33063ada94aee63e595e5802d9b1d51edf728 +++ cert.hh 649b22d9e89e9a64a894ddb3b68c82db0b8f22f2 @@ -24,6 +24,7 @@ class app_state; // permission. class app_state; +class key_store; struct cert { @@ -63,7 +64,7 @@ cert_status check_cert(app_state & app, void cert_signable_text(cert const & t,std::string & out); cert_status check_cert(app_state & app, cert const & t); -bool priv_key_exists(app_state & app, rsa_keypair_id const & id); +bool priv_key_exists(key_store & keys, rsa_keypair_id const & id); void load_key_pair(app_state & app, rsa_keypair_id const & id, keypair & kp); ============================================================ --- cmd_key_cert.cc 368ba5326304c4ddb7e403dc1df455d05ab31a73 +++ cmd_key_cert.cc 5d8ada54b68b3ea0634beb8f1072644172c4dad0 @@ -127,7 +127,7 @@ CMD(ssh_agent_export, N_("key and cert") rsa_keypair_id id; keypair key; get_user_key(id, app); - N(priv_key_exists(app, id), F("the key you specified cannot be found")); + N(priv_key_exists(app.keys, id), F("the key you specified cannot be found")); app.keys.get_key_pair(id, key); shared_ptr priv = get_private_key(app.lua, id, key.priv); utf8 new_phrase; @@ -165,7 +165,7 @@ CMD(ssh_agent_add, N_("key and cert"), " rsa_keypair_id id; keypair key; get_user_key(id, app); - N(priv_key_exists(app, id), F("the key you specified cannot be found")); + N(priv_key_exists(app.keys, id), F("the key you specified cannot be found")); app.keys.get_key_pair(id, key); shared_ptr priv = get_private_key(app.lua, id, key.priv); app.agent.add_identity(*priv, id()); ============================================================ --- keys.cc 02b3c0f70fb1f2a2123351590d5b3c42e9240fa9 +++ keys.cc 7472ecab5f0641259a167d7b1c66c258d52846c8 @@ -658,7 +658,7 @@ require_password(rsa_keypair_id const & require_password(rsa_keypair_id const & key, app_state & app) { - N(priv_key_exists(app, key), + N(priv_key_exists(app.keys, key), F("no key pair '%s' found in key store '%s'") % key % app.keys.get_key_dir()); keypair kp;