1 package Crypt::Monkeysphere::Validator;
6 use parent 'Crypt::Monkeysphere::Keyserver';
12 my $self=$class->SUPER::new(%opts);
14 $self->{findall} = $opts{findall} || 0;
15 $self->{context}=$opts{context} || 'ssh';
24 if ($self->{context} eq 'e-mail') {
25 if ($subkey->usage_flags =~ /s/) {
26 $self->log('verbose', "...and is signing-capable...\n");
29 $self->log('verbose', "...but is not signing-capable (%s).\n",$subkey->usage_flags);
32 if ($subkey->usage_flags =~ /a/) {
33 $self->log('verbose', "...and is authentication-capable...\n");
36 $self->log('verbose', "...but is not authentication-capable (%s).\n",$subkey->usage_flags);
46 my $uid=$opts{uid} || croak "uid argument is mandatory";
50 my $gpgquery = defined($fpr) ? '0x'.$fpr : '='.$uid;
52 my $ret= { valid_keys => [],
53 subvalid_keys => [] };
59 if ($self->{kspolicy} eq 'always') {
61 $self->fetch_fpr($fpr);
63 $self->fetch_uid($uid);
66 } elsif ($self->{kspolicy} eq 'never') {
71 foreach my $gpgkey ($self->{gnupg}->get_public_keys($gpgquery)) {
73 foreach my $tryuid ($gpgkey->user_ids) {
74 if ($tryuid->as_string eq $uid) {
75 $validity = $tryuid->validity;
78 # treat primary keys just like subkeys:
79 foreach my $subkey ($gpgkey, @{$gpgkey->subkeys}) {
80 if ((!defined($key) && (!defined($fpr))) ||
81 (defined($key) && $self->keycomp($key, $subkey)) ||
82 (defined($fpr) && ($subkey->fingerprint->as_hex_string eq $fpr))) {
83 $self->log('verbose', "key 0x%s matches...\n",$subkey->hex_id);
84 if ($self->test_capable($subkey) ) {
85 if ($validity =~ /^[fu]$/) {
87 $self->log('verbose', "...and is fully valid!\n");
88 push(@{$ret->{valid_keys}},
89 { fingerprint => $subkey->fingerprint, val => $validity });
90 last unless($self->{findall});
92 $self->log('verbose', "...but is not fully valid (%s).\n",$validity);
93 push(@{$self->{subvalid_keys}},
94 {fingerprint => $subkey->fingerprint, val => $validity }) if $lastloop;
99 last if ($foundvalid);
101 if ($lastloop || $foundvalid) {
106 $self->fetch_fpr($fpr);
108 $self->fetch_uid($uid);
124 if ($gpgkey->algo_num != 1) {
125 my $self->log('verbose', "Monkeysphere only does RSA keys. This key is algorithm #%d\n", $gpgkey->algo_num);
127 if ($rsakey->{exponent}->bcmp($gpgkey->pubkey_data->[1]) == 0 &&
128 $rsakey->{modulus}->bcmp($gpgkey->pubkey_data->[0]) == 0) {