turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

openpgp-card-sequoia: add set_algorithm() (and remove algorithm setting from generate_key)

Browse source 
Also add set_algorithm_attributes().
This commit is contained in:
Heiko Schaefer 2023-08-31 22:43:29 +02:00
parent 87a9f4f216
commit 1681d94710
No known key found for this signature in database
GPG key ID: 4A849A1904CCBD7D
2 changed files with 33 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
card-functionality/src/tests.rs
View file

@ -218,11 +218,13 @@ pub fn test_keygen(tx: &mut Card<Transaction>, param: &[&str]) -> Result<TestOut
let alg = AlgoSimple::try_from(algo)?; let alg = AlgoSimple::try_from(algo)?;
println!(" Generate subkey for Signing"); println!(" Generate subkey for Signing");
let (pkm, ts) = admin.generate_key_simple(KeyType::Signing, Some(alg))?; admin.set_algorithm(KeyType::Signing, alg)?;
let (pkm, ts) = admin.generate_key(KeyType::Signing)?;
let key_sig = public_key_material_to_key(&pkm, KeyType::Signing, &ts, None, None)?; let key_sig = public_key_material_to_key(&pkm, KeyType::Signing, &ts, None, None)?;
println!(" Generate subkey for Decryption"); println!(" Generate subkey for Decryption");
let (pkm, ts) = admin.generate_key_simple(KeyType::Decryption, Some(alg))?; admin.set_algorithm(KeyType::Decryption, alg)?;
let (pkm, ts) = admin.generate_key(KeyType::Decryption)?;
let key_dec = public_key_material_to_key( let key_dec = public_key_material_to_key(
&pkm, &pkm,
KeyType::Decryption, KeyType::Decryption,
@ -232,7 +234,8 @@ pub fn test_keygen(tx: &mut Card<Transaction>, param: &[&str]) -> Result<TestOut
)?; )?;
println!(" Generate subkey for Authentication"); println!(" Generate subkey for Authentication");
let (pkm, ts) = admin.generate_key_simple(KeyType::Authentication, Some(alg))?; admin.set_algorithm(KeyType::Authentication, alg)?;
let (pkm, ts) = admin.generate_key(KeyType::Authentication)?;
let key_aut = public_key_material_to_key(&pkm, KeyType::Authentication, &ts, None, None)?; let key_aut = public_key_material_to_key(&pkm, KeyType::Authentication, &ts, None, None)?;
tx.reload_ard()?; tx.reload_ard()?;

35
openpgp-card-sequoia/src/lib.rs
View file

@ -964,17 +964,36 @@ impl Card<Admin<'_, '_>> {
) )
} }
pub fn generate_key_simple( /// Configure the key slot `key_type` to `algorithm_attributes`.
/// This can be useful in preparation for [`Self::generate_key`].
///
/// Note that legal values for [`AlgorithmAttributes`] are card-specific.
/// Different OpenPGP card implementations may support different
/// algorithms, sometimes with differing requirements for the encoding
/// (e.g. field sizes)
pub fn set_algorithm_attributes(
&mut self, &mut self,
key_type: KeyType, key_type: KeyType,
algo: Option<AlgoSimple>, algorithm_attributes: &AlgorithmAttributes,
) -> Result<(PublicKeyMaterial, KeyGenerationTime), Error> { ) -> Result<(), Error> {
if let Some(algo) = algo { self.card()
// set algorithm attributes .set_algorithm_attributes(key_type, algorithm_attributes)
let attr = algo.matching_algorithm_attributes(self.card(), key_type)?; }
self.card().set_algorithm_attributes(key_type, &attr)?;
}
/// Configure the key slot `key_type` to the algorithm `algo`.
/// This can be useful in preparation for [`Self::generate_key`].
pub fn set_algorithm(&mut self, key_type: KeyType, algo: AlgoSimple) -> Result<(), Error> {
let attr = algo.matching_algorithm_attributes(self.card(), key_type)?;
self.set_algorithm_attributes(key_type, &attr)
}
/// Generate a new cryptographic key in slot `key_type`, with the currently
/// configured cryptographic algorithm
/// (see [`Self::set_algorithm`] for changing the algorithm setting).
pub fn generate_key(
&mut self,
key_type: KeyType,
) -> Result<(PublicKeyMaterial, KeyGenerationTime), Error> {
self.card().generate_key(Self::ptf, key_type) self.card().generate_key(Self::ptf, key_type)
} }
} }