From 4674b9555773ef11079512d629f5bd5c140b092b Mon Sep 17 00:00:00 2001
From: Heiko Schaefer <heiko@schaefer.name>
Date: Tue, 25 Oct 2022 18:43:57 +0200
Subject: [PATCH] opgpcard: properly error out of sign/decrypt, if the relevant
 key slot is empty

---
 tools/src/bin/opgpcard/main.rs | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/tools/src/bin/opgpcard/main.rs b/tools/src/bin/opgpcard/main.rs
index 28e07c8..1047532 100644
--- a/tools/src/bin/opgpcard/main.rs
+++ b/tools/src/bin/opgpcard/main.rs
@@ -979,6 +979,10 @@ fn decrypt(
     let mut card = Card::new(backend);
     let mut open = card.transaction()?;
 
+    if open.fingerprints()?.decryption().is_none() {
+        return Err(anyhow!("Can't decrypt: this card has no key in the decryption slot.").into());
+    }
+
     let user_pin = util::get_pin(&mut open, pin_file, ENTER_USER_PIN);
 
     let mut user = util::verify_to_user(&mut open, user_pin.as_deref())?;
@@ -1003,6 +1007,10 @@ fn sign_detached(
     let mut card = Card::new(backend);
     let mut open = card.transaction()?;
 
+    if open.fingerprints()?.signature().is_none() {
+        return Err(anyhow!("Can't sign: this card has no key in the signing slot.").into());
+    }
+
     let user_pin = util::get_pin(&mut open, pin_file, ENTER_USER_PIN);
 
     let mut sign = util::verify_to_sign(&mut open, user_pin.as_deref())?;