From 77c7a90dafe8509930f53c954f95b862ed7b08f2 Mon Sep 17 00:00:00 2001 From: Heiko Schaefer Date: Sat, 23 Oct 2021 19:59:45 +0200 Subject: [PATCH] sq_util::get_subkey() now returns an Option. Not finding any subkey is not an error. --- card-functionality/src/util.rs | 28 +++++++++++------------ openpgp-card-sequoia/src/main.rs | 35 ++++++++++++++++------------- openpgp-card-sequoia/src/sq_util.rs | 11 +++++---- 3 files changed, 40 insertions(+), 34 deletions(-) diff --git a/card-functionality/src/util.rs b/card-functionality/src/util.rs index 2c8d6bb..fb76442 100644 --- a/card-functionality/src/util.rs +++ b/card-functionality/src/util.rs @@ -35,22 +35,22 @@ pub(crate) fn upload_subkeys( KeyType::Decryption, KeyType::Authentication, ] { - let vka = get_subkey(cert, policy, *kt)?; + if let Some(vka) = get_subkey(cert, policy, *kt)? { + // store fingerprint as return-value + let fp = vka.fingerprint().to_hex(); + // store key creation time as return-value + let creation = vka + .creation_time() + .duration_since(SystemTime::UNIX_EPOCH) + .unwrap() + .as_secs() as u32; - // store fingerprint as return-value - let fp = vka.fingerprint().to_hex(); - // store key creation time as return-value - let creation = vka - .creation_time() - .duration_since(SystemTime::UNIX_EPOCH) - .unwrap() - .as_secs() as u32; + out.push((fp, creation.into())); - out.push((fp, creation.into())); - - // upload key - let cuk = vka_as_uploadable_key(vka, None); - ca.key_import(cuk, *kt)?; + // upload key + let cuk = vka_as_uploadable_key(vka, None); + ca.key_import(cuk, *kt)?; + } } Ok(out) diff --git a/openpgp-card-sequoia/src/main.rs b/openpgp-card-sequoia/src/main.rs index 08f86a1..ce284e3 100644 --- a/openpgp-card-sequoia/src/main.rs +++ b/openpgp-card-sequoia/src/main.rs @@ -117,29 +117,32 @@ fn main() -> Result<(), Box> { let cert = Cert::from_file(TEST_KEY_PATH)?; let p = StandardPolicy::new(); - println!("Upload decryption key"); - let vka = openpgp_card_sequoia::sq_util::get_subkey( - &cert, - &p, - KeyType::Decryption, - )?; - admin.upload_key(vka, KeyType::Decryption, None)?; - - println!("Upload signing key"); - let vka = openpgp_card_sequoia::sq_util::get_subkey( + if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey( &cert, &p, KeyType::Signing, - )?; - admin.upload_key(vka, KeyType::Signing, None)?; + )? { + println!("Upload signing key"); + admin.upload_key(vka, KeyType::Signing, None)?; + } - println!("Upload auth key"); - let vka = openpgp_card_sequoia::sq_util::get_subkey( + if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey( + &cert, + &p, + KeyType::Decryption, + )? { + println!("Upload decryption key"); + admin.upload_key(vka, KeyType::Decryption, None)?; + } + + if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey( &cert, &p, KeyType::Authentication, - )?; - admin.upload_key(vka, KeyType::Authentication, None)?; + )? { + println!("Upload auth key"); + admin.upload_key(vka, KeyType::Authentication, None)?; + } println!(); diff --git a/openpgp-card-sequoia/src/sq_util.rs b/openpgp-card-sequoia/src/sq_util.rs index f0a2592..919d0c0 100644 --- a/openpgp-card-sequoia/src/sq_util.rs +++ b/openpgp-card-sequoia/src/sq_util.rs @@ -25,12 +25,13 @@ use openpgp_card::KeyType; /// Retrieve a (sub)key from a Cert, for a given KeyType. /// -/// If no, or multiple suitable (sub)keys are found, an error is thrown. +/// Returns Ok(None), if no such (sub)key exists. +/// If multiple suitable (sub)keys are found, an error is returned. pub fn get_subkey<'a>( cert: &'a Cert, policy: &'a dyn Policy, key_type: KeyType, -) -> Result> { +) -> Result>> { // Find all suitable (sub)keys for key_type. let valid_ka = cert .keys() @@ -47,8 +48,10 @@ pub fn get_subkey<'a>( let mut vkas: Vec<_> = valid_ka.collect(); - if vkas.len() == 1 { - Ok(vkas.pop().unwrap()) + if vkas.is_empty() { + Ok(None) + } else if vkas.len() == 1 { + Ok(Some(vkas.pop().unwrap())) } else { Err(anyhow!( "Unexpected number of suitable (sub)key found: {}",