turnkey/openpgp-card
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

sq_util::get_subkey() now returns an Option.

Browse source 
Not finding any subkey is not an error.
This commit is contained in:
Heiko Schaefer 2021-10-23 19:59:45 +02:00
parent 5d8b547158
commit 77c7a90daf
3 changed files with 40 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

28
card-functionality/src/util.rs
View file

@ -35,22 +35,22 @@ pub(crate) fn upload_subkeys(
KeyType::Decryption, KeyType::Decryption,
KeyType::Authentication, KeyType::Authentication,
] { ] {
let vka = get_subkey(cert, policy, *kt)?; if let Some(vka) = get_subkey(cert, policy, *kt)? {
// store fingerprint as return-value
let fp = vka.fingerprint().to_hex();
// store key creation time as return-value
let creation = vka
.creation_time()
.duration_since(SystemTime::UNIX_EPOCH)
.unwrap()
.as_secs() as u32;
// store fingerprint as return-value out.push((fp, creation.into()));
let fp = vka.fingerprint().to_hex();
// store key creation time as return-value
let creation = vka
.creation_time()
.duration_since(SystemTime::UNIX_EPOCH)
.unwrap()
.as_secs() as u32;
out.push((fp, creation.into())); // upload key
let cuk = vka_as_uploadable_key(vka, None);
// upload key ca.key_import(cuk, *kt)?;
let cuk = vka_as_uploadable_key(vka, None); }
ca.key_import(cuk, *kt)?;
} }
Ok(out) Ok(out)

35
openpgp-card-sequoia/src/main.rs
View file

@ -117,29 +117,32 @@ fn main() -> Result<(), Box<dyn Error>> {
let cert = Cert::from_file(TEST_KEY_PATH)?; let cert = Cert::from_file(TEST_KEY_PATH)?;
let p = StandardPolicy::new(); let p = StandardPolicy::new();
println!("Upload decryption key"); if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey(
let vka = openpgp_card_sequoia::sq_util::get_subkey(
&cert,
&p,
KeyType::Decryption,
)?;
admin.upload_key(vka, KeyType::Decryption, None)?;
println!("Upload signing key");
let vka = openpgp_card_sequoia::sq_util::get_subkey(
&cert, &cert,
&p, &p,
KeyType::Signing, KeyType::Signing,
)?; )? {
admin.upload_key(vka, KeyType::Signing, None)?; println!("Upload signing key");
admin.upload_key(vka, KeyType::Signing, None)?;
}
println!("Upload auth key"); if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey(
let vka = openpgp_card_sequoia::sq_util::get_subkey( &cert,
&p,
KeyType::Decryption,
)? {
println!("Upload decryption key");
admin.upload_key(vka, KeyType::Decryption, None)?;
}
if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey(
&cert, &cert,
&p, &p,
KeyType::Authentication, KeyType::Authentication,
)?; )? {
admin.upload_key(vka, KeyType::Authentication, None)?; println!("Upload auth key");
admin.upload_key(vka, KeyType::Authentication, None)?;
}
println!(); println!();

11
openpgp-card-sequoia/src/sq_util.rs
View file

@ -25,12 +25,13 @@ use openpgp_card::KeyType;
/// Retrieve a (sub)key from a Cert, for a given KeyType. /// Retrieve a (sub)key from a Cert, for a given KeyType.
/// ///
/// If no, or multiple suitable (sub)keys are found, an error is thrown. /// Returns Ok(None), if no such (sub)key exists.
/// If multiple suitable (sub)keys are found, an error is returned.
pub fn get_subkey<'a>( pub fn get_subkey<'a>(
cert: &'a Cert, cert: &'a Cert,
policy: &'a dyn Policy, policy: &'a dyn Policy,
key_type: KeyType, key_type: KeyType,
) -> Result<ValidErasedKeyAmalgamation<'a, SecretParts>> { ) -> Result<Option<ValidErasedKeyAmalgamation<'a, SecretParts>>> {
// Find all suitable (sub)keys for key_type. // Find all suitable (sub)keys for key_type.
let valid_ka = cert let valid_ka = cert
.keys() .keys()
@ -47,8 +48,10 @@ pub fn get_subkey<'a>(
let mut vkas: Vec<_> = valid_ka.collect(); let mut vkas: Vec<_> = valid_ka.collect();
if vkas.len() == 1 { if vkas.is_empty() {
Ok(vkas.pop().unwrap()) Ok(None)
} else if vkas.len() == 1 {
Ok(Some(vkas.pop().unwrap()))
} else { } else {
Err(anyhow!( Err(anyhow!(
"Unexpected number of suitable (sub)key found: {}", "Unexpected number of suitable (sub)key found: {}",