sq_util::get_subkey() now returns an Option.
Not finding any subkey is not an error.
This commit is contained in:
parent
5d8b547158
commit
77c7a90daf
3 changed files with 40 additions and 34 deletions
|
@ -35,8 +35,7 @@ pub(crate) fn upload_subkeys(
|
|||
KeyType::Decryption,
|
||||
KeyType::Authentication,
|
||||
] {
|
||||
let vka = get_subkey(cert, policy, *kt)?;
|
||||
|
||||
if let Some(vka) = get_subkey(cert, policy, *kt)? {
|
||||
// store fingerprint as return-value
|
||||
let fp = vka.fingerprint().to_hex();
|
||||
// store key creation time as return-value
|
||||
|
@ -52,6 +51,7 @@ pub(crate) fn upload_subkeys(
|
|||
let cuk = vka_as_uploadable_key(vka, None);
|
||||
ca.key_import(cuk, *kt)?;
|
||||
}
|
||||
}
|
||||
|
||||
Ok(out)
|
||||
}
|
||||
|
|
|
@ -117,29 +117,32 @@ fn main() -> Result<(), Box<dyn Error>> {
|
|||
let cert = Cert::from_file(TEST_KEY_PATH)?;
|
||||
let p = StandardPolicy::new();
|
||||
|
||||
println!("Upload decryption key");
|
||||
let vka = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
&cert,
|
||||
&p,
|
||||
KeyType::Decryption,
|
||||
)?;
|
||||
admin.upload_key(vka, KeyType::Decryption, None)?;
|
||||
|
||||
println!("Upload signing key");
|
||||
let vka = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
&cert,
|
||||
&p,
|
||||
KeyType::Signing,
|
||||
)?;
|
||||
)? {
|
||||
println!("Upload signing key");
|
||||
admin.upload_key(vka, KeyType::Signing, None)?;
|
||||
}
|
||||
|
||||
println!("Upload auth key");
|
||||
let vka = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
&cert,
|
||||
&p,
|
||||
KeyType::Decryption,
|
||||
)? {
|
||||
println!("Upload decryption key");
|
||||
admin.upload_key(vka, KeyType::Decryption, None)?;
|
||||
}
|
||||
|
||||
if let Some(vka) = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
&cert,
|
||||
&p,
|
||||
KeyType::Authentication,
|
||||
)?;
|
||||
)? {
|
||||
println!("Upload auth key");
|
||||
admin.upload_key(vka, KeyType::Authentication, None)?;
|
||||
}
|
||||
|
||||
println!();
|
||||
|
||||
|
|
|
@ -25,12 +25,13 @@ use openpgp_card::KeyType;
|
|||
|
||||
/// Retrieve a (sub)key from a Cert, for a given KeyType.
|
||||
///
|
||||
/// If no, or multiple suitable (sub)keys are found, an error is thrown.
|
||||
/// Returns Ok(None), if no such (sub)key exists.
|
||||
/// If multiple suitable (sub)keys are found, an error is returned.
|
||||
pub fn get_subkey<'a>(
|
||||
cert: &'a Cert,
|
||||
policy: &'a dyn Policy,
|
||||
key_type: KeyType,
|
||||
) -> Result<ValidErasedKeyAmalgamation<'a, SecretParts>> {
|
||||
) -> Result<Option<ValidErasedKeyAmalgamation<'a, SecretParts>>> {
|
||||
// Find all suitable (sub)keys for key_type.
|
||||
let valid_ka = cert
|
||||
.keys()
|
||||
|
@ -47,8 +48,10 @@ pub fn get_subkey<'a>(
|
|||
|
||||
let mut vkas: Vec<_> = valid_ka.collect();
|
||||
|
||||
if vkas.len() == 1 {
|
||||
Ok(vkas.pop().unwrap())
|
||||
if vkas.is_empty() {
|
||||
Ok(None)
|
||||
} else if vkas.len() == 1 {
|
||||
Ok(Some(vkas.pop().unwrap()))
|
||||
} else {
|
||||
Err(anyhow!(
|
||||
"Unexpected number of suitable (sub)key found: {}",
|
||||
|
|
Loading…
Reference in a new issue