Reorganize key uploading API
This commit is contained in:
parent
1b9d860adf
commit
d5651e96bb
3 changed files with 16 additions and 23 deletions
|
@ -6,6 +6,8 @@
|
|||
|
||||
use anyhow::{anyhow, Result};
|
||||
|
||||
use sequoia_openpgp::cert::amalgamation::key::ValidErasedKeyAmalgamation;
|
||||
use sequoia_openpgp::packet::key::SecretParts;
|
||||
use sequoia_openpgp::policy::Policy;
|
||||
use sequoia_openpgp::Cert;
|
||||
|
||||
|
@ -21,6 +23,7 @@ use openpgp_card::{CardApp, CardClientBox, Error, KeySet, KeyType, Response};
|
|||
|
||||
use crate::decryptor::CardDecryptor;
|
||||
use crate::signer::CardSigner;
|
||||
use crate::util::vka_as_uploadable_key;
|
||||
|
||||
/// Representation of an opened OpenPGP card in its base state (i.e. no
|
||||
/// passwords have been verified, default authorization applies).
|
||||
|
@ -340,11 +343,16 @@ impl Admin<'_> {
|
|||
}
|
||||
}
|
||||
|
||||
/// Upload a ValidErasedKeyAmalgamation to the card as a specific KeyType.
|
||||
///
|
||||
/// (The caller needs to make sure that `vka` is suitable as `key_type`)
|
||||
pub fn upload_key(
|
||||
&mut self,
|
||||
key: Box<dyn CardUploadableKey>,
|
||||
vka: ValidErasedKeyAmalgamation<SecretParts>,
|
||||
key_type: KeyType,
|
||||
password: Option<String>,
|
||||
) -> Result<(), Error> {
|
||||
let key = vka_as_uploadable_key(vka, password);
|
||||
self.oc.card_app.key_import(key, key_type)
|
||||
}
|
||||
}
|
||||
|
|
|
@ -15,7 +15,6 @@ use openpgp_card_pcsc::PcscClient;
|
|||
|
||||
use openpgp_card_sequoia::card::Open;
|
||||
use openpgp_card_sequoia::sq_util::{decryption_helper, sign_helper};
|
||||
use openpgp_card_sequoia::util::upload_key;
|
||||
|
||||
// Filename of test key and test message to use
|
||||
|
||||
|
@ -124,7 +123,7 @@ fn main() -> Result<(), Box<dyn Error>> {
|
|||
&p,
|
||||
KeyType::Decryption,
|
||||
)?;
|
||||
upload_key(&mut admin, vka, KeyType::Decryption, None)?;
|
||||
admin.upload_key(vka, KeyType::Decryption, None)?;
|
||||
|
||||
println!("Upload signing key");
|
||||
let vka = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
|
@ -132,7 +131,7 @@ fn main() -> Result<(), Box<dyn Error>> {
|
|||
&p,
|
||||
KeyType::Signing,
|
||||
)?;
|
||||
upload_key(&mut admin, vka, KeyType::Signing, None)?;
|
||||
admin.upload_key(vka, KeyType::Signing, None)?;
|
||||
|
||||
println!("Upload auth key");
|
||||
let vka = openpgp_card_sequoia::sq_util::get_subkey(
|
||||
|
@ -140,7 +139,7 @@ fn main() -> Result<(), Box<dyn Error>> {
|
|||
&p,
|
||||
KeyType::Authentication,
|
||||
)?;
|
||||
upload_key(&mut admin, vka, KeyType::Authentication, None)?;
|
||||
admin.upload_key(vka, KeyType::Authentication, None)?;
|
||||
|
||||
println!();
|
||||
|
||||
|
|
|
@ -147,15 +147,6 @@ pub fn make_cert(
|
|||
Cert::try_from(pp)
|
||||
}
|
||||
|
||||
/// Helper fn: get a CardUploadableKey for a ValidErasedKeyAmalgamation
|
||||
pub fn vka_as_uploadable_key(
|
||||
vka: ValidErasedKeyAmalgamation<SecretParts>,
|
||||
password: Option<String>,
|
||||
) -> Box<dyn CardUploadableKey> {
|
||||
let sqk = SequoiaKey::new(vka, password);
|
||||
Box::new(sqk)
|
||||
}
|
||||
|
||||
/// Helper fn: get a Sequoia PublicKey from an openpgp-card PublicKeyMaterial
|
||||
pub fn public_key_material_to_key(
|
||||
pkm: &PublicKeyMaterial,
|
||||
|
@ -259,18 +250,13 @@ pub fn public_to_fingerprint(
|
|||
fp.as_bytes().try_into()
|
||||
}
|
||||
|
||||
/// Upload a ValidErasedKeyAmalgamation to the card as a specific KeyType.
|
||||
///
|
||||
/// The caller needs to make sure that `vka` is suitable for `key_type`.
|
||||
pub fn upload_key(
|
||||
oca: &mut Admin,
|
||||
/// Helper fn: get a CardUploadableKey for a ValidErasedKeyAmalgamation
|
||||
pub fn vka_as_uploadable_key(
|
||||
vka: ValidErasedKeyAmalgamation<SecretParts>,
|
||||
key_type: KeyType,
|
||||
password: Option<String>,
|
||||
) -> Result<(), Error> {
|
||||
) -> Box<dyn CardUploadableKey> {
|
||||
let sqk = SequoiaKey::new(vka, password);
|
||||
|
||||
oca.upload_key(Box::new(sqk), key_type)
|
||||
Box::new(sqk)
|
||||
}
|
||||
|
||||
/// FIXME: this fn is used in card_functionality, but should be removed
|
||||
|
|
Loading…
Reference in a new issue