sq: Extract common functions for sq revoke.

- Reading certs and secret keys is handled the same way by all revoke functions.
author: Nora Widdecke <nora@sequoia-pgp.org> 2022-07-04 21:28:16 +0200
committer: Nora Widdecke <nora@sequoia-pgp.org> 2022-07-05 13:57:06 +0200
commit: c968d73acee7465634e9ef20b55e32431a30f699 (patch)
tree: 4956705b9d1d3b9babd28aa8d08d24f3b81aa15b
parent: 5b5e292eaedb6aae48fc7d9a6621dc6e6fa73712 (diff)
1 files changed, 37 insertions, 48 deletions
diff --git a/sq/src/commands/revoke.rs b/sq/src/commands/revoke.rs
index fd2dd837..c6b3207f 100644
--- a/sq/src/commands/revoke.rs
+++ b/sq/src/commands/revoke.rs
@@ -62,22 +62,9 @@ pub fn dispatch(config: Config, c: RevokeCommand) -> Result<()> {
 pub fn revoke_certificate(config: Config, c: RevokeCertificateCommand) -> Result<()> {
     let revocation_target = RevocationTarget::Certificate;
 
-    let input = open_or_stdin(c.input.as_deref())?;
+    let cert = read_cert(c.input.as_deref())?;
 
-    let cert = CertParser::from_reader(input)?.collect::<Vec<_>>();
-    let cert = match cert.len() {
-        0 => Err(anyhow::anyhow!("No certificates provided."))?,
-        1 => cert.into_iter().next().expect("have one")?,
-        _ => Err(
-            anyhow::anyhow!("Multiple certificates provided."))?,
-    };
-
-    let secret = c.secret_key_file;
-    let secret = load_certs(secret.as_deref().into_iter())?;
-    if secret.len() > 1 {
-        Err(anyhow::anyhow!("Multiple secret keys provided."))?;
-    }
-    let secret = secret.into_iter().next();
+    let secret = read_secret(c.secret_key_file.as_deref())?;
 
     let time = c.time.map(|t| t.time.into());
 
@@ -115,7 +102,8 @@ pub fn revoke_certificate(config: Config, c: RevokeCertificateCommand) -> Result
         time,
         c.reason.into(),
         &c.message,
-        &notations)?;
+        &notations
+    )?;
 
     Ok(())
 }
@@ -131,22 +119,9 @@ pub fn revoke_subkey(config: Config, c: RevokeSubkeyCommand) -> Result<()> {
         RevocationTarget::Subkey(kh)
     };
 
-    let input = open_or_stdin(c.input.as_deref())?;
+    let cert = read_cert(c.input.as_deref())?;
 
-    let cert = CertParser::from_reader(input)?.collect::<Vec<_>>();
-    let cert = match cert.len() {
-        0 => Err(anyhow::anyhow!("No certificates provided."))?,
-        1 => cert.into_iter().next().expect("have one")?,
-        _ => Err(
-            anyhow::anyhow!("Multiple certificates provided."))?,
-    };
-
-    let secret = c.secret_key_file;
-    let secret = load_certs(secret.as_deref().into_iter())?;
-    if secret.len() > 1 {
-        Err(anyhow::anyhow!("Multiple secret keys provided."))?;
-    }
-    let secret = secret.into_iter().next();
+    let secret = read_secret(c.secret_key_file.as_deref())?;
 
     let time = c.time.map(|t| t.time.into());
 
@@ -183,7 +158,8 @@ pub fn revoke_subkey(config: Config, c: RevokeSubkeyCommand) -> Result<()> {
         time,
         c.reason.into(),
         &c.message,
-        &notations)?;
+        &notations
+    )?;
 
     Ok(())
 }
@@ -191,22 +167,9 @@ pub fn revoke_subkey(config: Config, c: RevokeSubkeyCommand) -> Result<()> {
 pub fn revoke_userid(config: Config, c: RevokeUseridCommand) -> Result<()> {
     let revocation_target = RevocationTarget::UserID(c.userid);
 
-    let input = open_or_stdin(c.input.as_deref())?;
+    let cert = read_cert(c.input.as_deref())?;
 
-    let cert = CertParser::from_reader(input)?.collect::<Vec<_>>();
-    let cert = match cert.len() {
-        0 => Err(anyhow::anyhow!("No certificates provided."))?,
-        1 => cert.into_iter().next().expect("have one")?,
-        _ => Err(
-            anyhow::anyhow!("Multiple certificates provided."))?,
-    };
-
-    let secret = c.secret_key_file;
-    let secret = load_certs(secret.as_deref().into_iter())?;
-    if secret.len() > 1 {
-        Err(anyhow::anyhow!("Multiple secret keys provided."))?;
-    }
-    let secret = secret.into_iter().next();
+    let secret = read_secret(c.secret_key_file.as_deref())?;
 
     let time = c.time.map(|t| t.time.into());
 
@@ -243,11 +206,37 @@ pub fn revoke_userid(config: Config, c: RevokeUseridCommand) -> Result<()> {
         time,
         c.reason.into(),
         &c.message,
-        &notations)?;
+        &notations
+    )?;
 
     Ok(())
 }
 
+/// Parse the cert from input and ensure it is only one cert.
+fn read_cert(input: Option<&str>) -> Result<Cert> {
+    let input = open_or_stdin(input)?;
+
+    let cert = CertParser::from_reader(input)?.collect::<Vec<_>>();
+    let cert = match cert.len() {
+        0 => Err(anyhow::anyhow!("No certificates provided."))?,
+        1 => cert.into_iter().next().expect("have one")?,
+        _ => Err(
+            anyhow::anyhow!("Multiple certificates provided."))?,
+    };
+    Ok(cert)
+}
+
+/// Parse the secret key and ensure it is at most one.
+fn read_secret(skf: Option<&str>) -> Result<Option<Cert>> {
+    let secret = load_certs(skf.into_iter())?;
+    if secret.len() > 1 {
+        Err(anyhow::anyhow!("Multiple secret keys provided."))?;
+    }
+    let secret = secret.into_iter().next();
+    Ok(secret)
+}
+
+
 fn revoke(config: Config,
           private_key_store: Option<&str>,
           cert: openpgp::Cert,
author	Nora Widdecke <nora@sequoia-pgp.org>	2022-07-04 21:28:16 +0200
committer	Nora Widdecke <nora@sequoia-pgp.org>	2022-07-05 13:57:06 +0200
commit	c968d73acee7465634e9ef20b55e32431a30f699 (patch)
tree	4956705b9d1d3b9babd28aa8d08d24f3b81aa15b
parent	5b5e292eaedb6aae48fc7d9a6621dc6e6fa73712 (diff)