diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-11-26 13:38:55 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-11-26 13:41:33 +0100 |
commit | 67ec527d0ee1e15745e163ed1c550b385f885265 (patch) | |
tree | f2a0e0c98e3a5e8ad4850f3559e7c22ff7949219 | |
parent | de0364db81ba0b87ef65161633f8fbaae701556c (diff) |
sop: Correctly handle keyrings in CERTS.
- Fixes #590.
-rw-r--r-- | sop/src/cli.rs | 25 | ||||
-rw-r--r-- | sop/src/main.rs | 8 |
2 files changed, 26 insertions, 7 deletions
diff --git a/sop/src/cli.rs b/sop/src/cli.rs index 58bbdd2d..202dd5dd 100644 --- a/sop/src/cli.rs +++ b/sop/src/cli.rs @@ -7,7 +7,10 @@ use structopt::StructOpt; use sequoia_openpgp as openpgp; use openpgp::{ - Cert, + cert::{ + Cert, + CertParser, + }, crypto::{ Password, }, @@ -302,12 +305,28 @@ pub fn load_certs(files: Vec<String>) -> Result<Vec<Cert>> { let mut certs = vec![]; for f in files { let r = load_file(&f)?; - certs.push(Cert::from_reader(r).map_err(|_| Error::BadData) - .context(format!("Failed to load key from file {:?}", f))?); + for cert in CertParser::from_reader(r).map_err(|_| Error::BadData) + .context(format!("Failed to load CERTS from file {:?}", f))? + { + certs.push( + cert.context(format!("Malformed certificate in file {:?}", f))? + ); + } } Ok(certs) } +/// Loads the KEY given by the (special) files. +pub fn load_keys(files: Vec<String>) -> Result<Vec<Cert>> { + let mut keys = vec![]; + for f in files { + let r = load_file(&f)?; + keys.push(Cert::from_reader(r).map_err(|_| Error::BadData) + .context(format!("Failed to load KEY from file {:?}", f))?); + } + Ok(keys) +} + /// Frobnicates the strings and converts them to passwords. pub fn frob_passwords(p: Vec<String>) -> Result<Vec<Password>> { // XXX: Maybe do additional checks. diff --git a/sop/src/main.rs b/sop/src/main.rs index 503470d8..96bf4628 100644 --- a/sop/src/main.rs +++ b/sop/src/main.rs @@ -43,7 +43,7 @@ type Result<T> = anyhow::Result<T>; mod cli; use cli::{ SOP, SignAs, EncryptAs, ArmorKind, - load_file, create_file, load_certs, frob_passwords, + load_file, create_file, load_certs, load_keys, frob_passwords, }; mod dates; @@ -100,7 +100,7 @@ fn real_main() -> Result<()> { } } - let tsks = load_certs(keys)?; + let tsks = load_keys(keys)?; if tsks.is_empty() { return Err(anyhow::Error::from(Error::MissingArg)) .context("Expected at least one certificate"); @@ -191,7 +191,7 @@ fn real_main() -> Result<()> { let passwords = frob_passwords(with_password)?; - let tsks = load_certs(sign_with)?; + let tsks = load_keys(sign_with)?; let mut signers = Vec::new(); for tsk in tsks { let mut one = false; @@ -386,7 +386,7 @@ fn real_main() -> Result<()> { }; let verify_with = load_certs(verify_with)?; - let keys = load_certs(key)?; + let keys = load_keys(key)?; let vhelper = VHelper::new(verify_out, if verify_with.is_empty() { |