diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-04-03 18:22:55 +0200 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-04-03 18:32:03 +0200 |
| commit | a9ca727cab50c0c91098a7ef8aea79f5f62a1f5c (patch) | |
| tree | e7122be749e5b3b26ee96969f4f9e8347fe6532b | |
| parent | 6494b37775ada713e8ff139ee40c5accdfcaf16a (diff) | |
openpgp: Unawkwardify the streaming encryptor.
| -rw-r--r-- | autocrypt/src/lib.rs | 4 | ||||
| -rw-r--r-- | guide/src/chapter_02.md | 46 | ||||
| -rw-r--r-- | ipc/tests/gpg-agent.rs | 7 | ||||
| -rw-r--r-- | openpgp-ffi/src/serialize.rs | 9 | ||||
| -rw-r--r-- | openpgp/examples/encrypt-for.rs | 10 | ||||
| -rw-r--r-- | openpgp/examples/generate-encrypt-decrypt.rs | 10 | ||||
| -rw-r--r-- | openpgp/examples/pad.rs | 10 | ||||
| -rw-r--r-- | openpgp/src/serialize/stream.rs | 40 | ||||
| -rw-r--r-- | tool/src/commands/mod.rs | 10 |
9 files changed, 54 insertions, 92 deletions
diff --git a/autocrypt/src/lib.rs b/autocrypt/src/lib.rs index 54133602..7a1a571a 100644 --- a/autocrypt/src/lib.rs +++ b/autocrypt/src/lib.rs @@ -487,8 +487,8 @@ impl AutocryptSetupMessage { { // Passphrase-Format header with value numeric9x4 let m = Message::new(&mut armor_writer); - let w = Encryptor::with_password(m, self.passcode.clone().unwrap()) - .build()?; + let w = Encryptor::with_passwords( + m, vec![self.passcode.clone().unwrap()]).build()?; let mut w = LiteralWriter::new(w).build()?; diff --git a/guide/src/chapter_02.md b/guide/src/chapter_02.md index 3553df3f..92abd895 100644 --- a/guide/src/chapter_02.md +++ b/guide/src/chapter_02.md @@ -56,7 +56,7 @@ fn main() { # sink: &mut Write, plaintext: &str, recipient: &openpgp::Cert) # -> openpgp::Result<()> { # // Build a vector of recipients to hand to Encryptor. -# let mut recipients = +# let recipients = # recipient.keys().with_policy(policy, None).alive().revoked(false) # .for_transport_encryption() # .map(|ka| ka.key().into()) @@ -65,13 +65,9 @@ fn main() { # // Start streaming an OpenPGP message. # let message = Message::new(sink); # -# // We want to encrypt a literal data packet. -# let mut encryptor = Encryptor::for_recipient( -# message, recipients.pop().expect("No encryption key found")); -# for r in recipients { -# encryptor = encryptor.add_recipient(r) -# } -# let encryptor = encryptor.build().expect("Failed to create encryptor"); +# // We want to encrypt a literal data packet. +# let encryptor = Encryptor::for_recipients(message, recipients) +# .build()?; # # // Emit a literal data packet. # let mut literal_writer = LiteralWriter::new(encryptor).build()?; @@ -207,7 +203,7 @@ fn generate() -> openpgp::Result<openpgp::Cert> { # sink: &mut Write, plaintext: &str, recipient: &openpgp::Cert) # -> openpgp::Result<()> { # // Build a vector of recipients to hand to Encryptor. -# let mut recipients = +# let recipients = # recipient.keys().with_policy(policy, None).alive().revoked(false) # .for_transport_encryption() # .map(|ka| ka.key().into()) @@ -216,13 +212,9 @@ fn generate() -> openpgp::Result<openpgp::Cert> { # // Start streaming an OpenPGP message. # let message = Message::new(sink); # -# // We want to encrypt a literal data packet. -# let mut encryptor = Encryptor::for_recipient( -# message, recipients.pop().expect("No encryption key found")); -# for r in recipients { -# encryptor = encryptor.add_recipient(r) -# } -# let encryptor = encryptor.build().expect("Failed to create encryptor"); +# // We want to encrypt a literal data packet. +# let encryptor = Encryptor::for_recipients(message, recipients) +# .build()?; # # // Emit a literal data packet. # let mut literal_writer = LiteralWriter::new(encryptor).build()?; @@ -358,7 +350,7 @@ fn encrypt(policy: &dyn Policy, sink: &mut Write, plaintext: &str, recipient: &openpgp::Cert) -> openpgp::Result<()> { // Build a vector of recipients to hand to Encryptor. - let mut recipients = + let recipients = recipient.keys().with_policy(policy, None).alive().revoked(false) .for_transport_encryption() .map(|ka| ka.key().into()) @@ -368,12 +360,8 @@ fn encrypt(policy: &dyn Policy, let message = Message::new(sink); // We want to encrypt a literal data packet. - let mut encryptor = Encryptor::for_recipient( - message, recipients.pop().expect("No encryption key found")); - for r in recipients { - encryptor = encryptor.add_recipient(r) - } - let encryptor = encryptor.build().expect("Failed to create encryptor"); + let encryptor = Encryptor::for_recipients(message, recipients) + .build()?; // Emit a literal data packet. let mut literal_writer = LiteralWriter::new(encryptor).build()?; @@ -523,7 +511,7 @@ Decrypted data can be read from this using [`io::Read`]. # sink: &mut Write, plaintext: &str, recipient: &openpgp::Cert) # -> openpgp::Result<()> { # // Build a vector of recipients to hand to Encryptor. -# let mut recipients = +# let recipients = # recipient.keys().with_policy(policy, None).alive().revoked(false) # .for_transport_encryption() # .map(|ka| ka.key().into()) @@ -532,13 +520,9 @@ Decrypted data can be read from this using [`io::Read`]. # // Start streaming an OpenPGP message. # let message = Message::new(sink); # -# // We want to encrypt a literal data packet. -# let mut encryptor = Encryptor::for_recipient( -# message, recipients.pop().expect("No encryption key found")); -# for r in recipients { -# encryptor = encryptor.add_recipient(r) -# } -# let encryptor = encryptor.build().expect("Failed to create encryptor"); +# // We want to encrypt a literal data packet. +# let encryptor = Encryptor::for_recipients(message, recipients) +# .build()?; # # // Emit a literal data packet. # let mut literal_writer = LiteralWriter::new(encryptor).build()?; diff --git a/ipc/tests/gpg-agent.rs b/ipc/tests/gpg-agent.rs index 45c532e6..5af03024 100644 --- a/ipc/tests/gpg-agent.rs +++ b/ipc/tests/gpg-agent.rs @@ -207,18 +207,19 @@ fn decrypt() { let mut message = Vec::new(); { - let recipient = + let recipients = cert.keys().with_policy(p, None).alive().revoked(false) .for_transport_encryption() .map(|ka| ka.key().into()) - .nth(0).unwrap(); + .collect(); // Start streaming an OpenPGP message. let message = Message::new(&mut message); // We want to encrypt a literal data packet. let encryptor = - Encryptor::for_recipient(message, recipient).build().unwrap(); + Encryptor::for_recipients(message, recipients) + .build().unwrap(); // Emit a literal data packet. let mut literal_writer = LiteralWriter::new( diff --git a/openpgp-ffi/src/serialize.rs b/openpgp-ffi/src/serialize.rs index 394c3475..4669cb41 100644 --- a/openpgp-ffi/src/serialize.rs +++ b/openpgp-ffi/src/serialize.rs @@ -395,17 +395,10 @@ pub extern "C" fn pgp_encryptor_new<'a> "Neither recipient nor password given"))); } - let mut encryptor = if let Some(p) = passwords_.pop() { - Encryptor::with_password(*inner, p) - } else { - Encryptor::for_recipient(*inner, recipients_.pop().unwrap()) - }; + let mut encryptor = Encryptor::for_recipients(*inner, recipients_); for p in passwords_ { encryptor = encryptor.add_password(p); } - for r in recipients_ { - encryptor = encryptor.add_recipient(r); - } if let Some(algo) = cipher_algo { encryptor = encryptor.sym_algo(algo); } diff --git a/openpgp/examples/encrypt-for.rs b/openpgp/examples/encrypt-for.rs index ef6486eb..d8c3affd 100644 --- a/openpgp/examples/encrypt-for.rs +++ b/openpgp/examples/encrypt-for.rs @@ -38,7 +38,7 @@ fn main() { }).collect(); // Build a vector of recipients to hand to Encryptor. - let mut recipients = + let recipients = certs.iter() .flat_map(|cert| { cert.keys() @@ -57,12 +57,8 @@ fn main() { let message = Message::new(&mut sink); // We want to encrypt a literal data packet. - let mut encryptor = Encryptor::for_recipient( - message, recipients.pop().expect("No encryption key found")); - for r in recipients { - encryptor = encryptor.add_recipient(r) - } - let encryptor = encryptor.build().expect("Failed to create encryptor"); + let encryptor = Encryptor::for_recipients(message, recipients) + .build().expect("Failed to create encryptor"); let mut literal_writer = LiteralWriter::new(encryptor).build() .expect("Failed to create literal writer"); diff --git a/openpgp/examples/generate-encrypt-decrypt.rs b/openpgp/examples/generate-encrypt-decrypt.rs index 4b0d3ff2..a5a49f0b 100644 --- a/openpgp/examples/generate-encrypt-decrypt.rs +++ b/openpgp/examples/generate-encrypt-decrypt.rs @@ -48,7 +48,7 @@ fn encrypt(p: &dyn Policy, sink: &mut dyn Write, plaintext: &str, -> openpgp::Result<()> { // Build a vector of recipients to hand to Encryptor. - let mut recipients = + let recipients = recipient.keys().with_policy(p, None).alive().revoked(false) .for_transport_encryption() .map(|ka| ka.key().into()) @@ -58,12 +58,8 @@ fn encrypt(p: &dyn Policy, sink: &mut dyn Write, plaintext: &str, let message = Message::new(sink); // We want to encrypt a literal data packet. - let mut encryptor = Encryptor::for_recipient( - message, recipients.pop().expect("No encryption key found")); - for r in recipients { - encryptor = encryptor.add_recipient(r) - } - let encryptor = encryptor.build().expect("Failed to create encryptor"); + let encryptor = Encryptor::for_recipients(message, recipients) + .build()?; // Emit a literal data packet. let mut literal_writer = LiteralWriter::new(encryptor).build()?; diff --git a/openpgp/examples/pad.rs b/openpgp/examples/pad.rs index 4a762b58..8e5915a8 100644 --- a/openpgp/examples/pad.rs +++ b/openpgp/examples/pad.rs @@ -38,7 +38,7 @@ fn main() { }).collect(); // Build a vector of recipients to hand to Encryptor. - let mut recipients = certs + let recipients = certs .iter() .flat_map(|cert| { cert.keys() @@ -57,12 +57,8 @@ fn main() { let message = Message::new(&mut sink); // We want to encrypt a literal data packet. - let mut encryptor = Encryptor::for_recipient( - message, recipients.pop().expect("No encryption key found")); - for r in recipients { - encryptor = encryptor.add_recipient(r) - } - let encryptor = encryptor.build().expect("Failed to create encryptor"); + let encryptor = Encryptor::for_recipients(message, recipients) + .build().expect("Failed to create encryptor"); let padder = Padder::new(encryptor, padme) .expect("Failed to create padder"); diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index 37cd17df..3b8a1a86 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -1024,17 +1024,17 @@ impl<'a> Encryptor<'a> { /// ).unwrap(); /// /// // Build a vector of recipients to hand to Encryptor. - /// let recipient = + /// let recipients = /// cert.keys().with_policy(p, None).alive().revoked(false) /// // Or `for_storage_encryption()`, for data at rest. /// .for_transport_encryption() /// .map(|ka| ka.key().into()) - /// .nth(0).unwrap(); + /// .collect(); /// /// let mut o = vec![]; /// let message = Message::new(&mut o); /// let encryptor = - /// Encryptor::for_recipient(message, recipient) + /// Encryptor::for_recipients(message, recipients) /// .build().expect("Failed to create encryptor"); /// let mut w = LiteralWriter::new(encryptor).build()?; /// w.write_all(b"Hello world.")?; @@ -1042,11 +1042,11 @@ impl<'a> Encryptor<'a> { /// # Ok(()) /// # } /// ``` - pub fn for_recipient(inner: Message<'a, Cookie>, - recipient: Recipient<'a>) -> Self { + pub fn for_recipients(inner: Message<'a, Cookie>, + recipients: Vec<Recipient<'a>>) -> Self { Self { inner: Some(inner.into()), - recipients: vec![recipient], + recipients, passwords: Vec::new(), sym_algo: Default::default(), aead_algo: Default::default(), @@ -1083,7 +1083,8 @@ impl<'a> Encryptor<'a> { /// let mut o = vec![]; /// let message = Message::new(&mut o); /// let encryptor = - /// Encryptor::with_password(message, "совершенно секретно".into()) + /// Encryptor::with_passwords(message, + /// vec!["совершенно секретно".into()]) /// .build().expect("Failed to create encryptor"); /// let mut w = LiteralWriter::new(encryptor).build()?; /// w.write_all(b"Hello world.")?; @@ -1091,12 +1092,12 @@ impl<'a> Encryptor<'a> { /// # Ok(()) /// # } /// ``` - pub fn with_password(inner: Message<'a, Cookie>, - password: Password) -> Self { + pub fn with_passwords(inner: Message<'a, Cookie>, + passwords: Vec<Password>) -> Self { Self { inner: Some(inner.into()), recipients: Vec::new(), - passwords: vec![password], + passwords, sym_algo: Default::default(), aead_algo: Default::default(), hash: HashAlgorithm::SHA1.context().unwrap(), @@ -1137,8 +1138,10 @@ impl<'a> Encryptor<'a> { /// Finalizes the encryptor, returning the writer stack. pub fn build(mut self) -> Result<Message<'a, Cookie>> { - assert!(self.recipients.len() + self.passwords.len() > 0, - "The constructors add at least one recipient or password"); + if self.recipients.len() + self.passwords.len() == 0 { + return Err(Error::InvalidOperation( + "Neither recipients nor passwords given".into()).into()); + } struct AEADParameters { algo: AEADAlgorithm, @@ -1557,16 +1560,15 @@ mod test { #[test] fn encryptor() { - let passwords: [Password; 2] = ["streng geheim".into(), - "top secret".into()]; + let passwords = vec!["streng geheim".into(), + "top secret".into()]; let message = b"Hello world."; // Write a simple encrypted message... let mut o = vec![]; { let m = Message::new(&mut o); - let encryptor = Encryptor::with_password(m, passwords[0].clone()) - .add_password(passwords[1].clone()) + let encryptor = Encryptor::with_passwords(m, passwords.clone()) .build().unwrap(); let mut literal = LiteralWriter::new(encryptor).build() .unwrap(); @@ -1747,11 +1749,11 @@ mod test { let mut msg = vec![]; { let m = Message::new(&mut msg); - let recipient = tsk + let recipients = tsk .keys().with_policy(p, None) .for_storage_encryption().for_transport_encryption() - .nth(0).unwrap().key().into(); - let encryptor = Encryptor::for_recipient(m, recipient) + .map(|ka| ka.key().into()).collect(); + let encryptor = Encryptor::for_recipients(m, recipients) .aead_algo(AEADAlgorithm::EAX) .build().unwrap(); let mut literal = LiteralWriter::new(encryptor).build() diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs index 1cc6651b..67e6b830 100644 --- a/tool/src/commands/mod.rs +++ b/tool/src/commands/mod.rs @@ -137,17 +137,11 @@ pub fn encrypt(policy: &dyn Policy, let message = Message::new(output); // We want to encrypt a literal data packet. - let mut encryptor = if let Some(p) = passwords.pop() { - Encryptor::with_password(message, p) - } else { - Encryptor::for_recipient(message, recipient_subkeys.pop().unwrap()) - }; + let mut encryptor = + Encryptor::for_recipients(message, recipient_subkeys); for p in passwords { encryptor = encryptor.add_password(p); } - for r in recipient_subkeys { - encryptor = encryptor.add_recipient(r); - } let mut sink = encryptor.build() .context("Failed to create encryptor")?; |