diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-03-18 16:33:51 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-03-25 19:00:49 +0100 |
commit | aa3004990403860a9a0261354e384e5ce8bdf1ed (patch) | |
tree | d59aeb8cc760a7adc8c4e7c0189182eb76f74822 /openpgp/examples/generate-encrypt-decrypt.rs | |
parent | f572bc851d520a56eebb0a6cea38144051168a8a (diff) |
openpgp: Rework the DecryptionHelper trait.
- Simplify the protocol by removing the iteration. Instead, the
callee gets a proxy for PacketParser::decrypt() that she can use
to decrypt the message. If successful, the session key can be
cached without involving the DecryptionHelper trait. This also
allows us to dump session keys.
- Fixes #219.
Diffstat (limited to 'openpgp/examples/generate-encrypt-decrypt.rs')
-rw-r--r-- | openpgp/examples/generate-encrypt-decrypt.rs | 34 |
1 files changed, 15 insertions, 19 deletions
diff --git a/openpgp/examples/generate-encrypt-decrypt.rs b/openpgp/examples/generate-encrypt-decrypt.rs index 369e82ba..88f245fb 100644 --- a/openpgp/examples/generate-encrypt-decrypt.rs +++ b/openpgp/examples/generate-encrypt-decrypt.rs @@ -3,9 +3,10 @@ use std::io::{self, Write}; extern crate sequoia_openpgp as openpgp; +use openpgp::crypto::SessionKey; +use openpgp::constants::SymmetricAlgorithm; use openpgp::serialize::stream::*; use openpgp::parse::stream::*; -use openpgp::packet::key::SecretKey; const MESSAGE: &'static str = "дружба"; @@ -100,10 +101,12 @@ impl<'a> VerificationHelper for Helper<'a> { } impl<'a> DecryptionHelper for Helper<'a> { - fn get_secret(&mut self, - _pkesks: &[&openpgp::packet::PKESK], - _skesks: &[&openpgp::packet::SKESK]) - -> openpgp::Result<Option<Secret>> + fn decrypt<D>(&mut self, + pkesks: &[openpgp::packet::PKESK], + _skesks: &[openpgp::packet::SKESK], + mut decrypt: D) + -> openpgp::Result<Option<openpgp::Fingerprint>> + where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> { // The encryption key is the first and only subkey. let key = self.secret.subkeys().nth(0) @@ -111,19 +114,12 @@ impl<'a> DecryptionHelper for Helper<'a> { .unwrap(); // The secret key is not encrypted. - let secret = - if let Some(SecretKey::Unencrypted { - ref mpis, - }) = key.secret() { - mpis.clone() - } else { - unreachable!() - }; - - Ok(Some(Secret::Asymmetric { - identity: self.secret.fingerprint(), - key: key, - secret: secret, - })) + let pair = key.into_keypair().unwrap(); + + pkesks[0].decrypt(pair.public(), pair.secret()) + .and_then(|(algo, session_key)| decrypt(algo, &session_key)) + .map(|_| None) + // XXX: In production code, return the Fingerprint of the + // recipient's TPK here } } |