diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2020-02-18 11:05:09 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2020-02-18 11:23:03 +0100 |
commit | 32174f69cd4d94b4f621f3273781d487e97fa031 (patch) | |
tree | 0d3aaec16fbd743609cce0539f55422daabb596c /openpgp/src/packet/pkesk.rs | |
parent | 363110b87dd5228e5a22f336fa96fc53a17149be (diff) |
openpgp: Improve tracking of secret keys.
- We use marker traits to track with the type system if a Key has
secret key material attached. Previously, it was possible to
subvert that by taking the secret key material using
Key4::set_secret, creating a Key4<SecretParts, ..> without any
secrets.
- Related, the accessor functions returned an
Option<SecretKeyMaterial> even for Key4<SecretParts, ..>.
- Replace set_secret by add_secret and take_secret that also change
the Key's type accordingly. Make the accessors infallible if we
know we have a secret key, rename Key4<P, R>::secret to
Key4<P, R>::optional_secret to make the distinction clear.
- Fixes #435.
Diffstat (limited to 'openpgp/src/packet/pkesk.rs')
-rw-r--r-- | openpgp/src/packet/pkesk.rs | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/openpgp/src/packet/pkesk.rs b/openpgp/src/packet/pkesk.rs index 0a39cd60..4ab19c8d 100644 --- a/openpgp/src/packet/pkesk.rs +++ b/openpgp/src/packet/pkesk.rs @@ -376,12 +376,12 @@ mod tests { let private_mpis = mpis::SecretKeyMaterial::ECDH { scalar: MPI::new(&sec[..]).into(), }; - let mut key: key::UnspecifiedPublic + let key: key::UnspecifiedPublic = Key4::new(std::time::SystemTime::now(), PublicKeyAlgorithm::ECDH, public_mpis) .unwrap().into(); - key.set_secret(Some(private_mpis.into())); + let key = key.add_secret(private_mpis.into()).0; let sess_key = SessionKey::new(32); let pkesk = PKESK3::for_recipient(SymmetricAlgorithm::AES256, &sess_key, &key).unwrap(); |