diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-03-27 17:15:13 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-03-27 17:58:29 +0100 |
| commit | ffd468e0dadf8065f8ce21a62cbea8e59ec09c60 (patch) | |
| tree | 08d45ba532cd03ce274dcd73856083d31cf470da /openpgp/src/policy.rs | |
| parent | 38bf9e15efe78aa08a864f14e113d8ff46bfbd11 (diff) | |
openpgp: Explain binding signature lookup failures.
- If looking up a binding signature fails, don't merely return None,
but an Err(_) that explains the lookup failure. For example, a
binding signature may be present, but it may not meet the policy.
- Fixes #460.
Diffstat (limited to 'openpgp/src/policy.rs')
| -rw-r--r-- | openpgp/src/policy.rs | 17 |
1 files changed, 7 insertions, 10 deletions
diff --git a/openpgp/src/policy.rs b/openpgp/src/policy.rs index 9d1e49eb..3e31a595 100644 --- a/openpgp/src/policy.rs +++ b/openpgp/src/policy.rs @@ -1401,7 +1401,7 @@ mod test { let mut reject : StandardPolicy = StandardPolicy::new(); reject.reject_hash(algo); assert!(cert.primary_key() - .binding_signature(&reject, None).is_none()); + .binding_signature(&reject, None).is_err()); assert_match!(RevocationStatus::NotAsFarAsWeKnow = cert_revoked.revoked(&reject, None)); @@ -1411,8 +1411,7 @@ mod test { algo, SystemTime::now() + Duration::from_secs(SECS_IN_YEAR), SystemTime::now() + Duration::from_secs(SECS_IN_YEAR)); - assert!(cert.primary_key() - .binding_signature(&reject, None).is_some()); + cert.primary_key().binding_signature(&reject, None)?; assert_match!(RevocationStatus::Revoked(_) = cert_revoked.revoked(&reject, None)); @@ -1423,7 +1422,7 @@ mod test { SystemTime::now() - Duration::from_secs(SECS_IN_YEAR), SystemTime::now() - Duration::from_secs(SECS_IN_YEAR)); assert!(cert.primary_key() - .binding_signature(&reject, None).is_none()); + .binding_signature(&reject, None).is_err()); assert_match!(RevocationStatus::NotAsFarAsWeKnow = cert_revoked.revoked(&reject, None)); @@ -1435,7 +1434,7 @@ mod test { SystemTime::now() - Duration::from_secs(SECS_IN_YEAR), SystemTime::now() + Duration::from_secs(SECS_IN_YEAR)); assert!(cert.primary_key() - .binding_signature(&reject, None).is_none()); + .binding_signature(&reject, None).is_err()); assert_match!(RevocationStatus::Revoked(_) = cert_revoked.revoked(&reject, None)); @@ -1451,8 +1450,7 @@ mod test { (algo_u8 + 1).into(), SystemTime::now() - Duration::from_secs(SECS_IN_YEAR), SystemTime::now() - Duration::from_secs(SECS_IN_YEAR)); - assert!(cert.primary_key() - .binding_signature(&reject, None).is_some()); + cert.primary_key().binding_signature(&reject, None)?; assert_match!(RevocationStatus::Revoked(_) = cert_revoked.revoked(&reject, None)); @@ -1465,7 +1463,7 @@ mod test { SystemTime::UNIX_EPOCH - Duration::from_secs(SECS_IN_YEAR), SystemTime::UNIX_EPOCH - Duration::from_secs(SECS_IN_YEAR)); assert!(cert.primary_key() - .binding_signature(&reject, None).is_none()); + .binding_signature(&reject, None).is_err()); assert_match!(RevocationStatus::NotAsFarAsWeKnow = cert_revoked.revoked(&reject, None)); @@ -1477,8 +1475,7 @@ mod test { algo, SystemTime::UNIX_EPOCH + Duration::from_secs(500 * SECS_IN_YEAR), SystemTime::UNIX_EPOCH + Duration::from_secs(500 * SECS_IN_YEAR)); - assert!(cert.primary_key() - .binding_signature(&reject, None).is_some()); + cert.primary_key().binding_signature(&reject, None)?; assert_match!(RevocationStatus::Revoked(_) = cert_revoked.revoked(&reject, None)); |