diff options
author | Neal H. Walfield <neal@pep.foundation> | 2019-03-14 09:20:10 +0100 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2019-03-14 14:56:47 +0100 |
commit | 1434843469109127f41c5dbd8aacf5400c537759 (patch) | |
tree | 0ca324cad8a486def769000eb460a13bd51473c4 /tool | |
parent | 6bea117391c1813e956e384c6638b7b0311d8d7c (diff) |
openpgp: Replace TPK::select_keys with an iterator.
- TPK::select_keys mixes iterating and filtering.
- Make KeyIter an implicit builder, which supports convenient
filtering.
- Provide a convenience function to key an iterator with a
reasonable filter default.
Diffstat (limited to 'tool')
-rw-r--r-- | tool/src/commands/mod.rs | 9 | ||||
-rw-r--r-- | tool/tests/sq-sign.rs | 2 |
2 files changed, 8 insertions, 3 deletions
diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs index db713caa..076bafbc 100644 --- a/tool/src/commands/mod.rs +++ b/tool/src/commands/mod.rs @@ -44,7 +44,10 @@ fn tm2str(t: &time::Tm) -> String { fn get_signing_keys(tpks: &[openpgp::TPK]) -> Result<Vec<crypto::KeyPair>> { let mut keys = Vec::new(); 'next_tpk: for tsk in tpks { - for key in tsk.select_signing_keys(None) { + for key in tsk.keys_valid() + .signing_capable() + .map(|k| k.2) + { if let Some(mut secret) = key.secret() { let secret_mpis = match secret { SecretKey::Encrypted { .. } => { @@ -191,7 +194,9 @@ impl<'a> VerificationHelper for VHelper<'a> { let mut tpks = self.tpks.take().unwrap(); let seen: HashSet<_> = tpks.iter() .flat_map(|tpk| { - tpk.keys().map(|(_, _, key)| key.fingerprint().to_keyid()) + // Even if a key is revoked or expired, we can still + // use it to verify a message. + tpk.keys_all().map(|(_, _, key)| key.fingerprint().to_keyid()) }).collect(); // Explicitly provided keys are trusted. diff --git a/tool/tests/sq-sign.rs b/tool/tests/sq-sign.rs index 90da8d8a..8a891f65 100644 --- a/tool/tests/sq-sign.rs +++ b/tool/tests/sq-sign.rs @@ -208,7 +208,7 @@ fn sq_sign_append_on_compress_then_sign() { // message by foot. let tsk = TPK::from_file(&p("keys/dennis-simon-anton-private.pgp")) .unwrap(); - let key = tsk.select_signing_keys(None)[0]; + let key = tsk.keys_all().signing_capable().nth(0).unwrap().2; let sec = match key.secret() { Some(SecretKey::Unencrypted { ref mpis }) => mpis, _ => unreachable!(), |