diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-11-19 15:50:23 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-11-19 15:50:23 +0100 |
commit | 1ddc1dd61b45b41801c1d1c364cd6789314cb8f3 (patch) | |
tree | b34baf591fce5f778cd2f132ead705d39abbff47 /tool | |
parent | cf9b92f5f9238b8322d09833b92c886dda219924 (diff) |
openpgp: Use the builder pattern for stream::Signer.
- See #375.
Diffstat (limited to 'tool')
-rw-r--r-- | tool/src/commands/mod.rs | 14 | ||||
-rw-r--r-- | tool/src/commands/sign.rs | 38 | ||||
-rw-r--r-- | tool/tests/sq-sign.rs | 5 |
3 files changed, 29 insertions, 28 deletions
diff --git a/tool/src/commands/mod.rs b/tool/src/commands/mod.rs index 21521e90..f651756b 100644 --- a/tool/src/commands/mod.rs +++ b/tool/src/commands/mod.rs @@ -148,12 +148,14 @@ pub fn encrypt(mapping: &mut store::Mapping, // Optionally sign message. if ! signers.is_empty() { - sink = Signer::with_intended_recipients( - sink, - signers.iter_mut().map(|s| -> &mut dyn crypto::Signer<_> { s }) - .collect(), - &recipients, - None)?; + let mut signer = Signer::new(sink, signers.pop().unwrap()); + for s in signers { + signer = signer.add_signer(s); + } + for r in recipients { + signer = signer.add_intended_recipient(r); + } + sink = signer.build()?; } let mut literal_writer = LiteralWriter::new(sink, None, None, None) diff --git a/tool/src/commands/sign.rs b/tool/src/commands/sign.rs index 1b2c98b3..51b098b7 100644 --- a/tool/src/commands/sign.rs +++ b/tool/src/commands/sign.rs @@ -6,7 +6,6 @@ use tempfile::NamedTempFile; extern crate sequoia_openpgp as openpgp; use crate::openpgp::armor; -use crate::openpgp::crypto; use crate::openpgp::{Packet, Result}; use crate::openpgp::packet::Signature; use crate::openpgp::parse::{ @@ -82,9 +81,9 @@ fn sign_data(input: &mut dyn io::Read, output_path: Option<&str>, }; let mut keypairs = super::get_signing_keys(&secrets)?; - let signers = keypairs.iter_mut() - .map(|s| -> &mut dyn crypto::Signer<_> { s }) - .collect(); + if keypairs.is_empty() { + return Err(failure::format_err!("No signing keys found")); + } // When extending a detached signature, prepend any existing // signatures first. @@ -95,11 +94,14 @@ fn sign_data(input: &mut dyn io::Read, output_path: Option<&str>, // Stream an OpenPGP message. let sink = Message::new(output); - let signer = if detached { - Signer::detached(sink, signers, None) - } else { - Signer::new(sink, signers, None) - }.context("Failed to create signer")?; + let mut signer = Signer::new(sink, keypairs.pop().unwrap()); + for s in keypairs { + signer = signer.add_signer(s); + } + if detached { + signer = signer.detached(); + } + let signer = signer.build().context("Failed to create signer")?; let mut writer = if detached { // Detached signatures do not need a literal data packet, just @@ -140,13 +142,9 @@ fn sign_message(input: &mut dyn io::Read, output_path: Option<&str>, }; let mut keypairs = super::get_signing_keys(&secrets)?; - // We need to create the signers here, so that we can take() them - // once in the parsing loop. We cannot create the references in - // the loop, because the borrow checker does not understand that - // it happens only once. - let mut signers = Some(keypairs.iter_mut() - .map(|s| -> &mut dyn crypto::Signer<_> { s }) - .collect::<Vec<&mut dyn crypto::Signer<_>>>()); + if keypairs.is_empty() { + return Err(failure::format_err!("No signing keys found")); + } let mut sink = Message::new(output); @@ -212,9 +210,11 @@ fn sign_message(input: &mut dyn io::Read, output_path: Option<&str>, State::AfterFirstSigGroup => { // After the first signature group, we push the signer // onto the writer stack. - let signers = signers.take().expect("only happens once"); - sink = Signer::new(sink, signers, None) - .context("Failed to create signer")?; + let mut signer = Signer::new(sink, keypairs.pop().unwrap()); + for s in keypairs.drain(..) { + signer = signer.add_signer(s); + } + sink = signer.build().context("Failed to create signer")?; state = State::Signing { signature_count: 0, }; }, diff --git a/tool/tests/sq-sign.rs b/tool/tests/sq-sign.rs index 6155190e..3a019459 100644 --- a/tool/tests/sq-sign.rs +++ b/tool/tests/sq-sign.rs @@ -213,10 +213,9 @@ fn sq_sign_append_on_compress_then_sign() { Some(SecretKeyMaterial::Unencrypted(ref u)) => u.clone(), _ => unreachable!(), }; - let mut keypair = KeyPair::new(key.clone(), sec).unwrap(); + let keypair = KeyPair::new(key.clone(), sec).unwrap(); let signer = Signer::new(Message::new(File::create(&sig0).unwrap()), - vec![&mut keypair], None) - .unwrap(); + keypair).build().unwrap(); let compressor = Compressor::new(signer, CompressionAlgorithm::Uncompressed, None) .unwrap(); |