diff options
Diffstat (limited to 'ipc/examples/gpg-agent-decrypt.rs')
-rw-r--r-- | ipc/examples/gpg-agent-decrypt.rs | 66 |
1 files changed, 31 insertions, 35 deletions
diff --git a/ipc/examples/gpg-agent-decrypt.rs b/ipc/examples/gpg-agent-decrypt.rs index 8b5ead32..ebb311ac 100644 --- a/ipc/examples/gpg-agent-decrypt.rs +++ b/ipc/examples/gpg-agent-decrypt.rs @@ -3,15 +3,13 @@ use std::collections::HashMap; use std::io; -use clap; use sequoia_openpgp as openpgp; use sequoia_ipc as ipc; -use crate::openpgp::cert::prelude::*; -use crate::openpgp::crypto::SessionKey; -use crate::openpgp::types::SymmetricAlgorithm; -use crate::openpgp::packet::key; -use crate::openpgp::parse::{ +use openpgp::cert::prelude::*; +use openpgp::crypto::SessionKey; +use openpgp::types::SymmetricAlgorithm; +use openpgp::parse::{ Parse, stream::{ DecryptionHelper, @@ -23,11 +21,11 @@ use crate::openpgp::parse::{ MessageLayer, }, }; -use crate::openpgp::policy::Policy; -use crate::openpgp::policy::StandardPolicy as P; -use crate::ipc::gnupg::{Context, KeyPair}; +use openpgp::policy::Policy; +use openpgp::policy::StandardPolicy as P; +use ipc::gnupg::{Context, KeyPair}; -fn main() { +fn main() -> openpgp::Result<()> { let p = &P::new(); let matches = clap::App::new("gpg-agent-decrypt") @@ -43,40 +41,38 @@ fn main() { .get_matches(); let ctx = if let Some(homedir) = matches.value_of("homedir") { - Context::with_homedir(homedir).unwrap() + Context::with_homedir(homedir)? } else { - Context::new().unwrap() + Context::new()? }; // Read the Certs from the given files. let certs = - matches.values_of("cert").expect("required").map(|f| { - openpgp::Cert::from_file(f) - .expect("Failed to read key") - }).collect(); + matches.values_of("cert").expect("required").map( + openpgp::Cert::from_file + ).collect::<Result<_, _>>()?; // Now, create a decryptor with a helper using the given Certs. - let mut decryptor = DecryptorBuilder::from_reader(io::stdin()).unwrap() - .with_policy(p, None, Helper::new(&ctx, p, certs)).unwrap(); + let mut decryptor = DecryptorBuilder::from_reader(io::stdin())? + .with_policy(p, None, Helper::new(&ctx, p, certs)?)?; // Finally, stream the decrypted data to stdout. - io::copy(&mut decryptor, &mut io::stdout()) - .expect("Decryption failed"); + io::copy(&mut decryptor, &mut io::stdout())?; + + Ok(()) } /// This helper provides secrets for the decryption, fetches public /// keys for the signature verification and implements the /// verification policy. -struct Helper<'a> { - ctx: &'a Context, - keys: HashMap<openpgp::KeyID, - openpgp::packet::Key<key::PublicParts, key::UnspecifiedRole>>, +struct Helper { + keys: HashMap<openpgp::KeyID, KeyPair>, } -impl<'a> Helper<'a> { +impl Helper { /// Creates a Helper for the given Certs with appropriate secrets. - fn new(ctx: &'a Context, policy: &'a dyn Policy, certs: Vec<openpgp::Cert>) - -> Self + fn new(ctx: &Context, policy: &dyn Policy, certs: Vec<openpgp::Cert>) + -> openpgp::Result<Self> { // Map (sub)KeyIDs to secrets. let mut keys = HashMap::new(); @@ -84,16 +80,17 @@ impl<'a> Helper<'a> { for ka in cert.keys().with_policy(policy, None) .for_storage_encryption().for_transport_encryption() { - let key = ka.key(); - keys.insert(key.keyid(), key.clone().into()); + let pair = KeyPair::new(ctx, ka.key())? + .with_cert(ka.cert()); + keys.insert(ka.key().keyid(), pair); } } - Helper { ctx, keys, } + Ok(Helper { keys }) } } -impl<'a> DecryptionHelper for Helper<'a> { +impl DecryptionHelper for Helper { fn decrypt<D>(&mut self, pkesks: &[openpgp::packet::PKESK], _skesks: &[openpgp::packet::SKESK], @@ -104,9 +101,8 @@ impl<'a> DecryptionHelper for Helper<'a> { { // Try each PKESK until we succeed. for pkesk in pkesks { - if let Some(key) = self.keys.get(pkesk.recipient()) { - let mut pair = KeyPair::new(self.ctx, key)?; - if pkesk.decrypt(&mut pair, sym_algo) + if let Some(pair) = self.keys.get_mut(pkesk.recipient()) { + if pkesk.decrypt(pair, sym_algo) .map(|(algo, session_key)| decrypt(algo, &session_key)) .unwrap_or(false) { @@ -120,7 +116,7 @@ impl<'a> DecryptionHelper for Helper<'a> { } } -impl<'a> VerificationHelper for Helper<'a> { +impl VerificationHelper for Helper { fn get_certs(&mut self, _ids: &[openpgp::KeyHandle]) -> openpgp::Result<Vec<openpgp::Cert>> { Ok(Vec::new()) // Feed the Certs to the verifier here. |