diff options
Diffstat (limited to 'openpgp/src/parse/stream.rs')
-rw-r--r-- | openpgp/src/parse/stream.rs | 46 |
1 files changed, 26 insertions, 20 deletions
diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index a5f58d80..518ca675 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -932,7 +932,7 @@ impl<V: VerificationHelper> DecryptionHelper for NoDecryptionHelper<V> { fn decrypt<D>(&mut self, _: &[PKESK], _: &[SKESK], _: Option<SymmetricAlgorithm>, _: D) -> Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool { unreachable!("This is not used for verifications") } @@ -1734,7 +1734,7 @@ enum Mode { /// fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK], /// _sym_algo: Option<SymmetricAlgorithm>, /// mut decrypt: D) -> Result<Option<openpgp::Fingerprint>> -/// where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool +/// where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool /// { /// skesks[0].decrypt(&"streng geheim".into()) /// .map(|(algo, session_key)| decrypt(algo, &session_key)); @@ -1905,7 +1905,7 @@ impl<'a> DecryptorBuilder<'a> { /// # fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK], /// # _sym_algo: Option<SymmetricAlgorithm>, /// # mut decrypt: D) -> Result<Option<Fingerprint>> - /// # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + /// # where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool /// # { /// # Ok(None) /// # } @@ -1972,7 +1972,7 @@ impl<'a> DecryptorBuilder<'a> { /// # fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK], /// # _sym_algo: Option<SymmetricAlgorithm>, /// # mut decrypt: D) -> Result<Option<Fingerprint>> - /// # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + /// # where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool /// # { /// # Ok(None) /// # } @@ -2037,7 +2037,7 @@ impl<'a> DecryptorBuilder<'a> { /// # fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK], /// # _sym_algo: Option<SymmetricAlgorithm>, /// # mut decrypt: D) -> Result<Option<Fingerprint>> - /// # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + /// # where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool /// # { /// # Ok(None) /// # } @@ -2121,18 +2121,17 @@ pub trait DecryptionHelper { /// /// ``` /// use sequoia_openpgp as openpgp; - /// use openpgp::{Fingerprint, Cert, Result}; - /// # use openpgp::KeyID; + /// use openpgp::{Cert, Fingerprint, KeyHandle, KeyID, Result}; /// use openpgp::crypto::SessionKey; /// use openpgp::types::SymmetricAlgorithm; /// use openpgp::packet::{PKESK, SKESK}; /// # use openpgp::packet::{Key, key::*}; /// use openpgp::parse::stream::*; /// # fn lookup_cache(_: &[PKESK], _: &[SKESK]) - /// # -> Option<(Option<Fingerprint>, SymmetricAlgorithm, SessionKey)> { + /// # -> Option<(Option<Fingerprint>, Option<SymmetricAlgorithm>, SessionKey)> { /// # unimplemented!() /// # } - /// # fn lookup_key(_: &KeyID) + /// # fn lookup_key(_: Option<KeyHandle>) /// # -> Option<(Fingerprint, Key<SecretParts, UnspecifiedRole>)> { /// # unimplemented!() /// # } @@ -2145,7 +2144,7 @@ pub trait DecryptionHelper { /// fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK], /// sym_algo: Option<SymmetricAlgorithm>, /// mut decrypt: D) -> Result<Option<Fingerprint>> - /// where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + /// where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool /// { /// // Try to decrypt, from the most convenient method to the /// // least convenient one. @@ -2176,7 +2175,9 @@ pub trait DecryptionHelper { /// // Third, we try to decrypt PKESK packets with /// // wildcard recipients using those keys that we can /// // use without prompting for a password. - /// for pkesk in pkesks.iter().filter(|p| p.recipient().is_wildcard()) { + /// for pkesk in pkesks.iter().filter( + /// |p| p.recipient().is_none()) + /// { /// for (fp, key) in all_keys() { /// if ! key.secret().is_encrypted() { /// let mut keypair = key.clone().into_keypair()?; @@ -2227,7 +2228,7 @@ pub trait DecryptionHelper { fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK], sym_algo: Option<SymmetricAlgorithm>, decrypt: D) -> Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool; + where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool; } impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { @@ -2450,7 +2451,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { let decryption_proxy = |algo, secret: &SessionKey| { // Take the algo from the AED packet over // the dummy one from the SKESK6 packet. - let algo = sym_algo_hint.unwrap_or(algo); + let algo = sym_algo_hint.or(algo); let result = pp.decrypt(algo, secret); t!("pp.decrypt({:?}, {:?}) => {:?}", algo, secret, result); @@ -2473,8 +2474,13 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { "No session key decrypted".into()).into()); } - let sym_algo = - sym_algo.expect("if we got here, sym_algo is set"); + let sym_algo = if let Some(Some(a)) = sym_algo { + a + } else { + return Err(Error::InvalidOperation( + "No symmetric algorithm known".into()).into()); + }; + v.policy.symmetric_algorithm(sym_algo)?; if let Packet::AED(ref p) = pp.packet { v.policy.aead_algorithm(p.aead())?; @@ -3161,7 +3167,7 @@ pub mod test { fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK], sym_algo: Option<SymmetricAlgorithm>, mut decrypt: D) -> Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool { let p = P::new(); if ! self.for_decryption { @@ -3178,10 +3184,10 @@ pub mod test { } } - for pkesk in pkesks { + for pkesk in pkesks.iter().filter(|p| p.recipient().is_some()) { for key in &self.keys { for subkey in key.with_policy(&p, None)?.keys().secret() - .key_handle(pkesk.recipient()) + .key_handle(pkesk.recipient().unwrap()) { if let Some((algo, sk)) = subkey.key().clone().into_keypair().ok() @@ -3543,7 +3549,7 @@ pub mod test { fn decrypt<D>(&mut self, _: &[PKESK], _: &[SKESK], _: Option<SymmetricAlgorithm>, _: D) -> Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool { unreachable!(); } @@ -3801,7 +3807,7 @@ pub mod test { fn decrypt<D>(&mut self, _: &[PKESK], s: &[SKESK], _: Option<SymmetricAlgorithm>, mut decrypt: D) -> Result<Option<Fingerprint>> - where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool + where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool { let (algo, sk) = s[0].decrypt(&"123".into()).unwrap(); let r = decrypt(algo, &sk); |