summaryrefslogtreecommitdiffstats
path: root/openpgp/src/parse/stream.rs
diff options
context:
space:
mode:
Diffstat (limited to 'openpgp/src/parse/stream.rs')
-rw-r--r--openpgp/src/parse/stream.rs46
1 files changed, 26 insertions, 20 deletions
diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs
index a5f58d80..518ca675 100644
--- a/openpgp/src/parse/stream.rs
+++ b/openpgp/src/parse/stream.rs
@@ -932,7 +932,7 @@ impl<V: VerificationHelper> DecryptionHelper for NoDecryptionHelper<V> {
fn decrypt<D>(&mut self, _: &[PKESK], _: &[SKESK],
_: Option<SymmetricAlgorithm>,
_: D) -> Result<Option<Fingerprint>>
- where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
{
unreachable!("This is not used for verifications")
}
@@ -1734,7 +1734,7 @@ enum Mode {
/// fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK],
/// _sym_algo: Option<SymmetricAlgorithm>,
/// mut decrypt: D) -> Result<Option<openpgp::Fingerprint>>
-/// where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+/// where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
/// {
/// skesks[0].decrypt(&"streng geheim".into())
/// .map(|(algo, session_key)| decrypt(algo, &session_key));
@@ -1905,7 +1905,7 @@ impl<'a> DecryptorBuilder<'a> {
/// # fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK],
/// # _sym_algo: Option<SymmetricAlgorithm>,
/// # mut decrypt: D) -> Result<Option<Fingerprint>>
- /// # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ /// # where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
/// # {
/// # Ok(None)
/// # }
@@ -1972,7 +1972,7 @@ impl<'a> DecryptorBuilder<'a> {
/// # fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK],
/// # _sym_algo: Option<SymmetricAlgorithm>,
/// # mut decrypt: D) -> Result<Option<Fingerprint>>
- /// # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ /// # where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
/// # {
/// # Ok(None)
/// # }
@@ -2037,7 +2037,7 @@ impl<'a> DecryptorBuilder<'a> {
/// # fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK],
/// # _sym_algo: Option<SymmetricAlgorithm>,
/// # mut decrypt: D) -> Result<Option<Fingerprint>>
- /// # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ /// # where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
/// # {
/// # Ok(None)
/// # }
@@ -2121,18 +2121,17 @@ pub trait DecryptionHelper {
///
/// ```
/// use sequoia_openpgp as openpgp;
- /// use openpgp::{Fingerprint, Cert, Result};
- /// # use openpgp::KeyID;
+ /// use openpgp::{Cert, Fingerprint, KeyHandle, KeyID, Result};
/// use openpgp::crypto::SessionKey;
/// use openpgp::types::SymmetricAlgorithm;
/// use openpgp::packet::{PKESK, SKESK};
/// # use openpgp::packet::{Key, key::*};
/// use openpgp::parse::stream::*;
/// # fn lookup_cache(_: &[PKESK], _: &[SKESK])
- /// # -> Option<(Option<Fingerprint>, SymmetricAlgorithm, SessionKey)> {
+ /// # -> Option<(Option<Fingerprint>, Option<SymmetricAlgorithm>, SessionKey)> {
/// # unimplemented!()
/// # }
- /// # fn lookup_key(_: &KeyID)
+ /// # fn lookup_key(_: Option<KeyHandle>)
/// # -> Option<(Fingerprint, Key<SecretParts, UnspecifiedRole>)> {
/// # unimplemented!()
/// # }
@@ -2145,7 +2144,7 @@ pub trait DecryptionHelper {
/// fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK],
/// sym_algo: Option<SymmetricAlgorithm>,
/// mut decrypt: D) -> Result<Option<Fingerprint>>
- /// where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ /// where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
/// {
/// // Try to decrypt, from the most convenient method to the
/// // least convenient one.
@@ -2176,7 +2175,9 @@ pub trait DecryptionHelper {
/// // Third, we try to decrypt PKESK packets with
/// // wildcard recipients using those keys that we can
/// // use without prompting for a password.
- /// for pkesk in pkesks.iter().filter(|p| p.recipient().is_wildcard()) {
+ /// for pkesk in pkesks.iter().filter(
+ /// |p| p.recipient().is_none())
+ /// {
/// for (fp, key) in all_keys() {
/// if ! key.secret().is_encrypted() {
/// let mut keypair = key.clone().into_keypair()?;
@@ -2227,7 +2228,7 @@ pub trait DecryptionHelper {
fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK],
sym_algo: Option<SymmetricAlgorithm>,
decrypt: D) -> Result<Option<Fingerprint>>
- where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool;
+ where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool;
}
impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
@@ -2450,7 +2451,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
let decryption_proxy = |algo, secret: &SessionKey| {
// Take the algo from the AED packet over
// the dummy one from the SKESK6 packet.
- let algo = sym_algo_hint.unwrap_or(algo);
+ let algo = sym_algo_hint.or(algo);
let result = pp.decrypt(algo, secret);
t!("pp.decrypt({:?}, {:?}) => {:?}",
algo, secret, result);
@@ -2473,8 +2474,13 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> {
"No session key decrypted".into()).into());
}
- let sym_algo =
- sym_algo.expect("if we got here, sym_algo is set");
+ let sym_algo = if let Some(Some(a)) = sym_algo {
+ a
+ } else {
+ return Err(Error::InvalidOperation(
+ "No symmetric algorithm known".into()).into());
+ };
+
v.policy.symmetric_algorithm(sym_algo)?;
if let Packet::AED(ref p) = pp.packet {
v.policy.aead_algorithm(p.aead())?;
@@ -3161,7 +3167,7 @@ pub mod test {
fn decrypt<D>(&mut self, pkesks: &[PKESK], skesks: &[SKESK],
sym_algo: Option<SymmetricAlgorithm>, mut decrypt: D)
-> Result<Option<Fingerprint>>
- where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
{
let p = P::new();
if ! self.for_decryption {
@@ -3178,10 +3184,10 @@ pub mod test {
}
}
- for pkesk in pkesks {
+ for pkesk in pkesks.iter().filter(|p| p.recipient().is_some()) {
for key in &self.keys {
for subkey in key.with_policy(&p, None)?.keys().secret()
- .key_handle(pkesk.recipient())
+ .key_handle(pkesk.recipient().unwrap())
{
if let Some((algo, sk)) =
subkey.key().clone().into_keypair().ok()
@@ -3543,7 +3549,7 @@ pub mod test {
fn decrypt<D>(&mut self, _: &[PKESK], _: &[SKESK],
_: Option<SymmetricAlgorithm>, _: D)
-> Result<Option<Fingerprint>>
- where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
{
unreachable!();
}
@@ -3801,7 +3807,7 @@ pub mod test {
fn decrypt<D>(&mut self, _: &[PKESK], s: &[SKESK],
_: Option<SymmetricAlgorithm>, mut decrypt: D)
-> Result<Option<Fingerprint>>
- where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
+ where D: FnMut(Option<SymmetricAlgorithm>, &SessionKey) -> bool
{
let (algo, sk) = s[0].decrypt(&"123".into()).unwrap();
let r = decrypt(algo, &sk);
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-05 15:14:24 +0000