tape: restore_key - always update key, even if there is already an entry

This commit is contained in:
Dietmar Maurer 2021-01-21 07:46:21 +01:00
parent 4dafc513cc
commit 18bd6ba13d
3 changed files with 7 additions and 5 deletions

View File

@ -183,7 +183,7 @@ pub fn create_key(
let fingerprint = key_config.fingerprint.clone().unwrap();
insert_key(key, key_config)?;
insert_key(key, key_config, false)?;
Ok(fingerprint)
}

View File

@ -485,7 +485,7 @@ pub async fn restore_key(
if let Some(key_config) = key_config {
let password_fn = || { Ok(password.as_bytes().to_vec()) };
let (key, ..) = key_config.decrypt(&password_fn)?;
config::tape_encryption_keys::insert_key(key, key_config)?;
config::tape_encryption_keys::insert_key(key, key_config, true)?;
} else {
bail!("media does not contain any encryption key configuration");
}

View File

@ -176,7 +176,7 @@ pub fn save_key_configs(map: HashMap<Fingerprint, KeyConfig>) -> Result<(), Erro
Ok(())
}
pub fn insert_key(key: [u8;32], key_config: KeyConfig) -> Result<(), Error> {
pub fn insert_key(key: [u8;32], key_config: KeyConfig, force: bool) -> Result<(), Error> {
let _lock = open_file_locked(
TAPE_KEYS_LOCKFILE,
@ -192,8 +192,10 @@ pub fn insert_key(key: [u8;32], key_config: KeyConfig) -> Result<(), Error> {
None => bail!("missing encryption key fingerprint - internal error"),
};
if let Some(_) = config_map.get(&fingerprint) {
bail!("encryption key '{}' already exists.", fingerprint);
if !force {
if let Some(_) = config_map.get(&fingerprint) {
bail!("encryption key '{}' already exists.", fingerprint);
}
}
let item = EncryptionKeyInfo::new(key, fingerprint.clone());