cleanup: factor out decrypt_key_config

This commit is contained in:
Dietmar Maurer 2021-01-19 10:50:00 +01:00
parent ac163a7c18
commit 8ca37d6a65

View File

@ -192,16 +192,14 @@ pub fn load_and_decrypt_key(
.with_context(|| format!("failed to load decryption key from {:?}", path)) .with_context(|| format!("failed to load decryption key from {:?}", path))
} }
pub fn decrypt_key( pub fn decrypt_key_config(
mut keydata: &[u8], key_config: &KeyConfig,
passphrase: &dyn Fn() -> Result<Vec<u8>, Error>, passphrase: &dyn Fn() -> Result<Vec<u8>, Error>,
) -> Result<([u8;32], i64, Fingerprint), Error> { ) -> Result<([u8;32], i64, Fingerprint), Error> {
let key_config: KeyConfig = serde_json::from_reader(&mut keydata)?;
let raw_data = key_config.data; let raw_data = &key_config.data;
let created = key_config.created;
let key = if let Some(kdf) = key_config.kdf { let key = if let Some(ref kdf) = key_config.kdf {
let passphrase = passphrase()?; let passphrase = passphrase()?;
if passphrase.len() < 5 { if passphrase.len() < 5 {
@ -226,10 +224,10 @@ pub fn decrypt_key(
b"", //?? b"", //??
&enc_data, &enc_data,
&tag, &tag,
).map_err(|err| format_err!("Unable to decrypt key - {}", err))? ).map_err(|err| format_err!("Unable to decrypt key (wrong password?) - {}", err))?
} else { } else {
raw_data raw_data.clone()
}; };
let mut result = [0u8; 32]; let mut result = [0u8; 32];
@ -237,16 +235,24 @@ pub fn decrypt_key(
let crypt_config = CryptConfig::new(result.clone())?; let crypt_config = CryptConfig::new(result.clone())?;
let fingerprint = crypt_config.fingerprint(); let fingerprint = crypt_config.fingerprint();
if let Some(stored_fingerprint) = key_config.fingerprint { if let Some(ref stored_fingerprint) = key_config.fingerprint {
if fingerprint != stored_fingerprint { if &fingerprint != stored_fingerprint {
bail!( bail!(
"KeyConfig contains wrong fingerprint {}, contained key has fingerprint {}", "KeyConfig contains wrong fingerprint {}, contained key has fingerprint {}",
stored_fingerprint, fingerprint stored_fingerprint, fingerprint
); );
} }
} }
Ok((result, key_config.created, fingerprint))
}
Ok((result, created, fingerprint)) pub fn decrypt_key(
mut keydata: &[u8],
passphrase: &dyn Fn() -> Result<Vec<u8>, Error>,
) -> Result<([u8;32], i64, Fingerprint), Error> {
let key_config: KeyConfig = serde_json::from_reader(&mut keydata)?;
decrypt_key_config(&key_config, passphrase)
} }
pub fn rsa_encrypt_key_config( pub fn rsa_encrypt_key_config(