openpgp-key-janitor/src/main.rs

use anyhow::{Context, Result};

use sequoia_openpgp::{
    cert::CertBuilder,
    packet::signature::SignatureBuilder,
    types::{KeyFlags, SignatureType},
};

use spec::KeyFlag;

mod paths;
mod setup;
mod spec;

fn main() -> Result<()> {
    let (paths, spec) = crate::setup::setup().context("Failed to setup application")?;
    let mut builder = CertBuilder::new()
        .set_primary_key_flags(
            spec.primary
                .flags
                .iter()
                .fold(KeyFlags::empty(), KeyFlag::fold),
        )
        .set_validity_period(
            spec.primary
                .expiry
                .validity_period
                .or(spec.expiry.validity_period),
        )
        .set_cipher_suite(spec.primary.cipher_suite);
    for sub_key in spec.subs {
        builder = builder.add_subkey_with(
            sub_key.flags.iter().fold(KeyFlags::empty(), KeyFlag::fold),
            sub_key
                .expiry
                .validity_period
                .or(spec.expiry.validity_period),
            Some(sub_key.cipher_suite),
            SignatureBuilder::new(SignatureType::SubkeyBinding),
        )?;
    }
    for user_id in spec.user_ids {
        let mut sig_builder = SignatureBuilder::new(SignatureType::PositiveCertification);
        for (key, value) in user_id.notation {
            sig_builder = sig_builder
                .add_notation(key, value, None, false)
                .context(format!(
                    "Failed to add notation to signature builder for {}",
                    &user_id.value
                ))?;
        }
        builder = builder
            .add_userid_with(user_id.value.clone(), sig_builder)
            .context(format!(
                "Failed to add user ID {} to certificate builder",
                &user_id.value
            ))?;
    }

    let (cert, rev) = builder
        .generate()
        .context("Failed to generate certificate!")?;
    paths
        .write(cert, rev)
        .context("Failed to store certificate!")?;
    Ok(())
}
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`use anyhow::{Context, Result};`
initial commit 2023-05-30 17:34:57 +00:00
			`use sequoia_openpgp::{`
			`cert::CertBuilder,`
			`packet::signature::SignatureBuilder,`
			`types::{KeyFlags, SignatureType},`
			`};`

chore: split code out into modules 2023-05-30 21:15:22 +00:00			`use spec::KeyFlag;`
initial commit 2023-05-30 17:34:57 +00:00
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`mod paths;`
			`mod setup;`
			`mod spec;`
initial commit 2023-05-30 17:34:57 +00:00
			`fn main() -> Result<()> {`
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`let (paths, spec) = crate::setup::setup().context("Failed to setup application")?;`
initial commit 2023-05-30 17:34:57 +00:00			`let mut builder = CertBuilder::new()`
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`.set_primary_key_flags(`
			`spec.primary`
			`.flags`
			`.iter()`
			`.fold(KeyFlags::empty(), KeyFlag::fold),`
			`)`
initial commit 2023-05-30 17:34:57 +00:00			`.set_validity_period(`
			`spec.primary`
			`.expiry`
			`.validity_period`
			`.or(spec.expiry.validity_period),`
			`)`
			`.set_cipher_suite(spec.primary.cipher_suite);`
			`for sub_key in spec.subs {`
			`builder = builder.add_subkey_with(`
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`sub_key.flags.iter().fold(KeyFlags::empty(), KeyFlag::fold),`
initial commit 2023-05-30 17:34:57 +00:00			`sub_key`
			`.expiry`
			`.validity_period`
			`.or(spec.expiry.validity_period),`
			`Some(sub_key.cipher_suite),`
			`SignatureBuilder::new(SignatureType::SubkeyBinding),`
			`)?;`
			`}`
			`for user_id in spec.user_ids {`
			`let mut sig_builder = SignatureBuilder::new(SignatureType::PositiveCertification);`
			`for (key, value) in user_id.notation {`
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`sig_builder = sig_builder`
			`.add_notation(key, value, None, false)`
			`.context(format!(`
			`"Failed to add notation to signature builder for {}",`
			`&user_id.value`
			`))?;`
initial commit 2023-05-30 17:34:57 +00:00			`}`
chore: split code out into modules 2023-05-30 21:15:22 +00:00			`builder = builder`
			`.add_userid_with(user_id.value.clone(), sig_builder)`
			`.context(format!(`
			`"Failed to add user ID {} to certificate builder",`
			`&user_id.value`
			`))?;`
initial commit 2023-05-30 17:34:57 +00:00			`}`

chore: split code out into modules 2023-05-30 21:15:22 +00:00			`let (cert, rev) = builder`
			`.generate()`
			`.context("Failed to generate certificate!")?;`
			`paths`
			`.write(cert, rev)`
			`.context("Failed to store certificate!")?;`
initial commit 2023-05-30 17:34:57 +00:00			`Ok(())`
			`}`