keyfork-shard: cleanup eprintln

keyfork-shard/src/openpgp.rs

@@ -212,8 +212,10 @@ pub fn combine(
     let mut keyring = Keyring::new(certs)?;
     let mut manager = SmartcardManager::new()?;
     let content = if keyring.is_empty() {
-        let card_fp = manager.load_any_card()?;
-        eprintln!("key discovery is empty, using hardware smartcard: {card_fp}");
+        // NOTE: Any card plugged in that can't decrypt, will raise issues.
+        // This should not be used on a system where OpenPGP cards are available that shouldn't be
+        // used, due to the nature of how wildcard decryption works.
+        manager.load_any_card()?;
         metadata.decrypt_with(&policy, &mut manager)?
     } else {
         metadata.decrypt_with(&policy, &mut keyring)?
@@ -252,20 +254,10 @@ pub fn combine(
                     pkesk.set_recipient(key.keyid());
                 }
                 // we have a pkesk, decrypt via keyring
-                let result = message.decrypt_with(&policy, &mut keyring);
-                match result {
-                    Ok(message) => {
-                        decrypted_messages.insert(valid_cert.keyid(), message);
-                    }
-                    Err(e) => {
-                        eprintln!(
-                            "Could not decrypt with fingerprint {}: {}",
+                decrypted_messages.insert(
                     valid_cert.keyid(),
-                            e
+                    message.decrypt_with(&policy, &mut keyring)?,
                 );
-                        // do nothing, key will be retained
-                    }
-                }
             }
         }
     }
@@ -275,7 +267,6 @@ pub fn combine(
 
     let left_from_threshold = threshold as usize - decrypted_messages.len();
     if left_from_threshold > 0 {
-        eprintln!("remaining keys: {left_from_threshold}, prompting yubikeys");
         let mut remaining_usable_certs = certs
             .iter()
             .filter(|cert| messages.contains_key(&cert.keyid()))