add docs to make clippy extra happy

make clippy happy
keyfork-shard: re-enable standard policy, alive check still disabled, add check for encryption keys when discovering certs
2024-08-11 19:38:18 -04:00 · 2024-08-11 19:25:25 -04:00 · 2024-08-11 18:57:43 -04:00
25 changed files with 146 additions and 27 deletions
--- a/crates/daemon/keyforkd-client/src/tests.rs
+++ b/crates/daemon/keyforkd-client/src/tests.rs
@ -11,7 +11,7 @@ fn secp256k1_test_suite() {
    let tests = test_data()
        .unwrap()
-        .remove(&"secp256k1".to_string())
+        .remove("secp256k1")
        .unwrap();
    for seed_test in tests {
@ -70,7 +70,7 @@ fn secp256k1_test_suite() {
 fn ed25519_test_suite() {
    use ed25519_dalek::SigningKey;
-    let tests = test_data().unwrap().remove(&"ed25519".to_string()).unwrap();
+    let tests = test_data().unwrap().remove("ed25519").unwrap();
    for seed_test in tests {
        let seed = seed_test.seed;
--- a/crates/daemon/keyforkd/src/main.rs
+++ b/crates/daemon/keyforkd/src/main.rs
@ -1,4 +1,4 @@
-//!
+//! Launch the Keyfork Server from using a mnemonic passed through standard input.
 use keyfork_mnemonic::Mnemonic;
--- a/crates/daemon/keyforkd/src/service.rs
+++ b/crates/daemon/keyforkd/src/service.rs
@ -113,7 +113,7 @@ mod tests {
    async fn properly_derives_secp256k1() {
        let tests = test_data()
            .unwrap()
-            .remove(&"secp256k1".to_string())
+            .remove("secp256k1")
            .unwrap();
        for per_seed in tests {
@ -146,7 +146,7 @@ mod tests {
    #[tokio::test]
    async fn properly_derives_ed25519() {
-        let tests = test_data().unwrap().remove(&"ed25519".to_string()).unwrap();
+        let tests = test_data().unwrap().remove("ed25519").unwrap();
        for per_seed in tests {
            let seed = &per_seed.seed;
--- a/crates/derive/keyfork-derive-age/Cargo.toml
+++ b/crates/derive/keyfork-derive-age/Cargo.toml
@ -0,0 +1,16 @@
 [package]
 name = "keyfork-derive-age"
 version = "0.1.0"
 edition = "2021"
 license = "AGPL-3.0-only"
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 [dependencies]
 keyfork-derive-util = { workspace = true, default-features = false, features = ["ed25519"] }
 keyforkd-client = { workspace = true }
 smex = { workspace = true }
 thiserror = "1.0.48"
 bech32 = "0.11.0"
 keyfork-derive-path-data = { workspace = true }
 ed25519-dalek = "2.1.1"
--- a/crates/derive/keyfork-derive-age/src/main.rs
+++ b/crates/derive/keyfork-derive-age/src/main.rs
@ -0,0 +1,69 @@
 use std::{env, process::ExitCode, str::FromStr};
 use keyfork_derive_path_data::paths;
 use keyfork_derive_util::{DerivationPath, ExtendedPrivateKey, PathError};
 use keyforkd_client::Client;
 use ed25519_dalek::SigningKey;
 type XPrv = ExtendedPrivateKey<SigningKey>;
 /// Any error that can occur while deriving a key.
 #[derive(Debug, thiserror::Error)]
 pub enum Error {
    /// The given path could not be parsed.
    #[error("Could not parse the given path: {0}")]
    PathFormat(#[from] PathError),
    /// The request to derive data failed.
    #[error("Unable to perform key derivation request: {0}")]
    KeyforkdClient(#[from] keyforkd_client::Error),
 }
 #[allow(missing_docs)]
 pub type Result<T, E = Error> = std::result::Result<T, E>;
 fn validate(path: &str) -> Result<DerivationPath> {
    let index = paths::AGE.inner().first().unwrap();
    let path = DerivationPath::from_str(path)?;
    assert!(
        path.len() >= 2,
        "Expected path of at least m/{index}/account_id'"
    );
    let given_index = path.iter().next().expect("checked .len() above");
    assert_eq!(
        index, given_index,
        "Expected derivation path starting with m/{index}, got: {given_index}",
    );
    Ok(path)
 }
 fn run() -> Result<(), Box<dyn std::error::Error>> {
    let mut args = env::args();
    let program_name = args.next().expect("program name");
    let args = args.collect::<Vec<_>>();
    let path = match args.as_slice() {
        [path] => validate(path)?,
        _ => panic!("Usage: {program_name} path"),
    };
    let mut client = Client::discover_socket()?;
    // TODO: should this key be clamped to Curve25519 specs?
    let xprv: XPrv = client.request_xprv(&path)?;
    let hrp = bech32::Hrp::parse("AGE-SECRET-KEY-")?;
    let age_key = bech32::encode::<bech32::Bech32>(hrp, &xprv.private_key().to_bytes())?;
    println!("{}", age_key.to_uppercase());
    Ok(())
 }
 fn main() -> ExitCode {
    if let Err(e) = run() {
        eprintln!("Error: {e}");
        ExitCode::FAILURE
    } else {
        ExitCode::SUCCESS
    }
 }
--- a/crates/derive/keyfork-derive-key/src/main.rs
+++ b/crates/derive/keyfork-derive-key/src/main.rs
@ -1,4 +1,4 @@
-//!
+//! Query the Keyfork Server to generate a hex-encoded key for a given algorithm.
 use std::{env, process::ExitCode, str::FromStr};
--- a/crates/derive/keyfork-derive-openpgp/src/lib.rs
+++ b/crates/derive/keyfork-derive-openpgp/src/lib.rs
@ -19,8 +19,14 @@ use sequoia_openpgp::{
    Cert, Packet,
 };
 // TODO: this key type is actually _not_ the extended private key, so it should be renamed
 // something like Prv or PrvKey.
 /// The private key type used with OpenPGP.
 pub type XPrvKey = SigningKey;
-pub type XPrv = ExtendedPrivateKey<SigningKey>;
+
 /// The extended private key type used with OpenPGP.
 pub type XPrv = ExtendedPrivateKey<XPrvKey>;
 /// An error occurred while creating an OpenPGP key.
 #[derive(Debug, thiserror::Error)]
--- a/crates/derive/keyfork-derive-openpgp/src/main.rs
+++ b/crates/derive/keyfork-derive-openpgp/src/main.rs
@ -1,4 +1,4 @@
-//!
+//! Query the Keyfork Servre to derive an OpenPGP Secret Key.
 use std::{env, process::ExitCode, str::FromStr};
--- a/crates/derive/keyfork-derive-path-data/src/lib.rs
+++ b/crates/derive/keyfork-derive-path-data/src/lib.rs
@ -6,6 +6,7 @@ use once_cell::sync::Lazy;
 use keyfork_derive_util::{DerivationIndex, DerivationPath};
 /// All common paths for key derivation.
 pub mod paths {
    use super::*;
--- a/crates/derive/keyfork-derive-util/src/extended_key/mod.rs
+++ b/crates/derive/keyfork-derive-util/src/extended_key/mod.rs
@ -41,9 +41,9 @@
 //! }
 //! ```
-///
+#[allow(missing_docs)]
 pub mod private_key;
-///
+#[allow(missing_docs)]
 pub mod public_key;
 pub use {private_key::ExtendedPrivateKey, public_key::ExtendedPublicKey};
--- a/crates/derive/keyfork-derive-util/src/tests.rs
+++ b/crates/derive/keyfork-derive-util/src/tests.rs
@ -15,7 +15,7 @@ fn secp256k1() {
    let tests = test_data()
        .unwrap()
-        .remove(&"secp256k1".to_string())
+        .remove("secp256k1")
        .unwrap();
    for per_seed in tests {
@ -62,7 +62,7 @@ fn secp256k1() {
 fn ed25519() {
    use ed25519_dalek::SigningKey;
-    let tests = test_data().unwrap().remove(&"ed25519".to_string()).unwrap();
+    let tests = test_data().unwrap().remove("ed25519").unwrap();
    for per_seed in tests {
        let seed = &per_seed.seed;
--- a/crates/keyfork-shard/src/bin/keyfork-shard-combine-openpgp.rs
+++ b/crates/keyfork-shard/src/bin/keyfork-shard-combine-openpgp.rs
@ -1,4 +1,4 @@
-//!
+//! Combine OpenPGP shards and output the hex-encoded secret.
 use std::{
    env,
--- a/crates/keyfork-shard/src/bin/keyfork-shard-decrypt-openpgp.rs
+++ b/crates/keyfork-shard/src/bin/keyfork-shard-decrypt-openpgp.rs
@ -1,4 +1,4 @@
-//!
+//! Decrypt a single OpenPGP shard and encapsulate it for remote transport.
 use std::{
    env,
--- a/crates/keyfork-shard/src/bin/keyfork-shard-remote.rs
+++ b/crates/keyfork-shard/src/bin/keyfork-shard-remote.rs
@ -1,4 +1,4 @@
-//!
+//! Combine OpenPGP shards using remote transport and output the hex-encoded secret.
 use std::{
    env,
--- a/crates/keyfork-shard/src/bin/keyfork-shard-split-openpgp.rs
+++ b/crates/keyfork-shard/src/bin/keyfork-shard-split-openpgp.rs
@ -1,4 +1,4 @@
-//!
+//! Split a hex-encoded secret into OpenPGP shards
 use std::{env, path::PathBuf, process::ExitCode, str::FromStr};
--- a/crates/keyfork-shard/src/openpgp.rs
+++ b/crates/keyfork-shard/src/openpgp.rs
@ -25,7 +25,7 @@ use openpgp::{
        stream::{DecryptionHelper, DecryptorBuilder, VerificationHelper},
        Parse,
    },
-    policy::{NullPolicy, Policy},
+    policy::{NullPolicy, StandardPolicy, Policy},
    serialize::{
        stream::{ArbitraryWriter, Encryptor2, LiteralWriter, Message, Recipient, Signer},
        Marshal,
@ -77,6 +77,10 @@ pub enum Error {
    /// An IO error occurred.
    #[error("IO error: {0}")]
    Io(#[source] std::io::Error),
    /// No valid keys were found for the given recipient.
    #[error("No valid keys were found for the recipient {0}")]
    NoValidKeys(KeyID),
 }
 #[allow(missing_docs)]
@ -181,7 +185,7 @@ impl EncryptedMessage {
    }
 }
-///
+/// Encoding and decoding shards using OpenPGP.
 pub struct OpenPGP<P: PromptHandler> {
    p: PhantomData<P>,
 }
@ -239,6 +243,13 @@ impl<P: PromptHandler> OpenPGP<P> {
                certs.insert(certfp, cert);
            }
        }
        for cert in certs.values() {
            let policy = StandardPolicy::new();
            let valid_cert = cert.with_policy(&policy, None).map_err(Error::Sequoia)?;
            if get_encryption_keys(&valid_cert).next().is_none() {
                return Err(Error::NoValidKeys(valid_cert.keyid()))
            }
        }
        Ok(certs.into_values().collect())
    }
 }
@ -276,7 +287,7 @@ impl<P: PromptHandler> Format for OpenPGP<P> {
        key_data: &[Self::PublicKey],
        threshold: u8,
    ) -> Result<Self::EncryptedData, Self::Error> {
-        let policy = NullPolicy::new();
+        let policy = StandardPolicy::new();
        let mut pp = vec![SHARD_METADATA_VERSION, threshold];
        // Note: Sequoia does not export private keys on a Cert, only on a TSK
        signing_key
@ -362,7 +373,7 @@ impl<P: PromptHandler> Format for OpenPGP<P> {
        public_key: &Cert,
        signing_key: &mut Self::SigningKey,
    ) -> Result<EncryptedMessage> {
-        let policy = NullPolicy::new();
+        let policy = StandardPolicy::new();
        let valid_cert = public_key
            .with_policy(&policy, None)
            .map_err(Error::Sequoia)?;
--- a/crates/qrcode/keyfork-qrcode/src/bin/keyfork-qrcode-scan.rs
+++ b/crates/qrcode/keyfork-qrcode/src/bin/keyfork-qrcode-scan.rs
@ -1,4 +1,4 @@
-//!
+#![allow(missing_docs)]
 use std::time::Duration;
--- a/crates/qrcode/keyfork-qrcode/src/lib.rs
+++ b/crates/qrcode/keyfork-qrcode/src/lib.rs
@ -103,6 +103,11 @@ pub fn qrencode(
 const VIDEO_FORMAT_READ_ERROR: &str = "Failed to read video device format";
 /// Continuously scan the `index`-th camera for a QR code.
 ///
 /// # Errors
 ///
 /// The function may return an error if the hardware is unable to scan video or if an image could
 /// not be decoded.
 #[cfg(feature = "decode-backend-rqrr")]
 pub fn scan_camera(timeout: Duration, index: usize) -> Result<Option<String>, QRCodeScanError> {
    let device = Device::new(index)?;
@ -133,6 +138,11 @@ pub fn scan_camera(timeout: Duration, index: usize) -> Result<Option<String>, QR
 }
 /// Continuously scan the `index`-th camera for a QR code.
 ///
 /// # Errors
 ///
 /// The function may return an error if the hardware is unable to scan video or if an image could
 /// not be decoded.
 #[cfg(feature = "decode-backend-zbar")]
 pub fn scan_camera(timeout: Duration, index: usize) -> Result<Option<String>, QRCodeScanError> {
    let device = Device::new(index)?;
--- a/crates/qrcode/keyfork-zbar/examples/v4l-scan.rs
+++ b/crates/qrcode/keyfork-zbar/examples/v4l-scan.rs
@ -33,7 +33,7 @@ fn main() -> Result<(), Box<dyn std::error::Error>> {
                .decode()?,
        );
-        if let Some(symbol) = scanner.scan_image(&image).get(0) {
+        if let Some(symbol) = scanner.scan_image(&image).first() {
            println!("{}", String::from_utf8_lossy(symbol.data()));
            return Ok(());
        }
--- a/crates/qrcode/keyfork-zbar/src/symbol.rs
+++ b/crates/qrcode/keyfork-zbar/src/symbol.rs
@ -1,4 +1,4 @@
-//!
+//! A Symbol represents some form of encoded data.
 use super::sys;
--- a/crates/util/keyfork-crossterm/examples/is_tty.rs
+++ b/crates/util/keyfork-crossterm/examples/is_tty.rs
@ -1,4 +1,4 @@
-//!
+#![allow(missing_docs)]
 use keyfork_crossterm::{
    execute,
--- a/crates/util/keyfork-entropy/src/main.rs
+++ b/crates/util/keyfork-entropy/src/main.rs
@ -1,4 +1,4 @@
-//!
+//! Generate entropy of a given size, encoded as hex.
 fn main() -> Result<(), Box<dyn std::error::Error>> {
    let bit_size: usize = std::env::args()
--- a/crates/util/keyfork-mnemonic/src/bin/keyfork-mnemonic-from-seed.rs
+++ b/crates/util/keyfork-mnemonic/src/bin/keyfork-mnemonic-from-seed.rs
@ -1,4 +1,4 @@
-//!
+//! Generate a mnemonic from hex-encoded input.
 use keyfork_mnemonic::Mnemonic;
--- a/crates/util/keyfork-prompt/examples/test-basic-prompt.rs
+++ b/crates/util/keyfork-prompt/examples/test-basic-prompt.rs
@ -1,4 +1,4 @@
-//!
+#![allow(missing_docs)]
 use std::io::{stdin, stdout};
--- a/crates/util/keyfork-prompt/src/terminal.rs
+++ b/crates/util/keyfork-prompt/src/terminal.rs
@ -1,3 +1,9 @@
 //! A terminal prompt handler.
 //!
 //! This prompt handler uses a raw terminal device to read inputs and uses ANSI escape codes to
 //! provide formatting for prompts. Because of these reasons, it is not intended to be
 //! machine-readable.
 use std::{
    borrow::Borrow,
    io::{stderr, stdin, BufRead, BufReader, Read, Stderr, Stdin, Write},
Author	SHA1	Message	Date
Ryan Heywood	4ab1e8afa6	add docs to make clippy extra happy	2024-08-11 19:38:18 -04:00
Ryan Heywood	a8b2814b17	make clippy happy	2024-08-11 19:25:25 -04:00
Ryan Heywood	c36fe0a1b1	keyfork-shard: re-enable standard policy, alive check still disabled, add check for encryption keys when discovering certs	2024-08-11 18:57:43 -04:00
`@ -1,4 +1,4 @@`
	`//!`	`//! Launch the Keyfork Server from using a mnemonic passed through standard input.`

	`use keyfork_mnemonic::Mnemonic;`	`use keyfork_mnemonic::Mnemonic;`
`@ -1,4 +1,4 @@`
	`//!`	`//! Query the Keyfork Server to generate a hex-encoded key for a given algorithm.`

	`use std::{env, process::ExitCode, str::FromStr};`	`use std::{env, process::ExitCode, str::FromStr};`
`@ -1,4 +1,4 @@`
	`//!`	`//! Query the Keyfork Servre to derive an OpenPGP Secret Key.`

	`use std::{env, process::ExitCode, str::FromStr};`	`use std::{env, process::ExitCode, str::FromStr};`
`@ -1,4 +1,4 @@`
	`//!`	`//! Split a hex-encoded secret into OpenPGP shards`

	`use std::{env, path::PathBuf, process::ExitCode, str::FromStr};`	`use std::{env, path::PathBuf, process::ExitCode, str::FromStr};`
`@ -1,4 +1,4 @@`
	`//!`	`#![allow(missing_docs)]`

	`use std::time::Duration;`	`use std::time::Duration;`
`@ -1,4 +1,4 @@`
	`//!`	`//! A Symbol represents some form of encoded data.`

	`use super::sys;`	`use super::sys;`
`@ -1,4 +1,4 @@`
	`//!`	`//! Generate a mnemonic from hex-encoded input.`

	`use keyfork_mnemonic::Mnemonic;`	`use keyfork_mnemonic::Mnemonic;`