93: added support for reading asymmetric keys from the /transit/keys …

…route Previously the route assumed a symmetric key's creation unix timestamp would be returned. For asymmetric keys the response differs; it returns the creation RFC3339 timestamp, public key, and key type. Mentions jmgilman#93. Signed-off-by: Matt Davis <[email protected]>
MattDavis00 · May 13, 2024 · 253523b · 253523b
1 parent a824255
commit 253523b
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 1 deletion.
diff --git a/Cargo.toml b/Cargo.toml
@@ -25,6 +25,7 @@ native-tls-vendored = [ "reqwest/native-tls-vendored", "rustify/default" ]
 [dependencies]
 async-trait = "0.1.68"
 bytes = "1.4.0"
+chrono = { version = "0.4.38", features = ["serde"] }
 derive_builder = "0.12.0"
 http = "0.2.9"
 reqwest = { version = "0.11.15", default-features = false }

diff --git a/src/api/transit.rs b/src/api/transit.rs
@@ -26,10 +26,14 @@ pub enum KeyType {
     /// ECDSA using the P-521 elliptic curve (asymmetric)
     EcdsaP521,
     /// RSA with bit size of 2048 (asymmetric)
+    // kebab-case conversion doesn't work for words starting with a digit.
+    #[serde(rename = "rsa-2048")]
     Rsa2048,
     /// RSA with bit size of 3072 (asymmetric)
+    #[serde(rename = "rsa-3072")]
     Rsa3072,
     /// RSA with bit size of 4096 (asymmetric)
+    #[serde(rename = "rsa-4096")]
     Rsa4096,
 }
 

diff --git a/src/api/transit/responses.rs b/src/api/transit/responses.rs
@@ -1,4 +1,5 @@
 use super::KeyType;
+use chrono::{DateTime, Utc};
 use serde::{Deserialize, Serialize};
 use std::collections::HashMap;
 
@@ -12,7 +13,8 @@ pub struct ReadKeyResponse {
     pub derived: bool,
     pub exportable: bool,
     pub allow_plaintext_backup: bool,
-    pub keys: HashMap<String, u64>,
+    /// If the key is asymmetric, the API returns the public keys
+    pub keys: ReadKeyData,
     pub min_decryption_version: u64,
     pub min_encryption_version: u64,
     pub name: String,
@@ -23,6 +25,22 @@ pub struct ReadKeyResponse {
     pub imported: Option<bool>,
 }
 
+#[derive(Debug, Serialize, Deserialize)]
+#[serde(untagged)]
+pub enum ReadKeyData {
+    /// A key ID integer (string) to unix timestamp.
+    Symmetric(HashMap<String, u64>),
+    /// A key ID integer (string) to public key mapping.
+    Asymmetric(HashMap<String, ReadPublicKeyEntry>),
+}
+
+#[derive(Debug, Serialize, Deserialize)]
+pub struct ReadPublicKeyEntry {
+    creation_time: DateTime<Utc>,
+    name: String,
+    public_key: String,
+}
+
 /// Response from executing
 /// [ListKeysRequest][crate::api::transit::requests::ListKeysRequest]
 #[derive(Deserialize, Debug, Serialize)]