diff --git a/src/error.rs b/src/error.rs index a4fd54f..076178e 100644 --- a/src/error.rs +++ b/src/error.rs @@ -2,6 +2,8 @@ use thiserror::Error; #[derive(Error, Debug)] pub enum Error { + #[error("ikm error: no input key material available")] + IkmNoneAvailable, #[error("parsing error: invalid base64-urlsafe-nopadding data: {0}")] ParsingBase64Error(base64ct::Error), #[error("parsing error: invalid data length: {0} bytes")] diff --git a/src/ikm.rs b/src/ikm.rs index 2f1ffd2..32c1571 100644 --- a/src/ikm.rs +++ b/src/ikm.rs @@ -119,6 +119,15 @@ impl InputKeyMaterialList { id_counter: u32::from_le_bytes(data[0..4].try_into().unwrap()), }) } + + #[cfg(feature = "encryption")] + pub(crate) fn get_latest_ikm(&self) -> Result<&InputKeyMaterial, Error> { + self.ikm_lst + .iter() + .rev() + .find(|&ikm| !ikm.is_revoked && ikm.created_at < SystemTime::now()) + .ok_or(Error::IkmNoneAvailable) + } } #[cfg(test)] @@ -255,4 +264,17 @@ mod tests { assert_eq!(el_bis.is_revoked, el.is_revoked); } } + + #[test] + #[cfg(feature = "encryption")] + fn get_latest_ikm() { + let mut lst = InputKeyMaterialList::new(); + let _ = lst.add_ikm(); + let _ = lst.add_ikm(); + let _ = lst.add_ikm(); + let res = lst.get_latest_ikm(); + assert!(res.is_ok()); + let latest_ikm = res.unwrap(); + assert_eq!(latest_ikm.id, 3); + } }