Add the get_latest_ikm method to the IKM

This commit is contained in:
Rodolphe Bréard 2024-02-15 18:37:59 +01:00
parent cc97193d3a
commit ba08aa44f9
2 changed files with 24 additions and 0 deletions

View file

@ -2,6 +2,8 @@ use thiserror::Error;
#[derive(Error, Debug)] #[derive(Error, Debug)]
pub enum Error { pub enum Error {
#[error("ikm error: no input key material available")]
IkmNoneAvailable,
#[error("parsing error: invalid base64-urlsafe-nopadding data: {0}")] #[error("parsing error: invalid base64-urlsafe-nopadding data: {0}")]
ParsingBase64Error(base64ct::Error), ParsingBase64Error(base64ct::Error),
#[error("parsing error: invalid data length: {0} bytes")] #[error("parsing error: invalid data length: {0} bytes")]

View file

@ -119,6 +119,15 @@ impl InputKeyMaterialList {
id_counter: u32::from_le_bytes(data[0..4].try_into().unwrap()), id_counter: u32::from_le_bytes(data[0..4].try_into().unwrap()),
}) })
} }
#[cfg(feature = "encryption")]
pub(crate) fn get_latest_ikm(&self) -> Result<&InputKeyMaterial, Error> {
self.ikm_lst
.iter()
.rev()
.find(|&ikm| !ikm.is_revoked && ikm.created_at < SystemTime::now())
.ok_or(Error::IkmNoneAvailable)
}
} }
#[cfg(test)] #[cfg(test)]
@ -255,4 +264,17 @@ mod tests {
assert_eq!(el_bis.is_revoked, el.is_revoked); assert_eq!(el_bis.is_revoked, el.is_revoked);
} }
} }
#[test]
#[cfg(feature = "encryption")]
fn get_latest_ikm() {
let mut lst = InputKeyMaterialList::new();
let _ = lst.add_ikm();
let _ = lst.add_ikm();
let _ = lst.add_ikm();
let res = lst.get_latest_ikm();
assert!(res.is_ok());
let latest_ikm = res.unwrap();
assert_eq!(latest_ikm.id, 3);
}
} }