fixes

2023-03-29 17:46:52 -04:00 · 2023-03-29 17:46:52 -04:00 · 9cea470b43
parent f301684c3a
commit 9cea470b43
1 changed files with 10 additions and 1 deletions
--- a/dnapi-rs/src/client_blocking.rs
+++ b/dnapi-rs/src/client_blocking.rs
@ -101,6 +101,8 @@ impl Client {
    }

    /// Send a signed message to the DNClient API to learn if there is a new configuration available.
+    /// # Errors
+    /// This function returns an error if the dnclient request fails, or the server returns invalid data.
    pub fn check_for_update(&self, creds: &Credentials) -> Result<bool, Box<dyn Error>> {
        let body = self.post_dnclient(CHECK_FOR_UPDATE, &[], &creds.host_id, creds.counter, &creds.ed_privkey)?;

@ -113,6 +115,13 @@ impl Client {
    /// DH X25519 keypair is generated for the new Nebula certificate as well as a new Ed25519 keypair for DNClient API
    /// communication. On success it returns the new config, a Nebula private key PEM to be inserted into the config
    /// and new DNClient API credentials
+    /// # Errors
+    /// This function returns an error in any of the following scenarios:
+    /// - if the message could not be serialized
+    /// - if the request fails
+    /// - if the response could not be deserialized
+    /// - if the signature is invalid
+    /// - if the keys are invalid
    pub fn do_update(&self, creds: &Credentials) -> Result<(NebulaConfig, DHPrivateKeyPEM, Credentials), Box<dyn Error>> {
        let (dh_pubkey_pem, dh_privkey_pem, ed_pubkey, ed_privkey) = new_keys();

@ -130,7 +139,7 @@ impl Client {

        let mut valid = false;

-        for ca_pubkey in creds.trusted_keys {
+        for ca_pubkey in &creds.trusted_keys {
            if ca_pubkey.verify(&result_wrapper.data.message, &Signature::from_slice(&result_wrapper.data.signature)?).is_ok() {
                valid = true;
                break;