refactor(policysigned)!: add Duration parser and use it

Signed-off-by: Takuma IMAMURA <209989118+hyperfinitism@users.noreply.github.com>

Author: hyperfinitism

src/cmd/policysigned.rs

@@ -1,6 +1,7 @@
 // SPDX-License-Identifier: Apache-2.0
 
 use std::path::PathBuf;
+use std::time::Duration;
 
 use anyhow::Context;
 use clap::Parser;
@@ -14,7 +15,7 @@ use tss_esapi::tss2_esys::TPMT_TK_AUTH;
 use crate::cli::GlobalOpts;
 use crate::context::create_context;
 use crate::handle::{ContextSource, load_object_from_source};
-use crate::parse::parse_context_source;
+use crate::parse::{parse_context_source, parse_duration};
 use crate::session::load_session_from_file;
 
 /// Authorize a policy with a signed authorization.
@@ -35,8 +36,8 @@ pub struct PolicySignedCmd {
     pub signature: PathBuf,
 
     /// Expiration time in seconds (0 = no expiration)
-    #[arg(short = 'x', long = "expiration", default_value = "0")]
-    pub expiration: i32,
+    #[arg(short = 'x', long = "expiration", value_parser = parse_duration, default_value = "0")]
+    pub expiration: Option<Duration>,
 
     /// cpHash file (optional)
     #[arg(long = "cphash-input")]
@@ -84,33 +85,27 @@ impl PolicySignedCmd {
         };
 
         let policy_ref = match &self.qualification {
-            Some(bytes) => Nonce::try_from(bytes.as_slice().to_vec())
+            Some(bytes) => Nonce::try_from(bytes.as_slice())
                 .map_err(|e| anyhow::anyhow!("qualifying data: {e}"))?,
             None => Nonce::default(),
         };
 
-        let expiration = if self.expiration == 0 {
-            None
-        } else {
-            Some(std::time::Duration::from_secs(self.expiration as u64))
-        };
-
         let (timeout, ticket) = ctx
             .policy_signed(
                 policy_session,
                 auth_object,
                 Nonce::default(), // nonce_tpm
                 cp_hash,
                 policy_ref,
-                expiration,
+                self.expiration,
                 signature,
             )
             .context("TPM2_PolicySigned failed")?;
 
         info!("policy signed succeeded");
 
         if let Some(ref path) = self.timeout_out {
-            std::fs::write(path, timeout.as_bytes())
+            std::fs::write(path, timeout.as_bytes().to_vec())
                 .with_context(|| format!("writing timeout to {}", path.display()))?;
         }
 

src/parse.rs

@@ -46,6 +46,21 @@ pub fn parse_hex_u32(s: &str) -> Result<u32, String> {
         .map_err(|_| format!("expected a hex value (e.g. 0x01400001), got: '{s}'"))
 }
 
+// ---------------------------------------------------------------------------
+// Duration
+// ---------------------------------------------------------------------------
+
+pub fn parse_duration(s: &str) -> Result<Option<std::time::Duration>, String> {
+    let secs: u64 = s
+        .parse()
+        .map_err(|_| format!("expected a u64 value, got: '{s}'"))?;
+    let duration = match secs {
+        0 => None,
+        _ => Some(std::time::Duration::from_secs(secs)),
+    };
+    Ok(duration)
+}
+
 // ---------------------------------------------------------------------------
 // Context source
 // ---------------------------------------------------------------------------