[][src]Struct sequoia_openpgp::parse::stream::DetachedVerifier

pub struct DetachedVerifier {}

Verifies a detached signature.

Signature verification requires processing the whole message first. Therefore, OpenPGP implementations supporting streaming operations necessarily must output unverified data. This has been a source of problems in the past. To alleviate this, we buffer up to 25 megabytes of net message data first, and verify the signatures if the message fits into our buffer. Nevertheless it is important to treat the data as unverified and untrustworthy until you have seen a positive verification.

Example

extern crate sequoia_openpgp as openpgp;
extern crate failure;
use std::io::{self, Read};
use openpgp::{KeyID, Cert, Result};
use openpgp::parse::stream::*;
use sequoia_openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

// This fetches keys and computes the validity of the verification.
struct Helper {};
impl VerificationHelper for Helper {
    fn get_public_keys(&mut self, _ids: &[openpgp::KeyHandle]) -> Result<Vec<Cert>> {
        Ok(Vec::new()) // Feed the Certs to the verifier here...
    }
    fn check(&mut self, structure: MessageStructure) -> Result<()> {
        Ok(()) // Implement your verification policy here.
    }
}

let signature =
   b"-----BEGIN PGP SIGNATURE-----

     wnUEABYKACcFglt+z/EWoQSOjDP6RiYzeXbZeXgGnAw0jdgsGQmQBpwMNI3YLBkA
     AHmUAP9mpj2wV0/ekDuzxZrPQ0bnobFVaxZGg7YzdlksSOERrwEA6v6czXQjKcv2
     KOwGTamb+ajTLQ3YRG9lh+ZYIXynvwE=
     =IJ29
     -----END PGP SIGNATURE-----";

let data = b"Hello World!";
let h = Helper {};
let mut v = DetachedVerifier::from_bytes(p, signature, data, h, None)?;

let mut content = Vec::new();
v.read_to_end(&mut content)
    .map_err(|e| if e.get_ref().is_some() {
        // Wrapped failure::Error.  Recover it.
        failure::Error::from_boxed_compat(e.into_inner().unwrap())
    } else {
        // Plain io::Error.
        e.into()
    })?;

assert_eq!(content, b"Hello World!");

Methods

impl DetachedVerifier[src]

pub fn from_reader<'a, 's, H, R, S, T>(
    policy: &'a dyn Policy,
    signature_reader: S,
    reader: R,
    helper: H,
    t: T
) -> Result<Verifier<'a, H>> where
    R: Read + 'a,
    S: Read + 's,
    H: VerificationHelper,
    T: Into<Option<SystemTime>>, 
[src]

Creates a Verifier from the given readers.

Signature verifications are done relative to time t, or the current time, if t is None.

pub fn from_file<'a, H, P, S, T>(
    policy: &'a dyn Policy,
    signature_path: S,
    path: P,
    helper: H,
    t: T
) -> Result<Verifier<'a, H>> where
    P: AsRef<Path>,
    S: AsRef<Path>,
    H: VerificationHelper,
    T: Into<Option<SystemTime>>, 
[src]

Creates a Verifier from the given files.

Signature verifications are done relative to time t, or the current time, if t is None.

pub fn from_bytes<'a, 's, H, T>(
    policy: &'a dyn Policy,
    signature_bytes: &'s [u8],
    bytes: &'a [u8],
    helper: H,
    t: T
) -> Result<Verifier<'a, H>> where
    H: VerificationHelper,
    T: Into<Option<SystemTime>>, 
[src]

Creates a Verifier from the given buffers.

Signature verifications are done relative to time t, or the current time, if t is None.

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized
[src]

impl<T> Borrow<T> for T where
    T: ?Sized
[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized
[src]

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, 
[src]

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 
[src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<V, T> VZip<V> for T where
    V: MultiLane<T>,