[−][src]Struct sequoia_openpgp::packet::signature::SignatureFields
The data stored in a Signature
packet.
This data structure contains exactly those fields that appear in a
Signature
packet. It is used by both Signature4
and
SignatureBuilder
, which include auxiliary information. This
data structure is public so that Signature4
and
SignatureBuilder
can deref to it.
Implementations
impl SignatureFields
[src]
pub fn version(&self) -> u8
[src]
Gets the version.
pub fn typ(&self) -> SignatureType
[src]
Gets the signature type.
pub fn hash_algo(&self) -> HashAlgorithm
[src]
Gets the hash algorithm.
Methods from Deref<Target = SubpacketAreas>
pub fn hashed_area(&self) -> &SubpacketArea
[src]
Gets a reference to the hashed area.
pub fn hashed_area_mut(&mut self) -> &mut SubpacketArea
[src]
Gets a mutable reference to the hashed area.
pub fn unhashed_area(&self) -> &SubpacketArea
[src]
Gets a reference to the unhashed area.
pub fn unhashed_area_mut(&mut self) -> &mut SubpacketArea
[src]
Gets a mutable reference to the unhashed area.
pub fn sort(&mut self)
[src]
Sorts the subpacket areas.
pub fn signature_expiration_time(&self) -> Option<SystemTime>
[src]
Returns the time when the signature expires.
If the signature expiration time subpacket is not present,
this returns None
.
Note: if the signature contains multiple instances of the signature expiration time subpacket, only the last one is considered.
pub fn signature_alive<T, U>(
&self,
time: T,
clock_skew_tolerance: U
) -> Result<()> where
T: Into<Option<SystemTime>>,
U: Into<Option<Duration>>,
[src]
&self,
time: T,
clock_skew_tolerance: U
) -> Result<()> where
T: Into<Option<SystemTime>>,
U: Into<Option<Duration>>,
Returns whether or not the signature is alive at the specified time.
A signature is considered to be alive if creation time - tolerance <= time
and time < expiration time
.
If time
is None, uses the current time.
If time
is None, and clock_skew_tolerance
is None, then
uses CLOCK_SKEW_TOLERANCE
. If time
is not None, but
clock_skew_tolerance
is None, uses no tolerance.
Some tolerance for clock skew is sometimes necessary, because although most computers synchronize their clock with a time server, up to a few seconds of clock skew are not unusual in practice. And, even worse, several minutes of clock skew appear to be not uncommon on virtual machines.
Not accounting for clock skew can result in signatures being unexpectedly considered invalid. Consider: computer A sends a message to computer B at 9:00, but computer B, whose clock says the current time is 8:59, rejects it, because the signature appears to have been made in the future. This is particularly problematic for low-latency protocols built on top of OpenPGP, e.g., state synchronization between two MUAs via a shared IMAP folder.
Being tolerant to potential clock skew is not always
appropriate. For instance, when determining a User ID's
current self signature at time t
, we don't ever want to
consider a self-signature made after t
to be valid, even if
it was made just a few moments after t
. This goes doubly so
for soft revocation certificates: the user might send a
message that she is retiring, and then immediately create a
soft revocation. The soft revocation should not invalidate
the message.
Unfortunately, in many cases, whether we should account for clock skew or not depends on application-specific context. As a rule of thumb, if the time and the timestamp come from different sources, you probably want to account for clock skew.
Note that Section 5.2.3.4 of RFC 4880 states that "[[A Signature Creation Time subpacket]] MUST be present in the hashed area." Consequently, if such a packet does not exist, but a "Signature Expiration Time" subpacket exists, we conservatively treat the signature as expired, because there is no way to evaluate the expiration time.
pub fn key_expiration_time<P, R>(&self, key: &Key<P, R>) -> Option<SystemTime> where
P: KeyParts,
R: KeyRole,
[src]
P: KeyParts,
R: KeyRole,
Returns the time when the key expires.
If the key expiration time subpacket is not present, this
returns None
.
Note: if the key contains multiple instances of the key expiration time subpacket, only the last one is considered.
pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> Result<()> where
P: KeyParts,
R: KeyRole,
T: Into<Option<SystemTime>>,
[src]
P: KeyParts,
R: KeyRole,
T: Into<Option<SystemTime>>,
Returns whether or not the given key is alive at t
.
A key is considered to be alive if creation time <= t
and t < expiration time
.
This function does not check whether the key was revoked.
pub fn issuer(&self) -> Option<&KeyID>
[src]
Returns the value of the Issuer subpacket, which contains the KeyID of the key that allegedly created this signature.
If the subpacket is not present, this returns None
.
Note: if the signature contains multiple instances of this subpacket, only the last one is considered.
pub fn embedded_signature(&self) -> Option<&Signature>
[src]
Returns the value of the Embedded Signature subpacket, which contains a signature.
This is used, for instance, to store a subkey's primary key binding signature (0x19).
If the subpacket is not present, this returns None
.
Note: if the signature contains multiple instances of this subpacket, only the last one is considered.
pub fn issuer_fingerprint(&self) -> Option<&Fingerprint>
[src]
Returns the value of the Issuer Fingerprint subpacket, which contains the fingerprint of the key that allegedly created this signature.
This subpacket should be preferred to the Issuer subpacket, because Fingerprints are not subject to collisions.
If the subpacket is not present, this returns None
.
Note: if the signature contains multiple instances of this subpacket, only the last one is considered.
Trait Implementations
impl Clone for SignatureFields
[src]
fn clone(&self) -> SignatureFields
[src]
fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Deref for SignatureFields
[src]
type Target = SubpacketAreas
The resulting type after dereferencing.
fn deref(&self) -> &Self::Target
[src]
impl DerefMut for SignatureFields
[src]
impl Eq for SignatureFields
[src]
impl Hash for SignatureFields
[src]
impl Hash for SignatureFields
[src]
fn hash<__H: Hasher>(&self, state: &mut __H)
[src]
fn hash_slice<H>(data: &[Self], state: &mut H) where
H: Hasher,
1.3.0[src]
H: Hasher,
impl PartialEq<SignatureFields> for SignatureFields
[src]
fn eq(&self, other: &SignatureFields) -> bool
[src]
fn ne(&self, other: &SignatureFields) -> bool
[src]
impl StructuralEq for SignatureFields
[src]
impl StructuralPartialEq for SignatureFields
[src]
Auto Trait Implementations
impl RefUnwindSafe for SignatureFields
impl Send for SignatureFields
impl Sync for SignatureFields
impl Unpin for SignatureFields
impl UnwindSafe for SignatureFields
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> DynClone for T where
T: Clone,
[src]
T: Clone,
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
fn to_owned(&self) -> T
[src]
fn clone_into(&self, target: &mut T)
[src]
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,