Struct sequoia_openpgp::packet::signature::SignatureFields

pub struct SignatureFields { /* fields omitted */ }

The data stored in a Signature packet.

This data structure contains exactly those fields that appear in a Signature packet. It is used by both Signature4 and SignatureBuilder, which include auxiliary information. This data structure is public so that Signature4 and SignatureBuilder can deref to it.

Implementations

impl SignatureFields

pub fn version(&self) -> u8

Gets the version.

pub fn typ(&self) -> SignatureType

Gets the signature type.

pub fn hash_algo(&self) -> HashAlgorithm

Gets the hash algorithm.

Methods from Deref<Target = SubpacketAreas>

pub fn hashed_area(&self) -> &SubpacketArea

Gets a reference to the hashed area.

pub fn hashed_area_mut(&mut self) -> &mut SubpacketArea

Gets a mutable reference to the hashed area.

pub fn unhashed_area(&self) -> &SubpacketArea

Gets a reference to the unhashed area.

pub fn unhashed_area_mut(&mut self) -> &mut SubpacketArea

Gets a mutable reference to the unhashed area.

pub fn sort(&mut self)

Sorts the subpacket areas.

See SubpacketArea::sort().

pub fn signature_expiration_time(&self) -> Option<SystemTime>

Returns the time when the signature expires.

If the signature expiration time subpacket is not present, this returns None.

Note: if the signature contains multiple instances of the signature expiration time subpacket, only the last one is considered.

pub fn signature_alive<T, U>(
    &self,
    time: T,
    clock_skew_tolerance: U
) -> Result<()> where
    T: Into<Option<SystemTime>>,
    U: Into<Option<Duration>>, 

Returns whether or not the signature is alive at the specified time.

A signature is considered to be alive if creation time - tolerance <= time and time < expiration time.

If time is None, uses the current time.

If time is None, and clock_skew_tolerance is None, then uses CLOCK_SKEW_TOLERANCE. If time is not None, but clock_skew_tolerance is None, uses no tolerance.

Some tolerance for clock skew is sometimes necessary, because although most computers synchronize their clock with a time server, up to a few seconds of clock skew are not unusual in practice. And, even worse, several minutes of clock skew appear to be not uncommon on virtual machines.

Not accounting for clock skew can result in signatures being unexpectedly considered invalid. Consider: computer A sends a message to computer B at 9:00, but computer B, whose clock says the current time is 8:59, rejects it, because the signature appears to have been made in the future. This is particularly problematic for low-latency protocols built on top of OpenPGP, e.g., state synchronization between two MUAs via a shared IMAP folder.

Being tolerant to potential clock skew is not always appropriate. For instance, when determining a User ID's current self signature at time t, we don't ever want to consider a self-signature made after t to be valid, even if it was made just a few moments after t. This goes doubly so for soft revocation certificates: the user might send a message that she is retiring, and then immediately create a soft revocation. The soft revocation should not invalidate the message.

Unfortunately, in many cases, whether we should account for clock skew or not depends on application-specific context. As a rule of thumb, if the time and the timestamp come from different sources, you probably want to account for clock skew.

Note that Section 5.2.3.4 of RFC 4880 states that "[[A Signature Creation Time subpacket]] MUST be present in the hashed area." Consequently, if such a packet does not exist, but a "Signature Expiration Time" subpacket exists, we conservatively treat the signature as expired, because there is no way to evaluate the expiration time.

pub fn key_expiration_time<P, R>(&self, key: &Key<P, R>) -> Option<SystemTime> where
    P: KeyParts,
    R: KeyRole, 

Returns the time when the key expires.

If the key expiration time subpacket is not present, this returns None.

Note: if the key contains multiple instances of the key expiration time subpacket, only the last one is considered.

pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> Result<()> where
    P: KeyParts,
    R: KeyRole,
    T: Into<Option<SystemTime>>, 

Returns whether or not the given key is alive at t.

A key is considered to be alive if creation time <= t and t < expiration time.

This function does not check whether the key was revoked.

See Section 5.2.3.6 of RFC 4880.

pub fn issuer(&self) -> Option<&KeyID>

Returns the value of the Issuer subpacket, which contains the KeyID of the key that allegedly created this signature.

If the subpacket is not present, this returns None.

Note: if the signature contains multiple instances of this subpacket, only the last one is considered.

pub fn embedded_signature(&self) -> Option<&Signature>

Returns the value of the Embedded Signature subpacket, which contains a signature.

This is used, for instance, to store a subkey's primary key binding signature (0x19).

If the subpacket is not present, this returns None.

Note: if the signature contains multiple instances of this subpacket, only the last one is considered.

pub fn issuer_fingerprint(&self) -> Option<&Fingerprint>

Returns the value of the Issuer Fingerprint subpacket, which contains the fingerprint of the key that allegedly created this signature.

This subpacket should be preferred to the Issuer subpacket, because Fingerprints are not subject to collisions.

If the subpacket is not present, this returns None.

Note: if the signature contains multiple instances of this subpacket, only the last one is considered.

Trait Implementations

impl Clone for SignatureFields

fn clone(&self) -> SignatureFields

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Deref for SignatureFields

type Target = SubpacketAreas

The resulting type after dereferencing.

fn deref(&self) -> &Self::Target

Dereferences the value.

impl DerefMut for SignatureFields

fn deref_mut(&mut self) -> &mut Self::Target

Mutably dereferences the value.

impl Eq for SignatureFields

impl Hash for SignatureFields

fn hash(&self, hash: &mut Context)

Updates the given hash with this object.

impl Hash for SignatureFields

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given [Hasher].

fn hash_slice<H>(data: &[Self], state: &mut H) where
    H: Hasher, 

Feeds a slice of this type into the given [Hasher].

impl PartialEq<SignatureFields> for SignatureFields

fn eq(&self, other: &SignatureFields) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &SignatureFields) -> bool

This method tests for !=.

impl StructuralEq for SignatureFields

impl StructuralPartialEq for SignatureFields