[−][src]Struct sequoia_openpgp::serialize::stream::Signer
Signs a message.
Signs a message with every crypto::Signer added to the
streaming signer.
Implementations
impl<'a> Signer<'a>[src]
pub fn new<S>(inner: Message<'a>, signer: S) -> Self where
S: Signer + Send + Sync + 'a, [src]
S: Signer + Send + Sync + 'a,
Creates a signer.
Signs the message with the given crypto::Signer. To
create more than one signature, add more crypto::Signers
using Signer::add_signer. Properties of the signatures
can be tweaked using the methods of this type. Notably, to
generate a detached signature (see Section 11.4 of RFC
4880), use Signer::detached. For even more control over
the generated signatures, use Signer::with_template.
Examples
use std::io::{Read, Write}; use sequoia_openpgp as openpgp; use openpgp::serialize::stream::{Message, Signer, LiteralWriter}; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let cert: Cert = // ... let signing_keypair = cert.keys().secret() .with_policy(p, None).supported().alive().revoked(false).for_signing() .nth(0).unwrap() .key().clone().into_keypair()?; let mut sink = vec![]; { let message = Message::new(&mut sink); let message = Signer::new(message, signing_keypair) // Customize the `Signer` here. .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Make it so, number one!")?; message.finalize()?; } // Now check the signature. struct Helper<'a>(&'a openpgp::Cert); impl<'a> VerificationHelper for Helper<'a> { fn get_certs(&mut self, _: &[openpgp::KeyHandle]) -> openpgp::Result<Vec<openpgp::Cert>> { Ok(vec![self.0.clone()]) } fn check(&mut self, structure: MessageStructure) -> openpgp::Result<()> { if let MessageLayer::SignatureGroup { ref results } = structure.iter().nth(0).unwrap() { results.get(0).unwrap().as_ref().unwrap(); Ok(()) } else { panic!() } } } let mut verifier = VerifierBuilder::from_bytes(&sink)? .with_policy(p, None, Helper(&cert))?; let mut message = String::new(); verifier.read_to_string(&mut message)?; assert_eq!(&message, "Make it so, number one!");
pub fn with_template<S, T>(inner: Message<'a>, signer: S, template: T) -> Self where
S: Signer + Send + Sync + 'a,
T: Into<SignatureBuilder>, [src]
S: Signer + Send + Sync + 'a,
T: Into<SignatureBuilder>,
Creates a signer with a given signature template.
Signs the message with the given crypto::Signer like
Signer::new, but allows more control over the generated
signatures. The given signature::SignatureBuilder is used to
create all the signatures.
For every signature, the creation time is set to the current
time or the one specified using Signer::creation_time, the
intended recipients are added (see
Signer::add_intended_recipient), the issuer and issuer
fingerprint subpackets are set according to the signing key,
and the hash algorithm set using Signer::hash_algo is used
to create the signature.
Examples
use std::io::{Read, Write}; use sequoia_openpgp as openpgp; use openpgp::types::SignatureType; use openpgp::packet::signature; use openpgp::serialize::stream::{Message, Signer, LiteralWriter}; let message = Message::new(&mut sink); let message = Signer::with_template( message, signing_keypair, signature::SignatureBuilder::new(SignatureType::Text) .add_notation("issuer@starfleet.command", "Jean-Luc Picard", None, true)?) // Further customize the `Signer` here. .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Make it so, number one!")?; message.finalize()?;
pub fn detached(self) -> Self[src]
Creates a signer for a detached signature.
Changes the Signer to create a detached signature (see
Section 11.4 of RFC 4880). Note that the literal data must
not be wrapped using the LiteralWriter.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::serialize::stream::{Message, Signer}; use sequoia_openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let mut sink = vec![]; { let message = Message::new(&mut sink); let mut signer = Signer::new(message, signing_keypair) .detached() // Customize the `Signer` here. .build()?; // Write the data directly to the `Signer`. signer.write_all(b"Make it so, number one!")?; // In reality, just io::copy() the file to be signed. signer.finalize()?; } // Now check the signature. struct Helper<'a>(&'a openpgp::Cert); impl<'a> VerificationHelper for Helper<'a> { fn get_certs(&mut self, _: &[openpgp::KeyHandle]) -> openpgp::Result<Vec<openpgp::Cert>> { Ok(vec![self.0.clone()]) } fn check(&mut self, structure: MessageStructure) -> openpgp::Result<()> { if let MessageLayer::SignatureGroup { ref results } = structure.iter().nth(0).unwrap() { results.get(0).unwrap().as_ref().unwrap(); Ok(()) } else { panic!() } } } let mut verifier = DetachedVerifierBuilder::from_bytes(&sink)? .with_policy(p, None, Helper(&cert))?; verifier.verify_bytes(b"Make it so, number one!")?;
pub fn add_signer<S>(self, signer: S) -> Self where
S: Signer + Send + Sync + 'a, [src]
S: Signer + Send + Sync + 'a,
Adds an additional signer.
Can be used multiple times.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::serialize::stream::{Message, Signer, LiteralWriter}; let message = Message::new(&mut sink); let message = Signer::new(message, signing_keypair) .add_signer(additional_signing_keypair) .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Make it so, number one!")?; message.finalize()?;
pub fn add_intended_recipient(self, recipient: &Cert) -> Self[src]
Adds an intended recipient.
Indicates that the given certificate is an intended recipient of this message. Can be used multiple times. This prevents Surreptitious Forwarding of encrypted and signed messages, i.e. forwarding a signed message using a different encryption context.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::serialize::stream::{Message, Signer, LiteralWriter}; let recipient: Cert = // ... let message = Message::new(&mut sink); let message = Signer::new(message, signing_keypair) .add_intended_recipient(&recipient) .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Make it so, number one!")?; message.finalize()?;
pub fn hash_algo(self, algo: HashAlgorithm) -> Result<Self>[src]
Sets the hash algorithm to use for the signatures.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::types::HashAlgorithm; use openpgp::serialize::stream::{Message, Signer, LiteralWriter}; let message = Message::new(&mut sink); let message = Signer::new(message, signing_keypair) .hash_algo(HashAlgorithm::SHA384)? .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Make it so, number one!")?; message.finalize()?;
pub fn creation_time<T: Into<SystemTime>>(self, creation_time: T) -> Self[src]
Sets the signature's creation time to time.
Note: it is up to the caller to make sure the signing keys are
actually valid as of time.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::types::Timestamp; use openpgp::serialize::stream::{Message, Signer, LiteralWriter}; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let cert: Cert = // ... let signing_key = cert.keys().secret() .with_policy(p, None).supported().alive().revoked(false).for_signing() .nth(0).unwrap() .key(); let signing_keypair = signing_key.clone().into_keypair()?; let message = Message::new(&mut sink); let message = Signer::new(message, signing_keypair) .creation_time(Timestamp::now() .round_down(None, signing_key.creation_time())?) .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Make it so, number one!")?; message.finalize()?;
pub fn build(self) -> Result<Message<'a>>[src]
Builds the signer, returning the writer stack.
The most useful filter to push to the writer stack next is the
LiteralWriter. Note, if you are creating a signed OpenPGP
message (see Section 11.3 of RFC 4880), literal data must
be wrapped using the LiteralWriter. On the other hand, if
you are creating a detached signature (see Section 11.4 of
RFC 4880), the literal data must not be wrapped using the
LiteralWriter.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::types::Timestamp; use openpgp::serialize::stream::{Message, Signer}; let message = Message::new(&mut sink); let message = Signer::new(message, signing_keypair) // Customize the `Signer` here. .build()?;
Trait Implementations
impl<'a> Debug for Signer<'a>[src]
impl<'a> Write for Signer<'a>[src]
pub fn write(&mut self, buf: &[u8]) -> Result<usize>[src]
pub fn flush(&mut self) -> Result<()>[src]
pub fn write_vectored(&mut self, bufs: &[IoSlice<'_>]) -> Result<usize, Error>1.36.0[src]
pub fn is_write_vectored(&self) -> bool[src]
pub fn write_all(&mut self, buf: &[u8]) -> Result<(), Error>1.0.0[src]
pub fn write_all_vectored(
&mut self,
bufs: &mut [IoSlice<'_>]
) -> Result<(), Error>[src]
&mut self,
bufs: &mut [IoSlice<'_>]
) -> Result<(), Error>
pub fn write_fmt(&mut self, fmt: Arguments<'_>) -> Result<(), Error>1.0.0[src]
pub fn by_ref(&mut self) -> &mut Self1.0.0[src]
Auto Trait Implementations
impl<'a> !RefUnwindSafe for Signer<'a>[src]
impl<'a> Send for Signer<'a>[src]
impl<'a> Sync for Signer<'a>[src]
impl<'a> Unpin for Signer<'a>[src]
impl<'a> !UnwindSafe for Signer<'a>[src]
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized, [src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized, [src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized, [src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T[src]
impl<T> From<T> for T[src]
impl<T, U> Into<U> for T where
U: From<T>, [src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T, U> TryFrom<U> for T where
U: Into<T>, [src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>, [src]
U: TryFrom<T>,