use std::io::{self, Write};
use sequoia_openpgp as openpgp;
use crate::openpgp::cert::prelude::*;
use crate::openpgp::crypto::SessionKey;
use crate::openpgp::types::SymmetricAlgorithm;
use crate::openpgp::serialize::stream::*;
use crate::openpgp::parse::{Parse, stream::*};
use crate::openpgp::policy::Policy;
use crate::openpgp::policy::StandardPolicy as P;
const MESSAGE: &'static str = "дружба";
fn main() -> openpgp::Result<()> {
let p = &P::new();
let key = generate()?;
let mut ciphertext = Vec::new();
encrypt(p, &mut ciphertext, MESSAGE, &key)?;
let mut plaintext = Vec::new();
decrypt(p, &mut plaintext, &ciphertext, &key)?;
assert_eq!(MESSAGE.as_bytes(), &plaintext[..]);
Ok(())
}
fn generate() -> openpgp::Result<openpgp::Cert> {
let (cert, _revocation) = CertBuilder::new()
.add_userid("someone@example.org")
.add_transport_encryption_subkey()
.generate()?;
Ok(cert)
}
fn encrypt(p: &dyn Policy, sink: &mut (dyn Write + Send + Sync),
plaintext: &str, recipient: &openpgp::Cert)
-> openpgp::Result<()>
{
let recipients =
recipient.keys().with_policy(p, None).supported().alive().revoked(false)
.for_transport_encryption();
let message = Message::new(sink);
let message = Encryptor::for_recipients(message, recipients)
.build()?;
let mut message = LiteralWriter::new(message).build()?;
message.write_all(plaintext.as_bytes())?;
message.finalize()?;
Ok(())
}
fn decrypt(p: &dyn Policy,
sink: &mut dyn Write, ciphertext: &[u8], recipient: &openpgp::Cert)
-> openpgp::Result<()> {
let helper = Helper {
secret: recipient,
policy: p,
};
let mut decryptor = DecryptorBuilder::from_bytes(ciphertext)?
.with_policy(p, None, helper)?;
io::copy(&mut decryptor, sink)?;
Ok(())
}
struct Helper<'a> {
secret: &'a openpgp::Cert,
policy: &'a dyn Policy,
}
impl<'a> VerificationHelper for Helper<'a> {
fn get_certs(&mut self, _ids: &[openpgp::KeyHandle])
-> openpgp::Result<Vec<openpgp::Cert>> {
Ok(Vec::new())
}
fn check(&mut self, _structure: MessageStructure)
-> openpgp::Result<()> {
Ok(())
}
}
impl<'a> DecryptionHelper for Helper<'a> {
fn decrypt<D>(&mut self,
pkesks: &[openpgp::packet::PKESK],
_skesks: &[openpgp::packet::SKESK],
sym_algo: Option<SymmetricAlgorithm>,
mut decrypt: D)
-> openpgp::Result<Option<openpgp::Fingerprint>>
where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
{
let key = self.secret.keys().unencrypted_secret()
.with_policy(self.policy, None)
.for_transport_encryption().nth(0).unwrap().key().clone();
let mut pair = key.into_keypair()?;
pkesks[0].decrypt(&mut pair, sym_algo)
.map(|(algo, session_key)| decrypt(algo, &session_key));
Ok(None)
}
}