Struct sequoia_openpgp::parse::stream::Verifier [−][src]
pub struct Verifier<'a, H: VerificationHelper> { /* fields omitted */ }
Verifies a signed OpenPGP message.
To create a Verifier
, create a VerifierBuilder
using
Parse
, and customize it to your needs.
Signature verification requires processing the whole message
first. Therefore, OpenPGP implementations supporting streaming
operations necessarily must output unverified data. This has been
a source of problems in the past. To alleviate this, we buffer
the message first (up to 25 megabytes of net message data by
default, see DEFAULT_BUFFER_SIZE
), and verify the signatures
if the message fits into our buffer. Nevertheless it is important
to treat the data as unverified and untrustworthy until you have
seen a positive verification. See Verifier::message_processed
for more information.
See GoodChecksum
for what it means for a signature to be
considered valid.
Examples
use std::io::Read; use sequoia_openpgp as openpgp; use openpgp::{KeyHandle, Cert, Result}; use openpgp::parse::{Parse, stream::*}; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); // This fetches keys and computes the validity of the verification. struct Helper {}; impl VerificationHelper for Helper { fn get_certs(&mut self, ids: &[KeyHandle]) -> Result<Vec<Cert>> { let mut certs = Vec::new(); for id in ids { certs.push(lookup_cert_by_handle(id)?); } Ok(certs) } fn check(&mut self, structure: MessageStructure) -> Result<()> { for (i, layer) in structure.into_iter().enumerate() { match layer { MessageLayer::Encryption { .. } if i == 0 => (), MessageLayer::Compression { .. } if i == 1 => (), MessageLayer::SignatureGroup { ref results } => { if ! results.iter().any(|r| r.is_ok()) { return Err(anyhow::anyhow!( "No valid signature")); } } _ => return Err(anyhow::anyhow!( "Unexpected message structure")), } } Ok(()) } } let message = b"-----BEGIN PGP MESSAGE----- xA0DAAoW+zdR8Vh9rvEByxJiAAAAAABIZWxsbyBXb3JsZCHCdQQAFgoABgWCXrLl AQAhCRD7N1HxWH2u8RYhBDnRAKtn1b2MBAECBfs3UfFYfa7xRUsBAJaxkU/RCstf UD7TM30IorO1Mb9cDa/hPRxyzipulT55AQDN1m9LMqi9yJDjHNHwYYVwxDcg+pLY YmAFv/UfO0vYBw== =+l94 -----END PGP MESSAGE----- "; let h = Helper {}; let mut v = VerifierBuilder::from_bytes(&message[..])? .with_policy(p, None, h)?; let mut content = Vec::new(); v.read_to_end(&mut content)?; assert_eq!(content, b"Hello World!");
Implementations
impl<'a, H: VerificationHelper> Verifier<'a, H>
[src]
impl<'a, H: VerificationHelper> Verifier<'a, H>
[src]pub fn helper_ref(&self) -> &H
[src]
pub fn helper_ref(&self) -> &H
[src]Returns a reference to the helper.
pub fn helper_mut(&mut self) -> &mut H
[src]
pub fn helper_mut(&mut self) -> &mut H
[src]Returns a mutable reference to the helper.
pub fn into_helper(self) -> H
[src]
pub fn into_helper(self) -> H
[src]Recovers the helper.
pub fn message_processed(&self) -> bool
[src]
pub fn message_processed(&self) -> bool
[src]Returns true if the whole message has been processed and authenticated.
If the function returns true
, the whole message has been
processed, the signatures are verified, and the message
structure has been passed to VerificationHelper::check
.
Data read from this Verifier
using io::Read
has been
authenticated.
If the function returns false
, the message did not fit into
the internal buffer, and therefore data read from this
Verifier
using io::Read
has not yet been
authenticated. It is important to treat this data as
attacker controlled and not use it until it has been
authenticated.
Examples
This example demonstrates how to verify a message in a streaming fashion, writing the data to a temporary file and only commit the result once the data is authenticated.
use std::io::{Read, Seek, SeekFrom}; use sequoia_openpgp as openpgp; use openpgp::{KeyHandle, Cert, Result}; use openpgp::parse::{Parse, stream::*}; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); // This fetches keys and computes the validity of the verification. struct Helper {}; impl VerificationHelper for Helper { // ... } let mut source = // ... fn consume(r: &mut dyn Read) -> Result<()> { // ... } let h = Helper {}; let mut v = VerifierBuilder::from_reader(&mut source)? .with_policy(p, None, h)?; if v.message_processed() { // The data has been authenticated. consume(&mut v)?; } else { let mut tmp = tempfile::tempfile()?; std::io::copy(&mut v, &mut tmp)?; // If the copy succeeds, the message has been fully // processed and the data has been authenticated. assert!(v.message_processed()); // Rewind and consume. tmp.seek(SeekFrom::Start(0))?; consume(&mut tmp)?; }
Trait Implementations
impl<'a, H: VerificationHelper> Read for Verifier<'a, H>
[src]
impl<'a, H: VerificationHelper> Read for Verifier<'a, H>
[src]fn read(&mut self, buf: &mut [u8]) -> Result<usize>
[src]
fn read(&mut self, buf: &mut [u8]) -> Result<usize>
[src]Pull some bytes from this source into the specified buffer, returning how many bytes were read. Read more
fn read_vectored(&mut self, bufs: &mut [IoSliceMut<'_>]) -> Result<usize, Error>
1.36.0[src]
fn read_vectored(&mut self, bufs: &mut [IoSliceMut<'_>]) -> Result<usize, Error>
1.36.0[src]Like read
, except that it reads into a slice of buffers. Read more
fn is_read_vectored(&self) -> bool
[src]
fn is_read_vectored(&self) -> bool
[src]can_vector
)Determines if this Read
er has an efficient read_vectored
implementation. Read more
unsafe fn initializer(&self) -> Initializer
[src]
unsafe fn initializer(&self) -> Initializer
[src]read_initializer
)Determines if this Read
er can work with buffers of uninitialized
memory. Read more
fn read_to_end(&mut self, buf: &mut Vec<u8, Global>) -> Result<usize, Error>
1.0.0[src]
fn read_to_end(&mut self, buf: &mut Vec<u8, Global>) -> Result<usize, Error>
1.0.0[src]Read all bytes until EOF in this source, placing them into buf
. Read more
fn read_to_string(&mut self, buf: &mut String) -> Result<usize, Error>
1.0.0[src]
fn read_to_string(&mut self, buf: &mut String) -> Result<usize, Error>
1.0.0[src]Read all bytes until EOF in this source, appending them to buf
. Read more
fn read_exact(&mut self, buf: &mut [u8]) -> Result<(), Error>
1.6.0[src]
fn read_exact(&mut self, buf: &mut [u8]) -> Result<(), Error>
1.6.0[src]Read the exact number of bytes required to fill buf
. Read more
fn by_ref(&mut self) -> &mut Self
1.0.0[src]
fn by_ref(&mut self) -> &mut Self
1.0.0[src]Creates a “by reference” adaptor for this instance of Read
. Read more
Auto Trait Implementations
impl<'a, H> !RefUnwindSafe for Verifier<'a, H>
impl<'a, H> Send for Verifier<'a, H> where
H: Send,
H: Send,
impl<'a, H> Sync for Verifier<'a, H> where
H: Sync,
H: Sync,
impl<'a, H> Unpin for Verifier<'a, H> where
H: Unpin,
H: Unpin,
impl<'a, H> !UnwindSafe for Verifier<'a, H>
Blanket Implementations
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]pub fn borrow_mut(&mut self) -> &mut T
[src]
pub fn borrow_mut(&mut self) -> &mut T
[src]Mutably borrows from an owned value. Read more
impl<T> Same<T> for T
impl<T> Same<T> for T
type Output = T
type Output = T
Should always be Self