Enum sequoia_openpgp::packet::Signature[−][src]

#[non_exhaustive]
pub enum Signature {
    V4(Signature4),
}

Holds a signature packet.

Signature packets are used to hold all kinds of signatures including certifications, and signatures over documents. See Section 5.2 of RFC 4880 for details.

When signing a document, a Signature packet is typically created indirectly by the streaming Signer. Similarly, a Signature packet is created as a side effect of parsing a signed message using the PacketParser.

Signature packets are also used for self signatures on Keys, self signatures on User IDs, self signatures on User Attributes, certifications of User IDs, and certifications of User Attributes. In these cases, you’ll typically want to use the SignatureBuilder to create the Signature packet. See the linked documentation for details, and examples.

Note: This enum cannot be exhaustively matched to allow future extensions.

A note on equality

Two Signature packets are considered equal if their serialized form is equal. Notably this includes the unhashed subpacket area and the order of subpackets and notations. This excludes the computed digest and signature level, which are not serialized.

A consequence of considering packets in the unhashed subpacket area is that an adversary can take a valid signature and create many distinct but valid signatures by changing the unhashed subpacket area. This has the potential of creating a denial of service vector, if Signatures are naively deduplicated. To protect against this, consider using Signature::normalized_eq.

Examples

Add a User ID to an existing certificate:

use std::time;
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::prelude::*;
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let t1 = time::SystemTime::now();
let t2 = t1 + time::Duration::from_secs(1);

let (cert, _) = CertBuilder::new()
    .set_creation_time(t1)
    .add_userid("Alice <alice@example.org>")
    .generate()?;

// Add a new User ID.
let mut signer = cert
    .primary_key().key().clone().parts_into_secret()?.into_keypair()?;

// Use the existing User ID's signature as a template.  This ensures that
// we use the same
let userid = UserID::from("Alice <alice@other.com>");
let template: signature::SignatureBuilder
    = cert.with_policy(p, t1)?.primary_userid().unwrap()
        .binding_signature().clone().into();
let sig = template.clone()
    .set_signature_creation_time(t2)?;
let sig = userid.bind(&mut signer, &cert, sig)?;

let cert = cert.insert_packets(vec![Packet::from(userid), sig.into()])?;

Variants (Non-exhaustive)

Non-exhaustive enums could have additional variants added in future. Therefore, when matching against variants of non-exhaustive enums, an extra wildcard arm must be added to account for any future variants.

V4(Signature4)

Signature packet version 4.

Implementations

`impl Signature`[src]

Hashing-related functionality.

`pub fn hash_for_confirmation(&self, hash: &mut dyn Digest)`[src]

Hashes this signature for use in a Third-Party Confirmation signature.

`impl Signature`[src]

`pub fn get_issuers(&self) -> Vec<KeyHandle>ⓘNotable traits for Vec<u8, A> impl<A> Write for Vec<u8, A> where A: Allocator,` [src]

Returns the value of any Issuer and Issuer Fingerprint subpackets.

The Issuer subpacket and Issuer Fingerprint subpacket are used when processing a signature to identify which certificate created the signature. Since this information is self-authenticating (the act of validating the signature authenticates the subpacket), it is typically stored in the unhashed subpacket area.

This function returns all instances of the Issuer subpacket and the Issuer Fingerprint subpacket in both the hashed subpacket area and the unhashed subpacket area.

The issuers are sorted so that the Fingerprints come before KeyIDs. The Fingerprints and KeyIDs are not further sorted, but are returned in the order that they are encountered.

`pub fn normalized_eq(&self, other: &Signature) -> bool`[src]

Compares Signatures ignoring the unhashed subpacket area.

This comparison function ignores the unhashed subpacket area when comparing two signatures. This prevents a malicious party from taking valid signatures, adding subpackets to the unhashed area, and deriving valid but distinct signatures, which could be used to perform a denial of service attack. For instance, an attacker could create a lot of signatures, which need to be validated. Ignoring the unhashed subpackets means that we can deduplicate signatures using this predicate.

Examples

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::prelude::*;
use openpgp::packet::signature::subpacket::{Subpacket, SubpacketValue};
use openpgp::policy::StandardPolicy;
use openpgp::types::SignatureType;
use openpgp::types::Features;

let p = &StandardPolicy::new();

let (cert, _) = CertBuilder::new().generate()?;

let orig = cert.with_policy(p, None)?.direct_key_signature()?;

// Add an inconspicuous subpacket to the unhashed area.
let sb = Subpacket::new(SubpacketValue::Features(Features::empty()), false)?;
let mut modified = orig.clone();
modified.unhashed_area_mut().add(sb);

// We modified the signature, but the signature is still valid.
modified.verify_direct_key(cert.primary_key().key(), cert.primary_key().key());

// PartialEq considers the packets to not be equal...
assert!(orig != &modified);
// ... but normalized_eq does.
assert!(orig.normalized_eq(&modified));

`pub fn normalized_cmp(&self, other: &Signature) -> Ordering`[src]

Compares Signatures ignoring the unhashed subpacket area.

This is useful to deduplicate signatures by first sorting them using this function, and then deduplicating using the Signature::normalized_eq predicate.

This comparison function ignores the unhashed subpacket area when comparing two signatures. This prevents a malicious party from taking valid signatures, adding subpackets to the unhashed area, and deriving valid but distinct signatures, which could be used to perform a denial of service attack. For instance, an attacker could create a lot of signatures, which need to be validated. Ignoring the unhashed subpackets means that we can deduplicate signatures using this predicate.

Examples

use std::cmp::Ordering;
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::prelude::*;
use openpgp::packet::signature::subpacket::{Subpacket, SubpacketValue};
use openpgp::policy::StandardPolicy;
use openpgp::types::SignatureType;
use openpgp::types::Features;

let p = &StandardPolicy::new();

let (cert, _) = CertBuilder::new().generate()?;

let orig = cert.with_policy(p, None)?.direct_key_signature()?;

// Add an inconspicuous subpacket to the unhashed area.
let sb = Subpacket::new(SubpacketValue::Features(Features::empty()), false)?;
let mut modified = orig.clone();
modified.unhashed_area_mut().add(sb);

// We modified the signature, but the signature is still valid.
modified.verify_direct_key(cert.primary_key().key(), cert.primary_key().key());

// PartialEq considers the packets to not be equal...
assert!(orig != &modified);
// ... but normalized_partial_cmp does.
assert!(orig.normalized_cmp(&modified) == Ordering::Equal);

`pub fn normalize(&self) -> Self`[src]

Normalizes the signature.

This function normalizes the unhashed signature subpackets.

First, it removes all but the following self-authenticating subpackets:

SubpacketValue::Issuer
SubpacketValue::IssuerFingerprint
SubpacketValue::EmbeddedSignature

Note: the retained subpackets are not checked for validity.

Then, it adds any missing issuer information to the unhashed subpacket area that has been computed when verifying the signature.

`pub fn add_missing_issuers(&mut self) -> Result<()>`[src]

Adds missing issuer information.

Calling this function adds any missing issuer information to the unhashed subpacket area.

When a signature is verified, the identity of the signing key is computed and stored in the Signature struct. This information can be used to complement the issuer information stored in the signature. Note that we don’t do this automatically when verifying signatures, because that would change the serialized representation of the signature as a side-effect of verifying the signature.

`pub fn merge(self, other: Signature) -> Result<Signature>`[src]

Merges two signatures.

Two signatures that are equal according to Signature::normalized_eq may differ in the contents of the unhashed subpacket areas. This function merges two signatures trying hard to incorporate all the information into one signature while avoiding denial of service attacks by merging in bad information.

The merge strategy is as follows:

If the signatures differ according to Signature::normalized_eq, the merge fails.
Do not consider any subpacket that does not belong into the unhashed subpacket area.
Consider all remaining subpackets, in the following order. If we run out of space, all remaining subpackets are ignored.
- Authenticated subpackets from self
- Authenticated subpackets from other
- Unauthenticated subpackets from self commonly found in unhashed areas
- Unauthenticated subpackets from other commonly found in unhashed areas
- Remaining subpackets from self
- Remaining subpackets from other
See Subpacket::authenticated for how subpackets are authenticated. Subpackets commonly found in unhashed areas are issuer information and embedded signatures.

`impl Signature`[src]

Verification-related functionality.

`pub fn verify_hash<P, R>( &mut self, key: &Key<P, R>, hash: Box<dyn Digest> ) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

Verifies the signature against hash.

The hash should only be computed over the payload, this function hashes in the signature itself before verifying it.

Note: Due to limited context, this only verifies the cryptographic signature and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether key can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_digest<P, R, D>( &mut self, key: &Key<P, R>, digest: D ) -> Result<()> where P: KeyParts, R: KeyRole, D: AsRef<[u8]>,` [src]

Verifies the signature against digest.

Note: Due to limited context, this only verifies the cryptographic signature and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether key can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

Verifies the signature over text or binary documents using key.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether key can make valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_standalone<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

Verifies the standalone signature using key.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether key can make valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_timestamp<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

Verifies the timestamp signature using key.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether key can make valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_direct_key<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

Verifies the direct key signature.

self is the direct key signature, signer is the key that allegedly made the signature, and pk is the primary key.

For a self-signature, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_primary_key_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

Verifies the primary key revocation certificate.

self is the primary key revocation certificate, signer is the key that allegedly made the signature, and pk is the primary key,

For a self-signature, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_subkey_binding<P, Q, R, S>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, subkey: &Key<S, SubordinateRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, S: KeyParts,` [src]

Verifies the subkey binding.

self is the subkey key binding signature, signer is the key that allegedly made the signature, pk is the primary key, and subkey is the subkey.

For a self-signature, signer and pk will be the same.

If the signature indicates that this is a Signing capable subkey, then the back signature is also verified. If it is missing or can’t be verified, then this function returns false.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_primary_key_binding<P, Q>( &mut self, pk: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole> ) -> Result<()> where P: KeyParts, Q: KeyParts,` [src]

Verifies the primary key binding.

self is the primary key binding signature, pk is the primary key, and subkey is the subkey.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether subkey can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_subkey_revocation<P, Q, R, S>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, subkey: &Key<S, SubordinateRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, S: KeyParts,` [src]

Verifies the subkey revocation.

self is the subkey key revocation certificate, signer is the key that allegedly made the signature, pk is the primary key, and subkey is the subkey.

For a self-revocation, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_userid_binding<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, userid: &UserID ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

Verifies the user id binding.

self is the user id binding signature, signer is the key that allegedly made the signature, pk is the primary key, and userid is the user id.

For a self-signature, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_userid_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, userid: &UserID ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

Verifies the user id revocation certificate.

self is the revocation certificate, signer is the key that allegedly made the signature, pk is the primary key, and userid is the user id.

For a self-signature, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_user_attribute_binding<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, ua: &UserAttribute ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

Verifies the user attribute binding.

self is the user attribute binding signature, signer is the key that allegedly made the signature, pk is the primary key, and ua is the user attribute.

For a self-signature, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_user_attribute_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, ua: &UserAttribute ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

Verifies the user attribute revocation certificate.

self is the user attribute binding signature, signer is the key that allegedly made the signature, pk is the primary key, and ua is the user attribute.

For a self-signature, signer and pk will be the same.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`pub fn verify_message<M, P, R>( &mut self, signer: &Key<P, R>, msg: M ) -> Result<()> where M: AsRef<[u8]>, P: KeyParts, R: KeyRole,` [src]

Verifies a signature of a message.

self is the message signature, signer is the key that allegedly made the signature and msg is the message.

This function is for short messages, if you want to verify larger files use Verifier.

Note: Due to limited context, this only verifies the cryptographic signature, checks the signature’s type, and checks that the key predates the signature. Further constraints on the signature, like creation and expiration time, or signature revocations must be checked by the caller.

Likewise, this function does not check whether signer can made valid signatures; it is up to the caller to make sure the key is not revoked, not expired, has a valid self-signature, has a subkey binding signature (if appropriate), has the signing capability, etc.

`impl Signature`[src]

`pub fn version(&self) -> u8`[src]

Gets the version.

Methods from Deref<Target = Signature4>

`pub fn hash_for_confirmation(&self, hash: &mut dyn Digest)`[src]

Hashes this signature for use in a Third-Party Confirmation signature.

`pub fn pk_algo(&self) -> PublicKeyAlgorithm`[src]

Gets the public key algorithm.

`pub fn digest_prefix(&self) -> &[u8; 2]`[src]

Gets the hash prefix.

`pub fn mpis(&self) -> &Signature`[src]

Gets the signature packet’s MPIs.

`pub fn computed_digest(&self) -> Option<&[u8]>`[src]

Gets the computed hash value.

This is set by the PacketParser when parsing the message.

`pub fn level(&self) -> usize`[src]

Gets the signature level.

A level of 0 indicates that the signature is directly over the data, a level of 1 means that the signature is a notarization over all level 0 signatures and the data, and so on.

`pub fn exportable(&self) -> Result<()>`[src]

Returns whether or not this signature should be exported.

This checks whether the Exportable Certification subpacket is absent or present and 1, and that the signature does not include any sensitive Revocation Key (designated revokers) subpackets.

Methods from Deref<Target = SignatureFields>

`pub fn hash_standalone(&self, hash: &mut dyn Digest)`[src]

Hashes this standalone signature.

`pub fn hash_timestamp(&self, hash: &mut dyn Digest)`[src]

Hashes this timestamp signature.

`pub fn hash_direct_key( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole> ) where P: KeyParts,` [src]

Hashes this direct key signature over the specified primary key, and the primary key.

`pub fn hash_subkey_binding<P, Q>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole> ) where P: KeyParts, Q: KeyParts,` [src]

Hashes this subkey binding over the specified primary key and subkey, the primary key, and the subkey.

`pub fn hash_primary_key_binding<P, Q>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole> ) where P: KeyParts, Q: KeyParts,` [src]

Hashes this primary key binding over the specified primary key and subkey, the primary key, and the subkey.

`pub fn hash_userid_binding( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, userid: &UserID ) where P: KeyParts,` [src]

Hashes this user ID binding over the specified primary key and user ID, the primary key, and the userid.

`pub fn hash_user_attribute_binding( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, ua: &UserAttribute ) where P: KeyParts,` [src]

Hashes this user attribute binding over the specified primary key and user attribute, the primary key, and the user attribute.

`pub fn version(&self) -> u8`[src]

Gets the version.

`pub fn typ(&self) -> SignatureType`[src]

Gets the signature type.

This function is called typ and not type, because type is a reserved word.

`pub fn hash_algo(&self) -> HashAlgorithm`[src]

Gets the hash algorithm.

Methods from Deref<Target = SubpacketAreas>

`pub fn hashed_area(&self) -> &SubpacketArea`[src]

Gets a reference to the hashed area.

`pub fn hashed_area_mut(&mut self) -> &mut SubpacketArea`[src]

Gets a mutable reference to the hashed area.

Note: if you modify the hashed area of a Signature4, this will invalidate the signature. Instead, you should normally convert the Signature4 into a signature::SignatureBuilder, modify that, and then create a new signature.

`pub fn unhashed_area(&self) -> &SubpacketArea`[src]

Gets a reference to the unhashed area.

`pub fn unhashed_area_mut(&mut self) -> &mut SubpacketArea`[src]

Gets a mutable reference to the unhashed area.

`pub fn sort(&mut self)`[src]

Sorts the subpacket areas.

See SubpacketArea::sort().

`pub fn subpacket<'a>(&'a self, tag: SubpacketTag) -> Option<&Subpacket>`[src]

Returns a reference to the last instance of the specified subpacket, if any.

This function returns the last instance of the specified subpacket in the subpacket areas in which it can occur. Thus, when looking for the Signature Creation Time subpacket, this function only considers the hashed subpacket area. But, when looking for the Embedded Signature subpacket, this function considers both subpacket areas.

Unknown subpackets are assumed to only safely occur in the hashed subpacket area. Thus, any instances of them in the unhashed area are ignored.

For subpackets that can safely occur in both subpacket areas, this function prefers instances in the hashed subpacket area.

`pub fn subpacket_mut<'a>( &'a mut self, tag: SubpacketTag ) -> Option<&mut Subpacket>`[src]

Returns a mutable reference to the last instance of the specified subpacket, if any.

This function returns the last instance of the specified subpacket in the subpacket areas in which it can occur. Thus, when looking for the Signature Creation Time subpacket, this function only considers the hashed subpacket area. But, when looking for the Embedded Signature subpacket, this function considers both subpacket areas.

Unknown subpackets are assumed to only safely occur in the hashed subpacket area. Thus, any instances of them in the unhashed area are ignored.

For subpackets that can safely occur in both subpacket areas, this function prefers instances in the hashed subpacket area.

`pub fn subpackets( &self, tag: SubpacketTag ) -> impl Iterator<Item = &Subpacket> + Send + Sync`[src]

Returns an iterator over all instances of the specified subpacket.

This function returns an iterator over all instances of the specified subpacket in the subpacket areas in which it can occur. Thus, when looking for the Issuer subpacket, the iterator includes instances of the subpacket from both the hashed subpacket area and the unhashed subpacket area, but when looking for the Signature Creation Time subpacket, the iterator only includes instances of the subpacket from the hashed subpacket area; any instances of the subpacket in the unhashed subpacket area are ignored.

Unknown subpackets are assumed to only safely occur in the hashed subpacket area. Thus, any instances of them in the unhashed area are ignored.

`pub fn signature_creation_time(&self) -> Option<SystemTime>`[src]

Returns the value of the Signature Creation Time subpacket.

The Signature Creation Time subpacket specifies when the signature was created. According to the standard, all signatures must include a Signature Creation Time subpacket in the signature’s hashed area. This doesn’t mean that the time stamp is correct: the issuer can always forge it.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn signature_validity_period(&self) -> Option<Duration>`[src]

Returns the value of the Signature Expiration Time subpacket.

This function is called signature_validity_period and not signature_expiration_time, which would be more consistent with the subpacket’s name, because the latter suggests an absolute time, but the time is actually relative to the signature’s creation time, which is stored in the signature’s Signature Creation Time subpacket.

A Signature Expiration Time subpacket specifies when the signature expires. This is different from the Key Expiration Time subpacket, which is accessed using SubpacketAreas::key_validity_period, and used to specify when an associated key expires. The difference is that in the former case, the signature itself expires, but in the latter case, only the associated key expires. This difference is critical: if a binding signature expires, then an OpenPGP implementation will still consider the associated key to be valid if there is another valid binding signature, even if it is older than the expired signature; if the active binding signature indicates that the key has expired, then OpenPGP implementations will not fallback to an older binding signature.

There are several cases where having a signature expire is useful. Say Alice certifies Bob’s certificate for bob@example.org. She can limit the lifetime of the certification to force her to reevaluate the certification shortly before it expires. For instance, is Bob still associated with example.org? Does she have reason to believe that his key has been compromised? Using an expiration is common in the X.509 ecosystem. For instance, Let’s Encrypt issues certificates with 90-day lifetimes.

Having signatures expire can also be useful when deploying software. For instance, you might have a service that installs an update if it has been signed by a trusted certificate. To prevent an adversary from coercing the service to install an older version, you could limit the signature’s lifetime to just a few minutes.

If the subpacket is not present in the hashed subpacket area, this returns None. If this function returns None, or the returned period is 0, the signature does not expire.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn signature_expiration_time(&self) -> Option<SystemTime>`[src]

Returns the value of the Signature Expiration Time subpacket as an absolute time.

A Signature Expiration Time subpacket specifies when the signature expires. The value stored is not an absolute time, but a duration, which is relative to the Signature’s creation time. To better reflect the subpacket’s name, this method returns the absolute expiry time, and the SubpacketAreas::signature_validity_period method returns the subpacket’s raw value.

The Signature Expiration Time subpacket is different from the Key Expiration Time subpacket, which is accessed using SubpacketAreas::key_validity_period, and used specifies when an associated key expires. The difference is that in the former case, the signature itself expires, but in the latter case, only the associated key expires. This difference is critical: if a binding signature expires, then an OpenPGP implementation will still consider the associated key to be valid if there is another valid binding signature, even if it is older than the expired signature; if the active binding signature indicates that the key has expired, then OpenPGP implementations will not fallback to an older binding signature.

There are several cases where having a signature expire is useful. Say Alice certifies Bob’s certificate for bob@example.org. She can limit the lifetime of the certification to force her to reevaluate the certification shortly before it expires. For instance, is Bob still associated with example.org? Does she have reason to believe that his key has been compromised? Using an expiration is common in the X.509 ecosystem. For instance, Let’s Encrypt issues certificates with 90-day lifetimes.

Having signatures expire can also be useful when deploying software. For instance, you might have a service that installs an update if it has been signed by a trusted certificate. To prevent an adversary from coercing the service to install an older version, you could limit the signature’s lifetime to just a few minutes.

If the subpacket is not present in the hashed subpacket area, this returns None. If this function returns None, the signature does not expire.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn signature_alive<T, U>( &self, time: T, clock_skew_tolerance: U ) -> Result<()> where T: Into<Option<SystemTime>>, U: Into<Option<Duration>>,` [src]

Returns whether or not the signature is alive at the specified time.

A signature is considered to be alive if creation time - tolerance <= time and time < expiration time.

This function does not check whether the key is revoked.

If time is None, then this function uses the current time for time.

If time is None, and clock_skew_tolerance is None, then this function uses CLOCK_SKEW_TOLERANCE for the tolerance. If time is not None and clock_skew_tolerance is None, it uses no tolerance. The intuition here is that we only need a tolerance when checking if a signature is alive right now; if we are checking at a specific time, we don’t want to use a tolerance.

A small amount of tolerance for clock skew is necessary, because although most computers synchronize their clocks with a time server, up to a few seconds of clock skew are not unusual in practice. And, even worse, several minutes of clock skew appear to be not uncommon on virtual machines.

Not accounting for clock skew can result in signatures being unexpectedly considered invalid. Consider: computer A sends a message to computer B at 9:00, but computer B, whose clock says the current time is 8:59, rejects it, because the signature appears to have been made in the future. This is particularly problematic for low-latency protocols built on top of OpenPGP, e.g., when two MUAs synchronize their state via a shared IMAP folder.

Being tolerant to potential clock skew is not always appropriate. For instance, when determining a User ID’s current self signature at time t, we don’t ever want to consider a self-signature made after t to be valid, even if it was made just a few moments after t. This goes doubly so for soft revocation certificates: the user might send a message that she is retiring, and then immediately create a soft revocation. The soft revocation should not invalidate the message.

Unfortunately, in many cases, whether we should account for clock skew or not depends on application-specific context. As a rule of thumb, if the time and the timestamp come from different clocks, you probably want to account for clock skew.

Errors

Section 5.2.3.4 of RFC 4880 states that a Signature Creation Time subpacket “MUST be present in the hashed area.” Consequently, if such a packet does not exist, this function returns Error::MalformedPacket.

Examples

Alice’s desktop computer and laptop exchange messages in real time via a shared IMAP folder. Unfortunately, the clocks are not perfectly synchronized: the desktop computer’s clock is a few seconds ahead of the laptop’s clock. When there is little or no propagation delay, this means that the laptop will consider the signatures to be invalid, because they appear to have been created in the future. Using a tolerance prevents this from happening.

use std::time::{SystemTime, Duration};
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::signature::SignatureBuilder;
use openpgp::types::SignatureType;

let (alice, _) =
    CertBuilder::general_purpose(None, Some("alice@example.org"))
        .generate()?;

// Alice's Desktop computer signs a message.  Its clock is a
// few seconds fast.
let now = SystemTime::now() + Duration::new(5, 0);

let mut alices_signer = alice.primary_key().key().clone()
    .parts_into_secret()?.into_keypair()?;
let msg = "START PROTOCOL";
let mut sig = SignatureBuilder::new(SignatureType::Binary)
    .set_signature_creation_time(now)?
    .sign_message(&mut alices_signer, msg)?;

// The desktop computer transfers the message to the laptop
// via the shared IMAP folder.  Because the laptop receives a
// push notification, it immediately processes it.
// Unfortunately, it is considered to be invalid: the message
// appears to be from the future!
assert!(sig.signature_alive(None, Duration::new(0, 0)).is_err());

// But, using the small default tolerance causes the laptop
// to consider the signature to be alive.
assert!(sig.signature_alive(None, None).is_ok());

`pub fn key_validity_period(&self) -> Option<Duration>`[src]

Returns the value of the Key Expiration Time subpacket.

This function is called key_validity_period and not key_expiration_time, which would be more consistent with the subpacket’s name, because the latter suggests an absolute time, but the time is actually relative to the associated key’s (not the signature’s) creation time, which is stored in the Key.

A Key Expiration Time subpacket specifies when the associated key expires. This is different from the Signature Expiration Time subpacket (accessed using SubpacketAreas::signature_validity_period), which is used to specify when the signature expires. That is, in the former case, the associated key expires, but in the latter case, the signature itself expires. This difference is critical: if a binding signature expires, then an OpenPGP implementation will still consider the associated key to be valid if there is another valid binding signature, even if it is older than the expired signature; if the active binding signature indicates that the key has expired, then OpenPGP implementations will not fallback to an older binding signature.

If the subpacket is not present in the hashed subpacket area, this returns None. If this function returns None, or the returned period is 0, the key does not expire.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn key_expiration_time<P, R>(&self, key: &Key<P, R>) -> Option<SystemTime> where P: KeyParts, R: KeyRole,` [src]

Returns the value of the Key Expiration Time subpacket as an absolute time.

A Key Expiration Time subpacket specifies when a key expires. The value stored is not an absolute time, but a duration, which is relative to the associated Key’s creation time, which is stored in the Key packet, not the binding signature. As such, the Key Expiration Time subpacket is only meaningful on a key’s binding signature. To better reflect the subpacket’s name, this method returns the absolute expiry time, and the SubpacketAreas::key_validity_period method returns the subpacket’s raw value.

The Key Expiration Time subpacket is different from the Signature Expiration Time subpacket, which is accessed using SubpacketAreas::signature_validity_period, and specifies when a signature expires. The difference is that in the former case, only the associated key expires, but in the latter case, the signature itself expires. This difference is critical: if a binding signature expires, then an OpenPGP implementation will still consider the associated key to be valid if there is another valid binding signature, even if it is older than the expired signature; if the active binding signature indicates that the key has expired, then OpenPGP implementations will not fallback to an older binding signature.

Because the absolute time is relative to the key’s creation time, which is stored in the key itself, this function needs the associated key. Since there is no way to get the associated key from a signature, the key must be passed to this function. This function does not check that the key is in fact associated with this signature.

If the subpacket is not present in the hashed subpacket area, this returns None. If this function returns None, the signature does not expire.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> Result<()> where P: KeyParts, R: KeyRole, T: Into<Option<SystemTime>>,` [src]

Returns whether or not a key is alive at the specified time.

A Key is considered to be alive if creation time - tolerance <= time and time < expiration time.

This function does not check whether the signature is alive (cf. SubpacketAreas::signature_alive), or whether the key is revoked (cf. ValidKeyAmalgamation::revoked).

If time is None, then this function uses the current time for time.

Whereas a Key’s expiration time is stored in the Key’s active binding signature in the Key Expiration Time subpacket, its creation time is stored in the Key packet. As such, the associated Key must be passed to this function. This function, however, has no way to check that the signature is actually a binding signature for the specified Key.

Examples

Even keys that don’t expire may not be considered alive. This is the case if they were created after the specified time.

use std::time::{SystemTime, Duration};
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let (cert, _) = CertBuilder::new().generate()?;

let mut pk = cert.primary_key().key();
let sig = cert.primary_key().with_policy(p, None)?.binding_signature();

assert!(sig.key_alive(pk, None).is_ok());
// A key is not considered alive prior to its creation time.
let the_past = SystemTime::now() - Duration::new(300, 0);
assert!(sig.key_alive(pk, the_past).is_err());

`pub fn exportable_certification(&self) -> Option<bool>`[src]

Returns the value of the Exportable Certification subpacket.

The Exportable Certification subpacket indicates whether the signature should be exported (e.g., published on a public key server) or not. When using Serialize::export to export a certificate, signatures that have this subpacket present and set to false are not serialized.

Normally, you’ll want to use Signature4::exportable to check if a signature should be exported. That function also checks whether the signature includes any sensitive Revocation Key subpackets, which also shouldn’t be exported.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn trust_signature(&self) -> Option<(u8, u8)>`[src]

Returns the value of the Trust Signature subpacket.

The Trust Signature subpacket indicates the degree to which a certificate holder is trusted to certify other keys.

A level of 0 means that the certificate holder is not trusted to certificate other keys, a level of 1 means that the certificate holder is a trusted introducer (a certificate authority) and any certifications that they make should be considered valid. A level of 2 means the certificate holder can designate level 1 trusted introducers, etc.

The trust indicates the degree of confidence. A value of 120 means that a certification should be considered valid. A value of 60 means that a certification should only be considered partially valid. In the latter case, typically three such certifications are required for a binding to be considered authenticated.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn regular_expressions(&self) -> impl Iterator<Item = &[u8]> + Send + Sync`[src]

Returns the values of all Regular Expression subpackets.

The Regular Expression subpacket is used in conjunction with a Trust Signature subpacket, which is accessed using SubpacketAreas::trust_signature, to limit the scope of a trusted introducer. This is useful, for instance, when a company has a CA and you only want to trust them to certify their own employees.

Note: The serialized form includes a trailing NUL byte. Sequoia strips the NUL when parsing the subpacket.

This returns all instances of the Regular Expression subpacket in the hashed subpacket area.

`pub fn revocable(&self) -> Option<bool>`[src]

Returns the value of the Revocable subpacket.

The Revocable subpacket indicates whether a certification may be later revoked by creating a Certification revocation signature (0x30) that targets the signature using the Signature Target subpacket (accessed using the SubpacketAreas::signature_target method).

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn revocation_keys( &self ) -> impl Iterator<Item = &RevocationKey> + Send + Sync`[src]

Returns the values of all Revocation Key subpackets.

A Revocation Key subpacket indicates certificates (so-called designated revokers) that are allowed to revoke the signer’s certificate. For instance, if Alice trusts Bob, she can set him as a designated revoker. This is useful if Alice loses access to her key, and therefore is unable to generate a revocation certificate on her own. In this case, she can still Bob to generate one on her behalf.

When getting a certificate’s revocation keys, all valid self-signatures should be checked, not only the active self-signature. This prevents an attacker who has gained access to the private key material from invalidating a third-party revocation by publishing a new self signature that doesn’t include any revocation keys.

Due to the complexity of verifying such signatures, many OpenPGP implementations do not support this feature.

This returns all instance of the Revocation Key subpacket in the hashed subpacket area.

`pub fn issuers(&self) -> impl Iterator<Item = &KeyID> + Send + Sync`[src]

Returns the values of all Issuer subpackets.

The Issuer subpacket is used when processing a signature to identify which certificate created the signature. Since this information is self-authenticating (the act of validating the signature authenticates the subpacket), it may be stored in the unhashed subpacket area.

This returns all instances of the Issuer subpacket in both the hashed subpacket area and the unhashed subpacket area.

`pub fn issuer_fingerprints( &self ) -> impl Iterator<Item = &Fingerprint> + Send + Sync`[src]

Returns the values of all Issuer Fingerprint subpackets.

The Issuer Fingerprint subpacket is used when processing a signature to identify which certificate created the signature. Since this information is self-authenticating (the act of validating the signature authenticates the subpacket), it is normally stored in the unhashed subpacket area.

This returns all instances of the Issuer Fingerprint subpacket in both the hashed subpacket area and the unhashed subpacket area.

`pub fn notation_data(&self) -> impl Iterator<Item = &NotationData> + Send + Sync`[src]

Returns all Notation Data subpackets.

Notation Data subpackets are key-value pairs. They can be used by applications to annotate signatures in a structured way. For instance, they can define additional, application-specific security requirements. Because they are functionally equivalent to subpackets, they can also be used for OpenPGP extensions. This is how the Intended Recipient subpacket started life.

Notation names are structured, and are divided into two namespaces: the user namespace and the IETF namespace. Names in the user namespace have the form name@example.org and their meaning is defined by the owner of the domain. The meaning of the notation name@example.org, for instance, is defined by whoever controls example.org. Names in the IETF namespace do not contain an @ and are managed by IANA. See Section 5.2.3.16 of RFC 4880 for details.

This returns all instances of the Notation Data subpacket in the hashed subpacket area.

`pub fn notation<'a, N>( &'a self, name: N ) -> impl Iterator<Item = &'a [u8]> + Send + Sync where N: 'a + AsRef<str> + Send + Sync,` [src]

Returns the values of all Notation Data subpackets with the given name.

Notation Data subpackets are key-value pairs. They can be used by applications to annotate signatures in a structured way. For instance, they can define additional, application-specific security requirements. Because they are functionally equivalent to subpackets, they can also be used for OpenPGP extensions. This is how the Intended Recipient subpacket started life.

Notation names are structured, and are divided into two namespaces: the user namespace and the IETF namespace. Names in the user namespace have the form name@example.org and their meaning is defined by the owner of the domain. The meaning of the notation name@example.org, for instance, is defined by whoever controls example.org. Names in the IETF namespace do not contain an @ and are managed by IANA. See Section 5.2.3.16 of RFC 4880 for details.

This returns the values of all instances of the Notation Data subpacket with the specified name in the hashed subpacket area.

`pub fn preferred_symmetric_algorithms(&self) -> Option<&[SymmetricAlgorithm]>`[src]

Returns the value of the Preferred Symmetric Algorithms subpacket.

A Preferred Symmetric Algorithms subpacket lists what symmetric algorithms the user prefers. When encrypting a message for a recipient, the OpenPGP implementation should not use an algorithm that is not on this list.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first look for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn preferred_hash_algorithms(&self) -> Option<&[HashAlgorithm]>`[src]

Returns the value of the Preferred Hash Algorithms subpacket.

A Preferred Hash Algorithms subpacket lists what hash algorithms the user prefers. When signing a message that should be verified by a particular recipient, the OpenPGP implementation should not use an algorithm that is not on this list.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first look for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn preferred_compression_algorithms( &self ) -> Option<&[CompressionAlgorithm]>`[src]

Returns the value of the Preferred Compression Algorithms subpacket.

A Preferred Compression Algorithms subpacket lists what compression algorithms the user prefers. When compressing a message for a recipient, the OpenPGP implementation should not use an algorithm that is not on the list.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn preferred_aead_algorithms(&self) -> Option<&[AEADAlgorithm]>`[src]

Returns the value of the Preferred AEAD Algorithms subpacket.

The Preferred AEAD Algorithms subpacket indicates what AEAD algorithms the key holder prefers ordered by preference. If this is set, then the AEAD feature flag should in the Features subpacket should also be set.

Note: because support for AEAD has not yet been standardized, we recommend not yet advertising support for it.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first look for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn key_server_preferences(&self) -> Option<KeyServerPreferences>`[src]

Returns the value of the Key Server Preferences subpacket.

The Key Server Preferences subpacket indicates to key servers how they should handle the certificate.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn preferred_key_server(&self) -> Option<&[u8]>`[src]

Returns the value of the Preferred Key Server subpacket.

The Preferred Key Server subpacket contains a link to a key server where the certificate holder plans to publish updates to their certificate (e.g., extensions to the expiration time, new subkeys, revocation certificates).

The Preferred Key Server subpacket should be handled cautiously, because it can be used by a certificate holder to track communication partners.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first look for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn policy_uri(&self) -> Option<&[u8]>`[src]

Returns the value of the Policy URI subpacket.

The Policy URI subpacket contains a link to a policy document, which contains information about the conditions under which the signature was made.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first look for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn primary_userid(&self) -> Option<bool>`[src]

Returns the value of the Primary UserID subpacket.

The Primary User ID subpacket indicates whether the associated User ID or User Attribute should be considered the primary User ID. It is possible that this is set on multiple User IDs. See the documentation for ValidCert::primary_userid for an explanation of how Sequoia resolves this ambiguity.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn key_flags(&self) -> Option<KeyFlags>`[src]

Returns the value of the Key Flags subpacket.

The Key Flags subpacket describes a key’s capabilities (certification capable, signing capable, etc.). In the case of subkeys, the Key Flags are located on the subkey’s binding signature. For primary keys, locating the correct Key Flags subpacket is more complex: First, the primary User ID is consulted. If the primary User ID contains a Key Flags subpacket, that is used. Otherwise, any direct key signature is considered. If that still doesn’t contain a Key Flags packet, then the primary key should be assumed to be certification capable.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn signers_user_id(&self) -> Option<&[u8]>`[src]

Returns the value of the Signer’s UserID subpacket.

The Signer’s User ID subpacket indicates, which User ID made the signature. This is useful when a key has multiple User IDs, which correspond to different roles. For instance, it is not uncommon to use the same certificate in private as well as for a club.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn reason_for_revocation(&self) -> Option<(ReasonForRevocation, &[u8])>`[src]

Returns the value of the Reason for Revocation subpacket.

The Reason For Revocation subpacket indicates why a key, User ID, or User Attribute is being revoked. It includes both a machine readable code, and a human-readable string. The code is essential as it indicates to the OpenPGP implementation that reads the certificate whether the key was compromised (a hard revocation), or is no longer used (a soft revocation). In the former case, the OpenPGP implementation must conservatively consider all past signatures as suspect whereas in the latter case, past signatures can still be considered valid.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn features(&self) -> Option<Features>`[src]

Returns the value of the Features subpacket.

A Features subpacket lists what OpenPGP features the user wants to use. When creating a message, features that the intended recipients do not support should not be used. However, because this information is rarely held up to date in practice, this information is only advisory, and implementations are allowed to infer what features the recipients support from contextual clues, e.g., their past behavior.

This subpacket is a type of preference. When looking up a preference, an OpenPGP implementation should first look for the subpacket on the binding signature of the User ID or the User Attribute used to locate the certificate (or the primary User ID, if it was addressed by Key ID or fingerprint). If the binding signature doesn’t contain the subpacket, then the direct key signature should be checked. See the Preferences trait for details.

Unless addressing different User IDs really should result in different behavior, it is best to only set this preference on the direct key signature. This guarantees that even if some or all User IDs are stripped, the behavior remains consistent.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn signature_target( &self ) -> Option<(PublicKeyAlgorithm, HashAlgorithm, &[u8])>`[src]

Returns the value of the Signature Target subpacket.

The Signature Target subpacket is used to identify the target of a signature. This is used when revoking a signature, and by timestamp signatures. It contains a hash of the target signature.

If the subpacket is not present in the hashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned.

`pub fn embedded_signatures( &self ) -> impl Iterator<Item = &Signature> + Send + Sync`[src]

Returns references to all Embedded Signature subpackets.

The Embedded Signature subpacket is normally used to hold a Primary Key Binding signature, which binds a signing-capable, authentication-capable, or certification-capable subkey to the primary key. Since this information is self-authenticating, it is usually stored in the unhashed subpacket area.

If the subpacket is not present in the hashed subpacket area or in the unhashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned. Otherwise, the last one is returned from the unhashed subpacket area.

`pub fn embedded_signatures_mut( &mut self ) -> impl Iterator<Item = &mut Signature> + Send + Sync`[src]

Returns mutable references to all Embedded Signature subpackets.

The Embedded Signature subpacket is normally used to hold a Primary Key Binding signature, which binds a signing-capable, authentication-capable, or certification-capable subkey to the primary key. Since this information is self-authenticating, it is usually stored in the unhashed subpacket area.

If the subpacket is not present in the hashed subpacket area or in the unhashed subpacket area, this returns None.

Note: if the signature contains multiple instances of this subpacket in the hashed subpacket area, the last one is returned. Otherwise, the last one is returned from the unhashed subpacket area.

`pub fn intended_recipients( &self ) -> impl Iterator<Item = &Fingerprint> + Send + Sync`[src]

Returns the intended recipients.

The Intended Recipient subpacket holds the fingerprint of a certificate.

When signing a message, the message should include one such subpacket for each intended recipient. Note: not all messages have intended recipients. For instance, when signing an open letter, or a software release, the message is intended for anyone.

When processing a signature, the application should ensure that if there are any such subpackets, then one of the subpackets identifies the recipient’s certificate (or user signed the message). If this is not the case, then an attacker may have taken the message out of its original context. For instance, if Alice sends a signed email to Bob, with the content: “I agree to the contract”, and Bob forwards that message to Carol, then Carol may think that Alice agreed to a contract with her if the signature appears to be valid! By adding an intended recipient, it is possible for Carol’s mail client to warn her that although Alice signed the message, the content was intended for Bob and not for her.

This returns all instances of the Intended Recipient subpacket in the hashed subpacket area.

Trait Implementations

`impl Clone for Signature`[src]

`fn clone(&self) -> Signature`[src]

Returns a copy of the value. Read more

`fn clone_from(&mut self, source: &Self)`1.0.0 [src]

Performs copy-assignment from source. Read more

`impl Debug for Signature`[src]

`fn fmt(&self, f: &mut Formatter<'_>) -> Result`[src]

Formats the value using the given formatter. Read more

`impl Deref for Signature`[src]

`type Target = Signature4`

The resulting type after dereferencing.

`fn deref(&self) -> &Self::Target`[src]

Dereferences the value.

`impl DerefMut for Signature`[src]

`fn deref_mut(&mut self) -> &mut Self::Target`[src]

Mutably dereferences the value.

`impl From<Signature> for SignatureBuilder`[src]

`fn from(sig: Signature) -> Self`[src]

Performs the conversion.

`impl From<Signature> for Packet`[src]

`fn from(s: Signature) -> Self`[src]

Performs the conversion.

`impl From<Signature4> for Signature`[src]

`fn from(s: Signature4) -> Self`[src]

Performs the conversion.

`impl Hash for Signature`[src]

`fn hash(&self, hash: &mut dyn Digest)`[src]

Updates the given hash with this object.

`impl Hash for Signature`[src]

`fn hash<H: Hasher>(&self, state: &mut H)`[src]

Feeds this value into the given Hasher. Read more

`fn hash_slice<H>(data: &[Self], state: &mut H) where H: Hasher,` 1.3.0 [src]

Feeds a slice of this type into the given Hasher. Read more

`impl IntoIterator for Signature`[src]

Implement IntoIterator so that cert::insert_packets(sig) just works.

`type Item = Signature`

The type of the elements being iterated over.

`type IntoIter = Once<Signature>`

Which kind of iterator are we turning this into?

`fn into_iter(self) -> Self::IntoIter`[src]

Creates an iterator from a value. Read more

`impl Marshal for Signature`[src]

`fn serialize(&self, o: &mut dyn Write) -> Result<()>`[src]

Writes a serialized version of the object to o.

`fn export(&self, o: &mut dyn Write) -> Result<()>`[src]

Exports a serialized version of the object to o. Read more

`impl MarshalInto for Signature`[src]

`fn serialized_len(&self) -> usize`[src]

Computes the maximal length of the serialized representation. Read more

`fn serialize_into(&self, buf: &mut [u8]) -> Result<usize>`[src]

Serializes into the given buffer. Read more

`fn export_into(&self, buf: &mut [u8]) -> Result<usize>`[src]

Exports into the given buffer. Read more

`fn export_to_vec(&self) -> Result<Vec<u8>>`[src]

Exports to a vector. Read more

`fn to_vec(&self) -> Result<Vec<u8>>`[src]

Serializes the packet to a vector.

`impl Ord for Signature`[src]

`fn cmp(&self, other: &Signature) -> Ordering`[src]

This method returns an Ordering between self and other. Read more

`#[must_use] fn max(self, other: Self) -> Self`1.21.0 [src]

Compares and returns the maximum of two values. Read more

`#[must_use] fn min(self, other: Self) -> Self`1.21.0 [src]

Compares and returns the minimum of two values. Read more

`#[must_use] fn clamp(self, min: Self, max: Self) -> Self`1.50.0 [src]

Restrict a value to a certain interval. Read more

`impl<'a> Parse<'a, Signature> for Signature`[src]

`fn from_reader<R: 'a + Read + Send + Sync>(reader: R) -> Result<Self>`[src]

Reads from the given reader.

`fn from_file<P: AsRef<Path>>(path: P) -> Result<T>`[src]

Reads from the given file. Read more

`fn from_bytes<D: AsRef<[u8]> + ?Sized + Send + Sync>(data: &'a D) -> Result<T>`[src]

Reads from the given slice. Read more

`impl PartialEq<Signature> for Signature`[src]

`fn eq(&self, other: &Signature) -> bool`[src]

This method tests for self and other values to be equal, and is used by ==. Read more

`fn ne(&self, other: &Signature) -> bool`[src]

This method tests for !=.

`impl PartialOrd<Signature> for Signature`[src]

`fn partial_cmp(&self, other: &Signature) -> Option<Ordering>`[src]

This method returns an ordering between self and other values if one exists. Read more

`#[must_use] fn lt(&self, other: &Rhs) -> bool`1.0.0 [src]

This method tests less than (for self and other) and is used by the < operator. Read more

`#[must_use] fn le(&self, other: &Rhs) -> bool`1.0.0 [src]

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more

`#[must_use] fn gt(&self, other: &Rhs) -> bool`1.0.0 [src]

This method tests greater than (for self and other) and is used by the > operator. Read more

`#[must_use] fn ge(&self, other: &Rhs) -> bool`1.0.0 [src]

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more

`impl<'a> TryFrom<&'a Signature> for OnePassSig3`[src]

`type Error = Error`

The type returned in the event of a conversion error.

`fn try_from(s: &'a Signature) -> Result<Self>`[src]

Performs the conversion.

`impl TryFrom<Signature> for Signature4`[src]

`type Error = Error`

The type returned in the event of a conversion error.

`fn try_from(sig: Signature) -> Result<Self>`[src]

Performs the conversion.

`impl Eq for Signature`[src]

`impl StructuralEq for Signature`[src]

`impl StructuralPartialEq for Signature`[src]

Auto Trait Implementations

`impl RefUnwindSafe for Signature`

`impl Send for Signature`

`impl Sync for Signature`

`impl Unpin for Signature`

`impl UnwindSafe for Signature`

Blanket Implementations

`impl<T> Any for T where T: 'static + ?Sized,` [src]

`pub fn type_id(&self) -> TypeId`[src]

Gets the TypeId of self. Read more

`impl<T> Borrow<T> for T where T: ?Sized,` [src]

`pub fn borrow(&self) -> &T`[src]

Immutably borrows from an owned value. Read more

`impl<T> BorrowMut<T> for T where T: ?Sized,` [src]

`pub fn borrow_mut(&mut self) -> &mut T`[src]

Mutably borrows from an owned value. Read more

`impl<T> DynClone for T where T: Clone,` [src]

`pub fn __clone_box(&self, Private) -> *mut ()`[src]

`impl<T> From<T> for T`[src]

`pub fn from(t: T) -> T`[src]

Performs the conversion.

`impl<T, U> Into for T where U: From<T>,` [src]

`pub fn into(self) -> U`[src]

Performs the conversion.

`impl<T> Same<T> for T`

`type Output = T`

Should always be Self

`impl<T> ToOwned for T where T: Clone,` [src]

`type Owned = T`

The resulting type after obtaining ownership.

`pub fn to_owned(&self) -> T`[src]

Creates owned data from borrowed data, usually by cloning. Read more

`pub fn clone_into(&self, target: &mut T)`[src]

🔬 This is a nightly-only experimental API. (toowned_clone_into)

recently added

Uses borrowed data to replace owned data, usually by cloning. Read more

`impl<T, U> TryFrom for T where U: Into<T>,` [src]

`type Error = Infallible`

The type returned in the event of a conversion error.

`pub fn try_from(value: U) -> Result<T, <T as TryFrom>::Error>`[src]

Performs the conversion.

`impl<T, U> TryInto for T where U: TryFrom<T>,` [src]

`type Error = >::Error`

The type returned in the event of a conversion error.

`pub fn try_into(self) -> Result<U, >::Error>`[src]

Performs the conversion.

Enum sequoia_openpgp::packet::Signature⎘[−][src]

A note on equality

Examples

Variants (Non-exhaustive)

Implementations

impl Signature[src]

pub fn hash_for_confirmation(&self, hash: &mut dyn Digest)[src]

impl Signature[src]

pub fn get_issuers(&self) -> Vec<KeyHandle>ⓘNotable traits for Vec<u8, A>impl<A> Write for Vec<u8, A> where A: Allocator, [src]

Notable traits for Vec<u8, A>

pub fn normalized_eq(&self, other: &Signature) -> bool[src]

Examples

pub fn normalized_cmp(&self, other: &Signature) -> Ordering[src]

Examples

pub fn normalize(&self) -> Self[src]

pub fn add_missing_issuers(&mut self) -> Result<()>[src]

pub fn merge(self, other: Signature) -> Result<Signature>[src]

impl Signature[src]

pub fn verify_hash<P, R>( &mut self, key: &Key<P, R>, hash: Box<dyn Digest>) -> Result<()> where P: KeyParts, R: KeyRole, [src]

pub fn verify_digest<P, R, D>( &mut self, key: &Key<P, R>, digest: D) -> Result<()> where P: KeyParts, R: KeyRole, D: AsRef<[u8]>, [src]

pub fn verify<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole, [src]

pub fn verify_standalone<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole, [src]

pub fn verify_timestamp<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole, [src]

pub fn verify_direct_key<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, [src]

pub fn verify_primary_key_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, [src]

pub fn verify_subkey_binding<P, Q, R, S>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, subkey: &Key<S, SubordinateRole>) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, S: KeyParts, [src]

pub fn verify_primary_key_binding<P, Q>( &mut self, pk: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole>) -> Result<()> where P: KeyParts, Q: KeyParts, [src]

pub fn verify_subkey_revocation<P, Q, R, S>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, subkey: &Key<S, SubordinateRole>) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, S: KeyParts, [src]

pub fn verify_userid_binding<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, userid: &UserID) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, [src]

pub fn verify_userid_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, userid: &UserID) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, [src]

pub fn verify_user_attribute_binding<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, ua: &UserAttribute) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, [src]

pub fn verify_user_attribute_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, ua: &UserAttribute) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, [src]

pub fn verify_message<M, P, R>( &mut self, signer: &Key<P, R>, msg: M) -> Result<()> where M: AsRef<[u8]>, P: KeyParts, R: KeyRole, [src]

impl Signature[src]

pub fn version(&self) -> u8[src]

Methods from Deref<Target = Signature4>

pub fn hash_for_confirmation(&self, hash: &mut dyn Digest)[src]

pub fn pk_algo(&self) -> PublicKeyAlgorithm[src]

pub fn digest_prefix(&self) -> &[u8; 2][src]

pub fn mpis(&self) -> &Signature[src]

pub fn computed_digest(&self) -> Option<&[u8]>[src]

pub fn level(&self) -> usize[src]

pub fn exportable(&self) -> Result<()>[src]

Methods from Deref<Target = SignatureFields>

pub fn hash_standalone(&self, hash: &mut dyn Digest)[src]

pub fn hash_timestamp(&self, hash: &mut dyn Digest)[src]

pub fn hash_direct_key<P>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>) where P: KeyParts, [src]

pub fn hash_subkey_binding<P, Q>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole>) where P: KeyParts, Q: KeyParts, [src]

pub fn hash_primary_key_binding<P, Q>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole>) where P: KeyParts, Q: KeyParts, [src]

pub fn hash_userid_binding<P>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, userid: &UserID) where P: KeyParts, [src]

pub fn hash_user_attribute_binding<P>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, ua: &UserAttribute) where P: KeyParts, [src]

pub fn version(&self) -> u8[src]

pub fn typ(&self) -> SignatureType[src]

pub fn hash_algo(&self) -> HashAlgorithm[src]

Methods from Deref<Target = SubpacketAreas>

pub fn hashed_area(&self) -> &SubpacketArea[src]

pub fn hashed_area_mut(&mut self) -> &mut SubpacketArea[src]

pub fn unhashed_area(&self) -> &SubpacketArea[src]

pub fn unhashed_area_mut(&mut self) -> &mut SubpacketArea[src]

pub fn sort(&mut self)[src]

pub fn subpacket<'a>(&'a self, tag: SubpacketTag) -> Option<&Subpacket>[src]

pub fn subpacket_mut<'a>( &'a mut self, tag: SubpacketTag) -> Option<&mut Subpacket>[src]

pub fn subpackets( &self, tag: SubpacketTag) -> impl Iterator<Item = &Subpacket> + Send + Sync[src]

pub fn signature_creation_time(&self) -> Option<SystemTime>[src]

pub fn signature_validity_period(&self) -> Option<Duration>[src]

pub fn signature_expiration_time(&self) -> Option<SystemTime>[src]

pub fn signature_alive<T, U>( &self, time: T, clock_skew_tolerance: U) -> Result<()> where T: Into<Option<SystemTime>>, U: Into<Option<Duration>>, [src]

Errors

Examples

pub fn key_validity_period(&self) -> Option<Duration>[src]

pub fn key_expiration_time<P, R>(&self, key: &Key<P, R>) -> Option<SystemTime> where P: KeyParts, R: KeyRole, [src]

pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> Result<()> where P: KeyParts, R: KeyRole, T: Into<Option<SystemTime>>, [src]

Examples

pub fn exportable_certification(&self) -> Option<bool>[src]

pub fn trust_signature(&self) -> Option<(u8, u8)>[src]

pub fn regular_expressions(&self) -> impl Iterator<Item = &[u8]> + Send + Sync[src]

pub fn revocable(&self) -> Option<bool>[src]

pub fn revocation_keys( &self) -> impl Iterator<Item = &RevocationKey> + Send + Sync[src]

pub fn issuers(&self) -> impl Iterator<Item = &KeyID> + Send + Sync[src]

pub fn issuer_fingerprints( &self) -> impl Iterator<Item = &Fingerprint> + Send + Sync[src]

Enum sequoia_openpgp::packet::Signature[−][src]

`impl Signature`[src]

`pub fn hash_for_confirmation(&self, hash: &mut dyn Digest)`[src]

`impl Signature`[src]

`pub fn get_issuers(&self) -> Vec<KeyHandle>ⓘNotable traits for Vec<u8, A> impl<A> Write for Vec<u8, A> where A: Allocator,` [src]

`pub fn normalized_eq(&self, other: &Signature) -> bool`[src]

`pub fn normalized_cmp(&self, other: &Signature) -> Ordering`[src]

`pub fn normalize(&self) -> Self`[src]

`pub fn add_missing_issuers(&mut self) -> Result<()>`[src]

`pub fn merge(self, other: Signature) -> Result<Signature>`[src]

`impl Signature`[src]

`pub fn verify_hash<P, R>( &mut self, key: &Key<P, R>, hash: Box<dyn Digest> ) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

`pub fn verify_digest<P, R, D>( &mut self, key: &Key<P, R>, digest: D ) -> Result<()> where P: KeyParts, R: KeyRole, D: AsRef<[u8]>,` [src]

`pub fn verify<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

`pub fn verify_standalone<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

`pub fn verify_timestamp<P, R>(&mut self, key: &Key<P, R>) -> Result<()> where P: KeyParts, R: KeyRole,` [src]

`pub fn verify_direct_key<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

`pub fn verify_primary_key_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

`pub fn verify_subkey_binding<P, Q, R, S>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, subkey: &Key<S, SubordinateRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, S: KeyParts,` [src]

`pub fn verify_primary_key_binding<P, Q>( &mut self, pk: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole> ) -> Result<()> where P: KeyParts, Q: KeyParts,` [src]

`pub fn verify_subkey_revocation<P, Q, R, S>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, subkey: &Key<S, SubordinateRole> ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole, S: KeyParts,` [src]

`pub fn verify_userid_binding<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, userid: &UserID ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

`pub fn verify_userid_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, userid: &UserID ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

`pub fn verify_user_attribute_binding<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, ua: &UserAttribute ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

`pub fn verify_user_attribute_revocation<P, Q, R>( &mut self, signer: &Key<P, R>, pk: &Key<Q, PrimaryRole>, ua: &UserAttribute ) -> Result<()> where P: KeyParts, Q: KeyParts, R: KeyRole,` [src]

`pub fn verify_message<M, P, R>( &mut self, signer: &Key<P, R>, msg: M ) -> Result<()> where M: AsRef<[u8]>, P: KeyParts, R: KeyRole,` [src]

`impl Signature`[src]

`pub fn version(&self) -> u8`[src]

`pub fn hash_for_confirmation(&self, hash: &mut dyn Digest)`[src]

`pub fn pk_algo(&self) -> PublicKeyAlgorithm`[src]

`pub fn digest_prefix(&self) -> &[u8; 2]`[src]

`pub fn mpis(&self) -> &Signature`[src]

`pub fn computed_digest(&self) -> Option<&[u8]>`[src]

`pub fn level(&self) -> usize`[src]

`pub fn exportable(&self) -> Result<()>`[src]

`pub fn hash_standalone(&self, hash: &mut dyn Digest)`[src]

`pub fn hash_timestamp(&self, hash: &mut dyn Digest)`[src]

`pub fn hash_direct_key<P>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole> ) where P: KeyParts,` [src]

`pub fn hash_subkey_binding<P, Q>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole> ) where P: KeyParts, Q: KeyParts,` [src]

`pub fn hash_primary_key_binding<P, Q>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, subkey: &Key<Q, SubordinateRole> ) where P: KeyParts, Q: KeyParts,` [src]

`pub fn hash_userid_binding<P>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, userid: &UserID ) where P: KeyParts,` [src]

`pub fn hash_user_attribute_binding<P>( &self, hash: &mut dyn Digest, key: &Key<P, PrimaryRole>, ua: &UserAttribute ) where P: KeyParts,` [src]

`pub fn version(&self) -> u8`[src]

`pub fn typ(&self) -> SignatureType`[src]

`pub fn hash_algo(&self) -> HashAlgorithm`[src]

`pub fn hashed_area(&self) -> &SubpacketArea`[src]

`pub fn hashed_area_mut(&mut self) -> &mut SubpacketArea`[src]

`pub fn unhashed_area(&self) -> &SubpacketArea`[src]

`pub fn unhashed_area_mut(&mut self) -> &mut SubpacketArea`[src]

`pub fn sort(&mut self)`[src]

`pub fn subpacket<'a>(&'a self, tag: SubpacketTag) -> Option<&Subpacket>`[src]

`pub fn subpacket_mut<'a>( &'a mut self, tag: SubpacketTag ) -> Option<&mut Subpacket>`[src]

`pub fn subpackets( &self, tag: SubpacketTag ) -> impl Iterator<Item = &Subpacket> + Send + Sync`[src]

`pub fn signature_creation_time(&self) -> Option<SystemTime>`[src]

`pub fn signature_validity_period(&self) -> Option<Duration>`[src]

`pub fn signature_expiration_time(&self) -> Option<SystemTime>`[src]

`pub fn signature_alive<T, U>( &self, time: T, clock_skew_tolerance: U ) -> Result<()> where T: Into<Option<SystemTime>>, U: Into<Option<Duration>>,` [src]

`pub fn key_validity_period(&self) -> Option<Duration>`[src]

`pub fn key_expiration_time<P, R>(&self, key: &Key<P, R>) -> Option<SystemTime> where P: KeyParts, R: KeyRole,` [src]

`pub fn key_alive<P, R, T>(&self, key: &Key<P, R>, t: T) -> Result<()> where P: KeyParts, R: KeyRole, T: Into<Option<SystemTime>>,` [src]

`pub fn exportable_certification(&self) -> Option<bool>`[src]

`pub fn trust_signature(&self) -> Option<(u8, u8)>`[src]

`pub fn regular_expressions(&self) -> impl Iterator<Item = &[u8]> + Send + Sync`[src]

`pub fn revocable(&self) -> Option<bool>`[src]

`pub fn revocation_keys( &self ) -> impl Iterator<Item = &RevocationKey> + Send + Sync`[src]

`pub fn issuers(&self) -> impl Iterator<Item = &KeyID> + Send + Sync`[src]

`pub fn issuer_fingerprints( &self ) -> impl Iterator<Item = &Fingerprint> + Send + Sync`[src]

`pub fn notation_data(&self) -> impl Iterator<Item = &NotationData> + Send + Sync`[src]

`pub fn notation<'a, N>( &'a self, name: N ) -> impl Iterator<Item = &'a [u8]> + Send + Sync where N: 'a + AsRef<str> + Send + Sync,` [src]

`pub fn preferred_symmetric_algorithms(&self) -> Option<&[SymmetricAlgorithm]>`[src]

`pub fn preferred_hash_algorithms(&self) -> Option<&[HashAlgorithm]>`[src]

`pub fn preferred_compression_algorithms( &self ) -> Option<&[CompressionAlgorithm]>`[src]

`pub fn preferred_aead_algorithms(&self) -> Option<&[AEADAlgorithm]>`[src]

`pub fn key_server_preferences(&self) -> Option<KeyServerPreferences>`[src]

`pub fn preferred_key_server(&self) -> Option<&[u8]>`[src]

`pub fn policy_uri(&self) -> Option<&[u8]>`[src]

`pub fn primary_userid(&self) -> Option<bool>`[src]

`pub fn key_flags(&self) -> Option<KeyFlags>`[src]

`pub fn signers_user_id(&self) -> Option<&[u8]>`[src]

`pub fn reason_for_revocation(&self) -> Option<(ReasonForRevocation, &[u8])>`[src]