Struct sequoia_openpgp::packet::key::Key4 [−][src]
Expand description
Holds a public key, public subkey, private key or private subkey packet.
Use Key4::generate_rsa
or Key4::generate_ecc
to create a
new key.
Existing key material can be turned into an OpenPGP key using
Key4::new
, Key4::with_secret
, Key4::import_public_cv25519
,
Key4::import_public_ed25519
, Key4::import_public_rsa
,
Key4::import_secret_cv25519
, Key4::import_secret_ed25519
,
and Key4::import_secret_rsa
.
Whether you create a new key or import existing key material, you still need to create a binding signature, and, for signing keys, a back signature before integrating the key into a certificate.
Normally, you won’t directly use Key4
, but Key
, which is a
relatively thin wrapper around Key4
.
See Section 5.5 of RFC 4880 and the documentation for Key
for more details.
Implementations
pub fn import_secret_cv25519<H, S, T>(
private_key: &[u8],
hash: H,
sym: S,
ctime: T
) -> Result<Self> where
H: Into<Option<HashAlgorithm>>,
S: Into<Option<SymmetricAlgorithm>>,
T: Into<Option<SystemTime>>,
[src]
pub fn import_secret_cv25519<H, S, T>(
private_key: &[u8],
hash: H,
sym: S,
ctime: T
) -> Result<Self> where
H: Into<Option<HashAlgorithm>>,
S: Into<Option<SymmetricAlgorithm>>,
T: Into<Option<SystemTime>>,
[src]Creates a new OpenPGP secret key packet for an existing X25519 key.
The ECDH key will use hash algorithm hash
and symmetric
algorithm sym
. If one or both are None
secure defaults
will be used. The key will have it’s creation date set to
ctime
or the current time if None
is given.
pub fn import_secret_ed25519<T>(private_key: &[u8], ctime: T) -> Result<Self> where
T: Into<Option<SystemTime>>,
[src]
pub fn import_secret_ed25519<T>(private_key: &[u8], ctime: T) -> Result<Self> where
T: Into<Option<SystemTime>>,
[src]Creates a new OpenPGP secret key packet for an existing Ed25519 key.
The ECDH key will use hash algorithm hash
and symmetric
algorithm sym
. If one or both are None
secure defaults
will be used. The key will have it’s creation date set to
ctime
or the current time if None
is given.
Creates a new OpenPGP public key packet for an existing RSA key.
The RSA key will use public exponent e
and modulo n
. The key will
have it’s creation date set to ctime
or the current time if None
is given.
Generates a new RSA key with a public modulos of size bits
.
Generates a new ECC key over curve
.
If for_signing
is false a ECDH key, if it’s true either a
EdDSA or ECDSA key is generated. Giving for_signing == true
and
curve == Cv25519
will produce an error. Likewise
for_signing == false
and curve == Ed25519
will produce an error.
Changes the key’s parts tag to PublicParts
.
Changes the key’s parts tag to PublicParts
.
Changes the key’s parts tag to SecretParts
.
Changes the key’s parts tag to SecretParts
.
Changes the key’s parts tag to UnspecifiedParts
.
Changes the key’s parts tag to UnspecifiedParts
.
Changes the key’s role tag to PrimaryRole
.
Changes the key’s role tag to PrimaryRole
.
Changes the key’s role tag to SubordinateRole
.
Changes the key’s role tag to SubordinateRole
.
Changes the key’s role tag to UnspecifiedRole
.
Changes the key’s role tag to UnspecifiedRole
.
The security requirements of the hash algorithm for self-signatures.
A cryptographic hash algorithm usually has three security properties: pre-image resistance, second pre-image resistance, and collision resistance. If an attacker can influence the signed data, then the hash algorithm needs to have both second pre-image resistance, and collision resistance. If not, second pre-image resistance is sufficient.
In general, an attacker may be able to influence third-party signatures. But direct key signatures, and binding signatures are only over data fully determined by signer. And, an attacker’s control over self signatures over User IDs is limited due to their structure.
These observations can be used to extend the life of a hash algorithm after its collision resistance has been partially compromised, but not completely broken. For more details, please refer to the documentation for HashAlgoSecurity.
Compares the public bits of two keys.
This returns Ordering::Equal
if the public MPIs, creation
time, and algorithm of the two Key4
s match. This does not
consider the packets’ encodings, packets’ tags or their secret
key material.
Tests whether two keys are equal modulo their secret key material.
This returns true if the public MPIs, creation time and
algorithm of the two Key4
s match. This does not consider
the packets’ encodings, packets’ tags or their secret key
material.
Hashes everything but any secret key material into state.
This is an alternate implementation of Hash
, which never
hashes the secret key material.
pub fn new<T>(
creation_time: T,
pk_algo: PublicKeyAlgorithm,
mpis: PublicKey
) -> Result<Self> where
T: Into<SystemTime>,
[src]
pub fn new<T>(
creation_time: T,
pk_algo: PublicKeyAlgorithm,
mpis: PublicKey
) -> Result<Self> where
T: Into<SystemTime>,
[src]Creates an OpenPGP public key from the specified key material.
pub fn import_public_cv25519<H, S, T>(
public_key: &[u8],
hash: H,
sym: S,
ctime: T
) -> Result<Self> where
H: Into<Option<HashAlgorithm>>,
S: Into<Option<SymmetricAlgorithm>>,
T: Into<Option<SystemTime>>,
[src]
pub fn import_public_cv25519<H, S, T>(
public_key: &[u8],
hash: H,
sym: S,
ctime: T
) -> Result<Self> where
H: Into<Option<HashAlgorithm>>,
S: Into<Option<SymmetricAlgorithm>>,
T: Into<Option<SystemTime>>,
[src]Creates an OpenPGP public key packet from existing X25519 key material.
The ECDH key will use hash algorithm hash
and symmetric
algorithm sym
. If one or both are None
secure defaults
will be used. The key will have its creation date set to
ctime
or the current time if None
is given.
pub fn import_public_ed25519<T>(public_key: &[u8], ctime: T) -> Result<Self> where
T: Into<Option<SystemTime>>,
[src]
pub fn import_public_ed25519<T>(public_key: &[u8], ctime: T) -> Result<Self> where
T: Into<Option<SystemTime>>,
[src]Creates an OpenPGP public key packet from existing Ed25519 key material.
The ECDH key will use hash algorithm hash
and symmetric
algorithm sym
. If one or both are None
secure defaults
will be used. The key will have its creation date set to
ctime
or the current time if None
is given.
Creates an OpenPGP public key packet from existing RSA key material.
The RSA key will use the public exponent e
and the modulo
n
. The key will have its creation date set to ctime
or the
current time if None
is given.
pub fn with_secret<T>(
creation_time: T,
pk_algo: PublicKeyAlgorithm,
mpis: PublicKey,
secret: SecretKeyMaterial
) -> Result<Self> where
T: Into<SystemTime>,
[src]
pub fn with_secret<T>(
creation_time: T,
pk_algo: PublicKeyAlgorithm,
mpis: PublicKey,
secret: SecretKeyMaterial
) -> Result<Self> where
T: Into<SystemTime>,
[src]Creates an OpenPGP key packet from the specified secret key material.
Gets the Key
’s creation time.
pub fn set_creation_time<T>(&mut self, timestamp: T) -> Result<SystemTime> where
T: Into<SystemTime>,
[src]
pub fn set_creation_time<T>(&mut self, timestamp: T) -> Result<SystemTime> where
T: Into<SystemTime>,
[src]Sets the Key
’s creation time.
timestamp
is converted to OpenPGP’s internal format,
Timestamp
: a 32-bit quantity containing the number of
seconds since the Unix epoch.
timestamp
is silently rounded to match the internal
resolution. An error is returned if timestamp
is out of
range.
Gets the public key algorithm.
Sets the public key algorithm.
Returns the old public key algorithm.
Sets the Key
’s MPIs.
This function returns the old MPIs, if any.
Returns whether the Key
contains secret key material.
Returns whether the Key
contains unencrypted secret key
material.
This returns false if the Key
doesn’t contain any secret key
material.
Returns Key
’s secret key material, if any.
Computes and returns the Key
’s Fingerprint
and returns it as
a KeyHandle
.
Computes and returns the Key
’s Fingerprint
.
Computes and returns the Key
’s Key ID
.
Secret key material handling.
Takes the Key
’s SecretKeyMaterial
, if any.
pub fn add_secret(
self,
secret: SecretKeyMaterial
) -> (Key4<SecretParts, R>, Option<SecretKeyMaterial>)
[src]
pub fn add_secret(
self,
secret: SecretKeyMaterial
) -> (Key4<SecretParts, R>, Option<SecretKeyMaterial>)
[src]Adds the secret key material to the Key
, returning
the old secret key material, if any.
Secret key material handling.
Takes the Key
’s SecretKeyMaterial
, if any.
pub fn add_secret(
self,
secret: SecretKeyMaterial
) -> (Key4<SecretParts, R>, Option<SecretKeyMaterial>)
[src]
pub fn add_secret(
self,
secret: SecretKeyMaterial
) -> (Key4<SecretParts, R>, Option<SecretKeyMaterial>)
[src]Adds the secret key material to the Key
, returning
the old secret key material, if any.
Secret key handling.
Gets the Key
’s SecretKeyMaterial
.
Gets a mutable reference to the Key
’s SecretKeyMaterial
.
Takes the Key
’s SecretKeyMaterial
.
pub fn add_secret(
self,
secret: SecretKeyMaterial
) -> (Key4<SecretParts, R>, SecretKeyMaterial)
[src]
pub fn add_secret(
self,
secret: SecretKeyMaterial
) -> (Key4<SecretParts, R>, SecretKeyMaterial)
[src]Adds SecretKeyMaterial
to the Key
.
This function returns the old secret key material, if any.
Decrypts the secret key material using password
.
In OpenPGP, secret key material can be protected with a password. The password is usually hardened using a KDF.
Refer to the documentation of Key::decrypt_secret
for
details.
This function returns an error if the secret key material is not encrypted or the password is incorrect.
Encrypts the secret key material using password
.
In OpenPGP, secret key material can be protected with a password. The password is usually hardened using a KDF.
Refer to the documentation of Key::encrypt_secret
for
details.
This returns an error if the secret key material is already encrypted.
Creates a new key pair from a secret Key
with an unencrypted
secret key.
Errors
Fails if the secret key is encrypted. You can use
Key::decrypt_secret
to decrypt a key.
Trait Implementations
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Performs the conversion.
Auto Trait Implementations
impl<P, R> RefUnwindSafe for Key4<P, R> where
P: RefUnwindSafe,
R: RefUnwindSafe,
impl<P, R> UnwindSafe for Key4<P, R> where
P: UnwindSafe,
R: UnwindSafe,
Blanket Implementations
Mutably borrows from an owned value. Read more
type Output = T
type Output = T
Should always be Self