Crate sequoia_cert_store
source ·Expand description
A certificate store abstraction.
This crates provides a unified interface for different certificate
stores via the Store
and StoreUpdate
traits. It also
provides a number of helper functions and data structures, like
UserIDIndex
to help implement this functionality.
The CertStore
data structure combines multiple certificate
backends in a transparent way to users.
§Examples
We can store certificates in an in-memory store, and query the store:
use std::sync::Arc;
use sequoia_openpgp::cert::{Cert, CertBuilder};
use sequoia_cert_store::{CertStore, LazyCert, Store, StoreUpdate};
// Create an in-memory certificate store. To use the default
// on-disk certificate store, use `CertStore::new`.
let mut certs = CertStore::empty();
let (cert, _rev) = CertBuilder::new().generate()?;
let fpr = cert.fingerprint();
// It's not in the cert store yet:
assert!(certs.lookup_by_cert_fpr(&fpr).is_err());
// Insert a certificate. If using a backing store, it would
// also be written to disk.
certs.update(Arc::new(LazyCert::from(cert)))?;
// Make sure it is there.
let cert = certs.lookup_by_cert_fpr(&fpr).expect("present");
assert_eq!(cert.fingerprint(), fpr);
// Resolve the `LazyCert` to a `Cert`. Certificates are stored
// using `LazyCert` so that it is possible to work with `RawCert`s
// and `Cert`s. This allows the implementation to defer fully parsing
// and validating the certificate until it is actually needed.
let cert: &Cert = cert.to_cert()?;
We can use the same API on a persistent certificate store, kept on the filesystem:
use std::fs;
// Make a certificate store on the file system, in a fresh empty directory.
let directory = "/tmp/test-sequoia-certificate-directory";
fs::create_dir_all(directory)?;
let mut store = CertStore::open(directory)?;
// Make a new certificate.
let (cert, _rev) = CertBuilder::new().generate()?;
let fpr = cert.fingerprint();
// The certificate of course will not be in the store yet.
assert!(store.lookup_by_cert_fpr(&fpr).is_err());
// Add it.
store.update(Arc::new(LazyCert::from(cert)))?;
// Now the certificate can be found.
let found = store.lookup_by_cert_fpr(&fpr).expect("present");
assert_eq!(found.fingerprint(), fpr);
// Again, we can resolve the `LazyCert` to a `Cert`.
let cert: &Cert = found.to_cert()?;
Re-exports§
pub use store::Store;
pub use store::StoreUpdate;
Modules§
Structs§
- A unified interface to multiple certificate stores.
- Stores either a
RawCert
or a parsedCert
.
Enums§
Functions§
- Converts an email address to a User ID.