Skip to main content

Key

sequoia_keystore

Struct Key 

Source 
pub struct Key { /* private fields */ }
Expand description

A handle to a key.

A key encapsulates secret key material, and exposes some secret key operations like decrypting a message, signing a message, changing the key’s password, and deleting the secret key material. Not all keys implement all operations. In particular, a key will typically either implement Key::decrypt_ciphertext or Key::sign_message.

Implementations§

Source§

impl Key

Source

pub fn key_handle(&self) -> KeyHandle

Returns the key’s key handle.

Source

pub fn fingerprint(&self) -> Fingerprint

Returns the key’s fingerprint.

Source

pub fn keyid(&self) -> KeyID

Returns the key’s Key ID.

Source

pub fn public_key(&self) -> &Key<PublicParts, UnspecifiedRole>

Returns the key’s public key.

Source

pub fn id(&mut self) -> Result<String>

Returns a unique key identifier.

It should be a well-formed UTF-8 string, which should give a curious user a pretty good idea of what key this is.

Source

pub async fn id_async(&mut self) -> Result<String>

Returns a unique key identifier.

It should be a well-formed UTF-8 string, which should give a curious user a pretty good idea of what key this is.

Source

pub fn unlock(&mut self, password: Password) -> Result<()>

Unlocks a key.

A key is typically unlocked by providing a password or pin. Not all keys are locked. If the key is not available, this should attempt to connect to the device. If the device is not available or cannot be initialized, then this should fail.

Source

pub async fn unlock_async(&mut self, password: Password) -> Result<()>

Unlocks a key.

A key is typically unlocked by providing a password or pin. Not all keys are locked. If the key is not available, this should attempt to connect to the device. If the device is not available or cannot be initialized, then this should fail.

Source

pub fn decrypt_ciphertext( &mut self, ciphertext: &Ciphertext, plaintext_len: Option<usize>, ) -> Result<SessionKey>

Decrypts a ciphertext.

This function corresponds to Decryptor::decrypt.

When decrypting a message you normally don’t want to manually try to decrypt each PKESK using this function, but use Keystore::decrypt, which first tries to use keys that don’t require user interaction.

If you want to decrypt a PKESK, then you should pass the Key to PKESK::decrypt.

Source

pub async fn decrypt_ciphertext_async( &mut self, ciphertext: &Ciphertext, plaintext_len: Option<usize>, ) -> Result<SessionKey>

Decrypts a ciphertext.

This function corresponds to Decryptor::decrypt.

When decrypting a message you normally don’t want to manually try to decrypt each PKESK using this function, but use Keystore::decrypt, which first tries to use keys that don’t require user interaction.

If you want to decrypt a PKESK, then you should pass the Key to PKESK::decrypt.

Source

pub fn sign_message( &mut self, hash_algo: HashAlgorithm, digest: &[u8], ) -> Result<Signature>

Signs a message.

digest is the message to sign.

Source

pub async fn sign_message_async( &mut self, hash_algo: HashAlgorithm, digest: &[u8], ) -> Result<Signature>

Signs a message.

digest is the message to sign.

Source

pub fn available(&mut self) -> Result<bool>

Whether the key is available.

If false, this usually means the device needs to be connected, e.g., a smartcard needs to be plugged in.

Source

pub async fn available_async(&mut self) -> Result<bool>

Whether the key is available.

If false, this usually means the device needs to be connected, e.g., a smartcard needs to be plugged in.

Source

pub fn locked(&mut self) -> Result<Protection>

Whether the key is locked, and the type of protection.

Source

pub async fn locked_async(&mut self) -> Result<Protection>

Whether the key is locked, and the type of protection.

Source

pub fn password_source(&mut self) -> Result<PasswordSource>

How the password is obtained to unlock the key.

This is independent of whether the key is currently protected.

Source

pub async fn password_source_async(&mut self) -> Result<PasswordSource>

How the password is obtained to unlock the key.

This is independent of whether the key is currently protected.

Source

pub fn decryption_capable(&mut self) -> Result<bool>

Whether the key can be used for decryption.

Source

pub async fn decryption_capable_async(&mut self) -> Result<bool>

Whether the key can be used for decryption.

Source

pub fn signing_capable(&mut self) -> Result<bool>

Whether the key can be used for signing.

Source

pub async fn signing_capable_async(&mut self) -> Result<bool>

Whether the key can be used for signing.

Source

pub fn export(&mut self) -> Result<Key<SecretParts, UnspecifiedRole>>

Exports the secret key material.

Source

pub async fn export_async( &mut self, ) -> Result<Key<SecretParts, UnspecifiedRole>>

Exports the secret key material.

Source

pub fn change_password(&mut self, password: Option<&Password>) -> Result<()>

Changes the key’s password.

Source

pub async fn change_password_async( &mut self, password: Option<&Password>, ) -> Result<()>

Changes the key’s password.

Source

pub fn delete_secret_key_material(&mut self) -> Result<()>

Deletes the specified key’s secret key material.

On success, the key is no registered with the device, and future operations on the current key handle will fail.

Source

pub async fn delete_secret_key_material_async(&mut self) -> Result<()>

Deletes the specified key’s secret key material.

On success, the key is no registered with the device, and future operations on the current key handle will fail.

Trait Implementations§

Source§

impl Clone for Key

Source§

fn clone(&self) -> Key

Returns a duplicate of the value. Read more
1.0.0 · Source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
Source§

impl Decryptor for &mut Key

Source§

fn public(&self) -> &Key<PublicParts, UnspecifiedRole>

Returns a reference to the public key.
Source§

fn decrypt( &mut self, ciphertext: &Ciphertext, plaintext_len: Option<usize>, ) -> Result<SessionKey>

Decrypts ciphertext, returning the plain session key.
Source§

impl Decryptor for Key

Source§

fn public(&self) -> &Key<PublicParts, UnspecifiedRole>

Returns a reference to the public key.
Source§

fn decrypt( &mut self, ciphertext: &Ciphertext, plaintext_len: Option<usize>, ) -> Result<SessionKey>

Decrypts ciphertext, returning the plain session key.
Source§

impl Signer for &mut Key

Source§

fn public(&self) -> &Key<PublicParts, UnspecifiedRole>

Returns a reference to the public key.
Source§

fn sign(&mut self, hash_algo: HashAlgorithm, digest: &[u8]) -> Result<Signature>

Creates a signature over the digest produced by hash_algo.
Source§

fn acceptable_hashes(&self) -> &[HashAlgorithm]

Returns a list of hashes that this signer accepts. Read more
Source§

impl Signer for Key

Source§

fn public(&self) -> &Key<PublicParts, UnspecifiedRole>

Returns a reference to the public key.
Source§

fn sign(&mut self, hash_algo: HashAlgorithm, digest: &[u8]) -> Result<Signature>

Creates a signature over the digest produced by hash_algo.
Source§

fn acceptable_hashes(&self) -> &[HashAlgorithm]

Returns a list of hashes that this signer accepts. Read more

Auto Trait Implementations§

§

impl !Freeze for Key

§

impl RefUnwindSafe for Key

§

impl Send for Key

§

impl Sync for Key

§

impl Unpin for Key

§

impl UnwindSafe for Key

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> CloneToUninit for T
where T: Clone,

Source§

unsafe fn clone_to_uninit(&self, dest: *mut u8)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dest. Read more
Source§

impl<T> DynClone for T
where T: Clone,

Source§

fn __clone_box(&self, _: Private) -> *mut ()

Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T> ToOwned for T
where T: Clone,

Source§

type Owned = T

The resulting type after obtaining ownership.
Source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
Source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.