[−][src]Struct sequoia_openpgp::parse::stream::Decryptor
Decrypts and verifies an encrypted and optionally signed OpenPGP message.
To create a Decryptor
, create a DecryptorBuilder
using
Parse
, and customize it to your needs.
Signature verification and detection of ciphertext tampering
requires processing the whole message first. Therefore, OpenPGP
implementations supporting streaming operations necessarily must
output unverified data. This has been a source of problems in the
past. To alleviate this, we buffer the message first (up to 25
megabytes of net message data by default, see
DEFAULT_BUFFER_SIZE
), and verify the signatures if the message
fits into our buffer. Nevertheless it is important to treat the
data as unverified and untrustworthy until you have seen a
positive verification. See Decryptor::message_processed
for
more information.
See GoodChecksum
for what it means for a signature to be
considered valid.
Examples
use std::io::Read; use sequoia_openpgp as openpgp; use openpgp::crypto::SessionKey; use openpgp::types::SymmetricAlgorithm; use openpgp::{KeyID, Cert, Result, packet::{Key, PKESK, SKESK}}; use openpgp::parse::{Parse, stream::*}; use sequoia_openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); // This fetches keys and computes the validity of the verification. struct Helper {}; impl VerificationHelper for Helper { fn get_certs(&mut self, _ids: &[openpgp::KeyHandle]) -> Result<Vec<Cert>> { Ok(Vec::new()) // Feed the Certs to the verifier here... } fn check(&mut self, structure: MessageStructure) -> Result<()> { Ok(()) // Implement your verification policy here. } } impl DecryptionHelper for Helper { fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK], _sym_algo: Option<SymmetricAlgorithm>, mut decrypt: D) -> Result<Option<openpgp::Fingerprint>> where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool { skesks[0].decrypt(&"streng geheim".into()) .map(|(algo, session_key)| decrypt(algo, &session_key)); Ok(None) } } let message = b"-----BEGIN PGP MESSAGE----- wy4ECQMIY5Zs8RerVcXp85UgoUKjKkevNPX3WfcS5eb7rkT9I6kw6N2eEc5PJUDh 0j0B9mnPKeIwhp2kBHpLX/en6RfNqYauX9eSeia7aqsd/AOLbO9WMCLZS5d2LTxN rwwb8Aggyukj13Mi0FF5 =OB/8 -----END PGP MESSAGE-----"; let h = Helper {}; let mut v = DecryptorBuilder::from_bytes(&message[..])? .with_policy(p, None, h)?; let mut content = Vec::new(); v.read_to_end(&mut content)?; assert_eq!(content, b"Hello World!");
Implementations
impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H>
[src]
pub fn helper_ref(&self) -> &H
[src]
Returns a reference to the helper.
pub fn helper_mut(&mut self) -> &mut H
[src]
Returns a mutable reference to the helper.
pub fn into_helper(self) -> H
[src]
Recovers the helper.
pub fn message_processed(&self) -> bool
[src]
Returns true if the whole message has been processed and authenticated.
If the function returns true
, the whole message has been
processed, the signatures are verified, and the message
structure has been passed to VerificationHelper::check
.
Data read from this Verifier
using io::Read
has been
authenticated.
If the function returns false
, the message did not fit into
the internal buffer, and therefore data read from this
Verifier
using io::Read
has not yet been
authenticated. It is important to treat this data as
attacker controlled and not use it until it has been
authenticated.
Examples
This example demonstrates how to verify a message in a streaming fashion, writing the data to a temporary file and only commit the result once the data is authenticated.
use std::io::{Read, Seek, SeekFrom}; use sequoia_openpgp as openpgp; use openpgp::{KeyHandle, Cert, Result}; use openpgp::parse::{Parse, stream::*}; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); // This fetches keys and computes the validity of the verification. struct Helper {}; impl VerificationHelper for Helper { // ... } let mut source = // ... fn consume(r: &mut dyn Read) -> Result<()> { // ... } let h = Helper {}; let mut v = VerifierBuilder::from_reader(&mut source)? .with_policy(p, None, h)?; if v.message_processed() { // The data has been authenticated. consume(&mut v)?; } else { let mut tmp = tempfile::tempfile()?; std::io::copy(&mut v, &mut tmp)?; // If the copy succeeds, the message has been fully // processed and the data has been authenticated. assert!(v.message_processed()); // Rewind and consume. tmp.seek(SeekFrom::Start(0))?; consume(&mut tmp)?; }
Trait Implementations
impl<'a, H: VerificationHelper + DecryptionHelper> Read for Decryptor<'a, H>
[src]
fn read(&mut self, buf: &mut [u8]) -> Result<usize>
[src]
fn read_vectored(&mut self, bufs: &mut [IoSliceMut]) -> Result<usize, Error>
1.36.0[src]
fn is_read_vectored(&self) -> bool
[src]
unsafe fn initializer(&self) -> Initializer
[src]
fn read_to_end(&mut self, buf: &mut Vec<u8>) -> Result<usize, Error>
1.0.0[src]
fn read_to_string(&mut self, buf: &mut String) -> Result<usize, Error>
1.0.0[src]
fn read_exact(&mut self, buf: &mut [u8]) -> Result<(), Error>
1.6.0[src]
fn by_ref(&mut self) -> &mut Self
1.0.0[src]
fn bytes(self) -> Bytes<Self>
1.0.0[src]
fn chain<R>(self, next: R) -> Chain<Self, R> where
R: Read,
1.0.0[src]
R: Read,
fn take(self, limit: u64) -> Take<Self>
1.0.0[src]
Auto Trait Implementations
impl<'a, H> !RefUnwindSafe for Decryptor<'a, H>
impl<'a, H> !Send for Decryptor<'a, H>
impl<'a, H> !Sync for Decryptor<'a, H>
impl<'a, H> Unpin for Decryptor<'a, H> where
H: Unpin,
H: Unpin,
impl<'a, H> !UnwindSafe for Decryptor<'a, H>
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,