[−][src]Type Definition sequoia_openpgp::cert::amalgamation::key::ValidSubordinateKeyAmalgamation

type ValidSubordinateKeyAmalgamation<'a, P> = ValidKeyAmalgamation<'a, P, SubordinateRole, ()>;

A Valid subkey, and its associated data.

A specialized version of ValidKeyAmalgamation.

Implementations

`impl<'a, P> ValidSubordinateKeyAmalgamation<'a, P> where P: KeyParts,` [src]

`pub fn parts_into_public( self ) -> ValidSubordinateKeyAmalgamation<'a, PublicParts>`[src]

Changes the key's parts tag to PublicParts.

`pub fn parts_as_public( &'a self ) -> &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>`[src]

Changes the key's parts tag to PublicParts.

`pub fn parts_into_secret( self ) -> Result<ValidSubordinateKeyAmalgamation<'a, SecretParts>>`[src]

Changes the key's parts tag to SecretParts.

`pub fn parts_as_secret( &'a self ) -> Result<&'a ValidSubordinateKeyAmalgamation<'a, SecretParts>>`[src]

Changes the key's parts tag to SecretParts.

`pub fn parts_into_unspecified( self ) -> ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>`[src]

Changes the key's parts tag to UnspecifiedParts.

`pub fn parts_as_unspecified( &'a self ) -> &ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>`[src]

Changes the key's parts tag to UnspecifiedParts.

`impl<'a, P> ValidSubordinateKeyAmalgamation<'a, P> where P: 'a + KeyParts,` [src]

`pub fn set_expiration_time( &self, primary_signer: &mut dyn Signer, subkey_signer: Option<&mut dyn Signer>, expiration: Option<SystemTime> ) -> Result<Vec<Signature>>`[src]

Creates signatures that cause the key to expire at the specified time.

This function creates new binding signatures that cause the key to expire at the specified time when integrated into the certificate. For subkeys, a single Signature is returned.

Setting a key's expiry time means updating an existing binding signature---when looking up information, only one binding signature is normally considered, and we don't want to drop the other information stored in the current binding signature. This function uses the binding signature determined by ValidKeyAmalgamation's policy and reference time for this.

When updating the expiration time of signing-capable subkeys, we need to create a new primary key binding signature. Therefore, we need a signer for the subkey. If subkey_signer is None, and this is a signing-capable subkey, this function fails with Error::InvalidArgument. Likewise, this function fails if subkey_signer is not None when updating the expiration of an non signing-capable subkey.

Examples

use std::time;
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let vc = cert.with_policy(p, None)?;

// Assert that the keys are not expired.
for ka in vc.keys() {
    assert!(ka.alive().is_ok());
}

// Make the keys expire in a week.
let t = time::SystemTime::now()
    + time::Duration::from_secs(7 * 24 * 60 * 60);

// We assume that the secret key material is available, and not
// password protected.
let mut primary_signer = vc.primary_key()
    .key().clone().parts_into_secret()?.into_keypair()?;
let mut signing_subkey_signer = vc.keys().for_signing().nth(0).unwrap()
    .key().clone().parts_into_secret()?.into_keypair()?;

let mut sigs = Vec::new();
for ka in vc.keys() {
    if ! ka.for_signing() {
        // Non-signing-capable subkeys are easy to update.
        sigs.append(&mut ka.set_expiration_time(&mut primary_signer,
                                                None, Some(t))?);
    } else {
        // Signing-capable subkeys need to create a primary
        // key binding signature with the subkey:
        assert!(ka.set_expiration_time(&mut primary_signer,
                                       None, Some(t)).is_err());

        // Here, we need the subkey's signer:
        sigs.append(&mut ka.set_expiration_time(&mut primary_signer,
                                                Some(&mut signing_subkey_signer),
                                                Some(t))?);
    }
}
let cert = cert.insert_packets(sigs)?;

// They aren't expired yet.
let vc = cert.with_policy(p, None)?;
for ka in vc.keys() {
    assert!(ka.alive().is_ok());
}

// But in two weeks, they will be...
let t = time::SystemTime::now()
    + time::Duration::from_secs(2 * 7 * 24 * 60 * 60);
let vc = cert.with_policy(p, t)?;
for ka in vc.keys() {
    assert!(ka.alive().is_err());
}

Trait Implementations

`impl<'a> From<&'a ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>`[src]

`fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self`[src]

`impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>`[src]

`fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self`[src]

`impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>`[src]

`fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self`[src]

`impl<'a> From<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>`[src]

`fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>) -> Self`[src]

`impl<'a> From<ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>`[src]

`fn from(p: ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self`[src]

`impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, PublicParts>`[src]

`fn from(p: ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self`[src]

`impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>`[src]

`fn from(p: ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self`[src]

`impl<'a> From<ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, PublicParts>`[src]

`fn from(p: ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>) -> Self`[src]