[−][src]Struct sequoia_openpgp::packet::UserID
Holds a UserID packet.
The standard imposes no structure on UserIDs, but suggests to follow RFC 2822. See Section 5.11 of RFC 4880 for details. In practice though, implementations do not follow RFC 2822, or do not even help their users in producing well-formed User IDs. Experience has shown that parsing User IDs using RFC 2822 does not work, so we are taking a more pragmatic approach and define what we call Conventional User IDs.
Using this definition, we provide methods to extract the name,
comment, email address, or URI from UserID
packets.
Furthermore, we provide a way to canonicalize the email address
found in a UserID
packet. We provide two constructors that
create well-formed User IDs from email address, and optional name
and comment.
Conventional User IDs
Informally, conventional User IDs are of the form:
-
First Last (Comment) <name@example.org>
-
First Last <name@example.org>
-
First Last
-
name@example.org <name@example.org>
-
<name@example.org>
-
name@example.org
-
Name (Comment) <scheme://hostname/path>
-
Name (Comment) <mailto:user@example.org>
-
Name <scheme://hostname/path>
-
<scheme://hostname/path>
-
scheme://hostname/path
Names consist of UTF-8 non-control characters and may include punctuation. For instance, the following names are valid:
Acme Industries, Inc.
Michael O'Brian
Smith, John
e.e. cummings
(Note: according to RFC 2822 and its successors, all of these would need to be quoted. Conventionally, no implementation quotes names.)
Conventional User IDs are UTF-8. RFC 2822 only covers US-ASCII and allows character set switching using RFC 2047. For example, an RFC 2822 parser would parse:
Bj=?utf-8?q?=C3=B6?=rn Bj=?utf-8?q?=C3=B6?=rnson
"Björn Björnson". Nobody uses this in practice, and, as such, this extension is not supported by this parser.
Comments can include any UTF-8 text except parentheses. Thus, the following is not a valid comment even though the parentheses are balanced:
(foo (bar))
URIs
The URI parser recognizes URIs using a regular expression similar to the one recommended in RFC 3986 with the following extensions and restrictions:
-
UTF-8 characters are in the range
\u{80}-\u{10ffff}
are allowed wherever percent-encoded characters are allowed (i.e., everywhere but the schema). -
The scheme component and its trailing
:
are required. -
The URI must have an authority component (
//domain
) or a path component (/path/to/resource
). -
Although the RFC does not allow it, in practice, the
[
and]
characters are allowed wherever percent-encoded characters are allowed (i.e., everywhere but the schema).
URIs are neither normalized nor interpreted. For instance, dot segments are not removed, escape sequences are not decoded, etc.
Note: the recommended regular expression is less strict than the grammar. For instance, a percent encoded character must consist of three characters: the percent character followed by two hex digits. The parser that we use does not enforce this either.
Formal Grammar
Formally, the following grammar is used to decompose a User ID:
WS = 0x20 (space character)
comment-specials = "<" / ">" / ; RFC 2822 specials - "(" and ")"
"[" / "]" /
":" / ";" /
"@" / "\" /
"," / "." /
DQUOTE
atext-specials = "(" / ")" / ; RFC 2822 specials - "<" and ">".
"[" / "]" /
":" / ";" /
"@" / "\" /
"," / "." /
DQUOTE
atext = ALPHA / DIGIT / ; Any character except controls,
"!" / "#" / ; SP, and specials.
"$" / "%" / ; Used for atoms
"&" / "'" /
"*" / "+" /
"-" / "/" /
"=" / "?" /
"^" / "_" /
"`" / "{" /
"|" / "}" /
"~" /
\u{80}-\u{10ffff} ; Non-ascii, non-control UTF-8
dot_atom_text = 1*atext *("." *atext)
name-char-start = atext / atext-specials
name-char-rest = atext / atext-specials / WS
name = name-char-start *name-char-rest
comment-char = atext / comment-specials / WS
comment-content = *comment-char
comment = "(" *WS comment-content *WS ")"
addr-spec = dot-atom-text "@" dot-atom-text
uri = See [RFC 3986] and the note on URIs above.
pgp-uid-convention = addr-spec /
uri /
*WS [name] *WS [comment] *WS "<" addr-spec ">" /
*WS [name] *WS [comment] *WS "<" uri ">" /
*WS name *WS [comment] *WS
Implementations
impl UserID
[src]
pub fn hash_algo_security(&self) -> HashAlgoSecurity
[src]
The security requirements of the hash algorithm for self-signatures.
A cryptographic hash algorithm usually has three security properties: pre-image resistance, second pre-image resistance, and collision resistance. If an attacker can influence the signed data, then the hash algorithm needs to have both second pre-image resistance, and collision resistance. If not, second pre-image resistance is sufficient.
In general, an attacker may be able to influence third-party signatures. But direct key signatures, and binding signatures are only over data fully determined by signer. And, an attacker's control over self signatures over User IDs is limited due to their structure.
In the case of self signatures over User IDs, an attacker may be able to control the content of the User ID packet. However, unlike an image, there is no easy way to hide large amounts of arbitrary data (e.g., the 512 bytes needed by the SHA-1 is a Shambles attack) from the user. Further, normal User IDs are short and encoded using UTF-8.
These observations can be used to extend the life of a hash algorithm after its collision resistance has been partially compromised, but not completely broken. Specifically for the case of User IDs, we relax the requirement for strong collision resistance for self signatures over User IDs if:
- The User ID is at most 96 bytes long,
- It contains valid UTF-8, and
- It doesn't contain a UTF-8 control character (this includes the NUL byte).
For more details, please refer to the documentation for HashAlgoSecurity.
pub fn from_address<O, S>(name: O, comment: O, email: S) -> Result<Self> where
S: AsRef<str>,
O: Into<Option<S>>,
[src]
S: AsRef<str>,
O: Into<Option<S>>,
Constructs a User ID.
This does a basic check and any necessary escaping to form a conventional User ID.
Only the address is required. If a comment is supplied, then a name is also required.
If you already have a User ID value, then you can just
use UserID::from()
.
assert_eq!(UserID::from_address( "John Smith".into(), None, "boat@example.org")?.value(), &b"John Smith <boat@example.org>"[..]);
pub fn from_unchecked_address<O, S>(
name: O,
comment: O,
address: S
) -> Result<Self> where
S: AsRef<str>,
O: Into<Option<S>>,
[src]
name: O,
comment: O,
address: S
) -> Result<Self> where
S: AsRef<str>,
O: Into<Option<S>>,
Constructs a User ID.
This does a basic check and any necessary escaping to form a conventional User ID modulo the address, which is not checked.
This is useful when you want to specify a URI instead of an email address.
If you already have a User ID value, then you can just
use UserID::from()
.
assert_eq!(UserID::from_unchecked_address( "NAS".into(), None, "ssh://host.example.org")?.value(), &b"NAS <ssh://host.example.org>"[..]);
pub fn value(&self) -> &[u8]
[src]
Gets the user ID packet's value.
This returns the raw, uninterpreted value. See
UserID::name
, UserID::email
,
UserID::email_normalized
, UserID::uri
, and
UserID::comment
for how to extract parts of conventional
User IDs.
pub fn name(&self) -> Result<Option<String>>
[src]
Parses the User ID according to de facto conventions, and returns the name component, if any.
See conventional User ID for more information.
pub fn comment(&self) -> Result<Option<String>>
[src]
Parses the User ID according to de facto conventions, and returns the comment field, if any.
See conventional User ID for more information.
pub fn email(&self) -> Result<Option<String>>
[src]
Parses the User ID according to de facto conventions, and returns the email address, if any.
See conventional User ID for more information.
pub fn uri(&self) -> Result<Option<String>>
[src]
Parses the User ID according to de facto conventions, and returns the URI, if any.
See conventional User ID for more information.
pub fn email_normalized(&self) -> Result<Option<String>>
[src]
Returns a normalized version of the UserID's email address.
Normalized email addresses are primarily needed when email addresses are compared.
Note: normalized email addresses are still valid email addresses.
This function normalizes an email address by doing puny-code normalization on the domain, and lowercasing the local part in the so-called empty locale.
Note: this normalization procedure is the same as the normalization procedure recommended by Autocrypt.
impl UserID
[src]
pub fn bind(
&self,
signer: &mut dyn Signer,
cert: &Cert,
signature: SignatureBuilder
) -> Result<Signature>
[src]
&self,
signer: &mut dyn Signer,
cert: &Cert,
signature: SignatureBuilder
) -> Result<Signature>
Creates a binding signature.
The signature binds this userid to cert
. signer
will be used
to create a signature using signature
as builder.
Thehash_algo
defaults to SHA512, creation_time
to the
current time.
This function adds a creation time subpacket, a issuer fingerprint subpacket, and a issuer subpacket to the signature.
Examples
This example demonstrates how to bind this userid to a Cert.
Note that in general, the CertBuilder
is a better way to add
userids to a Cert.
// Generate a Cert, and create a keypair from the primary key. let (cert, _) = CertBuilder::new().generate()?; let mut keypair = cert.primary_key().key().clone() .parts_into_secret()?.into_keypair()?; assert_eq!(cert.userids().len(), 0); // Generate a userid and a binding signature. let userid = UserID::from("test@example.org"); let builder = signature::SignatureBuilder::new(SignatureType::PositiveCertification); let binding = userid.bind(&mut keypair, &cert, builder)?; // Now merge the userid and binding signature into the Cert. let cert = cert.insert_packets(vec![Packet::from(userid), binding.into()])?; // Check that we have a userid. assert_eq!(cert.userids().len(), 1);
pub fn certify<S, H, T>(
&self,
signer: &mut dyn Signer,
cert: &Cert,
signature_type: S,
hash_algo: H,
creation_time: T
) -> Result<Signature> where
S: Into<Option<SignatureType>>,
H: Into<Option<HashAlgorithm>>,
T: Into<Option<SystemTime>>,
[src]
&self,
signer: &mut dyn Signer,
cert: &Cert,
signature_type: S,
hash_algo: H,
creation_time: T
) -> Result<Signature> where
S: Into<Option<SignatureType>>,
H: Into<Option<HashAlgorithm>>,
T: Into<Option<SystemTime>>,
Returns a certificate for the user id.
The signature binds this userid to cert
. signer
will be
used to create a certification signature of type
signature_type
. signature_type
defaults to
SignatureType::GenericCertification
, hash_algo
to SHA512,
creation_time
to the current time.
This function adds a creation time subpacket, a issuer fingerprint subpacket, and a issuer subpacket to the signature.
Errors
Returns Error::InvalidArgument
if signature_type
is not
one of SignatureType::{Generic, Persona, Casual, Positive}Certificate
Examples
This example demonstrates how to certify a userid.
// Generate a Cert, and create a keypair from the primary key. let (alice, _) = CertBuilder::new() .set_primary_key_flags(KeyFlags::empty().set_certification()) .add_userid("alice@example.org") .generate()?; let mut keypair = alice.primary_key().key().clone() .parts_into_secret()?.into_keypair()?; // Generate a Cert for Bob. let (bob, _) = CertBuilder::new() .set_primary_key_flags(KeyFlags::empty().set_certification()) .add_userid("bob@example.org") .generate()?; // Alice now certifies the binding between `bob@example.org` and `bob`. let certificate = bob.userids().nth(0).unwrap() .certify(&mut keypair, &bob, SignatureType::PositiveCertification, None, None)?; // `certificate` can now be used, e.g. by merging it into `bob`. let bob = bob.insert_packets(certificate)?; // Check that we have a certification on the userid. assert_eq!(bob.userids().nth(0).unwrap() .certifications().count(), 1);
Trait Implementations
impl Clone for UserID
[src]
pub fn clone(&self) -> Self
[src]
pub fn clone_from(&mut self, source: &Self)
1.0.0[src]
impl Debug for UserID
[src]
impl Display for UserID
[src]
impl Eq for UserID
[src]
impl<'_> From<&'_ [u8]> for UserID
[src]
impl<'a> From<&'a str> for UserID
[src]
impl<'a> From<Cow<'a, str>> for UserID
[src]
impl From<String> for UserID
[src]
impl From<UserID> for Packet
[src]
impl From<Vec<u8, Global>> for UserID
[src]
impl Hash for UserID
[src]
impl Hash for UserID
[src]
pub fn hash<H: Hasher>(&self, state: &mut H)
[src]
pub fn hash_slice<H>(data: &[Self], state: &mut H) where
H: Hasher,
1.3.0[src]
H: Hasher,
impl IntoIterator for UserID
[src]
Implement IntoIterator
so that
cert::insert_packets(sig)
just works.
type Item = UserID
The type of the elements being iterated over.
type IntoIter = Once<UserID>
Which kind of iterator are we turning this into?
pub fn into_iter(self) -> Self::IntoIter
[src]
impl Marshal for UserID
[src]
pub fn serialize(&self, o: &mut dyn Write) -> Result<()>
[src]
pub fn export(&self, o: &mut dyn Write) -> Result<()>
[src]
impl MarshalInto for UserID
[src]
pub fn serialized_len(&self) -> usize
[src]
pub fn serialize_into(&self, buf: &mut [u8]) -> Result<usize>
[src]
pub fn to_vec(&self) -> Result<Vec<u8>>
[src]
pub fn export_into(&self, buf: &mut [u8]) -> Result<usize>
[src]
pub fn export_to_vec(&self) -> Result<Vec<u8>>
[src]
impl Ord for UserID
[src]
pub fn cmp(&self, other: &Self) -> Ordering
[src]
#[must_use]pub fn max(self, other: Self) -> Self
1.21.0[src]
#[must_use]pub fn min(self, other: Self) -> Self
1.21.0[src]
#[must_use]pub fn clamp(self, min: Self, max: Self) -> Self
1.50.0[src]
impl<'a> Parse<'a, UserID> for UserID
[src]
pub fn from_reader<R: 'a + Read + Send + Sync>(reader: R) -> Result<Self>
[src]
pub fn from_file<P: AsRef<Path>>(path: P) -> Result<T>
[src]
pub fn from_bytes<D: AsRef<[u8]> + ?Sized + Send + Sync>(
data: &'a D
) -> Result<T>
[src]
data: &'a D
) -> Result<T>
impl PartialEq<UserID> for UserID
[src]
pub fn eq(&self, other: &UserID) -> bool
[src]
#[must_use]pub fn ne(&self, other: &Rhs) -> bool
1.0.0[src]
impl PartialOrd<UserID> for UserID
[src]
Auto Trait Implementations
impl RefUnwindSafe for UserID
[src]
impl Send for UserID
[src]
impl Sync for UserID
[src]
impl Unpin for UserID
[src]
impl UnwindSafe for UserID
[src]
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> DynClone for T where
T: Clone,
[src]
T: Clone,
pub fn __clone_box(&self, Private) -> *mut ()
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T> ToOwned for T where
T: Clone,
[src]
T: Clone,
type Owned = T
The resulting type after obtaining ownership.
pub fn to_owned(&self) -> T
[src]
pub fn clone_into(&self, target: &mut T)
[src]
impl<T> ToString for T where
T: Display + ?Sized,
[src]
T: Display + ?Sized,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,