Enum sequoia_openpgp::packet::key::SecretKeyMaterial

pub enum SecretKeyMaterial {
    Unencrypted(Unencrypted),
    Encrypted(Encrypted),
}

Holds secret key material.

This type allows postponing the decryption of the secret key material until it is actually needed.

If the secret key material is not encrypted with a password, then we encrypt it in memory. This helps protect against heartbleed-style attacks where a buffer over-read allows an attacker to read from the process’s address space. This protection is less important for Rust programs, which are memory safe. However, it is essential when Sequoia is used via its FFI.

See crypto::mem::Encrypted for details.

Variants

Unencrypted(Unencrypted)

Unencrypted secret key. Can be used as-is.

Encrypted(Encrypted)

The secret key is encrypted with a password.

Implementations

impl SecretKeyMaterial

pub fn decrypt(
    self,
    pk_algo: PublicKeyAlgorithm,
    password: &Password
) -> Result<Self>

Decrypts the secret key material using password.

The SecretKeyMaterial type does not know what kind of key it contains. So, in order to know how many MPIs to parse, the public key algorithm needs to be provided explicitly.

This returns an error if the secret key material is not encrypted or the password is incorrect.

pub fn decrypt_in_place(
    &mut self,
    pk_algo: PublicKeyAlgorithm,
    password: &Password
) -> Result<()>

Decrypts the secret key material using password.

The SecretKeyMaterial type does not know what kind of key it contains. So, in order to know how many MPIs to parse, the public key algorithm needs to be provided explicitly.

This returns an error if the secret key material is not encrypted or the password is incorrect.

pub fn encrypt(self, password: &Password) -> Result<Self>

Encrypts the secret key material using password.

This returns an error if the secret key material is encrypted.

See Unencrypted::encrypt for details.

pub fn encrypt_in_place(&mut self, password: &Password) -> Result<()>

Encrypts the secret key material using password.

This returns an error if the secret key material is encrypted.

See Unencrypted::encrypt for details.

pub fn is_encrypted(&self) -> bool

Returns whether the secret key material is encrypted.

Trait Implementations

impl Clone for SecretKeyMaterial

fn clone(&self) -> SecretKeyMaterial

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for SecretKeyMaterial

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl From<Encrypted> for SecretKeyMaterial

fn from(key: Encrypted) -> Self

Converts to this type from the input type.

impl From<SecretKeyMaterial> for SecretKeyMaterial

fn from(mpis: SecretKeyMaterial) -> Self

Converts to this type from the input type.

impl From<Unencrypted> for SecretKeyMaterial

fn from(key: Unencrypted) -> Self

Converts to this type from the input type.

impl Hash for SecretKeyMaterial

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)where
    H: Hasher,
    Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq<SecretKeyMaterial> for SecretKeyMaterial

fn eq(&self, other: &SecretKeyMaterial) -> bool

This method tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

This method tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Eq for SecretKeyMaterial

impl StructuralEq for SecretKeyMaterial

impl StructuralPartialEq for SecretKeyMaterial