pub struct ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts, R: 'a + KeyRole, R2: Copy,
{ /* private fields */ }
Expand description

A KeyAmalgamation plus a Policy and a reference time.

In the same way that a ValidComponentAmalgamation extends a ComponentAmalgamation, a ValidKeyAmalgamation extends a KeyAmalgamation: a ValidKeyAmalgamation combines a KeyAmalgamation, a Policy, and a reference time. This allows it to implement the ValidAmalgamation trait, which provides methods like ValidAmalgamation::binding_signature that require a Policy and a reference time. Although KeyAmalgamation could implement these methods by requiring that the caller explicitly pass them in, embedding them in the ValidKeyAmalgamation helps ensure that multipart operations, even those that span multiple functions, use the same Policy and reference time.

A ValidKeyAmalgamation can be obtained by transforming a KeyAmalgamation using ValidateAmalgamation::with_policy. A KeyAmalgamationIter can also be changed to yield ValidKeyAmalgamations.

A ValidKeyAmalgamation is guaranteed to come from a valid certificate, and have a valid and live binding signature at the specified reference time. Note: this only means that the binding signatures are live; it says nothing about whether the certificate or the Key is live and non-revoked. If you care about those things, you need to check them separately.

§Examples:

Find all non-revoked, live, signing-capable keys:

use openpgp::policy::StandardPolicy;
use openpgp::types::RevocationStatus;

let p = &StandardPolicy::new();

// `with_policy` ensures that the certificate and any components
// that it returns have valid *binding signatures*.  But, we still
// need to check that the certificate and `Key` are not revoked,
// and live.
//
// Note: `ValidKeyAmalgamation::revocation_status`, etc. use the
// embedded policy and timestamp.  Even though we used `None` for
// the timestamp (i.e., now), they are guaranteed to use the same
// timestamp, because `with_policy` eagerly transforms it into
// the current time.
let cert = cert.with_policy(p, None)?;
if let RevocationStatus::Revoked(_revs) = cert.revocation_status() {
    // Revoked by the certificate holder.  (If we care about
    // designated revokers, then we need to check those
    // ourselves.)
} else if let Err(_err) = cert.alive() {
    // Certificate was created in the future or is expired.
} else {
    // `ValidCert::keys` returns `ValidKeyAmalgamation`s.
    for ka in cert.keys() {
        if let RevocationStatus::Revoked(_revs) = ka.revocation_status() {
            // Revoked by the key owner.  (If we care about
            // designated revokers, then we need to check those
            // ourselves.)
        } else if let Err(_err) = ka.alive() {
            // Key was created in the future or is expired.
        } else if ! ka.for_signing() {
            // We're looking for a signing-capable key, skip this one.
        } else {
            // Use it!
        }
    }
}

Implementations§

source§

impl<'a, P> ValidKeyAmalgamation<'a, P, PrimaryRole, ()>
where P: KeyParts,

source

pub fn parts_into_public(self) -> ValidPrimaryKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_public( &'a self, ) -> &'a ValidPrimaryKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_public_mut( &'a mut self, ) -> &'a mut ValidPrimaryKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_into_secret( self, ) -> Result<ValidPrimaryKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a ValidPrimaryKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_secret_mut( &'a mut self, ) -> Result<&'a mut ValidPrimaryKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_into_unspecified( self, ) -> ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_unspecified_mut( &'a mut self, ) -> &mut ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source§

impl<'a, P> ValidKeyAmalgamation<'a, P, SubordinateRole, ()>
where P: KeyParts,

source

pub fn parts_into_public( self, ) -> ValidSubordinateKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_public( &'a self, ) -> &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_public_mut( &'a mut self, ) -> &'a mut ValidSubordinateKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_into_secret( self, ) -> Result<ValidSubordinateKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a ValidSubordinateKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_secret_mut( &'a mut self, ) -> Result<&'a mut ValidSubordinateKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_into_unspecified( self, ) -> ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_unspecified_mut( &'a mut self, ) -> &mut ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source§

impl<'a, P> ValidKeyAmalgamation<'a, P, UnspecifiedRole, bool>
where P: KeyParts,

source

pub fn parts_into_public(self) -> ValidErasedKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_public( &'a self, ) -> &'a ValidErasedKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_public_mut( &'a mut self, ) -> &'a mut ValidErasedKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_into_secret( self, ) -> Result<ValidErasedKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a ValidErasedKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_secret_mut( &'a mut self, ) -> Result<&'a mut ValidErasedKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_into_unspecified( self, ) -> ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_unspecified_mut( &'a mut self, ) -> &mut ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source§

impl<'a, P, R, R2> ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts, R: 'a + KeyRole, R2: Copy, Self: ValidAmalgamation<'a, Key<P, R>> + PrimaryKey<'a, P, R>,

source

pub fn alive(&self) -> Result<()>

Returns whether the key is alive as of the amalgamation’s reference time.

A ValidKeyAmalgamation is guaranteed to have a live binding signature. This is independent of whether the component is live.

If the certificate is not alive as of the reference time, no subkey can be alive.

This function considers both the binding signature and the direct key signature. Information in the binding signature takes precedence over the direct key signature. See Section 5.2.3.3 of RFC 4880.

For a definition of liveness, see the key_alive method.

§Examples
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let ka = cert.primary_key().with_policy(p, None)?;
if let Err(_err) = ka.alive() {
    // Not alive.
}
source

pub fn into_key_amalgamation(self) -> KeyAmalgamation<'a, P, R, R2>

Returns the wrapped KeyAmalgamation.

§Examples
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let ka = cert.primary_key();

// `with_policy` takes ownership of `ka`.
let vka = ka.with_policy(p, None)?;

// And here we get it back:
let ka = vka.into_key_amalgamation();
source§

impl<'a, P, R, R2> ValidKeyAmalgamation<'a, P, R, R2>
where P: KeyParts, R: KeyRole, R2: Copy, Self: PrimaryKey<'a, P, R>,

source

pub fn primary_key_binding_signature(&self) -> Option<&Signature>

Returns the key’s primary key binding signature, if any.

The primary key binding signature is embedded inside of a subkey binding signature. It is made by the subkey to indicate that it should be associated with the primary key. This prevents an attack in which an attacker creates a certificate, and associates the victim’s subkey with it thereby creating confusion about the certificate that issued a signature.

Not all keys have primary key binding signatures. First, primary keys don’t have them, because they don’t need them. Second, encrypt-capable subkeys don’t have them because they are not (usually) able to issue signatures.

§Examples
let vc = cert.with_policy(P, None)?;

assert!(vc.primary_key().primary_key_binding_signature().is_none());

// A signing key has to have a primary key binding signature.
for ka in vc.keys().for_signing() {
    assert!(ka.primary_key_binding_signature().is_some());
}

// Encryption keys normally can't have a primary key binding
// signature, because they can't issue signatures.
for ka in vc.keys().for_transport_encryption() {
    assert!(ka.primary_key_binding_signature().is_none());
}
source§

impl<'a, P> ValidKeyAmalgamation<'a, P, PrimaryRole, ()>
where P: 'a + KeyParts,

source

pub fn set_expiration_time( &self, primary_signer: &mut dyn Signer, expiration: Option<SystemTime>, ) -> Result<Vec<Signature>>

Creates signatures that cause the key to expire at the specified time.

This function creates new binding signatures that cause the key to expire at the specified time when integrated into the certificate. For the primary key, it is necessary to create a new self-signature for each non-revoked User ID, and to create a direct key signature. This is needed, because the primary User ID is first consulted when determining the primary key’s expiration time, and certificates can be distributed with a possibly empty subset of User IDs.

Setting a key’s expiry time means updating an existing binding signature—when looking up information, only one binding signature is normally considered, and we don’t want to drop the other information stored in the current binding signature. This function uses the binding signature determined by ValidKeyAmalgamation’s policy and reference time for this.

§Examples
use std::time;
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let vc = cert.with_policy(p, None)?;

// Assert that the primary key is not expired.
assert!(vc.primary_key().alive().is_ok());

// Make the primary key expire in a week.
let t = time::SystemTime::now()
    + time::Duration::from_secs(7 * 24 * 60 * 60);

// We assume that the secret key material is available, and not
// password protected.
let mut signer = vc.primary_key()
    .key().clone().parts_into_secret()?.into_keypair()?;

let sigs = vc.primary_key().set_expiration_time(&mut signer, Some(t))?;
let cert = cert.insert_packets(sigs)?;

// The primary key isn't expired yet.
let vc = cert.with_policy(p, None)?;
assert!(vc.primary_key().alive().is_ok());

// But in two weeks, it will be...
let t = time::SystemTime::now()
    + time::Duration::from_secs(2 * 7 * 24 * 60 * 60);
let vc = cert.with_policy(p, t)?;
assert!(vc.primary_key().alive().is_err());
source§

impl<'a, P> ValidKeyAmalgamation<'a, P, SubordinateRole, ()>
where P: 'a + KeyParts,

source

pub fn set_expiration_time( &self, primary_signer: &mut dyn Signer, subkey_signer: Option<&mut dyn Signer>, expiration: Option<SystemTime>, ) -> Result<Vec<Signature>>

Creates signatures that cause the key to expire at the specified time.

This function creates new binding signatures that cause the key to expire at the specified time when integrated into the certificate. For subkeys, a single Signature is returned.

Setting a key’s expiry time means updating an existing binding signature—when looking up information, only one binding signature is normally considered, and we don’t want to drop the other information stored in the current binding signature. This function uses the binding signature determined by ValidKeyAmalgamation’s policy and reference time for this.

When updating the expiration time of signing-capable subkeys, we need to create a new primary key binding signature. Therefore, we need a signer for the subkey. If subkey_signer is None, and this is a signing-capable subkey, this function fails with Error::InvalidArgument. Likewise, this function fails if subkey_signer is not None when updating the expiration of an non signing-capable subkey.

§Examples
use std::time;
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let vc = cert.with_policy(p, None)?;

// Assert that the keys are not expired.
for ka in vc.keys() {
    assert!(ka.alive().is_ok());
}

// Make the keys expire in a week.
let t = time::SystemTime::now()
    + time::Duration::from_secs(7 * 24 * 60 * 60);

// We assume that the secret key material is available, and not
// password protected.
let mut primary_signer = vc.primary_key()
    .key().clone().parts_into_secret()?.into_keypair()?;
let mut signing_subkey_signer = vc.keys().for_signing().nth(0).unwrap()
    .key().clone().parts_into_secret()?.into_keypair()?;

let mut sigs = Vec::new();
for ka in vc.keys() {
    if ! ka.for_signing() {
        // Non-signing-capable subkeys are easy to update.
        sigs.append(&mut ka.set_expiration_time(&mut primary_signer,
                                                None, Some(t))?);
    } else {
        // Signing-capable subkeys need to create a primary
        // key binding signature with the subkey:
        assert!(ka.set_expiration_time(&mut primary_signer,
                                       None, Some(t)).is_err());

        // Here, we need the subkey's signer:
        sigs.append(&mut ka.set_expiration_time(&mut primary_signer,
                                                Some(&mut signing_subkey_signer),
                                                Some(t))?);
    }
}
let cert = cert.insert_packets(sigs)?;

// They aren't expired yet.
let vc = cert.with_policy(p, None)?;
for ka in vc.keys() {
    assert!(ka.alive().is_ok());
}

// But in two weeks, they will be...
let t = time::SystemTime::now()
    + time::Duration::from_secs(2 * 7 * 24 * 60 * 60);
let vc = cert.with_policy(p, t)?;
for ka in vc.keys() {
    assert!(ka.alive().is_err());
}
source§

impl<'a, P> ValidKeyAmalgamation<'a, P, UnspecifiedRole, bool>
where P: 'a + KeyParts,

source

pub fn set_expiration_time( &self, primary_signer: &mut dyn Signer, subkey_signer: Option<&mut dyn Signer>, expiration: Option<SystemTime>, ) -> Result<Vec<Signature>>

Creates signatures that cause the key to expire at the specified time.

This function creates new binding signatures that cause the key to expire at the specified time when integrated into the certificate. For subkeys, only a single Signature is returned. For the primary key, however, it is necessary to create a new self-signature for each non-revoked User ID, and to create a direct key signature. This is needed, because the primary User ID is first consulted when determining the primary key’s expiration time, and certificates can be distributed with a possibly empty subset of User IDs.

Setting a key’s expiry time means updating an existing binding signature—when looking up information, only one binding signature is normally considered, and we don’t want to drop the other information stored in the current binding signature. This function uses the binding signature determined by ValidKeyAmalgamation’s policy and reference time for this.

When updating the expiration time of signing-capable subkeys, we need to create a new primary key binding signature. Therefore, we need a signer for the subkey. If subkey_signer is None, and this is a signing-capable subkey, this function fails with Error::InvalidArgument. Likewise, this function fails if subkey_signer is not None when updating the expiration of the primary key, or an non signing-capable subkey.

§Examples
use std::time;
use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

let vc = cert.with_policy(p, None)?;

// Assert that the keys are not expired.
for ka in vc.keys() {
    assert!(ka.alive().is_ok());
}

// Make the keys expire in a week.
let t = time::SystemTime::now()
    + time::Duration::from_secs(7 * 24 * 60 * 60);

// We assume that the secret key material is available, and not
// password protected.
let mut primary_signer = vc.primary_key()
    .key().clone().parts_into_secret()?.into_keypair()?;
let mut signing_subkey_signer = vc.keys().for_signing().nth(0).unwrap()
    .key().clone().parts_into_secret()?.into_keypair()?;

let mut sigs = Vec::new();
for ka in vc.keys() {
    if ! ka.for_signing() {
        // Non-signing-capable subkeys are easy to update.
        sigs.append(&mut ka.set_expiration_time(&mut primary_signer,
                                                None, Some(t))?);
    } else {
        // Signing-capable subkeys need to create a primary
        // key binding signature with the subkey:
        assert!(ka.set_expiration_time(&mut primary_signer,
                                       None, Some(t)).is_err());

        // Here, we need the subkey's signer:
        sigs.append(&mut ka.set_expiration_time(&mut primary_signer,
                                                Some(&mut signing_subkey_signer),
                                                Some(t))?);
    }
}
let cert = cert.insert_packets(sigs)?;

// They aren't expired yet.
let vc = cert.with_policy(p, None)?;
for ka in vc.keys() {
    assert!(ka.alive().is_ok());
}

// But in two weeks, they will be...
let t = time::SystemTime::now()
    + time::Duration::from_secs(2 * 7 * 24 * 60 * 60);
let vc = cert.with_policy(p, t)?;
for ka in vc.keys() {
    assert!(ka.alive().is_err());
}
source§

impl<'a, P, R, R2> ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts, R: 'a + KeyRole, R2: Copy, Self: ValidAmalgamation<'a, Key<P, R>>,

source

pub fn key_flags(&self) -> Option<KeyFlags>

Returns the key’s Key Flags.

A Key’s Key Flags holds information about the key. As of RFC 4880, this information is primarily concerned with the key’s capabilities (e.g., whether it may be used for signing). The other information that has been defined is: whether the key has been split using something like SSS, and whether the primary key material is held by multiple parties. In practice, the latter two flags are ignored.

As per Section 5.2.3.3 of RFC 4880, when looking for the Key Flags, the key’s binding signature is first consulted (in the case of the primary Key, this is the binding signature of the primary User ID). If the Key Flags subpacket is not present, then the direct key signature is consulted.

Since the key flags are taken from the active self signature, a key’s flags may change depending on the policy and the reference time.

To increase compatibility with early v4 certificates, if there is no key flags subpacket on the considered signatures, we infer the key flags from the key’s role and public key algorithm.

§Examples
let ka = cert.primary_key();
println!("Primary Key's Key Flags: {:?}", ka.key_flags());
source

pub fn has_any_key_flag<F>(&self, flags: F) -> bool
where F: Borrow<KeyFlags>,

Returns whether the key has at least one of the specified key flags.

The key flags are looked up as described in ValidKeyAmalgamation::key_flags.

§Examples

Finds keys that may be used for transport encryption (data in motion) or storage encryption (data at rest):

use openpgp::policy::StandardPolicy;
use openpgp::types::KeyFlags;

let p = &StandardPolicy::new();

for ka in cert.keys().with_policy(p, None) {
    if ka.has_any_key_flag(KeyFlags::empty()
       .set_storage_encryption()
       .set_transport_encryption())
    {
        // `ka` is encryption capable.
    }
}
source

pub fn for_certification(&self) -> bool

Returns whether the key is certification capable.

Note: Section 12.1 of RFC 4880 says that the primary key is certification capable independent of the Key Flags subpacket:

In a V4 key, the primary key MUST be a key capable of certification.

This function only reflects what is stored in the Key Flags packet; it does not implicitly set this flag. In practice, there are keys whose primary key’s Key Flags do not have the certification capable flag set. Some versions of netpgp, for instance, create keys like this. Sequoia’s higher-level functionality correctly handles these keys by always considering the primary key to be certification capable. Users of this interface should too.

The key flags are looked up as described in ValidKeyAmalgamation::key_flags.

§Examples

Finds keys that are certification capable:

use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

for ka in cert.keys().with_policy(p, None) {
    if ka.primary() || ka.for_certification() {
        // `ka` is certification capable.
    }
}
source

pub fn for_signing(&self) -> bool

Returns whether the key is signing capable.

The key flags are looked up as described in ValidKeyAmalgamation::key_flags.

§Examples

Finds keys that are signing capable:

use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

for ka in cert.keys().with_policy(p, None) {
    if ka.for_signing() {
        // `ka` is signing capable.
    }
}
source

pub fn for_authentication(&self) -> bool

Returns whether the key is authentication capable.

The key flags are looked up as described in ValidKeyAmalgamation::key_flags.

§Examples

Finds keys that are authentication capable:

use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

for ka in cert.keys().with_policy(p, None) {
    if ka.for_authentication() {
        // `ka` is authentication capable.
    }
}
source

pub fn for_storage_encryption(&self) -> bool

Returns whether the key is storage-encryption capable.

OpenPGP distinguishes two types of encryption keys: those for storage (data at rest) and those for transport (data in transit). Most OpenPGP implementations, however, don’t distinguish between them in practice. Instead, when they create a new encryption key, they just set both flags. Likewise, when encrypting a message, it is not typically possible to indicate the type of protection that is needed. Sequoia supports creating keys with only one of these flags set, and makes it easy to select the right type of key when encrypting messages.

The key flags are looked up as described in ValidKeyAmalgamation::key_flags.

§Examples

Finds keys that are storage-encryption capable:

use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

for ka in cert.keys().with_policy(p, None) {
    if ka.for_storage_encryption() {
        // `ka` is storage-encryption capable.
    }
}
source

pub fn for_transport_encryption(&self) -> bool

Returns whether the key is transport-encryption capable.

OpenPGP distinguishes two types of encryption keys: those for storage (data at rest) and those for transport (data in transit). Most OpenPGP implementations, however, don’t distinguish between them in practice. Instead, when they create a new encryption key, they just set both flags. Likewise, when encrypting a message, it is not typically possible to indicate the type of protection that is needed. Sequoia supports creating keys with only one of these flags set, and makes it easy to select the right type of key when encrypting messages.

The key flags are looked up as described in ValidKeyAmalgamation::key_flags.

§Examples

Finds keys that are transport-encryption capable:

use openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

for ka in cert.keys().with_policy(p, None) {
    if ka.for_transport_encryption() {
        // `ka` is transport-encryption capable.
    }
}
source

pub fn key_validity_period(&self) -> Option<Duration>

Returns how long the key is live.

This returns how long the key is live relative to its creation time. Use ValidKeyAmalgamation::key_expiration_time to get the key’s absolute expiry time.

This function considers both the binding signature and the direct key signature. Information in the binding signature takes precedence over the direct key signature. See Section 5.2.3.3 of RFC 4880.

§Examples
use std::time;
use std::convert::TryInto;
use openpgp::policy::StandardPolicy;
use openpgp::types::Timestamp;

let p = &StandardPolicy::new();

// OpenPGP Timestamps have a one-second resolution.  Since we
// want to round trip the time, round it down.
let now: Timestamp = time::SystemTime::now().try_into()?;
let now: time::SystemTime = now.try_into()?;

let a_week = time::Duration::from_secs(7 * 24 * 60 * 60);

let (cert, _) =
    CertBuilder::general_purpose(None, Some("alice@example.org"))
    .set_creation_time(now)
    .set_validity_period(a_week)
    .generate()?;

assert_eq!(cert.primary_key().with_policy(p, None)?.key_validity_period(),
           Some(a_week));
source

pub fn key_expiration_time(&self) -> Option<SystemTime>

Returns the key’s expiration time.

If this function returns None, the key does not expire.

This returns the key’s expiration time. Use ValidKeyAmalgamation::key_validity_period to get the duration of the key’s lifetime.

This function considers both the binding signature and the direct key signature. Information in the binding signature takes precedence over the direct key signature. See Section 5.2.3.3 of RFC 4880.

§Examples
use std::time;
use std::convert::TryInto;
use openpgp::policy::StandardPolicy;
use openpgp::types::Timestamp;

let p = &StandardPolicy::new();

// OpenPGP Timestamps have a one-second resolution.  Since we
// want to round trip the time, round it down.
let now: Timestamp = time::SystemTime::now().try_into()?;
let now: time::SystemTime = now.try_into()?;
let a_week = time::Duration::from_secs(7 * 24 * 60 * 60);
let a_week_later = now + a_week;

let (cert, _) =
    CertBuilder::general_purpose(None, Some("alice@example.org"))
    .set_creation_time(now)
    .set_validity_period(a_week)
    .generate()?;

assert_eq!(cert.primary_key().with_policy(p, None)?.key_expiration_time(),
           Some(a_week_later));

Methods from Deref<Target = KeyAmalgamation<'a, P, R, R2>>§

source

pub fn parts_as_public(&'a self) -> &'a PrimaryKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a PrimaryKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &PrimaryKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_public( &'a self, ) -> &'a SubordinateKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a SubordinateKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &SubordinateKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn parts_as_public(&'a self) -> &'a ErasedKeyAmalgamation<'a, PublicParts>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a ErasedKeyAmalgamation<'a, SecretParts>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &ErasedKeyAmalgamation<'a, UnspecifiedParts>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn component_amalgamation(&self) -> &ComponentAmalgamation<'a, Key<P, R>>

Returns the KeyAmalgamation’s ComponentAmalgamation.

source

pub fn key(&self) -> &'a Key<P, R>

Returns the KeyAmalgamation’s key.

Normally, a type implementing KeyAmalgamation eventually derefs to a Key, however, this method provides a more accurate lifetime. See the documentation for ComponentAmalgamation::component for an explanation.

source

pub fn valid_certifications_by_key<T, PK>( &self, policy: &'a dyn Policy, reference_time: T, issuer: PK, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the third-party certifications issued by the specified key, and valid at the specified time.

This function returns the certifications issued by the specified key. Specifically, it returns a certification if:

  • it is well formed,
  • it is live with respect to the reference time,
  • it conforms to the policy, and
  • the signature is cryptographically valid.

This method is implemented on a KeyAmalgamation and not a ValidKeyAmalgamation, because a third-party certification does not require the key to be self signed.

§Examples

Alice has certified that a certificate belongs to Bob on two occasions. Whereas KeyAmalgamation::valid_certifications_by_key returns both certifications, KeyAmalgamation::active_certifications_by_key only returns the most recent certification.

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;

const P: &StandardPolicy = &StandardPolicy::new();

let alice: Cert = // ...
let bob: Cert = // ...

let bob_pk = bob.primary_key();

let valid_certifications = bob_pk.valid_certifications_by_key(
    P, None, alice.primary_key().key());
// Alice certified Bob's certificate twice.
assert_eq!(valid_certifications.count(), 2);

let active_certifications = bob_pk.active_certifications_by_key(
    P, None, alice.primary_key().key());
// But only the most recent one is active.
assert_eq!(active_certifications.count(), 1);
source

pub fn active_certifications_by_key<T, PK>( &self, policy: &'a dyn Policy, reference_time: T, issuer: PK, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns any active third-party certifications issued by the specified key.

This function is like KeyAmalgamation::valid_certifications_by_key, but it only returns active certifications. Active certifications are the most recent valid certifications with respect to the reference time.

Although there is normally only a single active certification, there can be multiple certifications with the same timestamp. In this case, all of them are returned.

Unlike self-signatures, multiple third-party certifications issued by the same key at the same time can be sensible. For instance, Alice may fully trust a CA for user IDs in a particular domain, and partially trust it for everything else. This can only be expressed using multiple certifications.

This method is implemented on a KeyAmalgamation and not a ValidKeyAmalgamation, because a third-party certification does not require the user ID to be self signed.

§Examples

See the examples for KeyAmalgamation::valid_certifications_by_key.

source

pub fn valid_third_party_revocations_by_key<T, PK>( &self, policy: &'a dyn Policy, reference_time: T, issuer: PK, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the third-party revocations issued by the specified key, and valid at the specified time.

This function returns the revocations issued by the specified key. Specifically, it returns a revocation if:

  • it is well formed,
  • it is a hard revocation, or it is live with respect to the reference time,
  • it conforms to the policy, and
  • the signature is cryptographically valid.

This method is implemented on a KeyAmalgamation and not a ValidKeyAmalgamation, because a third-party revocation does not require the key to be self signed.

§Examples

Alice revoked Bob’s certificate.

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;

const P: &StandardPolicy = &StandardPolicy::new();

let alice: Cert = // ...
let bob: Cert = // ...

let ka = bob.primary_key();

let revs = ka.valid_third_party_revocations_by_key(
    P, None, alice.primary_key().key());
// Alice revoked Bob's certificate.
assert_eq!(revs.count(), 1);

Methods from Deref<Target = ComponentAmalgamation<'a, Key<P, R>>>§

source

pub fn parts_as_public( &'a self, ) -> &'a ComponentAmalgamation<'a, Key<PublicParts, R>>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_secret( &'a self, ) -> Result<&'a ComponentAmalgamation<'a, Key<SecretParts, R>>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_unspecified( &'a self, ) -> &ComponentAmalgamation<'a, Key<UnspecifiedParts, R>>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn role_as_primary( &'a self, ) -> &'a ComponentAmalgamation<'a, Key<P, PrimaryRole>>

Changes the key’s role tag to PrimaryRole.

source

pub fn role_as_subordinate( &'a self, ) -> &'a ComponentAmalgamation<'a, Key<P, SubordinateRole>>

Changes the key’s role tag to SubordinateRole.

source

pub fn role_as_unspecified( &'a self, ) -> &'a ComponentAmalgamation<'a, Key<P, UnspecifiedRole>>

Changes the key’s role tag to UnspecifiedRole.

source

pub fn cert(&self) -> &'a Cert

Returns the component’s associated certificate.

for u in cert.userids() {
    // It's not only an identical `Cert`, it's the same one.
    assert!(std::ptr::eq(u.cert(), &cert));
}
source

pub fn bundle(&self) -> &'a ComponentBundle<C>

Returns this amalgamation’s bundle.

Note: although ComponentAmalgamation derefs to a &ComponentBundle, this method provides a more accurate lifetime, which is helpful when returning the reference from a function. See the module’s documentation for more details.

§Examples
use openpgp::cert::prelude::*;
use openpgp::packet::prelude::*;

cert.userids()
    .map(|ua| {
        // The following doesn't work:
        //
        //   let b: &ComponentBundle<_> = &ua; b
        //
        // Because ua's lifetime is this closure and autoderef
        // assigns `b` the same lifetime as `ua`.  `bundle()`,
        // however, returns a reference whose lifetime is that
        // of `cert`.
        ua.bundle()
    })
    .collect::<Vec<&ComponentBundle<_>>>();
source

pub fn component(&self) -> &'a C

Returns this amalgamation’s component.

Note: although ComponentAmalgamation derefs to a &Component (via &ComponentBundle), this method provides a more accurate lifetime, which is helpful when returning the reference from a function. See the module’s documentation for more details.

source

pub fn self_signatures( &self, ) -> impl Iterator<Item = &'a Signature> + Send + Sync

The component’s self-signatures.

source

pub fn certifications( &self, ) -> impl Iterator<Item = &'a Signature> + Send + Sync

The component’s third-party certifications.

source

pub fn certifications_by_key<'b>( &'b self, issuers: &'b [KeyHandle], ) -> impl Iterator<Item = &'a Signature> + Send + Sync + 'b

Returns third-party certifications that appear to issued by any of the specified keys.

A certification is returned if one of the provided key handles matches an Issuer subpacket or Issuer Fingerprint subpacket in the certification.

This function does not check that a certification is valid. It can’t. To check that a certification was actually issued by a specific key, we also need a policy and the public key, which we don’t have. To only get valid certifications, use UserIDAmalgamation::valid_certifications_by_key or UserIDAmalgamation::active_certifications_by_key instead of this function.

source

pub fn self_revocations( &self, ) -> impl Iterator<Item = &'a Signature> + Send + Sync

The component’s revocations that were issued by the certificate holder.

source

pub fn other_revocations( &self, ) -> impl Iterator<Item = &'a Signature> + Send + Sync

The component’s revocations that were issued by other certificates.

source

pub fn signatures(&self) -> impl Iterator<Item = &'a Signature> + Send + Sync

Returns all of the component’s signatures.

source

pub fn userid(&self) -> &'a UserID

Returns a reference to the User ID.

Note: although ComponentAmalgamation<UserID> derefs to a &UserID (via &ComponentBundle), this method provides a more accurate lifetime, which is helpful when returning the reference from a function. See the module’s documentation for more details.

source

pub fn valid_certifications_by_key<T, PK>( &self, policy: &'a dyn Policy, reference_time: T, issuer: PK, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the third-party certifications issued by the specified key, and valid at the specified time.

This function returns the certifications issued by the specified key. Specifically, it returns a certification if:

  • it is well formed,
  • it is live with respect to the reference time,
  • it conforms to the policy, and
  • the signature is cryptographically valid.

This method is implemented on a UserIDAmalgamation and not a ValidUserIDAmalgamation, because a third-party certification does not require the user ID to be self signed.

§Examples

Alice has certified that a certificate belongs to Bob on two occasions. Whereas UserIDAmalgamation::valid_certifications_by_key returns both certifications, UserIDAmalgamation::active_certifications_by_key only returns the most recent certification.

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;

const P: &StandardPolicy = &StandardPolicy::new();

let alice: Cert = // ...
let bob: Cert = // ...

let ua = bob.userids().next().expect("have user id");

let valid_certifications = ua.valid_certifications_by_key(
    P, None, alice.primary_key().key());
// Alice certified Bob's certificate twice.
assert_eq!(valid_certifications.count(), 2);

let active_certifications = ua.active_certifications_by_key(
    P, None, alice.primary_key().key());
// But only the most recent one is active.
assert_eq!(active_certifications.count(), 1);
source

pub fn active_certifications_by_key<T, PK>( &self, policy: &'a dyn Policy, reference_time: T, issuer: PK, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns any active third-party certifications issued by the specified key.

This function is like UserIDAmalgamation::valid_certifications_by_key, but it only returns active certifications. Active certifications are the most recent valid certifications with respect to the reference time.

Although there is normally only a single active certification, there can be multiple certifications with the same timestamp. In this case, all of them are returned.

Unlike self-signatures, multiple third-party certifications issued by the same key at the same time can be sensible. For instance, Alice may fully trust a CA for user IDs in a particular domain, and partially trust it for everything else. This can only be expressed using multiple certifications.

This method is implemented on a UserIDAmalgamation and not a ValidUserIDAmalgamation, because a third-party certification does not require the user ID to be self signed.

§Examples

See the examples for UserIDAmalgamation::valid_certifications_by_key.

source

pub fn valid_third_party_revocations_by_key<T, PK>( &self, policy: &'a dyn Policy, reference_time: T, issuer: PK, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the third-party revocations issued by the specified key, and valid at the specified time.

This function returns the revocations issued by the specified key. Specifically, it returns a revocation if:

  • it is well formed,
  • it is live with respect to the reference time,
  • it conforms to the policy, and
  • the signature is cryptographically valid.

This method is implemented on a UserIDAmalgamation and not a ValidUserIDAmalgamation, because a third-party revocation does not require the user ID to be self signed.

§Examples

Alice revokes a user ID on Bob’s certificate.

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;

const P: &StandardPolicy = &StandardPolicy::new();

let alice: Cert = // ...
let bob: Cert = // ...

let ua = bob.userids().next().expect("have user id");

let revs = ua.valid_third_party_revocations_by_key(
    P, None, alice.primary_key().key());
// Alice revoked the User ID.
assert_eq!(revs.count(), 1);
source

pub fn attest_certifications2<T, C, S>( &self, policy: &dyn Policy, time: T, primary_signer: &mut dyn Signer, certifications: C, ) -> Result<Vec<Signature>>
where T: Into<Option<SystemTime>>, C: IntoIterator<Item = S>, S: Borrow<Signature>,

Attests to third-party certifications.

This feature is experimental.

Allows the certificate owner to attest to third party certifications. See draft-dkg-openpgp-1pa3pc for details. This can be used to address certificate flooding concerns.

A policy is needed, because the expiration is updated by updating the current binding signatures.

§Examples
let (alice, _) = CertBuilder::new()
    .add_userid("alice@example.org")
    .generate()?;
let mut alice_signer =
    alice.primary_key().key().clone().parts_into_secret()?
    .into_keypair()?;

let (bob, _) = CertBuilder::new()
    .add_userid("bob@example.org")
    .generate()?;
let mut bob_signer =
    bob.primary_key().key().clone().parts_into_secret()?
    .into_keypair()?;
let bob_pristine = bob.clone();

// Have Alice certify the binding between "bob@example.org" and
// Bob's key.
let alice_certifies_bob
    = bob.userids().next().unwrap().userid().bind(
        &mut alice_signer, &bob,
        SignatureBuilder::new(SignatureType::GenericCertification))?;
let bob = bob.insert_packets(vec![alice_certifies_bob.clone()])?;

// Have Bob attest that certification.
let bobs_uid = bob.userids().next().unwrap();
let attestations =
    bobs_uid.attest_certifications2(
        policy,
        None,
        &mut bob_signer,
        bobs_uid.certifications())?;
let bob = bob.insert_packets(attestations)?;

assert_eq!(bob.bad_signatures().count(), 0);
assert_eq!(bob.userids().next().unwrap().certifications().next(),
           Some(&alice_certifies_bob));
source

pub fn attest_certifications<C, S>( &self, policy: &dyn Policy, primary_signer: &mut dyn Signer, certifications: C, ) -> Result<Vec<Signature>>
where C: IntoIterator<Item = S>, S: Borrow<Signature>,

👎Deprecated: Use attest_certifications2 instead.

Attests to third-party certifications.

This feature is experimental.

This function is deprecated in favor of UserIDAmalgamation::attest_certifications2, which includes a reference time parameter.

source

pub fn user_attribute(&self) -> &'a UserAttribute

Returns a reference to the User Attribute.

Note: although ComponentAmalgamation<UserAttribute> derefs to a &UserAttribute (via &ComponentBundle), this method provides a more accurate lifetime, which is helpful when returning the reference from a function. See the module’s documentation for more details.

source

pub fn attest_certifications2<T, C, S>( &self, policy: &dyn Policy, time: T, primary_signer: &mut dyn Signer, certifications: C, ) -> Result<Vec<Signature>>
where T: Into<Option<SystemTime>>, C: IntoIterator<Item = S>, S: Borrow<Signature>,

Attests to third-party certifications.

This feature is experimental.

Allows the certificate owner to attest to third party certifications. See Section 5.2.3.30 of RFC 4880bis for details. This can be used to address certificate flooding concerns.

A policy is needed, because the expiration is updated by updating the current binding signatures.

§Examples

See UserIDAmalgamation::attest_certifications#examples.

source

pub fn attest_certifications<C, S>( &self, policy: &dyn Policy, primary_signer: &mut dyn Signer, certifications: C, ) -> Result<Vec<Signature>>
where C: IntoIterator<Item = S>, S: Borrow<Signature>,

👎Deprecated: Use attest_certifications2 instead.

Attests to third-party certifications.

This feature is experimental.

This function is deprecated in favor of UserAttributeAmalgamation::attest_certifications2, which includes a reference time parameter.

Methods from Deref<Target = ComponentBundle<C>>§

source

pub fn parts_as_public(&self) -> &KeyBundle<PublicParts, R>

Changes the key’s parts tag to PublicParts.

source

pub fn parts_as_secret(&self) -> Result<&KeyBundle<SecretParts, R>>

Changes the key’s parts tag to SecretParts.

source

pub fn parts_as_unspecified(&self) -> &KeyBundle<UnspecifiedParts, R>

Changes the key’s parts tag to UnspecifiedParts.

source

pub fn role_as_primary(&self) -> &KeyBundle<P, PrimaryRole>

Changes the key’s role tag to PrimaryRole.

source

pub fn role_as_subordinate(&self) -> &KeyBundle<P, SubordinateRole>

Changes the key’s role tag to SubordinateRole.

source

pub fn role_as_unspecified(&self) -> &KeyBundle<P, UnspecifiedRole>

Changes the key’s role tag to UnspecifiedRole.

source

pub fn component(&self) -> &C

Returns a reference to the bundle’s component.

§Examples
// Display some information about any unknown components.
for u in cert.unknowns() {
    eprintln!(" - {:?}", u.component());
}
source

pub fn binding_signature<T>( &self, policy: &dyn Policy, t: T, ) -> Result<&Signature>
where T: Into<Option<SystemTime>>,

Returns the active binding signature at time t.

The active binding signature is the most recent, non-revoked self-signature that is valid according to the policy and alive at time t (creation time <= t, t < expiry). If there are multiple such signatures then the signatures are ordered by their MPIs interpreted as byte strings.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

// Display information about each User ID's current active
// binding signature (the `time` parameter is `None`), if any.
for ua in cert.userids() {
    eprintln!("{:?}", ua.binding_signature(p, None));
}
source

pub fn self_signatures2(&self) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the component’s self-signatures.

The signatures are validated, and they are sorted by their creation time, most recent first.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

for (i, ka) in cert.keys().enumerate() {
    eprintln!("Key #{} ({}) has {:?} self signatures",
              i, ka.fingerprint(),
              ka.bundle().self_signatures2().count());
}
source

pub fn self_signatures(&self) -> &[Signature]

👎Deprecated: Use self_signatures2 instead.

Returns the component’s self-signatures.

source

pub fn certifications2(&self) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the component’s third-party certifications.

The signatures are not validated. They are sorted by their creation time, most recent first.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

for ua in cert.userids() {
    eprintln!("User ID {} has {:?} unverified, third-party certifications",
              String::from_utf8_lossy(ua.userid().value()),
              ua.bundle().certifications2().count());
}
source

pub fn certifications(&self) -> &[Signature]

👎Deprecated: Use certifications2 instead.

Returns the component’s third-party certifications.

source

pub fn self_revocations2( &self, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the component’s revocations that were issued by the certificate holder.

The revocations are validated, and they are sorted by their creation time, most recent first.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

for u in cert.userids() {
    eprintln!("User ID {} has {:?} revocation certificates.",
              String::from_utf8_lossy(u.userid().value()),
              u.bundle().self_revocations2().count());
}
source

pub fn self_revocations(&self) -> &[Signature]

👎Deprecated: Use self_revocations2 instead.

Returns the component’s revocations that were issued by the certificate holder.

source

pub fn other_revocations2( &self, ) -> impl Iterator<Item = &Signature> + Send + Sync

Returns the component’s revocations that were issued by other certificates.

The revocations are not validated. They are sorted by their creation time, most recent first.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

for u in cert.userids() {
    eprintln!("User ID {} has {:?} unverified, third-party revocation certificates.",
              String::from_utf8_lossy(u.userid().value()),
              u.bundle().other_revocations2().count());
}
source

pub fn other_revocations(&self) -> &[Signature]

👎Deprecated: Use other_revocations2 instead.

Returns the component’s revocations that were issued by other certificates.

source

pub fn attestations(&self) -> impl Iterator<Item = &Signature> + Send + Sync

Returns all of the component’s Attestation Key Signatures.

This feature is experimental.

The signatures are validated, and they are sorted by their creation time, most recent first.

A certificate owner can use Attestation Key Signatures to attest to third party certifications. Currently, only userid and user attribute certifications can be attested. See Section 5.2.3.30 of RFC 4880bis for details.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

for (i, uid) in cert.userids().enumerate() {
    eprintln!("UserID #{} ({:?}) has {:?} attestation key signatures",
              i, uid.email(),
              uid.attestations().count());
}
source

pub fn signatures(&self) -> impl Iterator<Item = &Signature> + Send + Sync

Returns all of the component’s signatures.

Only the self-signatures are validated. The signatures are sorted first by type, then by creation time. The self revocations come first, then the self signatures, then any key attestation signatures, certifications, and third-party revocations coming last. This function may return additional types of signatures that could be associated to this component.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

for (i, ka) in cert.keys().enumerate() {
    eprintln!("Key #{} ({}) has {:?} signatures",
              i, ka.fingerprint(),
              ka.signatures().count());
}
source

pub fn key(&self) -> &Key<P, R>

Returns a reference to the key.

This is just a type-specific alias for ComponentBundle::component.

§Examples
// Display some information about the keys.
for ka in cert.keys() {
    eprintln!(" - {:?}", ka.key());
}
source

pub fn revocation_status<T>( &self, policy: &dyn Policy, t: T, ) -> RevocationStatus<'_>
where T: Into<Option<SystemTime>>,

Returns the subkey’s revocation status at time t.

A subkey is revoked at time t if:

  • There is a live revocation at time t that is newer than all live self signatures at time t, or

  • There is a hard revocation (even if it is not live at time t, and even if there is a newer self-signature).

Note: Certs and subkeys have different criteria from User IDs and User Attributes.

Note: this only returns whether this subkey is revoked; it does not imply anything about the Cert or other components.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

// Display the subkeys' revocation status.
for ka in cert.keys().subkeys() {
    eprintln!(" Revocation status of {}: {:?}",
              ka.fingerprint(), ka.revocation_status(p, None));
}
source

pub fn userid(&self) -> &UserID

Returns a reference to the User ID.

This is just a type-specific alias for ComponentBundle::component.

§Examples
// Display some information about the User IDs.
for ua in cert.userids() {
    eprintln!(" - {:?}", ua.userid());
}
source

pub fn revocation_status<T>( &self, policy: &dyn Policy, t: T, ) -> RevocationStatus<'_>
where T: Into<Option<SystemTime>>,

Returns the User ID’s revocation status at time t.

A User ID is revoked at time t if:

  • There is a live revocation at time t that is newer than all live self signatures at time t.

Note: Certs and subkeys have different criteria from User IDs and User Attributes.

Note: this only returns whether this User ID is revoked; it does not imply anything about the Cert or other components.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

// Display the User IDs' revocation status.
for ua in cert.userids() {
    eprintln!(" Revocation status of {}: {:?}",
              String::from_utf8_lossy(ua.userid().value()),
              ua.revocation_status(p, None));
}
source

pub fn user_attribute(&self) -> &UserAttribute

Returns a reference to the User Attribute.

This is just a type-specific alias for ComponentBundle::component.

§Examples
// Display some information about the User Attributes
for ua in cert.user_attributes() {
    eprintln!(" - {:?}", ua.user_attribute());
}
source

pub fn revocation_status<T>( &self, policy: &dyn Policy, t: T, ) -> RevocationStatus<'_>
where T: Into<Option<SystemTime>>,

Returns the User Attribute’s revocation status at time t.

A User Attribute is revoked at time t if:

  • There is a live revocation at time t that is newer than all live self signatures at time t.

Note: Certs and subkeys have different criteria from User IDs and User Attributes.

Note: this only returns whether this User Attribute is revoked; it does not imply anything about the Cert or other components.

§Examples
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

// Display the User Attributes' revocation status.
for (i, ua) in cert.user_attributes().enumerate() {
    eprintln!(" Revocation status of User Attribute #{}: {:?}",
              i, ua.revocation_status(p, None));
}
source

pub fn unknown(&self) -> &Unknown

Returns a reference to the unknown component.

This is just a type-specific alias for ComponentBundle::component.

§Examples
// Display some information about the User Attributes
for u in cert.unknowns() {
    eprintln!(" - {:?}", u.unknown());
}

Trait Implementations§

source§

impl<'a, P, R, R2> Clone for ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts + Clone, R: 'a + KeyRole + Clone, R2: Copy + Clone,

source§

fn clone(&self) -> ValidKeyAmalgamation<'a, P, R, R2>

Returns a copy of the value. Read more
1.0.0 · source§

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source. Read more
source§

impl<'a, P, R, R2> Debug for ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts + Debug, R: 'a + KeyRole + Debug, R2: Copy + Debug,

source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
source§

impl<'a, P: 'a + KeyParts> From<&ValidKeyAmalgamation<'a, P, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, P>

source§

fn from(vka: &ValidPrimaryKeyAmalgamation<'a, P>) -> Self

Converts to this type from the input type.
source§

impl<'a, P: 'a + KeyParts> From<&ValidKeyAmalgamation<'a, P, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, P>

source§

fn from(vka: &ValidSubordinateKeyAmalgamation<'a, P>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for &'a ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: &ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: &ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, PublicParts, UnspecifiedRole, bool>> for &'a ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a ValidErasedKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for &'a ValidPrimaryKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for &'a ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: &ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: &ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: &ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: &ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, UnspecifiedRole, bool>> for &'a ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a ValidErasedKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, SecretParts, UnspecifiedRole, bool>> for &'a ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a ValidErasedKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for &'a ValidPrimaryKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: &ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: &ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, UnspecifiedRole, bool>> for &'a ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a ValidErasedKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for &'a mut ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a mut ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for &'a mut ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a mut ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, PublicParts, UnspecifiedRole, bool>> for &'a mut ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a mut ValidErasedKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for &'a mut ValidPrimaryKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a mut ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for &'a mut ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a mut ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for &'a mut ValidSubordinateKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a mut ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for &'a mut ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a mut ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, SecretParts, UnspecifiedRole, bool>> for &'a mut ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a mut ValidErasedKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, SecretParts, UnspecifiedRole, bool>> for &'a mut ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: &'a mut ValidErasedKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for &'a mut ValidPrimaryKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a mut ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for &'a mut ValidSubordinateKeyAmalgamation<'a, PublicParts>

source§

fn from( p: &'a mut ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>, ) -> Self

Converts to this type from the input type.
source§

impl<'a> From<&'a mut ValidKeyAmalgamation<'a, UnspecifiedParts, UnspecifiedRole, bool>> for &'a mut ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(p: &'a mut ValidErasedKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a, P> From<ValidKeyAmalgamation<'a, P, PrimaryRole, ()>> for SubkeyBuilder<'a>
where P: KeyParts + Clone,

source§

fn from(ka: ValidPrimaryKeyAmalgamation<'a, P>) -> Self

Converts to this type from the input type.
source§

impl<'a, P: 'a + KeyParts> From<ValidKeyAmalgamation<'a, P, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, P>

source§

fn from(vka: ValidPrimaryKeyAmalgamation<'a, P>) -> Self

Converts to this type from the input type.
source§

impl<'a, P, R, R2> From<ValidKeyAmalgamation<'a, P, R, R2>> for KeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts, R: 'a + KeyRole, R2: Copy,

source§

fn from(vka: ValidKeyAmalgamation<'a, P, R, R2>) -> Self

Converts to this type from the input type.
source§

impl<'a, P, R, R2> From<ValidKeyAmalgamation<'a, P, R, R2>> for Recipient<'a>
where P: KeyParts, R: KeyRole, R2: Copy,

source§

fn from(ka: ValidKeyAmalgamation<'a, P, R, R2>) -> Self

Converts to this type from the input type.
source§

impl<'a, P> From<ValidKeyAmalgamation<'a, P, SubordinateRole, ()>> for SubkeyBuilder<'a>
where P: KeyParts + Clone,

source§

fn from(ka: ValidSubordinateKeyAmalgamation<'a, P>) -> Self

Converts to this type from the input type.
source§

impl<'a, P: 'a + KeyParts> From<ValidKeyAmalgamation<'a, P, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, P>

source§

fn from(vka: ValidSubordinateKeyAmalgamation<'a, P>) -> Self

Converts to this type from the input type.
source§

impl<'a, P> From<ValidKeyAmalgamation<'a, P, UnspecifiedRole, bool>> for SubkeyBuilder<'a>
where P: KeyParts + Clone,

source§

fn from(ka: ValidErasedKeyAmalgamation<'a, P>) -> SubkeyBuilder<'a>

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, PublicParts, UnspecifiedRole, bool>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: ValidErasedKeyAmalgamation<'a, PublicParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for ValidPrimaryKeyAmalgamation<'a, PublicParts>

source§

fn from(p: ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: ValidPrimaryKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, PublicParts>

source§

fn from(p: ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(vka: ValidSubordinateKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, UnspecifiedRole, bool>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(p: ValidErasedKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, SecretParts, UnspecifiedRole, bool>> for ValidErasedKeyAmalgamation<'a, UnspecifiedParts>

source§

fn from(p: ValidErasedKeyAmalgamation<'a, SecretParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for ValidPrimaryKeyAmalgamation<'a, PublicParts>

source§

fn from(p: ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, PublicParts>

source§

fn from(p: ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(vka: ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> From<ValidKeyAmalgamation<'a, UnspecifiedParts, UnspecifiedRole, bool>> for ValidErasedKeyAmalgamation<'a, PublicParts>

source§

fn from(p: ValidErasedKeyAmalgamation<'a, UnspecifiedParts>) -> Self

Converts to this type from the input type.
source§

impl<'a> TryFrom<&'a ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for &'a ValidPrimaryKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(p: &'a ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a ValidSubordinateKeyAmalgamation<'a, PublicParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a ValidKeyAmalgamation<'a, PublicParts, UnspecifiedRole, bool>> for &'a ValidErasedKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(p: &'a ValidErasedKeyAmalgamation<'a, PublicParts>) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for &'a ValidPrimaryKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for &'a ValidSubordinateKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a ValidKeyAmalgamation<'a, UnspecifiedParts, UnspecifiedRole, bool>> for &'a ValidErasedKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a ValidErasedKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a mut ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for &'a mut ValidPrimaryKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a mut ValidPrimaryKeyAmalgamation<'a, PublicParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a mut ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for &'a mut ValidSubordinateKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a mut ValidSubordinateKeyAmalgamation<'a, PublicParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a mut ValidKeyAmalgamation<'a, PublicParts, UnspecifiedRole, bool>> for &'a mut ValidErasedKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a mut ValidErasedKeyAmalgamation<'a, PublicParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a mut ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for &'a mut ValidPrimaryKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a mut ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a mut ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for &'a mut ValidSubordinateKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a mut ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<&'a mut ValidKeyAmalgamation<'a, UnspecifiedParts, UnspecifiedRole, bool>> for &'a mut ValidErasedKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: &'a mut ValidErasedKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a, P, P2> TryFrom<ValidKeyAmalgamation<'a, P, UnspecifiedRole, bool>> for ValidPrimaryKeyAmalgamation<'a, P2>
where P: 'a + KeyParts, P2: 'a + KeyParts,

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(vka: ValidErasedKeyAmalgamation<'a, P>) -> Result<Self>

Performs the conversion.
source§

impl<'a, P, P2> TryFrom<ValidKeyAmalgamation<'a, P, UnspecifiedRole, bool>> for ValidSubordinateKeyAmalgamation<'a, P2>
where P: 'a + KeyParts, P2: 'a + KeyParts,

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(vka: ValidErasedKeyAmalgamation<'a, P>) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<ValidKeyAmalgamation<'a, PublicParts, PrimaryRole, ()>> for ValidPrimaryKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(p: ValidPrimaryKeyAmalgamation<'a, PublicParts>) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<ValidKeyAmalgamation<'a, PublicParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(p: ValidSubordinateKeyAmalgamation<'a, PublicParts>) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<ValidKeyAmalgamation<'a, PublicParts, UnspecifiedRole, bool>> for ValidErasedKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(p: ValidErasedKeyAmalgamation<'a, PublicParts>) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<ValidKeyAmalgamation<'a, UnspecifiedParts, PrimaryRole, ()>> for ValidPrimaryKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: ValidPrimaryKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<ValidKeyAmalgamation<'a, UnspecifiedParts, SubordinateRole, ()>> for ValidSubordinateKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from( p: ValidSubordinateKeyAmalgamation<'a, UnspecifiedParts>, ) -> Result<Self>

Performs the conversion.
source§

impl<'a> TryFrom<ValidKeyAmalgamation<'a, UnspecifiedParts, UnspecifiedRole, bool>> for ValidErasedKeyAmalgamation<'a, SecretParts>

§

type Error = Error

The type returned in the event of a conversion error.
source§

fn try_from(p: ValidErasedKeyAmalgamation<'a, UnspecifiedParts>) -> Result<Self>

Performs the conversion.
source§

impl<'a, P, R, R2> ValidAmalgamation<'a, Key<P, R>> for ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts, R: 'a + KeyRole, R2: Copy, Self: PrimaryKey<'a, P, R>,

source§

fn cert(&self) -> &ValidCert<'a>

Returns the valid amalgamation’s associated certificate. Read more
source§

fn time(&self) -> SystemTime

Returns the amalgamation’s reference time. Read more
source§

fn policy(&self) -> &'a dyn Policy

Returns the amalgamation’s policy. Read more
source§

fn binding_signature(&self) -> &'a Signature

Returns the component’s binding signature as of the reference time. Read more
source§

fn revocation_status(&self) -> RevocationStatus<'a>

Returns the component’s revocation status as of the amalgamation’s reference time. Read more
source§

fn revocation_keys(&self) -> Box<dyn Iterator<Item = &'a RevocationKey> + 'a>

Returns a list of any designated revokers for this component. Read more
source§

fn map<F: Fn(&'a Signature) -> Option<T>, T>(&self, f: F) -> Option<T>

Maps the given function over binding and direct key signature. Read more
source§

fn direct_key_signature(&self) -> Result<&'a Signature>

Returns the certificate’s direct key signature as of the reference time, if any. Read more
source§

impl<'a, P, R, R2> Deref for ValidKeyAmalgamation<'a, P, R, R2>
where P: 'a + KeyParts, R: 'a + KeyRole, R2: Copy,

§

type Target = KeyAmalgamation<'a, P, R, R2>

The resulting type after dereferencing.
source§

fn deref(&self) -> &Self::Target

Dereferences the value.

Auto Trait Implementations§

§

impl<'a, P, R, R2> Freeze for ValidKeyAmalgamation<'a, P, R, R2>
where R2: Freeze,

§

impl<'a, P, R, R2> !RefUnwindSafe for ValidKeyAmalgamation<'a, P, R, R2>

§

impl<'a, P, R, R2> Send for ValidKeyAmalgamation<'a, P, R, R2>
where R2: Send, P: Sync, R: Sync,

§

impl<'a, P, R, R2> Sync for ValidKeyAmalgamation<'a, P, R, R2>
where R2: Sync, P: Sync, R: Sync,

§

impl<'a, P, R, R2> Unpin for ValidKeyAmalgamation<'a, P, R, R2>
where R2: Unpin,

§

impl<'a, P, R, R2> !UnwindSafe for ValidKeyAmalgamation<'a, P, R, R2>

Blanket Implementations§

source§

impl<T> Any for T
where T: 'static + ?Sized,

source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
source§

impl<T> Borrow<T> for T
where T: ?Sized,

source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
source§

impl<T> CloneToUninit for T
where T: Clone,

source§

default unsafe fn clone_to_uninit(&self, dst: *mut T)

🔬This is a nightly-only experimental API. (clone_to_uninit)
Performs copy-assignment from self to dst. Read more
source§

impl<T> DynClone for T
where T: Clone,

source§

fn __clone_box(&self, _: Private) -> *mut ()

source§

impl<T> From<T> for T

source§

fn from(t: T) -> T

Returns the argument unchanged.

source§

impl<T, U> Into<U> for T
where U: From<T>,

source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

source§

impl<T> Same for T

§

type Output = T

Should always be Self
source§

impl<T> ToOwned for T
where T: Clone,

§

type Owned = T

The resulting type after obtaining ownership.
source§

fn to_owned(&self) -> T

Creates owned data from borrowed data, usually by cloning. Read more
source§

fn clone_into(&self, target: &mut T)

Uses borrowed data to replace owned data, usually by cloning. Read more
source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

§

type Error = Infallible

The type returned in the event of a conversion error.
source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
source§

impl<T> ErasedDestructor for T
where T: 'static,

source§

impl<T> MaybeSendSync for T