sequoia_openpgp::cert

Struct UserAttributeRevocationBuilder

Source 
pub struct UserAttributeRevocationBuilder { /* private fields */ }
Expand description

A builder for revocation certificates for User Attributes.

A revocation certificate for a User Attribute has three degrees of freedom: the certificate, the key used to generate the revocation certificate, and the User Attribute being revoked.

Normally, the key used to sign the revocation certificate is the certificate’s primary key, and the User Attribute is a User Attribute that is bound to the certificate. However, this is not required. For instance, if Alice has marked Robert’s certificate (R) as a designated revoker for her certificate (A), then R can revoke A or parts of A. In such a case, the certificate is A, the key used to sign the revocation certificate comes from R, and the User Attribute being revoked is bound to A.

But, the User Attribute doesn’t technically need to be bound to the certificate either. For instance, it is technically possible for R to create a revocation certificate for a User Attribute in the context of A, even if that User Attribute is not bound to A. Semantically, such a revocation certificate is currently meaningless.

§Examples

Revoke a User Attribute that is no longer valid:

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;
use openpgp::types::ReasonForRevocation;
use openpgp::types::RevocationStatus;
use openpgp::types::SignatureType;

let p = &StandardPolicy::new();

// Create and sign a revocation certificate.
let mut signer = cert.primary_key().key().clone()
    .parts_into_secret()?.into_keypair()?;
let ua = cert.user_attributes().nth(0).unwrap();
let sig = UserAttributeRevocationBuilder::new()
    .set_reason_for_revocation(ReasonForRevocation::UIDRetired,
                               b"Lost the beard.")?
    .build(&mut signer, &cert, ua.user_attribute(), None)?;

// Merge it into the certificate.
let cert = cert.insert_packets(sig.clone())?.0;

// Now it's revoked.
let ua = cert.user_attributes().nth(0).unwrap();
if let RevocationStatus::Revoked(revocations) = ua.revocation_status(p, None) {
    assert_eq!(revocations.len(), 1);
    assert_eq!(*revocations[0], sig);
} else {
    panic!("User Attribute is not revoked.");
}

// But the certificate isn't.
assert_eq!(RevocationStatus::NotAsFarAsWeKnow,
           cert.revocation_status(p, None));

Implementations§

Source§

impl UserAttributeRevocationBuilder

Source

pub fn new() -> Self

Returns a new UserAttributeRevocationBuilder.

§Examples
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;

let builder = UserAttributeRevocationBuilder::new();
Source

pub fn set_reason_for_revocation( self, code: ReasonForRevocation, reason: &[u8], ) -> Result<Self>

Sets the reason for revocation.

Note: of the assigned reasons for revocation, only ReasonForRevocation::UIDRetired is appropriate for User Attributes. This parameter is not fixed, however, to allow the use of the private name space.

§Examples

Revoke a User Attribute that is no longer valid:

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::types::ReasonForRevocation;

let builder = UserAttributeRevocationBuilder::new()
    .set_reason_for_revocation(ReasonForRevocation::UIDRetired,
                               b"Lost the beard.");
Source

pub fn set_signature_creation_time( self, creation_time: SystemTime, ) -> Result<Self>

Sets the revocation certificate’s creation time.

The creation time is interpreted as the time at which the User Attribute should be considered revoked.

You’ll usually want to set this explicitly and not use the current time. In particular, if a User Attribute is retired, you’ll want to set this to the time when the User Attribute was actually retired.

§Examples

Create a revocation certificate for a User Attribute that was retired yesterday:

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;

let builder = UserAttributeRevocationBuilder::new()
    .set_signature_creation_time(yesterday);
Source

pub fn add_notation<N, V, F>( self, name: N, value: V, flags: F, critical: bool, ) -> Result<Self>
where N: AsRef<str>, V: AsRef<[u8]>, F: Into<Option<NotationDataFlags>>,

Adds a notation to the revocation certificate.

Unlike the UserAttributeRevocationBuilder::set_notation method, this function does not first remove any existing notation with the specified name.

See SignatureBuilder::add_notation for further documentation.

§Examples
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::signature::subpacket::NotationDataFlags;

let builder = CertRevocationBuilder::new().add_notation(
    "revocation-policy@example.org",
    "https://policy.example.org/cert-revocation-policy",
    NotationDataFlags::empty().set_human_readable(),
    false,
);
Source

pub fn set_notation<N, V, F>( self, name: N, value: V, flags: F, critical: bool, ) -> Result<Self>
where N: AsRef<str>, V: AsRef<[u8]>, F: Into<Option<NotationDataFlags>>,

Sets a notation to the revocation certificate.

Unlike the UserAttributeRevocationBuilder::add_notation method, this function first removes any existing notation with the specified name.

See SignatureBuilder::set_notation for further documentation.

§Examples
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::signature::subpacket::NotationDataFlags;

let builder = CertRevocationBuilder::new().set_notation(
    "revocation-policy@example.org",
    "https://policy.example.org/cert-revocation-policy",
    NotationDataFlags::empty().set_human_readable(),
    false,
);
Source

pub fn build<H>( self, signer: &mut dyn Signer, cert: &Cert, ua: &UserAttribute, hash_algo: H, ) -> Result<Signature>
where H: Into<Option<HashAlgorithm>>,

Returns a signed revocation certificate.

A revocation certificate is generated for cert and ua and signed using signer with the specified hash algorithm. Normally, you should pass None to select the default hash algorithm.

§Examples

Revoke a User Attribute, because the identity is no longer valid:

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::policy::StandardPolicy;
use openpgp::types::ReasonForRevocation;

let p = &StandardPolicy::new();

// Create and sign a revocation certificate.
let mut signer = cert.primary_key().key().clone()
    .parts_into_secret()?.into_keypair()?;
let ua = cert.user_attributes().nth(0).unwrap();
let sig = UserAttributeRevocationBuilder::new()
    .set_reason_for_revocation(ReasonForRevocation::UIDRetired,
                               b"Lost the beard.")?
    .build(&mut signer, &cert, ua.user_attribute(), None)?;

Trait Implementations§

Source§

impl TryFrom<SignatureBuilder> for UserAttributeRevocationBuilder

Source§

type Error = Error

The type returned in the event of a conversion error.
Source§

fn try_from(builder: SignatureBuilder) -> Result<Self>

Performs the conversion.

Auto Trait Implementations§

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
Source§

impl<T> ErasedDestructor for T
where T: 'static,

Source§

impl<T> MaybeSendSync for T