#[non_exhaustive]pub enum KeyID {
Long([u8; 8]),
Invalid(Box<[u8]>),
}
Expand description
A short identifier for certificates and keys.
A KeyID
identifies a public key. It was used in RFC 4880: for
example to reference the issuing key of a signature in its
Issuer
subpacket. You should prefer Fingerprint
over
KeyID
in data structures, interfaces, and wire formats, unless
space is of the utmost concern.
Currently, Sequoia supports version 6 fingerprints and Key IDs, and version 4 fingerprints and Key IDs. Version 3 fingerprints and Key IDs were deprecated by RFC 4880 in 2007.
Version 6 and version 4 KeyID
s are a truncated version of
the key’s fingerprint, which in turn is hash of the public key
packet. As a general rule of thumb, you should prefer the
fingerprint as it is possible to create keys with a colliding
KeyID using a birthday attack.
For more details about how a KeyID
is generated, see Section
5.5.4 of RFC 9580.
In previous versions of OpenPGP, the Key ID used to be called “long Key ID”, as there even was a “short Key ID”. At only 4 bytes length, short Key IDs vulnerable to preimage attacks. That is, an attacker can create a key with any given short Key ID in short amount of time.
See also Fingerprint
and KeyHandle
.
§Examples
use openpgp::KeyID;
let id: KeyID = "0123 4567 89AB CDEF".parse()?;
assert_eq!("0123456789ABCDEF", id.to_hex());
Variants (Non-exhaustive)§
This enum is marked as non-exhaustive
Long([u8; 8])
A long (8 bytes) key ID.
For v4, this is the right-most 8 bytes of the v4 fingerprint. For v6, this is the left-most 8 bytes of the v6 fingerprint.
Invalid(Box<[u8]>)
Used for holding invalid keyids encountered during parsing e.g. wrong number of bytes.
Implementations§
Source§impl KeyID
impl KeyID
Sourcepub fn new(data: u64) -> KeyID
pub fn new(data: u64) -> KeyID
Converts a u64
to a KeyID
.
§Examples
use openpgp::KeyID;
let keyid = KeyID::new(0x0123456789ABCDEF);
Sourcepub fn as_u64(&self) -> Result<u64>
pub fn as_u64(&self) -> Result<u64>
Converts the KeyID
to a u64
if possible.
§Examples
use openpgp::KeyID;
let keyid = KeyID::new(0x0123456789ABCDEF);
assert_eq!(keyid.as_u64()?, 0x0123456789ABCDEF);
Sourcepub fn from_bytes(raw: &[u8]) -> KeyID
pub fn from_bytes(raw: &[u8]) -> KeyID
Creates a KeyID
from a big endian byte slice.
§Examples
use openpgp::KeyID;
let keyid: KeyID = "0123 4567 89AB CDEF".parse()?;
let bytes = [0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF];
assert_eq!(KeyID::from_bytes(&bytes), keyid);
Sourcepub fn as_bytes(&self) -> &[u8] ⓘ
pub fn as_bytes(&self) -> &[u8] ⓘ
Returns a reference to the raw KeyID
as a byte slice in big
endian representation.
§Examples
use openpgp::KeyID;
let keyid: KeyID = "0123 4567 89AB CDEF".parse()?;
assert_eq!(keyid.as_bytes(), [0x01, 0x23, 0x45, 0x67, 0x89, 0xAB, 0xCD, 0xEF]);
Sourcepub fn wildcard() -> Self
pub fn wildcard() -> Self
Creates a wildcard KeyID
.
Refer to Section 5.1 of RFC 9580 for details.
§Examples
use openpgp::KeyID;
assert_eq!(KeyID::wildcard(), KeyID::new(0x0000000000000000));
Sourcepub fn is_wildcard(&self) -> bool
pub fn is_wildcard(&self) -> bool
Returns true
if this is the wildcard KeyID
.
Refer to Section 5.1 of RFC 9580 for details.
§Examples
use openpgp::KeyID;
assert!(KeyID::new(0x0000000000000000).is_wildcard());
Sourcepub fn to_hex(&self) -> String
pub fn to_hex(&self) -> String
Converts this KeyID
to its canonical hexadecimal
representation.
This representation is always uppercase and without spaces and is suitable for stable key identifiers.
The output of this function is exactly the same as formatting
this object with the :X
format specifier.
use openpgp::KeyID;
let keyid: KeyID = "fb3751f1587daef1".parse()?;
assert_eq!("FB3751F1587DAEF1", keyid.to_hex());
assert_eq!(format!("{:X}", keyid), keyid.to_hex());
Sourcepub fn to_spaced_hex(&self) -> String
pub fn to_spaced_hex(&self) -> String
Converts this KeyID
to its hexadecimal representation with
spaces.
This representation is always uppercase and with spaces grouping the hexadecimal digits into groups of four. It is suitable for manual comparison of Key IDs.
Note: The spaces will hinder other kind of use cases. For example, it is harder to select the whole Key ID for copying, and it has to be quoted when used as a command line argument. Only use this form for displaying a Key ID with the intent of manual comparisons.
let keyid: openpgp::KeyID = "fb3751f1587daef1".parse()?;
assert_eq!("FB37 51F1 587D AEF1", keyid.to_spaced_hex());
Sourcepub fn from_hex(s: &str) -> Result<Self, Error>
pub fn from_hex(s: &str) -> Result<Self, Error>
Parses the hexadecimal representation of an OpenPGP KeyID
.
This function is the reverse of to_hex
. It also accepts
other variants of the keyID
notation including lower-case
letters, spaces and optional leading 0x
.
use openpgp::KeyID;
let keyid = KeyID::from_hex("0xfb3751f1587daef1")?;
assert_eq!("FB3751F1587DAEF1", keyid.to_hex());
Sourcepub fn aliases<H>(&self, other: H) -> bool
pub fn aliases<H>(&self, other: H) -> bool
Returns whether self
and other
could be aliases of each
other.
KeyHandle
’s PartialEq
implementation cannot assert that a
Fingerprint
and a KeyID
are equal, because distinct
fingerprints may have the same KeyID
, and PartialEq
must
be transitive, i.e.,
a == b and b == c implies a == c.
That is, if fpr1
and fpr2
are distinct fingerprints with the
same key ID then:
fpr1 == keyid and fpr2 == keyid, but fpr1 != fpr2.
This definition of equality makes searching for a given
KeyHandle
using PartialEq
awkward. This function fills
that gap. It answers the question: given a KeyHandle
and a
KeyID
, could they be aliases? That is, it implements the
desired, non-transitive equality relation:
// fpr1 and fpr2 are different fingerprints with the same KeyID.
assert_ne!(fpr1, fpr2);
assert_eq!(KeyID::from(&fpr1), KeyID::from(&fpr2));
assert!(keyid.aliases(KeyHandle::from(&fpr1)));
assert!(keyid.aliases(KeyHandle::from(&fpr2)));