wot_network/
lib.rs

1//! Data structures for OpenPGP Web of Trust calculations.
2//!
3//! These data structures model the bare minimum level of detail for Web of Trust calculations.
4//!
5//! A [Network] (the top level WoT object) models a set of [Certification] and [Delegation] edges,
6//! which represent relationships between [Certificate] and [Identity] objects.
7//!
8//! The goal of the representation in this crate is to model an absolutely minimal view of a WoT
9//! network. This minimalism keeps the task of correctly *forming* a WoT [Network] graph cleanly
10//! separated from the WoT algorithm that performs searches in the graph:
11//!
12//! All OpenPGP semantics considerations (such as validity, e.g. regarding expiration and
13//! revocation) are normalized out of the `wot-network` representation.
14//! Invalid objects (Certificates, Identities or Certifications) are simply not rendered in a [Network] view.
15//!
16//! It is the task of a separate "network formation" subsystem to interpret the semantics of
17//! OpenPGP certificates and transform them into a normalized [Network] graph.
18//!
19//! In particular, there is no notion of the passage of time in this WoT [Network] graph
20//! representation. A [Network] represents a snapshot of the Web of Trust relations within a set
21//! of Certificates at a given reference time.
22//!
23//! Searches in a Network are modeled with the [search::WotSearch] trait.
24
25mod edge;
26pub(crate) mod id;
27mod network;
28pub mod search;
29mod trust_depth;
30pub mod util;
31
32pub use edge::{Certification, Delegation, Edge};
33pub use id::{Certificate, Identity};
34pub use network::Network;
35pub use trust_depth::TrustDepth;
36
37/// A relationship between a [Certificate] and an [Identity]
38#[derive(Debug, Eq, Hash, PartialEq)]
39pub struct Binding {
40    pub cert: Certificate,
41    pub identity: Identity,
42}
43
44/// A regular expression that can be used to limit the applicability of [Delegation]s
45///
46/// See <https://www.rfc-editor.org/rfc/rfc9580.html#section-5.2.3.22> for the regex syntax that
47/// applies and what it applies to.
48#[derive(Debug, Clone, PartialEq, Eq, Hash)]
49pub struct Regex(String);
50
51impl Regex {
52    pub fn new(regex: String) -> Self {
53        Self(regex)
54    }
55
56    /// Check whether the given [Identity] matches this regular expression.
57    pub fn matches(&self, target_user_id: &Identity) -> bool {
58        // TODO: Check if the regex crate supports the same feature set as Henry Spencer's packages.
59
60        let r = regex::RegexBuilder::new(&self.0).build().expect("FIXME");
61        r.is_match(&target_user_id.0)
62    }
63}