wot_network/

lib.rs

//! Data structures for OpenPGP Web of Trust calculations.
//!
//! These data structures model the bare minimum level of detail for Web of Trust calculations.
//!
//! See <https://codeberg.org/openpgp/wot/> for more context.
//!
//! A [Network] (the top level WoT object) models a set of [Certification] and [Delegation] edges,
//! which represent relationships between [Certificate] and [Identity] objects.
//!
//! The goal of the representation in this crate is to model an absolutely minimal view of a WoT
//! network. This minimalism keeps the task of correctly *forming* a WoT [Network] graph cleanly
//! separated from the WoT algorithm that performs searches in the graph:
//!
//! All OpenPGP semantics considerations (such as validity, e.g. regarding expiration and
//! revocation) are normalized out of the `wot-network` representation.
//! Invalid objects (Certificates, Identities or Certifications) are simply not rendered in a
//! [Network] view.
//!
//! It is the task of a separate "network formation" subsystem to interpret the semantics of
//! OpenPGP certificates and transform them into a normalized [Network] graph.
//!
//! In particular, there is no notion of the passage of time in this WoT [Network] graph
//! representation. A [Network] represents a snapshot of the Web of Trust relations within a set
//! of Certificates at a given reference time.
//!
//! Searches in a Network are modeled with the [search::WotSearchTrait] and
//! [search::ResidualNetworkTrait] traits.

mod edge;
pub(crate) mod id;
mod network;
pub mod search;
mod trust_depth;
pub mod util;

use std::fmt;

pub use edge::{Certification, Delegation, Edge};
pub use id::{Certificate, Identity};
pub use network::{MinimalNetwork, Network};
pub use trust_depth::TrustDepth;

/// A relationship between a [Certificate] and an [Identity]
// TODO: The term binding in OpenPGP is very ambiguous.
//       A certificate may hold multiple bindings, so maybe `IdentityBinding` is more fitting?
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
#[derive(Debug, Eq, Hash, PartialEq, Clone)]
pub struct Binding {
    pub cert: Certificate,
    pub identity: Identity,
}

/// A regular expression that can be used to limit the applicability of [Delegation]s
///
/// See <https://www.rfc-editor.org/rfc/rfc9580.html#section-5.2.3.22> for the regex syntax that
/// applies and what it applies to.
#[cfg_attr(feature = "serde", derive(serde::Serialize, serde::Deserialize))]
#[derive(Debug, Clone, PartialEq, Eq, Hash)]
#[cfg_attr(feature = "serde", serde(transparent))]
pub struct Regex(String);

impl Regex {
    pub fn new(regex: String) -> Self {
        Self(regex)
    }

    /// Check whether the given [Identity] matches this regular expression.
    pub fn matches(&self, target_user_id: &Identity) -> bool {
        // TODO: Check if the regex crate supports the same feature set as Henry Spencer's packages.

        let r = regex::RegexBuilder::new(&self.0).build().expect("FIXME");
        r.is_match(&target_user_id.0)
    }

    pub fn inner(&self) -> &String {
        &self.0
    }
}

impl fmt::Display for Regex {
    fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
        write!(f, "{}", self.0)
    }
}