[][src]Struct sequoia_openpgp::tpk::UserAttributeRevocationBuilder

pub struct UserAttributeRevocationBuilder { /* fields omitted */ }

A UserAttribute revocation builder.

Note: this function has three degrees of freedom: the TPK, the key used to generate the revocation, and the user attribute.

Normally, the key used to generate the revocation is the TPK's primary key, and the user attribute is a user attribute that is bound to the TPK. However, this is not required.

If Alice has marked Robert's key (R) as a designated revoker for her key (A), then R can revoke A or parts of A. In this case, the TPK is A, the key used to generate the revocation comes from R, and the User Attribute is bound to A.

But, the component doesn't technically need to be bound to the TPK. For instance, it is possible for R to revoke the User ID "bob@example.org" in the context of A, even if "bob@example.org" is not bound to A.


// Generate a TPK, and create a keypair from the primary key.
let (tpk, _) = TPKBuilder::new()
let mut keypair = tpk.primary().clone()
let ua = tpk.user_attributes().nth(0).unwrap();

// Generate the revocation for the first and only UserAttribute.
let revocation =
            b"Left example.org.").unwrap()
        .build(&mut keypair, &tpk, ua.user_attribute(), None)?;
assert_eq!(revocation.typ(), SignatureType::CertificateRevocation);

// Now merge the revocation signature into the TPK.
let tpk = tpk.merge_packets(vec![revocation.clone().into()])?;

// Check that it is revoked.
let ua = tpk.user_attributes().nth(0).unwrap();
if let RevocationStatus::Revoked(revocations) = ua.revoked(None) {
    assert_eq!(revocations.len(), 1);
    assert_eq!(*revocations[0], revocation);
} else {
    panic!("UserAttribute is not revoked.");


impl UserAttributeRevocationBuilder[src]

pub fn new() -> Self[src]

Returns a new UserAttributeRevocationBuilder.

pub fn set_reason_for_revocation(
    code: ReasonForRevocation,
    reason: &[u8]
) -> Result<Self>

Sets the reason for revocation.

pub fn set_signature_creation_time(
    creation_time: SystemTime
) -> Result<Self>

Sets the revocation signature's creation time.

pub fn build<H, R>(
    signer: &mut dyn Signer<R>,
    tpk: &TPK,
    ua: &UserAttribute,
    hash_algo: H
) -> Result<Signature> where
    H: Into<Option<HashAlgorithm>>,
    R: KeyRole

Returns a revocation certificate for the tpk TPK signed by signer.

Methods from Deref<Target = Builder>

pub fn version(&self) -> u8[src]

Gets the version.

pub fn typ(&self) -> SignatureType[src]

Gets the signature type.

pub fn pk_algo(&self) -> PublicKeyAlgorithm[src]

Gets the public key algorithm.

pub fn hash_algo(&self) -> HashAlgorithm[src]

Gets the hash algorithm.

Trait Implementations

impl Deref for UserAttributeRevocationBuilder[src]

type Target = Builder

The resulting type after dereferencing.

Auto Trait Implementations

Blanket Implementations

impl<T> From for T[src]

impl<T, U> Into for T where
    U: From<T>, 

impl<T, U> TryFrom for T where
    U: Into<T>, 

type Error = Infallible

The type returned in the event of a conversion error.

impl<T> Borrow for T where
    T: ?Sized

impl<T> BorrowMut for T where
    T: ?Sized

impl<T> Any for T where
    T: 'static + ?Sized

impl<T, U> TryInto for T where
    U: TryFrom<T>, 

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<V, T> VZip for T where
    V: MultiLane<T>,