KeyBundle groups a
Key with its self signatures, its
third-party signatures, and its revocation certificates, a
KeyAmalgamation groups a
KeyBundle with all of the necessary
context needed to correctly implement relevant key-related
functionality. Specifically, a
KeyAmalgamation includes a
reference to the
KeyBundle, a reference to the containing
certificate, and the key's role (primary or subordinate).
There are two notable differences between
KeyAmalgamations. First, whereas a
KeyBundle's role is
primarily a marker, a
KeyAmalgamation's role determines the
KeyAmalgamation's semantics. As such, it is not possible to
PrimaryKeyAmalgamation to a
and vice versa. Second, a
KeyBundle, owns its data, but a
KeyAmalgamation only references the contained data.
There are three
ErasedKeyAmalgamation. Unlike a
Key or a
KeyBundle with an
ErasedKeyAmalgamation remembers its role.
This means that an
ErasedKeyAmalgamation implements the correct
semantics even though the role marker has been erased (hence the
ErasedKeyAmalgamations are returned by
Cert::keys can't return a more specific type, because it returns
an iterator that can contain both primary and subordinate keys.
The reason that we use a concrete type instead of a trait object
is so that when the user converts a
KeyAmalgamation to a
ValidKeyAmalgamation retains the
type information about the role. Preserving this type information
increases type safety for users of this API.
A key amalgamation.
Methods specific to key amalgamations.
An amalgamation whose role is not known at compile time.
A primary key amalgamation.
A subordinate key amalgamation.
A valid amalgamation whose role is not known at compile time.
A valid primary key amalgamation.
A valid subordinate key amalgamation.