[−][src]Struct sequoia_openpgp::cert::SubkeyRevocationBuilder
A Subkey
revocation builder.
Note: this function has three degrees of freedom: the Cert, the key used to generate the revocation, and the subkey.
Normally, the key used to generate the revocation is the Cert's primary key, and the subkey is a subkey that is bound to the Cert. However, this is not required.
If Alice has marked Robert's key (R) as a designated revoker for her key (A), then R can revoke A or parts of A. In this case, the Cert is A, the key used to generate the revocation comes from R, and the User ID is bound to A.
But, the component doesn't technically need to be bound to the Cert. For instance, it is possible for R to revoke the User ID "bob@example.org" in the context of A, even if "bob@example.org" is not bound to A.
Example
use sequoia_openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); // Generate a Cert, and create a keypair from the primary key. let (cert, _) = CertBuilder::new() .add_transport_encryption_subkey() .generate()?; let mut keypair = cert.primary_key().key().clone() .parts_into_secret()?.into_keypair()?; let subkey = cert.keys().subkeys().nth(0).unwrap(); // Generate the revocation for the first and only Subkey. let revocation = SubkeyRevocationBuilder::new() .set_reason_for_revocation( ReasonForRevocation::KeyRetired, b"Smells funny.").unwrap() .build(&mut keypair, &cert, subkey.key(), None)?; assert_eq!(revocation.typ(), SignatureType::SubkeyRevocation); // Now merge the revocation signature into the Cert. let cert = cert.merge_packets(vec![revocation.clone().into()])?; // Check that it is revoked. let subkey = cert.keys().subkeys().nth(0).unwrap(); if let RevocationStatus::Revoked(revocations) = subkey.revoked(p, None) { assert_eq!(revocations.len(), 1); assert_eq!(*revocations[0], revocation); } else { panic!("Subkey is not revoked."); }
Implementations
impl SubkeyRevocationBuilder
[src]
pub fn new() -> Self
[src]
Returns a new SubkeyRevocationBuilder
.
pub fn set_reason_for_revocation(
self,
code: ReasonForRevocation,
reason: &[u8]
) -> Result<Self>
[src]
self,
code: ReasonForRevocation,
reason: &[u8]
) -> Result<Self>
Sets the reason for revocation.
pub fn set_signature_creation_time(
self,
creation_time: SystemTime
) -> Result<Self>
[src]
self,
creation_time: SystemTime
) -> Result<Self>
Sets the revocation signature's creation time.
pub fn build<H, P>(
self,
signer: &mut dyn Signer,
cert: &Cert,
key: &Key<P, SubordinateRole>,
hash_algo: H
) -> Result<Signature> where
H: Into<Option<HashAlgorithm>>,
P: KeyParts,
[src]
self,
signer: &mut dyn Signer,
cert: &Cert,
key: &Key<P, SubordinateRole>,
hash_algo: H
) -> Result<Signature> where
H: Into<Option<HashAlgorithm>>,
P: KeyParts,
Returns a revocation certificate for the cert Cert
signed by
signer
.
Methods from Deref<Target = Builder>
pub fn version(&self) -> u8
[src]
Gets the version.
pub fn typ(&self) -> SignatureType
[src]
Gets the signature type.
pub fn pk_algo(&self) -> PublicKeyAlgorithm
[src]
Gets the public key algorithm.
pub fn hash_algo(&self) -> HashAlgorithm
[src]
Gets the hash algorithm.
Trait Implementations
impl Deref for SubkeyRevocationBuilder
[src]
Auto Trait Implementations
impl RefUnwindSafe for SubkeyRevocationBuilder
impl Send for SubkeyRevocationBuilder
impl Sync for SubkeyRevocationBuilder
impl Unpin for SubkeyRevocationBuilder
impl UnwindSafe for SubkeyRevocationBuilder
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,
type Error = <U as TryFrom<T>>::Error
The type returned in the event of a conversion error.
fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>
[src]
impl<V, T> VZip<V> for T where
V: MultiLane<T>,
V: MultiLane<T>,