[][src]Struct sequoia_openpgp::cert::UserAttributeRevocationBuilder

pub struct UserAttributeRevocationBuilder { /* fields omitted */ }

A UserAttribute revocation builder.

Note: this function has three degrees of freedom: the Cert, the key used to generate the revocation, and the user attribute.

Normally, the key used to generate the revocation is the Cert's primary key, and the user attribute is a user attribute that is bound to the Cert. However, this is not required.

If Alice has marked Robert's key (R) as a designated revoker for her key (A), then R can revoke A or parts of A. In this case, the Cert is A, the key used to generate the revocation comes from R, and the User Attribute is bound to A.

But, the component doesn't technically need to be bound to the Cert. For instance, it is possible for R to revoke the User ID "bob@example.org" in the context of A, even if "bob@example.org" is not bound to A.


use sequoia_openpgp::cert::prelude::*;
use sequoia_openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

// Generate a Cert, and create a keypair from the primary key.
let (cert, _) = CertBuilder::new()
let mut keypair = cert.primary_key().key().clone()
let ca = cert.user_attributes().nth(0).unwrap();

// Generate the revocation for the first and only UserAttribute.
let revocation =
            b"Left example.org.").unwrap()
        .build(&mut keypair, &cert, ca.user_attribute(), None)?;
assert_eq!(revocation.typ(), SignatureType::CertificationRevocation);

// Now merge the revocation signature into the Cert.
let cert = cert.merge_packets(vec![revocation.clone().into()])?;

// Check that it is revoked.
let ua = cert.user_attributes().with_policy(p, None).nth(0).unwrap();
if let RevocationStatus::Revoked(revocations) = ua.revoked() {
    assert_eq!(revocations.len(), 1);
    assert_eq!(*revocations[0], revocation);
} else {
    panic!("UserAttribute is not revoked.");


impl UserAttributeRevocationBuilder[src]

pub fn new() -> Self[src]

Returns a new UserAttributeRevocationBuilder.

pub fn set_reason_for_revocation(
    code: ReasonForRevocation,
    reason: &[u8]
) -> Result<Self>

Sets the reason for revocation.

pub fn set_signature_creation_time(
    creation_time: SystemTime
) -> Result<Self>

Sets the revocation signature's creation time.

pub fn build<H>(
    signer: &mut dyn Signer,
    cert: &Cert,
    ua: &UserAttribute,
    hash_algo: H
) -> Result<Signature> where
    H: Into<Option<HashAlgorithm>>, 

Returns a revocation certificate for the cert Cert signed by signer.

Methods from Deref<Target = Builder>

pub fn version(&self) -> u8[src]

Gets the version.

pub fn typ(&self) -> SignatureType[src]

Gets the signature type.

pub fn pk_algo(&self) -> PublicKeyAlgorithm[src]

Gets the public key algorithm.

pub fn hash_algo(&self) -> HashAlgorithm[src]

Gets the hash algorithm.

Trait Implementations

impl Deref for UserAttributeRevocationBuilder[src]

type Target = Builder

The resulting type after dereferencing.

Auto Trait Implementations

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized

impl<T> Borrow<T> for T where
    T: ?Sized

impl<T> BorrowMut<T> for T where
    T: ?Sized

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, 

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<V, T> VZip<V> for T where
    V: MultiLane<T>,