[][src]Struct sequoia_openpgp::parse::stream::Decryptor

pub struct Decryptor<'a, H: VerificationHelper + DecryptionHelper> { /* fields omitted */ }

Decrypts and verifies an encrypted and optionally signed OpenPGP message.

Signature verification and detection of ciphertext tampering requires processing the whole message first. Therefore, OpenPGP implementations supporting streaming operations necessarily must output unverified data. This has been a source of problems in the past. To alleviate this, we buffer the message first (up to 25 megabytes of net message data by default, see DEFAULT_BUFFER_SIZE), and verify the signatures if the message fits into our buffer. Nevertheless it is important to treat the data as unverified and untrustworthy until you have seen a positive verification.


use std::io::Read;
use sequoia_openpgp as openpgp;
use openpgp::crypto::SessionKey;
use openpgp::types::SymmetricAlgorithm;
use openpgp::{KeyID, Cert, Result, packet::{Key, PKESK, SKESK}};
use openpgp::parse::{Parse, stream::*};
use sequoia_openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

// This fetches keys and computes the validity of the verification.
struct Helper {};
impl VerificationHelper for Helper {
    fn get_certs(&mut self, _ids: &[openpgp::KeyHandle]) -> Result<Vec<Cert>> {
        Ok(Vec::new()) // Feed the Certs to the verifier here...
    fn check(&mut self, structure: MessageStructure) -> Result<()> {
        Ok(()) // Implement your verification policy here.
impl DecryptionHelper for Helper {
    fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK],
                  _sym_algo: Option<SymmetricAlgorithm>,
                  mut decrypt: D) -> Result<Option<openpgp::Fingerprint>>
        where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
        skesks[0].decrypt(&"streng geheim".into())
            .map(|(algo, session_key)| decrypt(algo, &session_key));

let message =
   b"-----BEGIN PGP MESSAGE-----

     -----END PGP MESSAGE-----";

let h = Helper {};
let mut v = DecryptorBuilder::from_bytes(&message[..])?
    .with_policy(p, None, h)?;

let mut content = Vec::new();
v.read_to_end(&mut content)?;
assert_eq!(content, b"Hello World!");


impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H>[src]

pub fn helper_ref(&self) -> &H[src]

Returns a reference to the helper.

pub fn helper_mut(&mut self) -> &mut H[src]

Returns a mutable reference to the helper.

pub fn into_helper(self) -> H[src]

Recovers the helper.

pub fn message_processed(&self) -> bool[src]

Returns true if the whole message has been processed and the verification result is ready. If the function returns false the message did not fit into the internal buffer and unverified data must be read() from the instance until EOF.

Trait Implementations

impl<'a, H: VerificationHelper + DecryptionHelper> Read for Decryptor<'a, H>[src]

Auto Trait Implementations

impl<'a, H> !RefUnwindSafe for Decryptor<'a, H>

impl<'a, H> !Send for Decryptor<'a, H>

impl<'a, H> !Sync for Decryptor<'a, H>

impl<'a, H> Unpin for Decryptor<'a, H> where
    H: Unpin

impl<'a, H> !UnwindSafe for Decryptor<'a, H>

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized

impl<T> Borrow<T> for T where
    T: ?Sized

impl<T> BorrowMut<T> for T where
    T: ?Sized

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, 

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.