[][src]Struct sequoia_openpgp::parse::stream::Decryptor

pub struct Decryptor<'a, H: VerificationHelper + DecryptionHelper> { /* fields omitted */ }

Decrypts and verifies an encrypted and optionally signed OpenPGP message.

Signature verification and detection of ciphertext tampering requires processing the whole message first. Therefore, OpenPGP implementations supporting streaming operations necessarily must output unverified data. This has been a source of problems in the past. To alleviate this, we buffer the message first (up to 25 megabytes of net message data by default, see DEFAULT_BUFFER_SIZE), and verify the signatures if the message fits into our buffer. Nevertheless it is important to treat the data as unverified and untrustworthy until you have seen a positive verification.

Examples

use std::io::Read;
use sequoia_openpgp as openpgp;
use openpgp::crypto::SessionKey;
use openpgp::types::SymmetricAlgorithm;
use openpgp::{KeyID, Cert, Result, packet::{Key, PKESK, SKESK}};
use openpgp::parse::{Parse, stream::*};
use sequoia_openpgp::policy::StandardPolicy;

let p = &StandardPolicy::new();

// This fetches keys and computes the validity of the verification.
struct Helper {};
impl VerificationHelper for Helper {
    fn get_certs(&mut self, _ids: &[openpgp::KeyHandle]) -> Result<Vec<Cert>> {
        Ok(Vec::new()) // Feed the Certs to the verifier here...
    }
    fn check(&mut self, structure: MessageStructure) -> Result<()> {
        Ok(()) // Implement your verification policy here.
    }
}
impl DecryptionHelper for Helper {
    fn decrypt<D>(&mut self, _: &[PKESK], skesks: &[SKESK],
                  _sym_algo: Option<SymmetricAlgorithm>,
                  mut decrypt: D) -> Result<Option<openpgp::Fingerprint>>
        where D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool
    {
        skesks[0].decrypt(&"streng geheim".into())
            .map(|(algo, session_key)| decrypt(algo, &session_key));
        Ok(None)
    }
}

let message =
   b"-----BEGIN PGP MESSAGE-----

     wy4ECQMIY5Zs8RerVcXp85UgoUKjKkevNPX3WfcS5eb7rkT9I6kw6N2eEc5PJUDh
     0j0B9mnPKeIwhp2kBHpLX/en6RfNqYauX9eSeia7aqsd/AOLbO9WMCLZS5d2LTxN
     rwwb8Aggyukj13Mi0FF5
     =OB/8
     -----END PGP MESSAGE-----";

let h = Helper {};
let mut v = DecryptorBuilder::from_bytes(&message[..])?
    .with_policy(p, None, h)?;

let mut content = Vec::new();
v.read_to_end(&mut content)?;
assert_eq!(content, b"Hello World!");

Implementations

impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H>[src]

pub fn helper_ref(&self) -> &H[src]

Returns a reference to the helper.

pub fn helper_mut(&mut self) -> &mut H[src]

Returns a mutable reference to the helper.

pub fn into_helper(self) -> H[src]

Recovers the helper.

pub fn message_processed(&self) -> bool[src]

Returns true if the whole message has been processed and the verification result is ready. If the function returns false the message did not fit into the internal buffer and unverified data must be read() from the instance until EOF.

Trait Implementations

impl<'a, H: VerificationHelper + DecryptionHelper> Read for Decryptor<'a, H>[src]

Auto Trait Implementations

impl<'a, H> !RefUnwindSafe for Decryptor<'a, H>

impl<'a, H> !Send for Decryptor<'a, H>

impl<'a, H> !Sync for Decryptor<'a, H>

impl<'a, H> Unpin for Decryptor<'a, H> where
    H: Unpin

impl<'a, H> !UnwindSafe for Decryptor<'a, H>

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized
[src]

impl<T> Borrow<T> for T where
    T: ?Sized
[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized
[src]

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, 
[src]

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 
[src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.