[][src]Trait sequoia_openpgp::cert::amalgamation::ValidAmalgamation

pub trait ValidAmalgamation<'a, C: 'a> {
    fn cert(&self) -> &ValidCert<'a>;

    fn time(&self) -> SystemTime;

    fn policy(&self) -> &'a dyn Policy;

    fn binding_signature(&self) -> &'a Signature;

    fn revocation_status(&self) -> RevocationStatus<'a>;

    fn map<F: Fn(&'a Signature) -> Option<T>, T>(&self, f: F) -> Option<T> { ... }

    fn direct_key_signature(&self) -> Result<&'a Signature> { ... }
}

Methods for valid amalgamations.

The methods exposed by a ValidComponentAmalgamation are similar to those exposed by a ComponentAmalgamation, but the policy and reference time are included in the ValidComponentAmalgamation. This helps prevent using different policies or different reference times when using a component, which can easily happen when the checks span multiple functions.

Required methods

fn cert(&self) -> &ValidCert<'a>

Returns the valid amalgamation's associated certificate.

Examples

fn f(ua: &ValidUserIDAmalgamation) {
    let cert = ua.cert();
    // ...
}

fn time(&self) -> SystemTime

Returns the amalgamation's reference time.

Examples

fn f(ua: &ValidUserIDAmalgamation) {
    let t = ua.time();
    // ...
}

fn policy(&self) -> &'a dyn Policy

Returns the amalgamation's policy.

Examples

fn f(ua: &ValidUserIDAmalgamation) {
    let policy = ua.policy();
    // ...
}

fn binding_signature(&self) -> &'a Signature

Returns the component's binding signature as of the reference time.

Examples

fn f(ua: &ValidUserIDAmalgamation) {
    let sig = ua.binding_signature();
    // ...
}

fn revocation_status(&self) -> RevocationStatus<'a>

Returns the component's revocation status as of the amalgamation's reference time.

This does not check whether the certificate has been revoked. For that, use Cert::revocation_status().

Note, as per RFC 4880, a key is considered to be revoked at some time if there were no soft revocations created as of that time, and no hard revocations:

If a key has been revoked because of a compromise, all signatures created by that key are suspect. However, if it was merely superseded or retired, old signatures are still valid.

Examples

use openpgp::cert::prelude::*;
use openpgp::types::RevocationStatus;

match ua.revocation_status() {
    RevocationStatus::Revoked(revs) => {
        // The certificate holder revoked the User ID.
    }
    RevocationStatus::CouldBe(revs) => {
        // There are third-party revocations.  You still need
        // to check that they are valid (this is necessary,
        // because without the Certificates are not normally
        // available to Sequoia).
    }
    RevocationStatus::NotAsFarAsWeKnow => {
        // We have no evidence that the User ID is revoked.
    }
}
Loading content...

Provided methods

fn map<F: Fn(&'a Signature) -> Option<T>, T>(&self, f: F) -> Option<T>

Maps the given function over binding and direct key signature.

Makes f consider both the binding signature and the direct key signature. Information in the binding signature takes precedence over the direct key signature. See also Section 5.2.3.3 of RFC 4880.

fn direct_key_signature(&self) -> Result<&'a Signature>

Returns the certificate's direct key signature as of the reference time, if any.

Subpackets on direct key signatures apply to all components of the certificate, cf. Section 5.2.3.3 of RFC 4880.

Examples

fn f(ua: &ValidUserIDAmalgamation) {
    let sig = ua.direct_key_signature();
    // ...
}
Loading content...

Implementors

impl<'a, C> ValidAmalgamation<'a, C> for ValidComponentAmalgamation<'a, C>[src]

impl<'a, P, R, R2> ValidAmalgamation<'a, Key<P, R>> for ValidKeyAmalgamation<'a, P, R, R2> where
    P: 'a + KeyParts,
    R: 'a + KeyRole,
    R2: Copy,
    Self: PrimaryKey<'a, P, R>, [src]

Loading content...