[][src]Struct sequoia_openpgp::TSK

pub struct TSK { /* fields omitted */ }

A transferable secret key (TSK).

A TSK (see RFC 4880, section 11.2) can be used to create signatures and decrypt data.

Methods

impl TSK[src]

pub fn from_packet_parser<'a>(ppr: PacketParserResult<'a>) -> Result<Self>[src]

Initializes a TSK from a PacketParser.

pub fn new<'a, O>(primary_uid: O) -> Result<(TSK, Signature)> where
    O: Into<Option<Cow<'a, str>>>, 
[src]

Generates a new key OpenPGP key. The key will be capable of encryption and signing. If no user id is given the primary self signature will be a direct key signature.

pub fn tpk<'a>(&'a self) -> &'a TPK[src]

Returns a reference to the corresponding TPK.

pub fn into_tpk(self) -> TPK[src]

Converts to a TPK.

pub fn certify_userid(&self, key: &Key, userid: &UserID) -> Result<Signature>[src]

Signs key and userid with a 3rd party certification.

pub fn certify_key(&self, key: &TPK) -> Result<Signature>[src]

Signs the primary key's self signatures of key.

pub fn sign_userid(&self, userid: &UserID) -> Result<Signature>[src]

Signs userid with this TSK.

pub fn sign_user_attribute(&self, userattr: &UserAttribute) -> Result<Signature>[src]

Signs userattr with a the primary key.

pub fn sign_subkey(
    &self,
    subkey: &Key,
    flags: &KeyFlags,
    passwd: Option<&Password>
) -> Result<Signature>
[src]

Create a binding signature between this TSK and subkey. Uses the TSKs primary key to sign the binding. The binding signature will advertise flags key capabilities. If subkey is encrypted that caller must supply the password in passwd.

pub fn with_userid_certification(
    self,
    certifier: &TSK,
    userid: &UserID
) -> Result<Self>
[src]

Adds a 3rd party certification by certifier of the user ID userid. It's not checked whether userid is bound to this TSK.

pub fn with_userid(self, userid: UserID) -> Result<Self>[src]

Adds UserID userid to this TSK and bind it to the primary key. There is no check whether the user ID is already bound to this key.

pub fn with_user_attribute(self, userattr: UserAttribute) -> Result<Self>[src]

Adds UserID userid to this TSK and bind it to the primary key. There is no check whether the user attribute is already bound to this key.

pub fn with_subkey(
    self,
    subkey: Key,
    flags: &KeyFlags,
    passwd: Option<&Password>
) -> Result<Self>
[src]

Adds sub key subkey to this TSK and bind it. There is no check whether the subkey is already part of the TSK. The binding signature will advertise flags key capabilities. If subkey is encrypted that caller must supply the password in passwd.

Methods from Deref<Target = TPK>

pub fn primary(&self) -> &Key[src]

Returns a reference to the primary key.

pub fn primary_key_signature_full(
    &self
) -> Option<(Option<&UserIDBinding>, &Signature)>
[src]

Returns the primary key's current self-signature and, if it belong to a user id, a reference to the UserIDBinding.

Normally, the primary key's current self-signature is the primary user id's newest, non-revoked self-signature. However, if all user ids are revoked and there is a direct signature, that is returned. If there is no direct signature, then we return the newest self-signature on the most recently revoked user id (i.e., the binding signature that was last valid). If there are no user ids at all and no direct signatures, then we return None.

pub fn primary_key_signature(&self) -> Option<&Signature>[src]

Returns the primary key's current self-signature.

This function is identical to TPK::primary_key_signature_full(), but it doesn't return the UserIDBinding.

pub fn selfsigs(&self) -> &[Signature][src]

The self-signatures.

All self-signatures have been validated, and the newest self-signature is first.

pub fn certifications(&self) -> &[Signature][src]

Any third-party certifications.

The signatures have not been validated.

pub fn self_revocations(&self) -> &[Signature][src]

Revocations issued by the key itself.primary_

The revocations have been validated, and the newest is first.

pub fn other_revocations(&self) -> &[Signature][src]

Revocations issued by other keys.

The revocations have not been validated.

pub fn revoked<T>(&self, t: T) -> RevocationStatus where
    T: Into<Option<Tm>>, 
[src]

Returns the TPK's revocation status.

Note: this only returns whether the primary key is revoked. If you want to know whether a subkey, user id, etc., is revoked, then you need to query them separately.

pub fn revoke(
    &self,
    primary_signer: &mut dyn Signer,
    code: ReasonForRevocation,
    reason: &[u8]
) -> Result<Signature>
[src]

Returns a revocation certificate for the TPK.

Example

use openpgp::RevocationStatus;
use openpgp::constants::{ReasonForRevocation, SignatureType};
use openpgp::tpk::{CipherSuite, TPKBuilder};
use openpgp::crypto::KeyPair;
use openpgp::parse::Parse;
let (tpk, _) = TPKBuilder::default()
    .set_cipher_suite(CipherSuite::Cv25519)
    .generate()?;
assert_eq!(RevocationStatus::NotAsFarAsWeKnow, tpk.revoked(None));

let mut keypair = tpk.primary().clone().into_keypair()?;
let sig = tpk.revoke(&mut keypair, ReasonForRevocation::KeyCompromised,
                     b"It was the maid :/")?;
assert_eq!(sig.sigtype(), SignatureType::KeyRevocation);

let tpk = tpk.merge_packets(vec![sig.clone().into()])?;
assert_eq!(RevocationStatus::Revoked(&[sig]), tpk.revoked(None));

pub fn expired(&self) -> bool[src]

Returns whether or not the TPK has expired.

pub fn expired_at(&self, tm: Tm) -> bool[src]

Returns whether or not the key is expired at the given time.

pub fn alive(&self) -> bool[src]

Returns whether or not the TPK is alive.

pub fn alive_at(&self, tm: Tm) -> bool[src]

Returns whether or not the key is alive at the given time.

Important traits for UserIDBindingIter<'a>
pub fn userids(&self) -> UserIDBindingIter[src]

Returns an iterator over the TPK's valid UserIDBindings.

The primary user id is returned first. A valid UserIDBinding has at least one good self-signature.

Important traits for UserAttributeBindingIter<'a>
pub fn user_attributes(&self) -> UserAttributeBindingIter[src]

Returns an iterator over the TPK's valid UserAttributeBindings.

A valid UserIDAttributeBinding has at least one good self-signature.

Important traits for SubkeyBindingIter<'a>
pub fn subkeys(&self) -> SubkeyBindingIter[src]

Returns an iterator over the TPK's valid subkeys.

A valid SubkeyBinding has at least one good self-signature.

Important traits for KeyIter<'a>
pub fn keys_valid(&self) -> KeyIter[src]

Returns an iterator over the TPK's valid keys (live and not-revoked).

That is, this returns an iterator over the primary key and any subkeys, along with the corresponding signatures.

Note: since a primary key is different from a binding, the iterator is over Keys and not SubkeyBindings. Furthermore, the primary key has no binding signature. Here, the signature carrying the primary key's key flags is returned. There are corner cases where no such signature exists (e.g. partial TPKs), therefore this iterator may return None for the primary key's signature.

A valid Key has at least one good self-signature.

To return all keys, do keys().unfiltered(). See the documentation of keys for how to control what keys are returned.

Important traits for KeyIter<'a>
pub fn keys_all(&self) -> KeyIter[src]

Returns an iterator over the TPK's keys.

Unlike TPK::keys_valid(), this iterator also returns expired and revoked keys.

pub fn fingerprint(&self) -> Fingerprint[src]

Returns the TPK's fingerprint.

pub fn is_tsk(&self) -> bool[src]

Returns whether at least one of the keys includes a secret part.

Trait Implementations

impl Serialize for TSK[src]

impl<'a> Parse<'a, TSK> for TSK[src]

fn from_reader<R: 'a + Read>(reader: R) -> Result<Self>[src]

Initializes a TSK from a Reader.

fn from_file<P: AsRef<Path>>(path: P) -> Result<Self>[src]

Initializes a TSK from a File.

fn from_bytes(data: &'a [u8]) -> Result<Self>[src]

Initializes a TSK from a byte string.

impl PartialEq<TSK> for TSK[src]

impl Deref for TSK[src]

type Target = TPK

The resulting type after dereferencing.

impl DerefMut for TSK[src]

impl Debug for TSK[src]

Auto Trait Implementations

impl Send for TSK

impl !Sync for TSK

Blanket Implementations

impl<T> From for T[src]

impl<T, U> Into for T where
    U: From<T>, 
[src]

impl<T, U> TryFrom for T where
    U: Into<T>, 
[src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T> Borrow for T where
    T: ?Sized
[src]

impl<T> BorrowMut for T where
    T: ?Sized
[src]

impl<T> Any for T where
    T: 'static + ?Sized
[src]

impl<T, U> TryInto for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.