[][src]Struct sequoia_openpgp::serialize::stream::Encryptor

pub struct Encryptor<'a> { /* fields omitted */ }

Encrypts a message.

The stream will be encrypted using a generated session key, which will be encrypted using the given passwords, and for all given recipients.

An Recipient is an encryption-capable (sub)key. Note that a certificate may have more than one encryption-capable subkey, and even the primary key may be encryption-capable.

To encrypt for more than one certificate, iterate over the certificates and select encryption-capable keys, making sure that at least one key is selected from each certificate.

Examples

This demonstrates encrypting for multiple certificates.

use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

let recipient_certs = vec![cert_0, cert_1];
let mut recipients = Vec::new();
for cert in recipient_certs.iter() {
    // Make sure we add at least one subkey from every
    // certificate.
    let mut found_one = false;
    for key in cert.keys().with_policy(p, None)
        .supported().alive().revoked(false).for_transport_encryption()
    {
        recipients.push(key);
        found_one = true;
    }

    if ! found_one {
        return Err(anyhow::anyhow!("No suitable encryption subkey for {}",
                                   cert));
    }
}

let message = Message::new(&mut sink);
let message = Encryptor::for_recipients(message, recipients).build()?;
let mut w = LiteralWriter::new(message).build()?;
w.write_all(b"Hello world.")?;
w.finalize()?;

Implementations

impl<'a> Encryptor<'a>[src]

pub fn for_recipients<R>(inner: Message<'a>, recipients: R) -> Self where
    R: IntoIterator,
    R::Item: Into<Recipient<'a>>, 
[src]

Creates a new encryptor for the given recipients.

To add more recipients, use Encryptor::add_recipients. To add a password, use Encryptor::add_password. To change the symmetric encryption algorithm, use Encryptor::sym_algo.

Examples

use std::io::Write;
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

let cert = Cert::from_bytes(
    "-----BEGIN PGP PUBLIC KEY BLOCK-----

     xjMEWlNvABYJKwYBBAHaRw8BAQdA+EC2pvebpEbzPA9YplVgVXzkIG5eK+7wEAez
     ...
     -----END PGP PUBLIC KEY BLOCK-----"
)?;

let recipients =
    cert.keys().with_policy(p, None).supported().alive().revoked(false)
    // Or `for_storage_encryption()`, for data at rest.
    .for_transport_encryption();

let message = Message::new(&mut sink);
let message = Encryptor::for_recipients(message, recipients).build()?;
let mut w = LiteralWriter::new(message).build()?;
w.write_all(b"Hello world.")?;
w.finalize()?;

pub fn with_passwords<P>(inner: Message<'a>, passwords: P) -> Self where
    P: IntoIterator,
    P::Item: Into<Password>, 
[src]

Creates a new encryptor for the given passwords.

To add more passwords, use Encryptor::add_password. To add an recipient, use Encryptor::add_recipients. To change the symmetric encryption algorithm, use Encryptor::sym_algo.

Examples

use std::io::Write;
use sequoia_openpgp as openpgp;
use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};

let message = Message::new(&mut sink);
let message = Encryptor::with_passwords(
    message, Some("совершенно секретно")).build()?;
let mut w = LiteralWriter::new(message).build()?;
w.write_all(b"Hello world.")?;
w.finalize()?;

pub fn add_recipients<R>(self, recipients: R) -> Self where
    R: IntoIterator,
    R::Item: Into<Recipient<'a>>, 
[src]

Adds recipients.

The resulting message can be encrypted by any recipient and with any password.

Examples

use std::io::Write;
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

let cert = Cert::from_bytes(
    "-----BEGIN PGP PUBLIC KEY BLOCK-----

     mQENBFpxtsABCADZcBa1Q3ZLZnju18o0+t8LoQuIIeyeUQ0H45y6xUqyrD5HSkVM
     ...
     -----END PGP PUBLIC KEY BLOCK-----"
)?;

let recipients =
    cert.keys().with_policy(p, None).supported().alive().revoked(false)
    // Or `for_storage_encryption()`, for data at rest.
    .for_transport_encryption();

let message = Message::new(&mut sink);
let message =
    Encryptor::with_passwords(message, Some("совершенно секретно"))
    .add_recipients(recipients)
    .build()?;
let mut message = LiteralWriter::new(message).build()?;
message.write_all(b"Hello world.")?;
message.finalize()?;

pub fn add_passwords<P>(self, passwords: P) -> Self where
    P: IntoIterator,
    P::Item: Into<Password>, 
[src]

Adds passwords to encrypt with.

The resulting message can be encrypted with any password and by any recipient.

Examples

use std::io::Write;
use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};
use openpgp::policy::StandardPolicy;
let p = &StandardPolicy::new();

let cert = Cert::from_bytes(
    "-----BEGIN PGP PUBLIC KEY BLOCK-----

     mQENBFpxtsABCADZcBa1Q3ZLZnju18o0+t8LoQuIIeyeUQ0H45y6xUqyrD5HSkVM
     ...
     -----END PGP PUBLIC KEY BLOCK-----"
)?;

let recipients =
    cert.keys().with_policy(p, None).supported().alive().revoked(false)
    // Or `for_storage_encryption()`, for data at rest.
    .for_transport_encryption();

let message = Message::new(&mut sink);
let message =
    Encryptor::for_recipients(message, recipients)
        .add_passwords(Some("совершенно секретно"))
        .build()?;
let mut message = LiteralWriter::new(message).build()?;
message.write_all(b"Hello world.")?;
message.finalize()?;

pub fn symmetric_algo(self, algo: SymmetricAlgorithm) -> Self[src]

Sets the symmetric algorithm to use.

Examples

use std::io::Write;
use sequoia_openpgp as openpgp;
use openpgp::types::SymmetricAlgorithm;
use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};

let message = Message::new(&mut sink);
let message =
    Encryptor::with_passwords(message, Some("совершенно секретно"))
        .symmetric_algo(SymmetricAlgorithm::AES128)
        .build()?;
let mut message = LiteralWriter::new(message).build()?;
message.write_all(b"Hello world.")?;
message.finalize()?;

pub fn build(self) -> Result<Message<'a>>[src]

Builds the encryptor, returning the writer stack.

The most useful filters to push to the writer stack next are the Padder or Compressor, and after that the Signer. Finally, literal data must be wrapped using the LiteralWriter.

Examples

use std::io::Write;
use sequoia_openpgp as openpgp;
use openpgp::serialize::stream::{
    Message, Encryptor, LiteralWriter,
};

let message = Message::new(&mut sink);
let message =
    Encryptor::with_passwords(message, Some("совершенно секретно"))
        // Customize the `Encryptor` here.
        .build()?;

// Optionally add a `Padder` or `Compressor` here.
// Optionally add a `Signer` here.

let mut message = LiteralWriter::new(message).build()?;
message.write_all(b"Hello world.")?;
message.finalize()?;

Trait Implementations

impl<'a> Debug for Encryptor<'a>[src]

impl<'a> Write for Encryptor<'a>[src]

Auto Trait Implementations

impl<'a> !RefUnwindSafe for Encryptor<'a>[src]

impl<'a> Send for Encryptor<'a>[src]

impl<'a> Sync for Encryptor<'a>[src]

impl<'a> Unpin for Encryptor<'a>[src]

impl<'a> !UnwindSafe for Encryptor<'a>[src]

Blanket Implementations

impl<T> Any for T where
    T: 'static + ?Sized
[src]

impl<T> Borrow<T> for T where
    T: ?Sized
[src]

impl<T> BorrowMut<T> for T where
    T: ?Sized
[src]

impl<T> From<T> for T[src]

impl<T, U> Into<U> for T where
    U: From<T>, 
[src]

impl<T> Same<T> for T

type Output = T

Should always be Self

impl<T, U> TryFrom<U> for T where
    U: Into<T>, 
[src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T, U> TryInto<U> for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.