[−][src]Struct sequoia_openpgp::serialize::stream::Encryptor
Encrypts a message.
The stream will be encrypted using a generated session key, which will be encrypted using the given passwords, and for all given recipients.
An Recipient
is an encryption-capable (sub)key. Note that a
certificate may have more than one encryption-capable subkey, and
even the primary key may be encryption-capable.
To encrypt for more than one certificate, iterate over the certificates and select encryption-capable keys, making sure that at least one key is selected from each certificate.
Examples
This demonstrates encrypting for multiple certificates.
use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let recipient_certs = vec![cert_0, cert_1]; let mut recipients = Vec::new(); for cert in recipient_certs.iter() { // Make sure we add at least one subkey from every // certificate. let mut found_one = false; for key in cert.keys().with_policy(p, None) .supported().alive().revoked(false).for_transport_encryption() { recipients.push(key); found_one = true; } if ! found_one { return Err(anyhow::anyhow!("No suitable encryption subkey for {}", cert)); } } let message = Message::new(&mut sink); let message = Encryptor::for_recipients(message, recipients).build()?; let mut w = LiteralWriter::new(message).build()?; w.write_all(b"Hello world.")?; w.finalize()?;
Implementations
impl<'a> Encryptor<'a>
[src]
pub fn for_recipients<R>(inner: Message<'a>, recipients: R) -> Self where
R: IntoIterator,
R::Item: Into<Recipient<'a>>,
[src]
R: IntoIterator,
R::Item: Into<Recipient<'a>>,
Creates a new encryptor for the given recipients.
To add more recipients, use Encryptor::add_recipients
. To
add a password, use Encryptor::add_password
. To change
the symmetric encryption algorithm, use
Encryptor::sym_algo
.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::cert::prelude::*; use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let cert = Cert::from_bytes( "-----BEGIN PGP PUBLIC KEY BLOCK----- xjMEWlNvABYJKwYBBAHaRw8BAQdA+EC2pvebpEbzPA9YplVgVXzkIG5eK+7wEAez ... -----END PGP PUBLIC KEY BLOCK-----" )?; let recipients = cert.keys().with_policy(p, None).supported().alive().revoked(false) // Or `for_storage_encryption()`, for data at rest. .for_transport_encryption(); let message = Message::new(&mut sink); let message = Encryptor::for_recipients(message, recipients).build()?; let mut w = LiteralWriter::new(message).build()?; w.write_all(b"Hello world.")?; w.finalize()?;
pub fn with_passwords<P>(inner: Message<'a>, passwords: P) -> Self where
P: IntoIterator,
P::Item: Into<Password>,
[src]
P: IntoIterator,
P::Item: Into<Password>,
Creates a new encryptor for the given passwords.
To add more passwords, use Encryptor::add_password
. To
add an recipient, use Encryptor::add_recipients
. To change
the symmetric encryption algorithm, use
Encryptor::sym_algo
.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; let message = Message::new(&mut sink); let message = Encryptor::with_passwords( message, Some("совершенно секретно")).build()?; let mut w = LiteralWriter::new(message).build()?; w.write_all(b"Hello world.")?; w.finalize()?;
pub fn add_recipients<R>(self, recipients: R) -> Self where
R: IntoIterator,
R::Item: Into<Recipient<'a>>,
[src]
R: IntoIterator,
R::Item: Into<Recipient<'a>>,
Adds recipients.
The resulting message can be encrypted by any recipient and with any password.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::cert::prelude::*; use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let cert = Cert::from_bytes( "-----BEGIN PGP PUBLIC KEY BLOCK----- mQENBFpxtsABCADZcBa1Q3ZLZnju18o0+t8LoQuIIeyeUQ0H45y6xUqyrD5HSkVM ... -----END PGP PUBLIC KEY BLOCK-----" )?; let recipients = cert.keys().with_policy(p, None).supported().alive().revoked(false) // Or `for_storage_encryption()`, for data at rest. .for_transport_encryption(); let message = Message::new(&mut sink); let message = Encryptor::with_passwords(message, Some("совершенно секретно")) .add_recipients(recipients) .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Hello world.")?; message.finalize()?;
pub fn add_passwords<P>(self, passwords: P) -> Self where
P: IntoIterator,
P::Item: Into<Password>,
[src]
P: IntoIterator,
P::Item: Into<Password>,
Adds passwords to encrypt with.
The resulting message can be encrypted with any password and by any recipient.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::cert::prelude::*; use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; use openpgp::policy::StandardPolicy; let p = &StandardPolicy::new(); let cert = Cert::from_bytes( "-----BEGIN PGP PUBLIC KEY BLOCK----- mQENBFpxtsABCADZcBa1Q3ZLZnju18o0+t8LoQuIIeyeUQ0H45y6xUqyrD5HSkVM ... -----END PGP PUBLIC KEY BLOCK-----" )?; let recipients = cert.keys().with_policy(p, None).supported().alive().revoked(false) // Or `for_storage_encryption()`, for data at rest. .for_transport_encryption(); let message = Message::new(&mut sink); let message = Encryptor::for_recipients(message, recipients) .add_passwords(Some("совершенно секретно")) .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Hello world.")?; message.finalize()?;
pub fn symmetric_algo(self, algo: SymmetricAlgorithm) -> Self
[src]
Sets the symmetric algorithm to use.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::types::SymmetricAlgorithm; use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; let message = Message::new(&mut sink); let message = Encryptor::with_passwords(message, Some("совершенно секретно")) .symmetric_algo(SymmetricAlgorithm::AES128) .build()?; let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Hello world.")?; message.finalize()?;
pub fn build(self) -> Result<Message<'a>>
[src]
Builds the encryptor, returning the writer stack.
The most useful filters to push to the writer stack next are
the Padder
or Compressor
, and after that the
Signer
. Finally, literal data must be wrapped using the
LiteralWriter
.
Examples
use std::io::Write; use sequoia_openpgp as openpgp; use openpgp::serialize::stream::{ Message, Encryptor, LiteralWriter, }; let message = Message::new(&mut sink); let message = Encryptor::with_passwords(message, Some("совершенно секретно")) // Customize the `Encryptor` here. .build()?; // Optionally add a `Padder` or `Compressor` here. // Optionally add a `Signer` here. let mut message = LiteralWriter::new(message).build()?; message.write_all(b"Hello world.")?; message.finalize()?;
Trait Implementations
impl<'a> Debug for Encryptor<'a>
[src]
impl<'a> Write for Encryptor<'a>
[src]
pub fn write(&mut self, buf: &[u8]) -> Result<usize>
[src]
pub fn flush(&mut self) -> Result<()>
[src]
pub fn write_vectored(&mut self, bufs: &[IoSlice<'_>]) -> Result<usize, Error>
1.36.0[src]
pub fn is_write_vectored(&self) -> bool
[src]
pub fn write_all(&mut self, buf: &[u8]) -> Result<(), Error>
1.0.0[src]
pub fn write_all_vectored(
&mut self,
bufs: &mut [IoSlice<'_>]
) -> Result<(), Error>
[src]
&mut self,
bufs: &mut [IoSlice<'_>]
) -> Result<(), Error>
pub fn write_fmt(&mut self, fmt: Arguments<'_>) -> Result<(), Error>
1.0.0[src]
pub fn by_ref(&mut self) -> &mut Self
1.0.0[src]
Auto Trait Implementations
impl<'a> !RefUnwindSafe for Encryptor<'a>
[src]
impl<'a> Send for Encryptor<'a>
[src]
impl<'a> Sync for Encryptor<'a>
[src]
impl<'a> Unpin for Encryptor<'a>
[src]
impl<'a> !UnwindSafe for Encryptor<'a>
[src]
Blanket Implementations
impl<T> Any for T where
T: 'static + ?Sized,
[src]
T: 'static + ?Sized,
impl<T> Borrow<T> for T where
T: ?Sized,
[src]
T: ?Sized,
impl<T> BorrowMut<T> for T where
T: ?Sized,
[src]
T: ?Sized,
pub fn borrow_mut(&mut self) -> &mut T
[src]
impl<T> From<T> for T
[src]
impl<T, U> Into<U> for T where
U: From<T>,
[src]
U: From<T>,
impl<T> Same<T> for T
type Output = T
Should always be Self
impl<T, U> TryFrom<U> for T where
U: Into<T>,
[src]
U: Into<T>,
type Error = Infallible
The type returned in the event of a conversion error.
pub fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>
[src]
impl<T, U> TryInto<U> for T where
U: TryFrom<T>,
[src]
U: TryFrom<T>,