Struct sequoia_openpgp::cert::prelude::CertParser

pub struct CertParser<'a> { /* private fields */ }

An iterator over a sequence of certificates, i.e., an OpenPGP keyring.

The source of packets is a fallible iterator over Packets. In this way, it is possible to propagate parse errors.

A CertParser returns each TPK or TSK that it encounters. Note: if you don’t actually need all of the certificates, it is usually faster to use a RawCertParser and only fully parse and canonicalize those certificates that are relevant.

A CertParser’s behavior can be modeled using a simple state machine.

In the first and initial state, it looks for the start of a certificate, a Public Key packet or a Secret Key packet. When it encounters such a packet it buffers it, and transitions to the second state. Any other packet or an error causes it to emit an error and stay in the same state. When the source of packets is exhausted, it enters the End state.

In the second state, it looks for packets that belong to a certificate’s body. If it encounters a valid body packet, then it buffers it and stays in the same state. If it encounters the start of a certificate, then it emits the buffered certificate, buffers the packet, and stays in the same state. If it encounters an invalid packet (e.g., a Literal Data packet), it emits two items, the buffered certificate, and an error, and then it transitions back to the initial state. When the source of packets is exhausted, it emits the buffered certificate and enters the end state.

In the end state, it emits None.

                      Invalid Packet / Error
                    ,------------------------.
                    v                        |
   Not a      +---------+                +---------+
   Start  .-> | Looking | -------------> | Looking | <-. Cert
 of Cert  |   |   for   |     Start      |   for   |   | Body
  Packet  |   |  Start  |    of Cert     |  Cert   |   | Packet
 / Error  `-- | of Cert |     Packet     |  Body   | --'
              +---------+            .-> +---------+
                   |                 |      |  |
                   |                 `------'  |
                   |    Start of Cert Packet   |
                   |                           |
               EOF |         +-----+           | EOF
                    `------> | End | <---------'
                             +-----+
                              |  ^
                              `--'

The parser does not recurse into containers, thus when it encounters a container like a Compressed Data Packet, it will return an error even if the container contains a valid certificate.

The parser considers unknown packets to be valid body packets. (In a Cert, these show up as Unknown components.) The goal is to provide some future compatibility.

Examples

Print information about all certificates in a keyring:

use sequoia_openpgp as openpgp;
use openpgp::parse::Parse;
use openpgp::parse::PacketParser;
use openpgp::cert::prelude::*;

let ppr = PacketParser::from_bytes(&keyring)?;
for certo in CertParser::from(ppr) {
    match certo {
        Ok(cert) => {
            println!("Key: {}", cert.fingerprint());
            for ua in cert.userids() {
                println!("  User ID: {}", ua.userid());
            }
        }
        Err(err) => {
            eprintln!("Error reading keyring: {}", err);
        }
    }
}

When an invalid packet is encountered, an error is returned and parsing continues:

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::prelude::*;
use openpgp::types::DataFormat;

let mut lit = Literal::new(DataFormat::Text);
lit.set_body(b"test".to_vec());

let (alice, _) =
      CertBuilder::general_purpose(None, Some("alice@example.org"))
      .generate()?;
let (bob, _) =
      CertBuilder::general_purpose(None, Some("bob@example.org"))
      .generate()?;

let mut packets : Vec<Packet> = Vec::new();
packets.extend(alice.clone());
packets.push(lit.clone().into());
packets.push(lit.clone().into());
packets.extend(bob.clone());

let r : Vec<Result<Cert>> = CertParser::from(packets).collect();
assert_eq!(r.len(), 4);
assert_eq!(r[0].as_ref().unwrap().fingerprint(), alice.fingerprint());
assert!(r[1].is_err());
assert!(r[2].is_err());
assert_eq!(r[3].as_ref().unwrap().fingerprint(), bob.fingerprint());

Implementations

impl<'a> CertParser<'a>

pub fn from_iter<I, J>(iter: I) -> Self where
    I: 'a + IntoIterator<Item = J>,
    J: 'a + Into<Result<Packet>>,
    <I as IntoIterator>::IntoIter: Send + Sync, 

Creates a CertParser from a Result<Packet> iterator.

Note: because we implement From<Packet> for Result<Packet>, it is possible to pass in an iterator over Packets.

Examples

From a Vec<Packet>:

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;
use openpgp::packet::prelude::*;

for certo in CertParser::from_iter(packets) {
    match certo {
        Ok(cert) => {
            println!("Key: {}", cert.fingerprint());
            for ua in cert.userids() {
                println!("  User ID: {}", ua.userid());
            }
        }
        Err(err) => {
            eprintln!("Error reading keyring: {}", err);
        }
    }
}

pub fn unvalidated_cert_filter<F: 'a>(self, filter: F) -> Self where
    F: Send + Sync + Fn(&Cert, bool) -> bool, 

Filters the Certs prior to validation.

By default, the CertParser only returns valdiated Certs. Checking that a certificate’s self-signatures are valid, however, is computationally expensive, and not always necessary. For example, when looking for a small number of certificates in a large keyring, most certificates can be immediately discarded. That is, it is more efficient to filter, validate, and double check, than to validate and filter. (It is necessary to double check, because the check might have been on an invalid part. For example, if searching for a key with a particular Key ID, a matching key might not have any self signatures.)

If the CertParser gave out unvalidated Certs, and provided an interface to validate them, then the caller could implement this check-validate-double-check pattern. Giving out unvalidated Certs, however, is dangerous: inevitably, a Cert will be used without having been validated in a context where it should have been.

This function avoids this class of bugs while still providing a mechanism to filter Certs prior to validation: the caller provides a callback that is invoked on the unvalidated Cert. If the callback returns true, then the parser validates the Cert, and invokes the callback a second time to make sure the Cert is really wanted. If the callback returns false, then the Cert is skipped.

Note: calling this function multiple times on a single CertParser will not replace the existing filter, but install multiple filters.

Examples

use sequoia_openpgp as openpgp;
use openpgp::cert::prelude::*;

for certr in CertParser::from(ppr)
    .unvalidated_cert_filter(|cert, _| {
        for component in cert.keys() {
            if component.key().keyid() == some_keyid {
                return true;
            }
        }
        false
    })
{
    match certr {
        Ok(cert) => {
            // The Cert contains the subkey.
        }
        Err(err) => {
            eprintln!("Error reading keyring: {}", err);
        }
    }
}

Trait Implementations

impl<'a> Default for CertParser<'a>

fn default() -> CertParser<'a>

Returns the “default value” for a type.

impl<'a> From<PacketParserResult<'a>> for CertParser<'a>

fn from(ppr: PacketParserResult<'a>) -> Self

Initializes a CertParser from a PacketParser.

impl<'a> From<Vec<Packet, Global>> for CertParser<'a>

fn from(p: Vec<Packet>) -> CertParser<'a>

Converts to this type from the input type.

impl<'a> From<Vec<Result<Packet, Error>, Global>> for CertParser<'a>

fn from(p: Vec<Result<Packet>>) -> CertParser<'a>

Converts to this type from the input type.

impl<'a> Iterator for CertParser<'a>

type Item = Result<Cert, Error>

The type of the elements being iterated over.

fn next(&mut self) -> Option<Self::Item>

Advances the iterator and returns the next value.

fn size_hint(&self) -> (usize, Option<usize>)

Returns the bounds on the remaining length of the iterator.

fn count(self) -> usize

Consumes the iterator, counting the number of iterations and returning it.

fn last(self) -> Option<Self::Item>

Consumes the iterator, returning the last element.

fn advance_by(&mut self, n: usize) -> Result<(), usize>

🔬 This is a nightly-only experimental API. (iter_advance_by)

Advances the iterator by n elements.

fn nth(&mut self, n: usize) -> Option<Self::Item>

Returns the nth element of the iterator.

fn step_by(self, step: usize) -> StepBy<Self>

Creates an iterator starting at the same point, but stepping by the given amount at each iteration.

fn chain<U>(self, other: U) -> Chain<Self, <U as IntoIterator>::IntoIter> where
    U: IntoIterator<Item = Self::Item>, 

Takes two iterators and creates a new iterator over both in sequence.

fn zip<U>(self, other: U) -> Zip<Self, <U as IntoIterator>::IntoIter> where
    U: IntoIterator, 

‘Zips up’ two iterators into a single iterator of pairs.

fn intersperse(self, separator: Self::Item) -> Intersperse<Self> where
    Self::Item: Clone, 

🔬 This is a nightly-only experimental API. (iter_intersperse)

Creates a new iterator which places a copy of separator between adjacent items of the original iterator.

fn intersperse_with<G>(self, separator: G) -> IntersperseWith<Self, G> where
    G: FnMut() -> Self::Item, 

🔬 This is a nightly-only experimental API. (iter_intersperse)

Creates a new iterator which places an item generated by separator between adjacent items of the original iterator.

fn map<B, F>(self, f: F) -> Map<Self, F> where
    F: FnMut(Self::Item) -> B, 

Takes a closure and creates an iterator which calls that closure on each element.

fn for_each<F>(self, f: F) where
    F: FnMut(Self::Item), 

Calls a closure on each element of an iterator.

fn filter<P>(self, predicate: P) -> Filter<Self, P> where
    P: FnMut(&Self::Item) -> bool, 

Creates an iterator which uses a closure to determine if an element should be yielded.

fn filter_map<B, F>(self, f: F) -> FilterMap<Self, F> where
    F: FnMut(Self::Item) -> Option<B>, 

Creates an iterator that both filters and maps.

fn enumerate(self) -> Enumerate<Self>

Creates an iterator which gives the current iteration count as well as the next value.

fn peekable(self) -> Peekable<Self>

Creates an iterator which can use the peek and peek_mut methods to look at the next element of the iterator without consuming it. See their documentation for more information.

fn skip_while<P>(self, predicate: P) -> SkipWhile<Self, P> where
    P: FnMut(&Self::Item) -> bool, 

Creates an iterator that skips elements based on a predicate.

fn take_while<P>(self, predicate: P) -> TakeWhile<Self, P> where
    P: FnMut(&Self::Item) -> bool, 

Creates an iterator that yields elements based on a predicate.

fn map_while<B, P>(self, predicate: P) -> MapWhile<Self, P> where
    P: FnMut(Self::Item) -> Option<B>, 

Creates an iterator that both yields elements based on a predicate and maps.

fn skip(self, n: usize) -> Skip<Self>

Creates an iterator that skips the first n elements.

fn take(self, n: usize) -> Take<Self>

Creates an iterator that yields the first n elements, or fewer if the underlying iterator ends sooner.

fn scan<St, B, F>(self, initial_state: St, f: F) -> Scan<Self, St, F> where
    F: FnMut(&mut St, Self::Item) -> Option<B>, 

An iterator adapter similar to fold that holds internal state and produces a new iterator.

fn flat_map<U, F>(self, f: F) -> FlatMap<Self, U, F> where
    U: IntoIterator,
    F: FnMut(Self::Item) -> U, 

Creates an iterator that works like map, but flattens nested structure.

fn flatten(self) -> Flatten<Self> where
    Self::Item: IntoIterator, 

Creates an iterator that flattens nested structure.

fn fuse(self) -> Fuse<Self>

Creates an iterator which ends after the first None.

fn inspect<F>(self, f: F) -> Inspect<Self, F> where
    F: FnMut(&Self::Item), 

Does something with each element of an iterator, passing the value on.

fn by_ref(&mut self) -> &mut Self

Borrows an iterator, rather than consuming it.

fn collect<B>(self) -> B where
    B: FromIterator<Self::Item>, 

Transforms an iterator into a collection.

fn try_collect<B>(
    &mut self
) -> <<Self::Item as Try>::Residual as Residual<B>>::TryType where
    B: FromIterator<<Self::Item as Try>::Output>,
    Self::Item: Try,
    <Self::Item as Try>::Residual: Residual<B>, 

🔬 This is a nightly-only experimental API. (iterator_try_collect)

Fallibly transforms an iterator into a collection, short circuiting if a failure is encountered.

fn collect_into<E>(self, collection: &mut E) -> &mut E where
    E: Extend<Self::Item>, 

🔬 This is a nightly-only experimental API. (iter_collect_into)

Collects all the items from an iterator into a collection.

fn partition<B, F>(self, f: F) -> (B, B) where
    B: Default + Extend<Self::Item>,
    F: FnMut(&Self::Item) -> bool, 

Consumes an iterator, creating two collections from it.

fn partition_in_place<'a, T, P>(self, predicate: P) -> usize where
    T: 'a,
    Self: DoubleEndedIterator<Item = &'a mut T>,
    P: FnMut(&T) -> bool, 

🔬 This is a nightly-only experimental API. (iter_partition_in_place)

Reorders the elements of this iterator in-place according to the given predicate, such that all those that return true precede all those that return false. Returns the number of true elements found.

fn is_partitioned<P>(self, predicate: P) -> bool where
    P: FnMut(Self::Item) -> bool, 

🔬 This is a nightly-only experimental API. (iter_is_partitioned)

Checks if the elements of this iterator are partitioned according to the given predicate, such that all those that return true precede all those that return false.

fn try_fold<B, F, R>(&mut self, init: B, f: F) -> R where
    F: FnMut(B, Self::Item) -> R,
    R: Try<Output = B>, 

An iterator method that applies a function as long as it returns successfully, producing a single, final value.

fn try_for_each<F, R>(&mut self, f: F) -> R where
    F: FnMut(Self::Item) -> R,
    R: Try<Output = ()>, 

An iterator method that applies a fallible function to each item in the iterator, stopping at the first error and returning that error.

fn fold<B, F>(self, init: B, f: F) -> B where
    F: FnMut(B, Self::Item) -> B, 

Folds every element into an accumulator by applying an operation, returning the final result.

fn reduce<F>(self, f: F) -> Option<Self::Item> where
    F: FnMut(Self::Item, Self::Item) -> Self::Item, 

Reduces the elements to a single one, by repeatedly applying a reducing operation.

fn try_reduce<F, R>(
    &mut self,
    f: F
) -> <<R as Try>::Residual as Residual<Option<<R as Try>::Output>>>::TryType where
    F: FnMut(Self::Item, Self::Item) -> R,
    R: Try<Output = Self::Item>,
    <R as Try>::Residual: Residual<Option<Self::Item>>, 

🔬 This is a nightly-only experimental API. (iterator_try_reduce)

Reduces the elements to a single one by repeatedly applying a reducing operation. If the closure returns a failure, the failure is propagated back to the caller immediately.

fn all<F>(&mut self, f: F) -> bool where
    F: FnMut(Self::Item) -> bool, 

Tests if every element of the iterator matches a predicate.

fn any<F>(&mut self, f: F) -> bool where
    F: FnMut(Self::Item) -> bool, 

Tests if any element of the iterator matches a predicate.

fn find<P>(&mut self, predicate: P) -> Option<Self::Item> where
    P: FnMut(&Self::Item) -> bool, 

Searches for an element of an iterator that satisfies a predicate.

fn find_map<B, F>(&mut self, f: F) -> Option<B> where
    F: FnMut(Self::Item) -> Option<B>, 

Applies function to the elements of iterator and returns the first non-none result.

fn try_find<F, R>(
    &mut self,
    f: F
) -> <<R as Try>::Residual as Residual<Option<Self::Item>>>::TryType where
    F: FnMut(&Self::Item) -> R,
    R: Try<Output = bool>,
    <R as Try>::Residual: Residual<Option<Self::Item>>, 

🔬 This is a nightly-only experimental API. (try_find)

Applies function to the elements of iterator and returns the first true result or the first error.

fn position<P>(&mut self, predicate: P) -> Option<usize> where
    P: FnMut(Self::Item) -> bool, 

Searches for an element in an iterator, returning its index.

fn rposition<P>(&mut self, predicate: P) -> Option<usize> where
    P: FnMut(Self::Item) -> bool,
    Self: ExactSizeIterator + DoubleEndedIterator, 

Searches for an element in an iterator from the right, returning its index.

fn max(self) -> Option<Self::Item> where
    Self::Item: Ord, 

Returns the maximum element of an iterator.

fn min(self) -> Option<Self::Item> where
    Self::Item: Ord, 

Returns the minimum element of an iterator.

fn max_by_key<B, F>(self, f: F) -> Option<Self::Item> where
    B: Ord,
    F: FnMut(&Self::Item) -> B, 

Returns the element that gives the maximum value from the specified function.

fn max_by<F>(self, compare: F) -> Option<Self::Item> where
    F: FnMut(&Self::Item, &Self::Item) -> Ordering, 

Returns the element that gives the maximum value with respect to the specified comparison function.

fn min_by_key<B, F>(self, f: F) -> Option<Self::Item> where
    B: Ord,
    F: FnMut(&Self::Item) -> B, 

Returns the element that gives the minimum value from the specified function.

fn min_by<F>(self, compare: F) -> Option<Self::Item> where
    F: FnMut(&Self::Item, &Self::Item) -> Ordering, 

Returns the element that gives the minimum value with respect to the specified comparison function.

fn rev(self) -> Rev<Self> where
    Self: DoubleEndedIterator, 

Reverses an iterator’s direction.

fn unzip<A, B, FromA, FromB>(self) -> (FromA, FromB) where
    FromA: Default + Extend<A>,
    FromB: Default + Extend<B>,
    Self: Iterator<Item = (A, B)>, 

Converts an iterator of pairs into a pair of containers.

fn copied<'a, T>(self) -> Copied<Self> where
    T: 'a + Copy,
    Self: Iterator<Item = &'a T>, 

Creates an iterator which copies all of its elements.

fn cloned<'a, T>(self) -> Cloned<Self> where
    T: 'a + Clone,
    Self: Iterator<Item = &'a T>, 

Creates an iterator which clones all of its elements.

fn cycle(self) -> Cycle<Self> where
    Self: Clone, 

Repeats an iterator endlessly.

fn sum<S>(self) -> S where
    S: Sum<Self::Item>, 

Sums the elements of an iterator.

fn product<P>(self) -> P where
    P: Product<Self::Item>, 

Iterates over the entire iterator, multiplying all the elements

fn cmp<I>(self, other: I) -> Ordering where
    I: IntoIterator<Item = Self::Item>,
    Self::Item: Ord, 

Lexicographically compares the elements of this Iterator with those of another.

fn cmp_by<I, F>(self, other: I, cmp: F) -> Ordering where
    I: IntoIterator,
    F: FnMut(Self::Item, <I as IntoIterator>::Item) -> Ordering, 

🔬 This is a nightly-only experimental API. (iter_order_by)

Lexicographically compares the elements of this Iterator with those of another with respect to the specified comparison function.

fn partial_cmp<I>(self, other: I) -> Option<Ordering> where
    I: IntoIterator,
    Self::Item: PartialOrd<<I as IntoIterator>::Item>, 

Lexicographically compares the elements of this Iterator with those of another.

fn partial_cmp_by<I, F>(self, other: I, partial_cmp: F) -> Option<Ordering> where
    I: IntoIterator,
    F: FnMut(Self::Item, <I as IntoIterator>::Item) -> Option<Ordering>, 

🔬 This is a nightly-only experimental API. (iter_order_by)

Lexicographically compares the elements of this Iterator with those of another with respect to the specified comparison function.

fn eq<I>(self, other: I) -> bool where
    I: IntoIterator,
    Self::Item: PartialEq<<I as IntoIterator>::Item>, 

Determines if the elements of this Iterator are equal to those of another.

fn eq_by<I, F>(self, other: I, eq: F) -> bool where
    I: IntoIterator,
    F: FnMut(Self::Item, <I as IntoIterator>::Item) -> bool, 

🔬 This is a nightly-only experimental API. (iter_order_by)

Determines if the elements of this Iterator are equal to those of another with respect to the specified equality function.

fn ne<I>(self, other: I) -> bool where
    I: IntoIterator,
    Self::Item: PartialEq<<I as IntoIterator>::Item>, 

Determines if the elements of this Iterator are unequal to those of another.

fn lt<I>(self, other: I) -> bool where
    I: IntoIterator,
    Self::Item: PartialOrd<<I as IntoIterator>::Item>, 

Determines if the elements of this Iterator are lexicographically less than those of another.

fn le<I>(self, other: I) -> bool where
    I: IntoIterator,
    Self::Item: PartialOrd<<I as IntoIterator>::Item>, 

Determines if the elements of this Iterator are lexicographically less or equal to those of another.

fn gt<I>(self, other: I) -> bool where
    I: IntoIterator,
    Self::Item: PartialOrd<<I as IntoIterator>::Item>, 

Determines if the elements of this Iterator are lexicographically greater than those of another.

fn ge<I>(self, other: I) -> bool where
    I: IntoIterator,
    Self::Item: PartialOrd<<I as IntoIterator>::Item>, 

Determines if the elements of this Iterator are lexicographically greater than or equal to those of another.

fn is_sorted(self) -> bool where
    Self::Item: PartialOrd<Self::Item>, 

🔬 This is a nightly-only experimental API. (is_sorted)

Checks if the elements of this iterator are sorted.

fn is_sorted_by<F>(self, compare: F) -> bool where
    F: FnMut(&Self::Item, &Self::Item) -> Option<Ordering>, 

🔬 This is a nightly-only experimental API. (is_sorted)

Checks if the elements of this iterator are sorted using the given comparator function.

fn is_sorted_by_key<F, K>(self, f: F) -> bool where
    F: FnMut(Self::Item) -> K,
    K: PartialOrd<K>, 

🔬 This is a nightly-only experimental API. (is_sorted)

Checks if the elements of this iterator are sorted using the given key extraction function.

impl<'a> Parse<'a, CertParser<'a>> for CertParser<'a>

fn from_reader<R: 'a + Read + Send + Sync>(reader: R) -> Result<Self>

Initializes a CertParser from a Reader.

fn from_file<P: AsRef<Path>>(path: P) -> Result<Self>

Initializes a CertParser from a File.

fn from_bytes<D: AsRef<[u8]> + ?Sized + Send + Sync>(
    data: &'a D
) -> Result<Self>

Initializes a CertParser from a byte string.