Struct sequoia_openpgp::packet::key::Key4[][src]

pub struct Key4<P, R> where
    P: KeyParts,
    R: KeyRole
{ /* fields omitted */ }
Expand description

Holds a public key, public subkey, private key or private subkey packet.

Use Key4::generate_rsa or Key4::generate_ecc to create a new key.

Existing key material can be turned into an OpenPGP key using Key4::new, Key4::with_secret, Key4::import_public_cv25519, Key4::import_public_ed25519, Key4::import_public_rsa, Key4::import_secret_cv25519, Key4::import_secret_ed25519, and Key4::import_secret_rsa.

Whether you create a new key or import existing key material, you still need to create a binding signature, and, for signing keys, a back signature before integrating the key into a certificate.

Normally, you won’t directly use Key4, but Key, which is a relatively thin wrapper around Key4.

See Section 5.5 of RFC 4880 and the documentation for Key for more details.

Implementations

Creates a new OpenPGP secret key packet for an existing X25519 key.

The ECDH key will use hash algorithm hash and symmetric algorithm sym. If one or both are None secure defaults will be used. The key will have it’s creation date set to ctime or the current time if None is given.

Creates a new OpenPGP secret key packet for an existing Ed25519 key.

The ECDH key will use hash algorithm hash and symmetric algorithm sym. If one or both are None secure defaults will be used. The key will have it’s creation date set to ctime or the current time if None is given.

Creates a new OpenPGP public key packet for an existing RSA key.

The RSA key will use public exponent e and modulo n. The key will have it’s creation date set to ctime or the current time if None is given.

Generates a new RSA key with a public modulos of size bits.

Generates a new ECC key over curve.

If for_signing is false a ECDH key, if it’s true either a EdDSA or ECDSA key is generated. Giving for_signing == true and curve == Cv25519 will produce an error. Likewise for_signing == false and curve == Ed25519 will produce an error.

Changes the key’s parts tag to PublicParts.

Changes the key’s parts tag to PublicParts.

Changes the key’s parts tag to SecretParts.

Changes the key’s parts tag to SecretParts.

Changes the key’s parts tag to UnspecifiedParts.

Changes the key’s parts tag to UnspecifiedParts.

Changes the key’s role tag to PrimaryRole.

Changes the key’s role tag to PrimaryRole.

Changes the key’s role tag to SubordinateRole.

Changes the key’s role tag to SubordinateRole.

Changes the key’s role tag to UnspecifiedRole.

Changes the key’s role tag to UnspecifiedRole.

The security requirements of the hash algorithm for self-signatures.

A cryptographic hash algorithm usually has three security properties: pre-image resistance, second pre-image resistance, and collision resistance. If an attacker can influence the signed data, then the hash algorithm needs to have both second pre-image resistance, and collision resistance. If not, second pre-image resistance is sufficient.

In general, an attacker may be able to influence third-party signatures. But direct key signatures, and binding signatures are only over data fully determined by signer. And, an attacker’s control over self signatures over User IDs is limited due to their structure.

These observations can be used to extend the life of a hash algorithm after its collision resistance has been partially compromised, but not completely broken. For more details, please refer to the documentation for HashAlgoSecurity.

Compares the public bits of two keys.

This returns Ordering::Equal if the public MPIs, creation time, and algorithm of the two Key4s match. This does not consider the packets’ encodings, packets’ tags or their secret key material.

Tests whether two keys are equal modulo their secret key material.

This returns true if the public MPIs, creation time and algorithm of the two Key4s match. This does not consider the packets’ encodings, packets’ tags or their secret key material.

Hashes everything but any secret key material into state.

This is an alternate implementation of Hash, which never hashes the secret key material.

Creates an OpenPGP public key from the specified key material.

Creates an OpenPGP public key packet from existing X25519 key material.

The ECDH key will use hash algorithm hash and symmetric algorithm sym. If one or both are None secure defaults will be used. The key will have its creation date set to ctime or the current time if None is given.

Creates an OpenPGP public key packet from existing Ed25519 key material.

The ECDH key will use hash algorithm hash and symmetric algorithm sym. If one or both are None secure defaults will be used. The key will have its creation date set to ctime or the current time if None is given.

Creates an OpenPGP public key packet from existing RSA key material.

The RSA key will use the public exponent e and the modulo n. The key will have its creation date set to ctime or the current time if None is given.

Creates an OpenPGP key packet from the specified secret key material.

Gets the Key’s creation time.

Sets the Key’s creation time.

timestamp is converted to OpenPGP’s internal format, Timestamp: a 32-bit quantity containing the number of seconds since the Unix epoch.

timestamp is silently rounded to match the internal resolution. An error is returned if timestamp is out of range.

Gets the public key algorithm.

Sets the public key algorithm.

Returns the old public key algorithm.

Returns a reference to the Key’s MPIs.

Returns a mutable reference to the Key’s MPIs.

Sets the Key’s MPIs.

This function returns the old MPIs, if any.

Returns whether the Key contains secret key material.

Returns whether the Key contains unencrypted secret key material.

This returns false if the Key doesn’t contain any secret key material.

Returns Key’s secret key material, if any.

Computes and returns the Key’s Fingerprint and returns it as a KeyHandle.

See Section 12.2 of RFC 4880.

Computes and returns the Key’s Fingerprint.

See Section 12.2 of RFC 4880.

Computes and returns the Key’s Key ID.

See Section 12.2 of RFC 4880.

Secret key material handling.

Takes the Key’s SecretKeyMaterial, if any.

Adds the secret key material to the Key, returning the old secret key material, if any.

Secret key material handling.

Takes the Key’s SecretKeyMaterial, if any.

Adds the secret key material to the Key, returning the old secret key material, if any.

Secret key handling.

Gets the Key’s SecretKeyMaterial.

Gets a mutable reference to the Key’s SecretKeyMaterial.

Takes the Key’s SecretKeyMaterial.

Adds SecretKeyMaterial to the Key.

This function returns the old secret key material, if any.

Decrypts the secret key material using password.

In OpenPGP, secret key material can be protected with a password. The password is usually hardened using a KDF.

Refer to the documentation of Key::decrypt_secret for details.

This function returns an error if the secret key material is not encrypted or the password is incorrect.

Encrypts the secret key material using password.

In OpenPGP, secret key material can be protected with a password. The password is usually hardened using a KDF.

Refer to the documentation of Key::encrypt_secret for details.

This returns an error if the secret key material is already encrypted.

Creates a new key pair from a secret Key with an unencrypted secret key.

Errors

Fails if the secret key is encrypted. You can use Key::decrypt_secret to decrypt a key.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Formats the value using the given formatter. Read more

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Performs the conversion.

Updates the given hash with this object.

Feeds this value into the given Hasher. Read more

Feeds a slice of this type into the given Hasher. Read more

Writes a serialized version of the object to o.

Exports a serialized version of the object to o. Read more

Computes the maximal length of the serialized representation. Read more

Serializes into the given buffer. Read more

Serializes the packet to a vector.

Exports into the given buffer. Read more

Exports to a vector. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Performs the conversion.

Performs the conversion.

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

Converts the given value to a String. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.