logo
pub struct Subpacket { /* private fields */ }
Expand description

Signature subpackets.

Most of a signature’s attributes are not stored in fixed fields, but in so-called subpackets. These subpackets are stored in a Signature’s so-called subpacket areas, which are effectively small key-value stores. The keys are subpacket tags (SubpacketTag). The values are well-structured (SubpacketValue).

In addition to their key and value, subpackets also include a critical flag. When set, this flag indicates to the OpenPGP implementation that if it doesn’t understand the subpacket, it must consider the signature to be invalid. (Likewise, if it isn’t set, then it means that it is safe for the implementation to ignore the subpacket.) This enables forward compatibility with security-relevant extensions.

It is possible to control how Sequoia’s higher-level functionality handles unknown, critical subpackets using a Policy object. Depending on the degree of control required, it may be sufficient to customize a StandardPolicy object using, for instance, the StandardPolicy::accept_critical_subpacket method.

The subpacket system is extensible in two ways. First, although limited, the subpacket name space is not exhausted. So, it is possible to introduce new packets. Second, one of the subpackets, the Notation Data subpacket (NotationData), is explicitly designed for adding arbitrary data to signatures.

Subpackets are described in Section 5.2.3.1 of RFC 4880.

Implementations

Creates a new Subpacket.

Returns whether the critical bit is set.

Returns the Subpacket’s tag.

Returns the Subpacket’s value.

Returns whether the information in this subpacket has been authenticated.

There are three ways a subpacket can be authenticated:

  • It is in the hashed subpacket area and the signature has been verified.
  • It is in the unhashed subpacket area and the information is self-authenticating and has been authenticated by Sequoia. This is can be done for issuer information and embedded Signatures.
  • The subpacket has been authenticated by the user and marked as such using Subpacket::set_authenticated.

Note: The authentication is only valid in the context of the signature the subpacket is in. If the Subpacket is cloned, or a Subpacket is added to a SubpacketArea, the flag is cleared.

Marks the information in this subpacket as authenticated or not.

See Subpacket::authenticated for more information.

Trait Implementations

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Feeds this value into the given Hasher. Read more

Feeds a slice of this type into the given Hasher. Read more

Writes a serialized version of the object to o.

Exports a serialized version of the object to o. Read more

Computes the maximal length of the serialized representation. Read more

Serializes into the given buffer. Read more

Serializes the packet to a vector.

Exports into the given buffer. Read more

Exports to a vector. Read more

This method returns an Ordering between self and other. Read more

Compares and returns the maximum of two values. Read more

Compares and returns the minimum of two values. Read more

Restrict a value to a certain interval. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

This method returns an ordering between self and other values if one exists. Read more

This method tests less than (for self and other) and is used by the < operator. Read more

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more

This method tests greater than (for self and other) and is used by the > operator. Read more

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.