Most of a signature's attributes are not stored in fixed fields,
but in so-called subpackets. These subpackets are stored in a
Signature's so-called subpacket areas, which are effectively
small key-value stores. The keys are subpacket tags
SubpacketTag). The values are well-structured
In addition to their key and value, subpackets also include a critical flag. When set, this flag indicates to the OpenPGP implementation that if it doesn't understand the subpacket, it must consider the signature to be invalid. (Likewise, if it isn't set, then it means that it is safe for the implementation to ignore the subpacket.) This enables forward compatibility with security-relevant extensions.
It is possible to control how Sequoia's higher-level functionality
handles unknown, critical subpackets using a
Depending on the degree of control required, it may be sufficient
to customize a
StandardPolicy object using, for instance, the
The subpacket system is extensible in two ways. First, although
limited, the subpacket name space is not exhausted. So, it is
possible to introduce new packets. Second, one of the subpackets,
Notation Data subpacket (
NotationData), is explicitly
designed for adding arbitrary data to signatures.
Subpackets are described in Section 184.108.40.206 of RFC 4880.
Creates a new Subpacket.
Returns whether the critical bit is set.
pub fn tag(&self) -> SubpacketTag[src]
Returns the Subpacket's tag.
pub fn value(&self) -> &SubpacketValue[src]
Returns the Subpacket's value.
pub fn authenticated(&self) -> bool[src]
Returns whether the information in this subpacket has been authenticated.
There are three ways a subpacket can be authenticated:
- It is in the hashed subpacket area and the signature has been verified.
- It is in the unhashed subpacket area and the information is self-authenticating and has been authenticated by Sequoia. This is can be done for issuer information and embedded Signatures.
- The subpacket has been authenticated by the user and
marked as such using
Note: The authentication is only valid in the context of the
signature the subpacket is in. If the
Subpacket is cloned,
Subpacket is added to a
SubpacketArea, the flag is
pub fn set_authenticated(&mut self, authenticated: bool) -> bool[src]
Marks the information in this subpacket as authenticated or not.
Subpacket::authenticated for more information.
fn hash_slice<H>(data: &[Self], state: &mut H) where1.3.0[src]
impl MarshalInto for Subpacket[src]
fn serialized_len(&self) -> usize[src]
fn export_to_vec(&self) -> Result<Vec<u8>>[src]
impl PartialOrd<Subpacket> for Subpacket[src]
impl RefUnwindSafe for Subpacket
impl UnwindSafe for Subpacket
type Output = T
Should always be
type Owned = T
The resulting type after obtaining ownership.
fn clone_into(&self, target: &mut T)[src]
type Error = Infallible
The type returned in the event of a conversion error.