logo
pub struct UserAttribute { /* private fields */ }
Expand description

Holds a UserAttribute packet.

See Section 5.12 of RFC 4880 for details.

Implementations

Returns a new UserAttribute packet.

Note: a valid UserAttribute has at least one subpacket.

The security requirements of the hash algorithm for self-signatures.

A cryptographic hash algorithm usually has three security properties: pre-image resistance, second pre-image resistance, and collision resistance. If an attacker can influence the signed data, then the hash algorithm needs to have both second pre-image resistance, and collision resistance. If not, second pre-image resistance is sufficient.

In general, an attacker may be able to influence third-party signatures. But direct key signatures, and binding signatures are only over data fully determined by signer. And, an attacker’s control over self signatures over User IDs is limited due to their structure.

These observations can be used to extend the life of a hash algorithm after its collision resistance has been partially compromised, but not completely broken. For more details, please refer to the documentation for HashAlgoSecurity.

Gets the user attribute packet’s raw, unparsed value.

Most likely you will want to use subpackets() to iterate over the subpackets.

Gets a mutable reference to the user attribute packet’s raw value.

Iterates over the subpackets.

Creates a binding signature.

The signature binds this user attribute to cert. signer will be used to create a signature using signature as builder. Thehash_algo defaults to SHA512, creation_time to the current time.

This function adds a creation time subpacket, a issuer fingerprint subpacket, and a issuer subpacket to the signature.

Examples

This example demonstrates how to bind this user attribute to a Cert. Note that in general, the CertBuilder is a better way to add User IDs to a Cert.

// Generate a Cert, and create a keypair from the primary key.
let (cert, _) = CertBuilder::new()
    .generate()?;
let mut keypair = cert.primary_key().key().clone()
    .parts_into_secret()?.into_keypair()?;
assert_eq!(cert.userids().len(), 0);

// Generate a user attribute and a binding signature.
let user_attr = UserAttribute::new(&[
    Subpacket::Image(
        Image::Private(100, vec![0, 1, 2].into_boxed_slice())),
])?;
let builder =
    signature::SignatureBuilder::new(SignatureType::PositiveCertification);
let binding = user_attr.bind(&mut keypair, &cert, builder)?;

// Now merge the user attribute and binding signature into the Cert.
let cert = cert.insert_packets(vec![Packet::from(user_attr),
                                   binding.into()])?;

// Check that we have a user attribute.
assert_eq!(cert.user_attributes().count(), 1);

Returns a certification for the user attribute.

The signature binds this user attribute to cert. signer will be used to create a certification signature of type signature_type. signature_type defaults to SignatureType::GenericCertification, hash_algo to SHA512, creation_time to the current time.

This function adds a creation time subpacket, a issuer fingerprint subpacket, and a issuer subpacket to the signature.

Errors

Returns Error::InvalidArgument if signature_type is not one of SignatureType::{Generic, Persona, Casual, Positive}Certification

Examples

This example demonstrates how to certify a User ID.

// Generate a Cert, and create a keypair from the primary key.
let (alice, _) = CertBuilder::new()
    .add_userid("alice@example.org")
    .generate()?;
let mut keypair = alice.primary_key().key().clone()
    .parts_into_secret()?.into_keypair()?;

// Generate a Cert for Bob.
let user_attr = UserAttribute::new(&[
    Subpacket::Image(
        Image::Private(100, vec![0, 1, 2].into_boxed_slice())),
])?;
let (bob, _) = CertBuilder::new()
    .set_primary_key_flags(KeyFlags::empty().set_certification())
    .add_user_attribute(user_attr)
    .generate()?;

// Alice now certifies the binding between `bob@example.org` and `bob`.
let certification =
    bob.user_attributes().nth(0).unwrap()
    .certify(&mut keypair, &bob, SignatureType::PositiveCertification,
             None, None)?;

// `certification` can now be used, e.g. by merging it into `bob`.
let bob = bob.insert_packets(certification)?;

// Check that we have a certification on the User ID.
assert_eq!(bob.user_attributes().nth(0).unwrap()
           .certifications().count(),
           1);

Trait Implementations

Attempts to downcast to T, returning the packet if it fails. Read more

Attempts to downcast to &T, returning None if it fails. Read more

Attempts to downcast to &mut T, returning None if it fails. Read more

Returns a copy of the value. Read more

Performs copy-assignment from source. Read more

Formats the value using the given formatter. Read more

Performs the conversion.

Performs the conversion.

Updates the given hash with this object.

Feeds this value into the given Hasher. Read more

Feeds a slice of this type into the given Hasher. Read more

Implement IntoIterator so that cert::insert_packets(sig) just works.

The type of the elements being iterated over.

Which kind of iterator are we turning this into?

Creates an iterator from a value. Read more

Writes a serialized version of the object to o.

Exports a serialized version of the object to o. Read more

Computes the maximal length of the serialized representation. Read more

Serializes into the given buffer. Read more

Serializes the packet to a vector.

Exports into the given buffer. Read more

Exports to a vector. Read more

This method returns an Ordering between self and other. Read more

Compares and returns the maximum of two values. Read more

Compares and returns the minimum of two values. Read more

Restrict a value to a certain interval. Read more

Reads from the given reader.

Reads from the given file. Read more

Reads from the given slice. Read more

This method tests for self and other values to be equal, and is used by ==. Read more

This method tests for !=.

This method returns an ordering between self and other values if one exists. Read more

This method tests less than (for self and other) and is used by the < operator. Read more

This method tests less than or equal to (for self and other) and is used by the <= operator. Read more

This method tests greater than (for self and other) and is used by the > operator. Read more

This method tests greater than or equal to (for self and other) and is used by the >= operator. Read more

Auto Trait Implementations

Blanket Implementations

Gets the TypeId of self. Read more

Immutably borrows from an owned value. Read more

Mutably borrows from an owned value. Read more

Returns the argument unchanged.

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

Should always be Self

The resulting type after obtaining ownership.

Creates owned data from borrowed data, usually by cloning. Read more

🔬 This is a nightly-only experimental API. (toowned_clone_into)

Uses borrowed data to replace owned data, usually by cloning. Read more

The type returned in the event of a conversion error.

Performs the conversion.

The type returned in the event of a conversion error.

Performs the conversion.