Expand description

A mechanism to specify policy.

A major goal of the Sequoia OpenPGP crate is to be policy free. However, many mid-level operations build on low-level primitives. For instance, finding a certificate’s primary User ID means examining each of its User IDs and their current self-signature. Some algorithms are considered broken (e.g., MD5) and some are considered weak (e.g. SHA-1). When dealing with data from an untrusted source, for instance, callers will often prefer to ignore signatures that rely on these algorithms even though RFC 4880 says that “[i]mplementations MUST implement SHA-1.” When trying to decrypt old archives, however, users probably don’t want to ignore keys using MD5, even though RFC 4880 deprecates MD5.

Rather than not provide this mid-level functionality, the Policy trait allows callers to specify their preferred policy. This can be highly customized by providing a custom implementation of the Policy trait, or it can be slightly refined by tweaking the StandardPolicy’s parameters.

When implementing the Policy trait, it is essential that the functions are pure. That is, if the same Policy is used to determine whether a given Signature is valid, it must always return the same value.


The Null Policy.

The standard policy.


Asymmetric encryption algorithms.

Whether the signed data requires a hash algorithm with collision resistance.


A policy for cryptographic operations.