[][src]Struct sequoia_openpgp::types::Timestamp

pub struct Timestamp(_);

A timestamp representable by OpenPGP.

Methods

impl Timestamp[src]

pub fn now() -> Timestamp[src]

Returns the current time.

pub fn checked_add(&self, d: Duration) -> Option<Timestamp>[src]

Adds a duration to this timestamp.

Returns None if the resulting timestamp is not representable.

pub fn checked_sub(&self, d: Duration) -> Option<Timestamp>[src]

Subtracts a duration from this timestamp.

Returns None if the resulting timestamp is not representable.

pub fn round_down<P>(&self, precision: P) -> Result<Timestamp> where
    P: Into<Option<u8>>, 
[src]

Rounds down to the given level of precision.

This can be used to reduce the metadata leak resulting from time stamps. For example, a group of people attending a key signing event could be identified by comparing the time stamps of resulting certifications. By rounding the creation time of these signatures down, all of them, and others, fall into the same bucket.

The given level p determines the resulting resolution of 2^p seconds. The default is 21, which results in a resolution of 24 days, or roughly a month. p must be lower than 32.

See Duration::round_up.

Important note

If we create a signature, it is important that the signature's creation time does not predate the signing keys creation time, or otherwise violate the key's validity constraints. The correct way to use this interface is to round the time down, lookup all keys and other objects like userids using this time, and on success create the signature:

use sequoia_openpgp::policy::StandardPolicy;

let policy = &StandardPolicy::new();

// Let's fix a time.
let now = Timestamp::from(1583436160);

// Generate a Cert for Alice.
let (alice, _) = CertBuilder::new()
    .set_creation_time(now.checked_sub(Duration::weeks(2)?).unwrap())
    .set_primary_key_flags(KeyFlags::default().set_certification(true))
    .add_userid("alice@example.org")
    .generate()?;

// Generate a Cert for Bob.
let (bob, _) = CertBuilder::new()
    .set_creation_time(now.checked_sub(Duration::weeks(1)?).unwrap())
    .set_primary_key_flags(KeyFlags::default().set_certification(true))
    .add_userid("bob@example.org")
    .generate()?;

let sign_with_p = |p| -> Result<Signature> {
    // Round `now` down, then use `t` for all lookups.
    let t: std::time::SystemTime = now.round_down(p)?.into();

    /// First, get the certification key.
    let mut keypair =
        alice.keys().with_policy(policy, t).secret().for_certification()
        .nth(0).ok_or_else(|| failure::err_msg("no valid key at"))?
        .key().clone().into_keypair()?;

    // Then, lookup the binding between `bob@example.org` and
    // `bob` at `t`.
    let ca = bob.userids().with_policy(policy, t)
        .filter(|ca| ca.userid().value() == b"bob@example.org")
        .nth(0).ok_or_else(|| failure::err_msg("no valid userid"))?;

    // Finally, Alice certifies the binding between
    // `bob@example.org` and `bob` at `t`.
    ca.userid().certify(&mut keypair, &bob,
                        SignatureType::PositiveCertification, None, t)
};

assert!(sign_with_p(21).is_ok());
assert!(sign_with_p(22).is_err()); // Rounded-down t predates key, uid.

There are two possible policies that can be implemented using this mechanism. If protecting the timestamp is more important than the signature, the process must fail. Otherwise, increasing the precision until all constraints are satisfied will find a timestamp approximating now, assuming that the constraints are satisfied at now.

Trait Implementations

impl From<Timestamp> for u32[src]

impl From<u32> for Timestamp[src]

impl From<Timestamp> for SystemTime[src]

impl Eq for Timestamp[src]

impl PartialOrd<Timestamp> for Timestamp[src]

impl Copy for Timestamp[src]

impl PartialEq<Timestamp> for Timestamp[src]

impl Clone for Timestamp[src]

fn clone_from(&mut self, source: &Self)
1.0.0
[src]

Performs copy-assignment from source. Read more

impl Ord for Timestamp[src]

fn max(self, other: Self) -> Self
1.21.0
[src]

Compares and returns the maximum of two values. Read more

fn min(self, other: Self) -> Self
1.21.0
[src]

Compares and returns the minimum of two values. Read more

impl Hash for Timestamp[src]

fn hash_slice<H>(data: &[Self], state: &mut H) where
    H: Hasher
1.3.0
[src]

Feeds a slice of this type into the given [Hasher]. Read more

impl Debug for Timestamp[src]

impl TryFrom<SystemTime> for Timestamp[src]

type Error = Error

The type returned in the event of a conversion error.

impl Arbitrary for Timestamp[src]

fn shrink(&self) -> Box<dyn Iterator<Item = Self> + 'static>

Auto Trait Implementations

impl Send for Timestamp

impl Sync for Timestamp

Blanket Implementations

impl<T> From for T[src]

impl<T, U> Into for T where
    U: From<T>, 
[src]

impl<T> ToOwned for T where
    T: Clone
[src]

type Owned = T

impl<T, U> TryFrom for T where
    U: Into<T>, 
[src]

type Error = Infallible

The type returned in the event of a conversion error.

impl<T> Borrow for T where
    T: ?Sized
[src]

impl<T> BorrowMut for T where
    T: ?Sized
[src]

impl<T> Any for T where
    T: 'static + ?Sized
[src]

impl<T, U> TryInto for T where
    U: TryFrom<T>, 
[src]

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.

impl<V, T> VZip for T where
    V: MultiLane<T>,