voa_openpgp/trust/
wot.rs

1//! Implementation of the "Web of Trust" model.
2//!
3//! TODO: not implemented yet
4
5use std::collections::HashSet;
6
7use voa_config::openpgp::{
8    DomainName,
9    TrustAmountFlow,
10    TrustAmountPartial,
11    WebOfTrustMode,
12    WebOfTrustRoot,
13};
14
15use crate::OpenpgpCert;
16
17/// Signature verification object that uses the generic Web of Trust model.
18#[derive(Debug)]
19#[allow(dead_code)]
20pub(crate) struct WebOfTrustModel<'a> {
21    /// The required flow amount for authentication for a target identity.
22    pub(crate) flow_amount: TrustAmountFlow,
23
24    /// The numerical trust amount of a partially trusted introducer.
25    pub(crate) partial_amount: TrustAmountPartial,
26
27    /// The trust roots for the "Web of Trust".
28    pub(crate) roots: &'a HashSet<WebOfTrustRoot>,
29
30    /// Artifact verifiers are only considered if they contain a validly self-bound identity in
31    /// one of these domain names, at the reference time.
32    /// In addition, such identity must be sufficiently certified within the Web of Trust.
33    pub(crate) artifact_verifier_identity_domain_matches: &'a HashSet<DomainName>,
34}
35
36impl<'a> WebOfTrustModel<'a> {
37    pub(crate) fn new(
38        config: &'a WebOfTrustMode,
39        _artifact_verifiers: &'a [OpenpgpCert],
40        _trust_anchors: &'a [OpenpgpCert],
41    ) -> Self {
42        WebOfTrustModel {
43            flow_amount: config.flow_amount(),
44            partial_amount: config.partial_amount(),
45            roots: config.roots(),
46            artifact_verifier_identity_domain_matches: config
47                .artifact_verifier_identity_domain_matches(),
48        }
49    }
50}
voa_openpgp/trust/wot.rs

voa_openpgp/trust/
wot.rs
