VerifierLookup

voa_openpgp::lookup

Struct VerifierLookup 

Source 
pub struct VerifierLookup<'a> {
    index: CertLookup<'a>,
}
Expand description

An abstraction over a set of OpenpgpCert, to facilitate signature verification.

It can efficiently look up component keys that are appropriate for attempting validation of specific signatures.

Fields§

§index: CertLookup<'a>

Implementations§

Source§

impl<'a> VerifierLookup<'a>

Source

const CERTIFICATION_SIGNATURE_TYPES: &'static [SignatureType]

The signature types that we consider meaningful for certifications on identities.

Note that the set excludes SignatureType::CertPersona which is specified to not carry any meaningful information.

Source

pub fn new(certs: &'a [OpenpgpCert]) -> Self

Creates a new VerifierLookup from a list of OpenpgpCerts.

Source

pub(crate) fn get_matching_verifiers( &self, signature: &OpenpgpSignature, ) -> Vec<(SignatureVerifier, &'a OpenpgpCert)>

Returns a list of [SignatureVerifier] and OpenpgpCert tuples, that are reasonable candidates for attempting to verify an OpenpgpSignature.

Looks up all component keys that match the IssuerFingerprint and/or Issuer subpackets in signature, and returns them as [SignatureVerifier] objects. For informational purposes, each [SignatureVerifier] is accompanied by a reference to the OpenpgpCert that contains it.

Callers of this function will usually want to validate signature with the returned [SignatureVerifier]s.

Source

fn candidate_certs(&self, signature: &Signature) -> Vec<&'a OpenpgpCert>

Returns a list of OpenpgpCerts that match either the IssuerFingerprint or IssuerKeyId subpackets in a [Signature].

All component keys of each OpenpgpCert are considered when matching against the IssuerFingerprint and IssuerKeyId subpackets of the signature. The returned OpenpgpCerts are deduplicated by their primary [Fingerprint].

§Note

The lookup does not enforce any semantics constraints. It does not guarantee validity of certificates or component keys for any particular purpose. Semantics checks must be performed separately, after this lookup.

Source

fn matches_issuer( signature: &OpenpgpSignature, verifier: &SignatureVerifier, ) -> bool

Checks if a [SignatureVerifier] matches any IssuerFingerprint or Issuer subpacket in an OpenpgpSignature.

Source

pub fn valid_userid_certifications( &self, signatures: &[&'a Signature], target: &OpenpgpCert, target_user: &UserId, reference_time: SystemTime, ) -> Vec<(&'a OpenpgpCert, Vec<&'a Signature>)>

Returns pairs of OpenpgpCert and [Signature]s for third-party UserId certifications.

Filters signatures (a slice of third-party certifications over target and target_user) by policy, as well as temporal and cryptographic validity (at reference_time). The validated signatures are grouped by signer certificate.

§Notes
  • A certifying signature must pass [rpgpie]’s policy checks (i.e. cryptographic mechanisms that are considered weak at signature creation time are rejected).
  • If a certifying signature has a “signature expiration time” that is after the reference time, that certifying signature is ignored (except for certification revocation signatures, which may not expire).
  • The certifying signature may be younger than the data signature that is authenticated.
  • The certifying certificate may be younger than the data signature that is authenticated.
Source

fn lookup_third_party_certifier( &self, sig: &Signature, target: &OpenpgpCert, target_user: &UserId, ) -> Option<&'a OpenpgpCert>

Returns a matching OpenpgpCert for a third-party certification over a [UserId].

The considered certificate must be cryptographically valid and must have issued sig as a (third-party) certification over target and target_user.

If a signer is found, a reference to it is returned, otherwise None.

Trait Implementations§

Source§

impl<'a> Debug for VerifierLookup<'a>

Source§

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter. Read more
Source§

impl<'a> FromIterator<&'a OpenpgpCert> for VerifierLookup<'a>

Source§

fn from_iter<T: IntoIterator<Item = &'a OpenpgpCert>>(iter: T) -> Self

Creates a value from an iterator. Read more

Auto Trait Implementations§

§

impl<'a> Freeze for VerifierLookup<'a>

§

impl<'a> RefUnwindSafe for VerifierLookup<'a>

§

impl<'a> Send for VerifierLookup<'a>

§

impl<'a> Sync for VerifierLookup<'a>

§

impl<'a> Unpin for VerifierLookup<'a>

§

impl<'a> UnwindSafe for VerifierLookup<'a>

Blanket Implementations§

Source§

impl<T> Any for T
where T: 'static + ?Sized,

Source§

fn type_id(&self) -> TypeId

Gets the TypeId of self. Read more
Source§

impl<T> Borrow<T> for T
where T: ?Sized,

Source§

fn borrow(&self) -> &T

Immutably borrows from an owned value. Read more
Source§

impl<T> BorrowMut<T> for T
where T: ?Sized,

Source§

fn borrow_mut(&mut self) -> &mut T

Mutably borrows from an owned value. Read more
§

impl<T> Conv for T

§

fn conv<T>(self) -> T
where Self: Into<T>,

Converts self into T using Into<T>. Read more
§

impl<T> FmtForward for T

§

fn fmt_binary(self) -> FmtBinary<Self>
where Self: Binary,

Causes self to use its Binary implementation when Debug-formatted.
§

fn fmt_display(self) -> FmtDisplay<Self>
where Self: Display,

Causes self to use its Display implementation when Debug-formatted.
§

fn fmt_lower_exp(self) -> FmtLowerExp<Self>
where Self: LowerExp,

Causes self to use its LowerExp implementation when Debug-formatted.
§

fn fmt_lower_hex(self) -> FmtLowerHex<Self>
where Self: LowerHex,

Causes self to use its LowerHex implementation when Debug-formatted.
§

fn fmt_octal(self) -> FmtOctal<Self>
where Self: Octal,

Causes self to use its Octal implementation when Debug-formatted.
§

fn fmt_pointer(self) -> FmtPointer<Self>
where Self: Pointer,

Causes self to use its Pointer implementation when Debug-formatted.
§

fn fmt_upper_exp(self) -> FmtUpperExp<Self>
where Self: UpperExp,

Causes self to use its UpperExp implementation when Debug-formatted.
§

fn fmt_upper_hex(self) -> FmtUpperHex<Self>
where Self: UpperHex,

Causes self to use its UpperHex implementation when Debug-formatted.
§

fn fmt_list(self) -> FmtList<Self>
where &'a Self: for<'a> IntoIterator,

Formats each item in a sequence. Read more
Source§

impl<T> From<T> for T

Source§

fn from(t: T) -> T

Returns the argument unchanged.

Source§

impl<T, U> Into<U> for T
where U: From<T>,

Source§

fn into(self) -> U

Calls U::from(self).

That is, this conversion is whatever the implementation of From<T> for U chooses to do.

§

impl<T> Pipe for T
where T: ?Sized,

§

fn pipe<R>(self, func: impl FnOnce(Self) -> R) -> R
where Self: Sized,

Pipes by value. This is generally the method you want to use. Read more
§

fn pipe_ref<'a, R>(&'a self, func: impl FnOnce(&'a Self) -> R) -> R
where R: 'a,

Borrows self and passes that borrow into the pipe function. Read more
§

fn pipe_ref_mut<'a, R>(&'a mut self, func: impl FnOnce(&'a mut Self) -> R) -> R
where R: 'a,

Mutably borrows self and passes that borrow into the pipe function. Read more
§

fn pipe_borrow<'a, B, R>(&'a self, func: impl FnOnce(&'a B) -> R) -> R
where Self: Borrow<B>, B: 'a + ?Sized, R: 'a,

Borrows self, then passes self.borrow() into the pipe function. Read more
§

fn pipe_borrow_mut<'a, B, R>( &'a mut self, func: impl FnOnce(&'a mut B) -> R, ) -> R
where Self: BorrowMut<B>, B: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.borrow_mut() into the pipe function. Read more
§

fn pipe_as_ref<'a, U, R>(&'a self, func: impl FnOnce(&'a U) -> R) -> R
where Self: AsRef<U>, U: 'a + ?Sized, R: 'a,

Borrows self, then passes self.as_ref() into the pipe function.
§

fn pipe_as_mut<'a, U, R>(&'a mut self, func: impl FnOnce(&'a mut U) -> R) -> R
where Self: AsMut<U>, U: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.as_mut() into the pipe function.
§

fn pipe_deref<'a, T, R>(&'a self, func: impl FnOnce(&'a T) -> R) -> R
where Self: Deref<Target = T>, T: 'a + ?Sized, R: 'a,

Borrows self, then passes self.deref() into the pipe function.
§

fn pipe_deref_mut<'a, T, R>( &'a mut self, func: impl FnOnce(&'a mut T) -> R, ) -> R
where Self: DerefMut<Target = T> + Deref, T: 'a + ?Sized, R: 'a,

Mutably borrows self, then passes self.deref_mut() into the pipe function.
Source§

impl<T> Same for T

Source§

type Output = T

Should always be Self
§

impl<T> Tap for T

§

fn tap(self, func: impl FnOnce(&Self)) -> Self

Immutable access to a value. Read more
§

fn tap_mut(self, func: impl FnOnce(&mut Self)) -> Self

Mutable access to a value. Read more
§

fn tap_borrow<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Immutable access to the Borrow<B> of a value. Read more
§

fn tap_borrow_mut<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Mutable access to the BorrowMut<B> of a value. Read more
§

fn tap_ref<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Immutable access to the AsRef<R> view of a value. Read more
§

fn tap_ref_mut<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Mutable access to the AsMut<R> view of a value. Read more
§

fn tap_deref<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Immutable access to the Deref::Target of a value. Read more
§

fn tap_deref_mut<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Mutable access to the Deref::Target of a value. Read more
§

fn tap_dbg(self, func: impl FnOnce(&Self)) -> Self

Calls .tap() only in debug builds, and is erased in release builds.
§

fn tap_mut_dbg(self, func: impl FnOnce(&mut Self)) -> Self

Calls .tap_mut() only in debug builds, and is erased in release builds.
§

fn tap_borrow_dbg<B>(self, func: impl FnOnce(&B)) -> Self
where Self: Borrow<B>, B: ?Sized,

Calls .tap_borrow() only in debug builds, and is erased in release builds.
§

fn tap_borrow_mut_dbg<B>(self, func: impl FnOnce(&mut B)) -> Self
where Self: BorrowMut<B>, B: ?Sized,

Calls .tap_borrow_mut() only in debug builds, and is erased in release builds.
§

fn tap_ref_dbg<R>(self, func: impl FnOnce(&R)) -> Self
where Self: AsRef<R>, R: ?Sized,

Calls .tap_ref() only in debug builds, and is erased in release builds.
§

fn tap_ref_mut_dbg<R>(self, func: impl FnOnce(&mut R)) -> Self
where Self: AsMut<R>, R: ?Sized,

Calls .tap_ref_mut() only in debug builds, and is erased in release builds.
§

fn tap_deref_dbg<T>(self, func: impl FnOnce(&T)) -> Self
where Self: Deref<Target = T>, T: ?Sized,

Calls .tap_deref() only in debug builds, and is erased in release builds.
§

fn tap_deref_mut_dbg<T>(self, func: impl FnOnce(&mut T)) -> Self
where Self: DerefMut<Target = T> + Deref, T: ?Sized,

Calls .tap_deref_mut() only in debug builds, and is erased in release builds.
§

impl<T> TryConv for T

§

fn try_conv<T>(self) -> Result<T, Self::Error>
where Self: TryInto<T>,

Attempts to convert self into T using TryInto<T>. Read more
Source§

impl<T, U> TryFrom<U> for T
where U: Into<T>,

Source§

type Error = Infallible

The type returned in the event of a conversion error.
Source§

fn try_from(value: U) -> Result<T, <T as TryFrom<U>>::Error>

Performs the conversion.
Source§

impl<T, U> TryInto<U> for T
where U: TryFrom<T>,

Source§

type Error = <U as TryFrom<T>>::Error

The type returned in the event of a conversion error.
Source§

fn try_into(self) -> Result<U, <U as TryFrom<T>>::Error>

Performs the conversion.
§

impl<V, T> VZip<V> for T
where V: MultiLane<T>,

§

fn vzip(self) -> V