openpgp: Make KeyFlags easier to use.

  - Add `KeyFlags::set_certification_to`, `KeyFlags::set_signing_to`,
    `KeyFlags::set_transport_encryption_to`,
    `KeyFlags::set_storage_encryption_to`,
    `KeyFlags::set_split_key_to`, and
    `KeyFlags::set_group_key_to`.

  - This interface is easier to use when the caller has a boolean.

  - Fixes #1018.

2 files changed, 99 insertions, 0 deletions

diff --git a/openpgp/NEWS b/openpgp/NEWS
index 184383eb..893965a9 100644
--- a/openpgp/NEWS
+++ b/openpgp/NEWS
@@ -3,6 +3,14 @@
 #+TITLE: sequoia-openpgp NEWS – history of user-visible changes
 #+STARTUP: content hidestars
 
+* Changes in 1.16.0
+** New functionality
+   - Add KeyFlags::set_certification_to.
+   - Add KeyFlags::set_signing_to.
+   - Add KeyFlags::set_transport_encryption_to.
+   - Add KeyFlags::set_storage_encryption_to.
+   - Add KeyFlags::set_split_key_to.
+   - Add KeyFlags::set_group_key_to.
 * Changes in 1.15.0
 ** New functionality
    - StandardPolicy::accept_hash_property
diff --git a/openpgp/src/types/key_flags.rs b/openpgp/src/types/key_flags.rs
index 933df1ea..03ef15a4 100644
--- a/openpgp/src/types/key_flags.rs
+++ b/openpgp/src/types/key_flags.rs
@@ -280,6 +280,15 @@ impl KeyFlags {
         self.clear(KEY_FLAG_CERTIFY)
     }
 
+    /// Declares whether this key may be used to certify other keys.
+    pub fn set_certification_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_CERTIFY)
+        } else {
+            self.clear(KEY_FLAG_CERTIFY)
+        }
+    }
+
     /// This key may be used to sign data.
     pub fn for_signing(&self) -> bool {
         self.get(KEY_FLAG_SIGN)
@@ -295,6 +304,15 @@ impl KeyFlags {
         self.clear(KEY_FLAG_SIGN)
     }
 
+    /// Declares whether this key may be used to sign data.
+    pub fn set_signing_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_SIGN)
+        } else {
+            self.clear(KEY_FLAG_SIGN)
+        }
+    }
+
     /// This key may be used to encrypt communications.
     pub fn for_transport_encryption(&self) -> bool {
         self.get(KEY_FLAG_ENCRYPT_FOR_TRANSPORT)
@@ -310,6 +328,15 @@ impl KeyFlags {
         self.clear(KEY_FLAG_ENCRYPT_FOR_TRANSPORT)
     }
 
+    /// Declares whether this key may be used to encrypt communications.
+    pub fn set_transport_encryption_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_ENCRYPT_FOR_TRANSPORT)
+        } else {
+            self.clear(KEY_FLAG_ENCRYPT_FOR_TRANSPORT)
+        }
+    }
+
     /// This key may be used to encrypt storage.
     pub fn for_storage_encryption(&self) -> bool {
         self.get(KEY_FLAG_ENCRYPT_AT_REST)
@@ -325,6 +352,15 @@ impl KeyFlags {
         self.clear(KEY_FLAG_ENCRYPT_AT_REST)
     }
 
+    /// Declares whether this key may be used to encrypt storage.
+    pub fn set_storage_encryption_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_ENCRYPT_AT_REST)
+        } else {
+            self.clear(KEY_FLAG_ENCRYPT_AT_REST)
+        }
+    }
+
     /// This key may be used for authentication.
     pub fn for_authentication(&self) -> bool {
         self.get(KEY_FLAG_AUTHENTICATE)
@@ -340,6 +376,15 @@ impl KeyFlags {
         self.clear(KEY_FLAG_AUTHENTICATE)
     }
 
+    /// Declares whether this key may be used for authentication.
+    pub fn set_authentication_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_AUTHENTICATE)
+        } else {
+            self.clear(KEY_FLAG_AUTHENTICATE)
+        }
+    }
+
     /// The private component of this key may have been split
     /// using a secret-sharing mechanism.
     pub fn is_split_key(&self) -> bool {
@@ -358,6 +403,16 @@ impl KeyFlags {
         self.clear(KEY_FLAG_SPLIT_KEY)
     }
 
+    /// Declares whether the private component of this key may have been
+    /// split using a secret-sharing mechanism.
+    pub fn set_split_key_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_SPLIT_KEY)
+        } else {
+            self.clear(KEY_FLAG_SPLIT_KEY)
+        }
+    }
+
     /// The private component of this key may be in possession of more
     /// than one person.
     pub fn is_group_key(&self) -> bool {
@@ -376,6 +431,16 @@ impl KeyFlags {
         self.clear(KEY_FLAG_GROUP_KEY)
     }
 
+    /// Declares whether the private component of this key is in
+    /// possession of more than one person.
+    pub fn set_group_key_to(self, value: bool) -> Self {
+        if value {
+            self.set(KEY_FLAG_GROUP_KEY)
+        } else {
+            self.clear(KEY_FLAG_GROUP_KEY)
+        }
+    }
+
     /// Returns whether no flags are set.
     pub fn is_empty(&self) -> bool {
         self.as_slice().iter().all(|b| *b == 0)
@@ -434,4 +499,30 @@ mod tests {
             true
         }
     }
+
+    #[test]
+    fn test_set_to() {
+        macro_rules! t {
+            ($set:ident, $set2:ident) => {
+                // Set using set2.
+                assert_eq!(KeyFlags::empty().$set(),
+                           KeyFlags::empty().$set2(true));
+
+                // Clear using set2.
+                assert_eq!(KeyFlags::empty().$set2(false),
+                           KeyFlags::empty());
+
+                // Set using set, then clear using set2.
+                assert_eq!(KeyFlags::empty().$set().$set2(false),
+                           KeyFlags::empty());
+            }
+        }
+
+        t!(set_certification, set_certification_to);
+        t!(set_signing, set_signing_to);
+        t!(set_transport_encryption, set_transport_encryption_to);
+        t!(set_storage_encryption, set_storage_encryption_to);
+        t!(set_split_key, set_split_key_to);
+        t!(set_group_key, set_group_key_to);
+    }
 }