diff options
| author | Neal H. Walfield <neal@pep.foundation> | 2019-08-04 01:24:09 +0200 |
|---|---|---|
| committer | Neal H. Walfield <neal@pep.foundation> | 2019-08-23 19:15:13 +0200 |
| commit | 102dea398e920e91b34e5602033c2e7e53c50bb1 (patch) | |
| tree | f0238a659236ade71f72c1799876331c49e266a3 | |
| parent | 75fb008711f0f80028230018ab37b988175211b4 (diff) | |
openpgp: Use a KeyBinding to store the primary key binding in a TPK
| -rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 2 | ||||
| -rw-r--r-- | openpgp-ffi/src/tpk.rs | 8 | ||||
| -rw-r--r-- | openpgp/src/autocrypt.rs | 10 | ||||
| -rw-r--r-- | openpgp/src/crypto/hash.rs | 6 | ||||
| -rw-r--r-- | openpgp/src/packet/key.rs | 4 | ||||
| -rw-r--r-- | openpgp/src/packet/signature/mod.rs | 13 | ||||
| -rw-r--r-- | openpgp/src/parse/stream.rs | 4 | ||||
| -rw-r--r-- | openpgp/src/serialize/mod.rs | 2 | ||||
| -rw-r--r-- | openpgp/src/serialize/stream.rs | 4 | ||||
| -rw-r--r-- | openpgp/src/serialize/tpk.rs | 23 | ||||
| -rw-r--r-- | openpgp/src/tpk/bindings.rs | 22 | ||||
| -rw-r--r-- | openpgp/src/tpk/builder.rs | 12 | ||||
| -rw-r--r-- | openpgp/src/tpk/keyiter.rs | 2 | ||||
| -rw-r--r-- | openpgp/src/tpk/mod.rs | 177 | ||||
| -rw-r--r-- | openpgp/src/tpk/parser/grammar.lalrpop | 12 | ||||
| -rw-r--r-- | sqv/src/sqv.rs | 2 | ||||
| -rw-r--r-- | tool/src/commands/decrypt.rs | 4 | ||||
| -rw-r--r-- | tool/src/commands/inspect.rs | 2 |
18 files changed, 153 insertions, 156 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 1a7dc98d..6c8584c0 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -750,7 +750,7 @@ pgp_tsk_t pgp_tpk_as_tsk (pgp_tpk_t tpk); /// The tpk still owns the key. The caller should neither modify nor /// free the key. /*/ -pgp_key_t pgp_tpk_primary (pgp_tpk_t tpk); +pgp_key_t pgp_tpk_primary_key (pgp_tpk_t tpk); /*/ /// Returns the TPK's current revocation status. diff --git a/openpgp-ffi/src/tpk.rs b/openpgp-ffi/src/tpk.rs index 8f185e82..a5ab70d3 100644 --- a/openpgp-ffi/src/tpk.rs +++ b/openpgp-ffi/src/tpk.rs @@ -147,8 +147,8 @@ fn pgp_tpk_as_tsk(tpk: *const TPK) -> *mut TSK<'static> { /// /// The tpk still owns the key. The caller must not modify the key. #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" -fn pgp_tpk_primary(tpk: *const TPK) -> *const Key { - tpk.ref_raw().primary().move_into_raw() +fn pgp_tpk_primary_key(tpk: *const TPK) -> *const Key { + tpk.ref_raw().primary().key().move_into_raw() } /// Returns the TPK's revocation status as of a given time. @@ -219,7 +219,7 @@ fn int_to_reason_for_revocation(code: c_int) -> ReasonForRevocation { /// assert (revocation); /// pgp_signature_free (revocation); /* Free the generated one. */ /// -/// primary_key = pgp_tpk_primary (tpk); +/// primary_key = pgp_tpk_primary_key (tpk); /// primary_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (primary_key)); /// pgp_key_free (primary_key); /// assert (primary_keypair); @@ -286,7 +286,7 @@ fn pgp_tpk_revoke(errp: Option<&mut *mut crate::error::Error>, /// assert (revocation); /// pgp_signature_free (revocation); /* Free the generated one. */ /// -/// primary_key = pgp_tpk_primary (tpk); +/// primary_key = pgp_tpk_primary_key (tpk); /// primary_keypair = pgp_key_into_key_pair (NULL, pgp_key_clone (primary_key)); /// pgp_key_free (primary_key); /// assert (primary_keypair); diff --git a/openpgp/src/autocrypt.rs b/openpgp/src/autocrypt.rs index de0053e2..b15fddbf 100644 --- a/openpgp/src/autocrypt.rs +++ b/openpgp/src/autocrypt.rs @@ -107,7 +107,7 @@ impl AutocryptHeader { let mut acc = Vec::new(); // The primary key and the most recent selfsig. - acc.push(tpk.primary().clone().into_packet(Tag::PublicKey)?); + acc.push(tpk.primary().key().clone().into_packet(Tag::PublicKey)?); tpk.selfsigs().iter().take(1) .for_each(|s| acc.push(s.clone().into())); @@ -908,7 +908,7 @@ In the light of the Efail vulnerability I am asking myself if it's let tpk = ac.headers[0].key.as_ref() .expect("Failed to parse key material."); - assert_eq!(tpk.primary().fingerprint(), + assert_eq!(tpk.primary().key().fingerprint(), Fingerprint::from_hex( &"156962B0F3115069ACA970C68E3B03A279B772D6"[..]).unwrap()); assert_eq!(tpk.userids().next().unwrap().userid().value(), @@ -931,7 +931,7 @@ In the light of the Efail vulnerability I am asking myself if it's let tpk = ac.headers[0].key.as_ref() .expect("Failed to parse key material."); - assert_eq!(tpk.primary().fingerprint(), + assert_eq!(tpk.primary().key().fingerprint(), Fingerprint::from_hex( &"D4AB192964F76A7F8F8A9B357BD18320DEADFA11"[..]).unwrap()); assert_eq!(tpk.userids().next().unwrap().userid().value(), @@ -954,7 +954,7 @@ In the light of the Efail vulnerability I am asking myself if it's let tpk = ac.headers[0].key.as_ref() .expect("Failed to parse key material."); - assert_eq!(tpk.primary().fingerprint(), + assert_eq!(tpk.primary().key().fingerprint(), Fingerprint::from_hex( &"4F9F89F5505AC1D1A260631CDB1187B9DD5F693B"[..]).unwrap()); assert_eq!(tpk.userids().next().unwrap().userid().value(), @@ -1087,7 +1087,7 @@ In the light of the Efail vulnerability I am asking myself if it's let tpk = ac.headers[0].key.as_ref() .expect("Failed to parse key material."); - assert_eq!(&tpk.primary().fingerprint().to_string(), + assert_eq!(&tpk.primary().key().fingerprint().to_string(), "3E88 77C8 7727 4692 9751 89F5 D03F 6F86 5226 FE8B"); assert_eq!(tpk.userids().len(), 1); assert_eq!(tpk.subkeys().len(), 1); diff --git a/openpgp/src/crypto/hash.rs b/openpgp/src/crypto/hash.rs index 0828b834..9ace7d38 100644 --- a/openpgp/src/crypto/hash.rs +++ b/openpgp/src/crypto/hash.rs @@ -420,7 +420,7 @@ mod test { for selfsig in binding.selfsigs() { let h = Signature::userid_binding_hash( selfsig, - tpk.primary(), + tpk.primary().key(), binding.userid()).unwrap(); if &h[..2] != selfsig.hash_prefix() { eprintln!("{:?}: {:?} / {:?}", @@ -436,7 +436,7 @@ mod test { for selfsig in binding.selfsigs() { let h = Signature::user_attribute_binding_hash( selfsig, - tpk.primary(), + tpk.primary().key(), binding.user_attribute()).unwrap(); if &h[..2] != selfsig.hash_prefix() { eprintln!("{:?}: {:?} / {:?}", @@ -452,7 +452,7 @@ mod test { for selfsig in binding.selfsigs() { let h = Signature::subkey_binding_hash( selfsig, - tpk.primary(), + tpk.primary().key(), binding.key()).unwrap(); if &h[..2] != selfsig.hash_prefix() { eprintln!("{:?}: {:?}", i, binding); diff --git a/openpgp/src/packet/key.rs b/openpgp/src/packet/key.rs index 9c7c344c..85b1ec86 100644 --- a/openpgp/src/packet/key.rs +++ b/openpgp/src/packet/key.rs @@ -745,9 +745,9 @@ mod tests { #[test] fn encrypted_rsa_key() { - let mut tpk = TPK::from_bytes( + let tpk = TPK::from_bytes( crate::tests::key("testy-new-encrypted-with-123.pgp")).unwrap(); - let pair = tpk.primary_mut(); + let mut pair = tpk.primary().key().clone(); let pk_algo = pair.pk_algo(); let secret = pair.secret.as_mut().unwrap(); diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs index 4bb52af8..b93cb0f7 100644 --- a/openpgp/src/packet/signature/mod.rs +++ b/openpgp/src/packet/signature/mod.rs @@ -1090,9 +1090,9 @@ mod test { crate::tests::message(test.data)).unwrap(); while let PacketParserResult::Some(pp) = ppr { if let Packet::Signature(ref sig) = pp.packet { - let result = sig.verify(tpk.primary()).unwrap_or(false); + let result = sig.verify(tpk.primary().key()).unwrap_or(false); eprintln!(" Primary {:?}: {:?}", - tpk.primary().fingerprint(), result); + tpk.primary().key().fingerprint(), result); if result { good += 1; } @@ -1150,7 +1150,7 @@ mod test { "emmelie-dorothea-dina-samantha-awina-ed25519-private.pgp", ] { let tpk = TPK::from_bytes(crate::tests::key(key)).unwrap(); - let mut pair = tpk.primary().clone().into_keypair() + let mut pair = tpk.primary().key().clone().into_keypair() .expect("secret key is encrypted/missing"); let sig = Builder::new(SignatureType::Binary); @@ -1204,7 +1204,7 @@ mod test { panic!("Expected a Signature, got: {:?}", p); }; - assert!(sig.verify_message(tpk.primary(), &msg[..]).unwrap()); + assert!(sig.verify_message(tpk.primary().key(), &msg[..]).unwrap()); } #[test] @@ -1261,7 +1261,10 @@ mod test { let uid_binding = &test2.primary_key_signature_full().unwrap().0.unwrap(); let cert = &uid_binding.certifications()[0]; - assert_eq!(cert.verify_userid_binding(cert_key1, test2.primary(), uid_binding.userid()).ok(), Some(true)); + assert_eq!(cert.verify_userid_binding(cert_key1, + test2.primary().key(), + uid_binding.userid()).ok(), + Some(true)); } #[test] diff --git a/openpgp/src/parse/stream.rs b/openpgp/src/parse/stream.rs index b4cc89ff..c2225f0d 100644 --- a/openpgp/src/parse/stream.rs +++ b/openpgp/src/parse/stream.rs @@ -510,7 +510,7 @@ impl<'a, H: VerificationHelper> Verifier<'a, H> { } }; - if can_sign(tpk.primary(), + if can_sign(tpk.primary().key(), tpk.primary_key_signature()) { v.keys.insert(tpk.keyid(), (i, 0)); } @@ -1295,7 +1295,7 @@ impl<'a, H: VerificationHelper + DecryptionHelper> Decryptor<'a, H> { } }; - if can_sign(tpk.primary(), + if can_sign(tpk.primary().key(), tpk.primary_key_signature()) { v.keys.insert(tpk.keyid(), (i, 0)); } diff --git a/openpgp/src/serialize/mod.rs b/openpgp/src/serialize/mod.rs index 530aa61e..d36d5370 100644 --- a/openpgp/src/serialize/mod.rs +++ b/openpgp/src/serialize/mod.rs @@ -2925,7 +2925,7 @@ mod test { use crate::tpk::TPKBuilder; let (tpk, _) = TPKBuilder::new().generate().unwrap(); - let mut keypair = tpk.primary().clone().into_keypair().unwrap(); + let mut keypair = tpk.primary().key().clone().into_keypair().unwrap(); let uid = UserID::from("foo"); // Make a signature w/o an exportable certification subpacket. diff --git a/openpgp/src/serialize/stream.rs b/openpgp/src/serialize/stream.rs index b7b90a44..1fa8e81e 100644 --- a/openpgp/src/serialize/stream.rs +++ b/openpgp/src/serialize/stream.rs @@ -984,12 +984,12 @@ impl<'a> Encryptor<'a> { // Check if the primary key is encryption-capable. let primary_can_encrypt = - can_encrypt(tpk.primary(), tpk.primary_key_signature()); + can_encrypt(tpk.primary().key(), tpk.primary_key_signature()); // If the primary key is encryption-capable, prepend to // subkeys via iterator magic. let keys = - iter::once(tpk.primary()) + iter::once(tpk.primary().key()) .filter(|_| primary_can_encrypt) .chain(subkeys); diff --git a/openpgp/src/serialize/tpk.rs b/openpgp/src/serialize/tpk.rs index 988512c4..75190785 100644 --- a/openpgp/src/serialize/tpk.rs +++ b/openpgp/src/serialize/tpk.rs @@ -25,7 +25,7 @@ impl TPK { fn serialize_common(&self, o: &mut dyn std::io::Write, export: bool) -> Result<()> { - PacketRef::PublicKey(self.primary()).serialize(o)?; + PacketRef::PublicKey(self.primary().key()).serialize(o)?; // Writes a signature if it is exportable or `! export`. let serialize_sig = @@ -158,7 +158,7 @@ impl TPK { impl SerializeInto for TPK { fn serialized_len(&self) -> usize { let mut l = 0; - l += PacketRef::PublicKey(self.primary()).serialized_len(); + l += PacketRef::PublicKey(self.primary().key()).serialized_len(); for s in self.selfsigs() { l += PacketRef::Signature(s).serialized_len(); @@ -320,11 +320,11 @@ impl<'a> TSK<'a> { /// /// // Only write out the primary key's secret. /// let mut buf = Vec::new(); - /// tpk.as_tsk().set_filter(|k| k == tpk.primary()).serialize(&mut buf)?; + /// tpk.as_tsk().set_filter(|k| k == tpk.primary().key()).serialize(&mut buf)?; /// /// let tpk_ = TPK::from_bytes(&buf)?; /// assert_eq!(tpk_.keys_valid().secret(true).count(), 1); - /// assert!(tpk_.primary().secret().is_some()); + /// assert!(tpk_.primary().key().secret().is_some()); /// # Ok(()) } pub fn set_filter<P>(mut self, predicate: P) -> Self where P: 'a + Fn(&'a Key) -> bool @@ -376,18 +376,19 @@ impl<'a> TSK<'a> { packet.serialize(o) }; - serialize_key(o, &self.tpk.primary(), Tag::PublicKey, Tag::SecretKey)?; + serialize_key(o, &self.tpk.primary().key(), + Tag::PublicKey, Tag::SecretKey)?; - for s in self.tpk.selfsigs() { + for s in self.tpk.primary().selfsigs() { serialize_sig(o, s)?; } - for s in self.tpk.self_revocations() { + for s in self.tpk.primary().self_revocations() { serialize_sig(o, s)?; } - for s in self.tpk.certifications() { + for s in self.tpk.primary().certifications() { serialize_sig(o, s)?; } - for s in self.tpk.other_revocations() { + for s in self.tpk.primary().other_revocations() { serialize_sig(o, s)?; } @@ -526,7 +527,7 @@ impl<'a> SerializeInto for TSK<'a> { packet.serialized_len() }; - l += serialized_len_key(self.tpk.primary(), + l += serialized_len_key(self.tpk.primary().key(), Tag::PublicKey, Tag::SecretKey); for s in self.tpk.selfsigs() { @@ -715,7 +716,7 @@ mod test { }; let (tpk, _) = TPKBuilder::new().generate().unwrap(); - let mut keypair = tpk.primary().clone().into_keypair().unwrap(); + let mut keypair = tpk.primary().key().clone().into_keypair().unwrap(); let key: Key = Key4::generate_ecc(false, Curve::Cv25519).unwrap().into(); diff --git a/openpgp/src/tpk/bindings.rs b/openpgp/src/tpk/bindings.rs index 7ad7f4c9..222888c8 100644 --- a/openpgp/src/tpk/bindings.rs +++ b/openpgp/src/tpk/bindings.rs @@ -29,7 +29,7 @@ impl Key { /// # fn f() -> Result<()> { /// // Generate a TPK, and create a keypair from the primary key. /// let (tpk, _) = TPKBuilder::new().generate()?; - /// let mut keypair = tpk.primary().clone().into_keypair()?; + /// let mut keypair = tpk.primary().key().clone().into_keypair()?; /// /// // Let's add an encryption subkey. /// let flags = KeyFlags::default().set_encrypt_at_rest(true); @@ -61,7 +61,7 @@ impl Key { .set_issuer_fingerprint(signer.public().fingerprint())? .set_issuer(signer.public().keyid())? .sign_subkey_binding( - signer, tpk.primary(), self, + signer, tpk.primary().key(), self, hash_algo.into().unwrap_or(HashAlgorithm::SHA512)) } @@ -87,7 +87,7 @@ impl Key { /// let (tpk, _) = TPKBuilder::new() /// .add_encryption_subkey() /// .generate()?; - /// let mut keypair = tpk.primary().clone().into_keypair()?; + /// let mut keypair = tpk.primary().key().clone().into_keypair()?; /// /// // Generate the revocation for the first and only Subkey. /// let revocation = @@ -151,7 +151,7 @@ impl UserID { /// # fn f() -> Result<()> { /// // Generate a TPK, and create a keypair from the primary key. /// let (tpk, _) = TPKBuilder::new().generate()?; - /// let mut keypair = tpk.primary().clone().into_keypair()?; + /// let mut keypair = tpk.primary().key().clone().into_keypair()?; /// assert_eq!(tpk.userids().len(), 0); /// /// // Generate a userid and a binding signature. @@ -179,7 +179,7 @@ impl UserID { .set_issuer_fingerprint(signer.public().fingerprint())? .set_issuer(signer.public().keyid())? .sign_userid_binding( - signer, tpk.primary(), self, + signer, tpk.primary().key(), self, hash_algo.into().unwrap_or(HashAlgorithm::SHA512)) } @@ -214,7 +214,7 @@ impl UserID { /// .primary_keyflags(KeyFlags::default().set_certify(true)) /// .add_userid("alice@example.org") /// .generate()?; - /// let mut keypair = alice.primary().clone().into_keypair()?; + /// let mut keypair = alice.primary().key().clone().into_keypair()?; /// /// // Generate a TPK for Bob. /// let (bob, _) = TPKBuilder::new() @@ -281,7 +281,7 @@ impl UserID { /// let (tpk, _) = TPKBuilder::new() /// .add_userid("some@example.org") /// .generate()?; - /// let mut keypair = tpk.primary().clone().into_keypair()?; + /// let mut keypair = tpk.primary().key().clone().into_keypair()?; /// /// // Generate the revocation for the first and only UserID. /// let revocation = @@ -347,7 +347,7 @@ impl UserAttribute { /// // Generate a TPK, and create a keypair from the primary key. /// let (tpk, _) = TPKBuilder::new() /// .generate()?; - /// let mut keypair = tpk.primary().clone().into_keypair()?; + /// let mut keypair = tpk.primary().key().clone().into_keypair()?; /// assert_eq!(tpk.userids().len(), 0); /// /// // Generate a user attribute and a binding signature. @@ -378,7 +378,7 @@ impl UserAttribute { .set_issuer_fingerprint(signer.public().fingerprint())? .set_issuer(signer.public().keyid())? .sign_user_attribute_binding( - signer, tpk.primary(), self, + signer, tpk.primary().key(), self, hash_algo.into().unwrap_or(HashAlgorithm::SHA512)) } @@ -413,7 +413,7 @@ impl UserAttribute { /// let (alice, _) = TPKBuilder::new() /// .add_userid("alice@example.org") /// .generate()?; - /// let mut keypair = alice.primary().clone().into_keypair()?; + /// let mut keypair = alice.primary().key().clone().into_keypair()?; /// /// // Generate a TPK for Bob. /// let user_attr = UserAttribute::new(&[ @@ -490,7 +490,7 @@ impl UserAttribute { /// let (tpk, _) = TPKBuilder::new() /// .add_user_attribute(user_attr) /// .generate()?; - /// let mut keypair = tpk.primary().clone().into_keypair()?; + /// let mut keypair = tpk.primary().key().clone().into_keypair()?; /// /// // Generate the revocation for the first and only UserAttribute. /// let revocation = diff --git a/openpgp/src/tpk/builder.rs b/openpgp/src/tpk/builder.rs index e735975a..329e5f1e 100644 --- a/openpgp/src/tpk/builder.rs +++ b/openpgp/src/tpk/builder.rs @@ -452,14 +452,14 @@ mod tests { .set_cipher_suite(CipherSuite::RSA3k) .set_cipher_suite(CipherSuite::Cv25519) .generate().unwrap(); - assert_eq!(tpk1.primary().pk_algo(), PublicKeyAlgorithm::EdDSA); + assert_eq!(tpk1.primary().key().pk_algo(), PublicKeyAlgorithm::EdDSA); let (tpk2, _) = TPKBuilder::new() .set_cipher_suite(CipherSuite::RSA3k) .add_userid("test2@example.com") .add_encryption_subkey() .generate().unwrap(); - assert_eq!(tpk2.primary().pk_algo(), + assert_eq!(tpk2.primary().key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); assert_eq!(tpk2.subkeys().next().unwrap().key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); @@ -470,7 +470,7 @@ mod tests { let (tpk1, _) = TPKBuilder::new() .add_userid("test2@example.com") .generate().unwrap(); - assert_eq!(tpk1.primary().pk_algo(), + assert_eq!(tpk1.primary().key().pk_algo(), PublicKeyAlgorithm::EdDSA); assert!(tpk1.subkeys().next().is_none()); if let Some(sig) = tpk1.primary_key_signature() { @@ -486,7 +486,7 @@ mod tests { let (tpk1, _) = TPKBuilder::autocrypt(Autocrypt::V1, Some("Foo")) .generate().unwrap(); - assert_eq!(tpk1.primary().pk_algo(), + assert_eq!(tpk1.primary().key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); assert_eq!(tpk1.subkeys().next().unwrap().key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); @@ -498,7 +498,7 @@ mod tests { let (tpk1, _) = TPKBuilder::autocrypt(Autocrypt::V1_1, Some("Foo")) .generate().unwrap(); - assert_eq!(tpk1.primary().pk_algo(), + assert_eq!(tpk1.primary().key().pk_algo(), PublicKeyAlgorithm::EdDSA); assert_eq!(tpk1.subkeys().next().unwrap().key().pk_algo(), PublicKeyAlgorithm::ECDH); @@ -582,7 +582,7 @@ mod tests { .set_cipher_suite(CipherSuite::Cv25519) .set_password(Some(String::from("streng geheim").into())) .generate().unwrap(); - assert!(tpk.primary().secret().unwrap().is_encrypted()); + assert!(tpk.primary().key().secret().unwrap().is_encrypted()); } #[test] diff --git a/openpgp/src/tpk/keyiter.rs b/openpgp/src/tpk/keyiter.rs index 0083f4c3..1e1dce5b 100644 --- a/openpgp/src/tpk/keyiter.rs +++ b/openpgp/src/tpk/keyiter.rs @@ -84,7 +84,7 @@ impl<'a> Iterator for KeyIter<'a> { (tpk.primary_key_signature(), tpk.revocation_status(), - tpk.primary()) + tpk.primary().key()) } else { self.subkey_iter.next() .map(|sk_binding| (sk_binding.binding_signature(), diff --git a/openpgp/src/tpk/mod.rs b/openpgp/src/tpk/mod.rs index b5bf6b59..f95dbca8 100644 --- a/openpgp/src/tpk/mod.rs +++ b/openpgp/src/tpk/mod.rs @@ -291,7 +291,7 @@ enum PacketSource<'a, I: Iterator<Item=Packet>> { /// for tpko in TPKParser::from_packet_parser(ppr) { /// match tpko { /// Ok(tpk) => { -/// println!("Key: {}", tpk.primary()); +/// println!("Key: {}", tpk.primary().key()); /// for binding in tpk.userids() { /// println!("User ID: {}", binding.userid()); /// } @@ -410,7 +410,7 @@ impl<'a, I: Iterator<Item=Packet>> TPKParser<'a, I> { /// # let some_keyid = KeyID::from_hex("C2B819056C652598").unwrap(); /// for tpkr in TPKParser::from_packet_parser(ppr) /// .unvalidated_tpk_filter(|tpk, _| { - /// if tpk.primary().keyid() == some_keyid { + /// if tpk.primary().key().keyid() == some_keyid { /// return true; /// } /// for binding in tpk.subkeys() { @@ -552,7 +552,7 @@ impl<'a, I: Iterator<Item=Packet>> TPKParser<'a, I> { (selfsigs, certifications, self_revs, other_revs) } - let primary_fp = tpk.primary().fingerprint(); + let primary_fp = tpk.primary().key().fingerprint(); let primary_keyid = primary_fp.to_keyid(); // The parser puts all of the signatures on the @@ -561,11 +561,11 @@ impl<'a, I: Iterator<Item=Packet>> TPKParser<'a, I> { let (selfsigs, certifications, self_revs, other_revs) = split_sigs( &primary_fp, &primary_keyid, - mem::replace(&mut tpk.primary_certifications, vec![])); - tpk.primary_selfsigs = selfsigs; - tpk.primary_cert |