openpgp: Rework streaming encryptor.

- Instead of giving a set of TPKs to the encryptor, hand in a set of recipients, which are (keyid, key)-tuples, conveniently created from key queries over TPKs. This simplifies the encryptor, and makes the key selection explicit. - Drop the EncryptionMode type. - As a nice side effect, we can now generate encrypted messages with wildcard recipient addresses.
author: Justus Winter <justus@sequoia-pgp.org> 2019-09-06 13:47:50 +0200
committer: Justus Winter <justus@sequoia-pgp.org> 2019-09-06 16:42:12 +0200
commit: 38a4d2b4ff4fc4512b31a4ff4e4ddd8a6b3c7503 (patch)
tree: 469d667b6bab8333df02c7a2402b9edabbe08419 /guide
parent: 4d642187f1df0c9a4c60dc2355c797ebac6fcd4f (diff)
1 files changed, 40 insertions, 8 deletions
diff --git a/guide/src/chapter_02.md b/guide/src/chapter_02.md
index 7c564ff0..e29f412c 100644
--- a/guide/src/chapter_02.md
+++ b/guide/src/chapter_02.md
@@ -50,14 +50,22 @@ fn main() {
 # /// Encrypts the given message.
 # fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK)
 #            -> openpgp::Result<()> {
+#    // Build a vector of recipients to hand to Encryptor.
+#    let recipients =
+#        recipient.keys_valid()
+#        .key_flags(KeyFlags::default()
+#                   .set_encrypt_at_rest(true)
+#                   .set_encrypt_for_transport(true))
+#        .map(|(_, _, key)| key.into())
+#        .collect::<Vec<_>>();
+#
 #     // Start streaming an OpenPGP message.
 #     let message = Message::new(sink);
 #
 #     // We want to encrypt a literal data packet.
 #     let encryptor = Encryptor::new(message,
 #                                    &[], // No symmetric encryption.
-#                                    &[recipient],
-#                                    EncryptionMode::ForTransport,
+#                                    &recipients,
 #                                    None, None)?;
 #
 #     // Emit a literal data packet.
@@ -186,14 +194,22 @@ fn generate() -> openpgp::Result<openpgp::TPK> {
 # /// Encrypts the given message.
 # fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK)
 #            -> openpgp::Result<()> {
+#    // Build a vector of recipients to hand to Encryptor.
+#    let recipients =
+#        recipient.keys_valid()
+#        .key_flags(KeyFlags::default()
+#                   .set_encrypt_at_rest(true)
+#                   .set_encrypt_for_transport(true))
+#        .map(|(_, _, key)| key.into())
+#        .collect::<Vec<_>>();
+#
 #     // Start streaming an OpenPGP message.
 #     let message = Message::new(sink);
 #
 #     // We want to encrypt a literal data packet.
 #     let encryptor = Encryptor::new(message,
 #                                    &[], // No symmetric encryption.
-#                                    &[recipient],
-#                                    EncryptionMode::ForTransport,
+#                                    &recipients,
 #                                    None, None)?;
 #
 #     // Emit a literal data packet.
@@ -322,14 +338,22 @@ implements [`io::Write`], and we simply write the plaintext to it.
 /// Encrypts the given message.
 fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK)
            -> openpgp::Result<()> {
+    // Build a vector of recipients to hand to Encryptor.
+    let recipients =
+        recipient.keys_valid()
+        .key_flags(KeyFlags::default()
+                   .set_encrypt_at_rest(true)
+                   .set_encrypt_for_transport(true))
+        .map(|(_, _, key)| key.into())
+        .collect::<Vec<_>>();
+
     // Start streaming an OpenPGP message.
     let message = Message::new(sink);
 
     // We want to encrypt a literal data packet.
     let encryptor = Encryptor::new(message,
                                    &[], // No symmetric encryption.
-                                   &[recipient],
-                                   EncryptionMode::ForTransport,
+                                   &recipients,
                                    None, None)?;
 
     // Emit a literal data packet.
@@ -472,14 +496,22 @@ Decrypted data can be read from this using [`io::Read`].
 # /// Encrypts the given message.
 # fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK)
 #            -> openpgp::Result<()> {
+#    // Build a vector of recipients to hand to Encryptor.
+#    let recipients =
+#        recipient.keys_valid()
+#        .key_flags(KeyFlags::default()
+#                   .set_encrypt_at_rest(true)
+#                   .set_encrypt_for_transport(true))
+#        .map(|(_, _, key)| key.into())
+#        .collect::<Vec<_>>();
+#
 #     // Start streaming an OpenPGP message.
 #     let message = Message::new(sink);
 #
 #     // We want to encrypt a literal data packet.
 #     let encryptor = Encryptor::new(message,
 #                                    &[], // No symmetric encryption.
-#                                    &[recipient],
-#                                    EncryptionMode::ForTransport,
+#                                    &recipients,
 #                                    None, None)?;
 #
 #     // Emit a literal data packet.
author	Justus Winter <justus@sequoia-pgp.org>	2019-09-06 13:47:50 +0200
committer	Justus Winter <justus@sequoia-pgp.org>	2019-09-06 16:42:12 +0200
commit	38a4d2b4ff4fc4512b31a4ff4e4ddd8a6b3c7503 (patch)
tree	469d667b6bab8333df02c7a2402b9edabbe08419 /guide
parent	4d642187f1df0c9a4c60dc2355c797ebac6fcd4f (diff)