openpgp: Pass a timestamp to the KeyIter instead of each filter.

- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't take a time stamp so they could only be used for filtering keys based on their current state, not their state at some time in the past. Adding a time stamp to each of the filters would have fixed the problem, but it would have made the interface ugly: callers always want the same time stamp for all filters. - Split KeyIter into two structures: a KeyIter and a ValidKeyIter. - Add KeyIter::policy. It takes a time stamp, which is then used for filters like `alive` and `revoked`, and it returns a ValidKeyIter, which exposes filters that require a time stamp.
author: Neal H. Walfield <neal@pep.foundation> 2020-01-06 10:29:13 +0100
committer: Neal H. Walfield <neal@pep.foundation> 2020-01-06 14:34:03 +0100
commit: 7e78e716610ac3a9bff86035c52b344b437951a2 (patch)
tree: 8897a006fd588a019c4beffabdf0050bdc1b8c5b /guide
parent: a01b070c9599be7f2be4dfaa25dd9ff01efe8a57 (diff)
2 files changed, 8 insertions, 8 deletions
diff --git a/guide/src/chapter_01.md b/guide/src/chapter_01.md
index 56c131fb..78978161 100644
--- a/guide/src/chapter_01.md
+++ b/guide/src/chapter_01.md
@@ -51,7 +51,7 @@ fn main() {
 # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
 #            -> openpgp::Result<()> {
 #     // Get the keypair to do the signing from the Cert.
-#     let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+#     let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
 #         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 #
 #     // Start streaming an OpenPGP message.
@@ -196,7 +196,7 @@ fn generate() -> openpgp::Result<openpgp::Cert> {
 # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
 #            -> openpgp::Result<()> {
 #     // Get the keypair to do the signing from the Cert.
-#     let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+#     let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
 #         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 #
 #     // Start streaming an OpenPGP message.
@@ -341,7 +341,7 @@ implements [`io::Write`], and we simply write the plaintext to it.
 fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
            -> openpgp::Result<()> {
     // Get the keypair to do the signing from the Cert.
-    let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+    let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 
     // Start streaming an OpenPGP message.
@@ -497,7 +497,7 @@ Verified data can be read from this using [`io::Read`].
 # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
 #            -> openpgp::Result<()> {
 #     // Get the keypair to do the signing from the Cert.
-#     let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+#     let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
 #         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 # 
 #     // Start streaming an OpenPGP message.
diff --git a/guide/src/chapter_02.md b/guide/src/chapter_02.md
index 9f4c3a0a..f6cb4b48 100644
--- a/guide/src/chapter_02.md
+++ b/guide/src/chapter_02.md
@@ -51,7 +51,7 @@ fn main() {
 #            -> openpgp::Result<()> {
 #    // Build a vector of recipients to hand to Encryptor.
 #    let mut recipients =
-#        recipient.keys().alive().revoked(false)
+#        recipient.keys().policy(None).alive().revoked(false)
 #        .for_transport_encryption()
 #        .map(|ka| ka.key().into())
 #        .collect::<Vec<_>>();
@@ -192,7 +192,7 @@ fn generate() -> openpgp::Result<openpgp::Cert> {
 #            -> openpgp::Result<()> {
 #    // Build a vector of recipients to hand to Encryptor.
 #    let mut recipients =
-#        recipient.keys().alive().revoked(false)
+#        recipient.keys().policy(None).alive().revoked(false)
 #        .for_transport_encryption()
 #        .map(|ka| ka.key().into())
 #        .collect::<Vec<_>>();
@@ -333,7 +333,7 @@ fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::Cert)
            -> openpgp::Result<()> {
     // Build a vector of recipients to hand to Encryptor.
     let mut recipients =
-        recipient.keys().alive().revoked(false)
+        recipient.keys().policy(None).alive().revoked(false)
         .for_transport_encryption()
         .map(|ka| ka.key().into())
         .collect::<Vec<_>>();
@@ -488,7 +488,7 @@ Decrypted data can be read from this using [`io::Read`].
 #            -> openpgp::Result<()> {
 #    // Build a vector of recipients to hand to Encryptor.
 #    let mut recipients =
-#        recipient.keys().alive().revoked(false)
+#        recipient.keys().policy(None).alive().revoked(false)
 #        .for_transport_encryption()
 #        .map(|ka| ka.key().into())
 #        .collect::<Vec<_>>();
author	Neal H. Walfield <neal@pep.foundation>	2020-01-06 10:29:13 +0100
committer	Neal H. Walfield <neal@pep.foundation>	2020-01-06 14:34:03 +0100
commit	7e78e716610ac3a9bff86035c52b344b437951a2 (patch)
tree	8897a006fd588a019c4beffabdf0050bdc1b8c5b /guide
parent	a01b070c9599be7f2be4dfaa25dd9ff01efe8a57 (diff)