diff options
| author | Neal H. Walfield <neal@pep.foundation> | 2020-01-06 10:29:13 +0100 |
|---|---|---|
| committer | Neal H. Walfield <neal@pep.foundation> | 2020-01-06 14:34:03 +0100 |
| commit | 7e78e716610ac3a9bff86035c52b344b437951a2 (patch) | |
| tree | 8897a006fd588a019c4beffabdf0050bdc1b8c5b /ipc/examples | |
| parent | a01b070c9599be7f2be4dfaa25dd9ff01efe8a57 (diff) | |
openpgp: Pass a timestamp to the KeyIter instead of each filter.
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
Diffstat (limited to 'ipc/examples')
| -rw-r--r-- | ipc/examples/gpg-agent-decrypt.rs | 2 | ||||
| -rw-r--r-- | ipc/examples/gpg-agent-sign.rs | 7 |
2 files changed, 5 insertions, 4 deletions
diff --git a/ipc/examples/gpg-agent-decrypt.rs b/ipc/examples/gpg-agent-decrypt.rs index 2b9252cc..0f824d60 100644 --- a/ipc/examples/gpg-agent-decrypt.rs +++ b/ipc/examples/gpg-agent-decrypt.rs @@ -74,7 +74,7 @@ impl<'a> Helper<'a> { // Map (sub)KeyIDs to secrets. let mut keys = HashMap::new(); for cert in certs { - for ka in cert.keys() { + for ka in cert.keys().policy(None) { if ka.binding_signature(None) .map(|s| (s.key_flags().for_storage_encryption() || s.key_flags().for_transport_encryption())) diff --git a/ipc/examples/gpg-agent-sign.rs b/ipc/examples/gpg-agent-sign.rs index b5f32a9c..a80f3935 100644 --- a/ipc/examples/gpg-agent-sign.rs +++ b/ipc/examples/gpg-agent-sign.rs @@ -39,9 +39,10 @@ fn main() { // Construct a KeyPair for every signing-capable (sub)key. let mut signers = certs.iter().flat_map(|cert| { - cert.keys().alive().revoked(false).for_signing().filter_map(|ka| { - KeyPair::new(&ctx, ka.key()).ok() - }) + cert.keys().policy(None).alive().revoked(false).for_signing() + .filter_map(|ka| { + KeyPair::new(&ctx, ka.key()).ok() + }) }).collect::<Vec<KeyPair>>(); // Compose a writer stack corresponding to the output format and |