diff options
author | Neal H. Walfield <neal@pep.foundation> | 2020-01-31 14:20:53 +0100 |
---|---|---|
committer | Neal H. Walfield <neal@pep.foundation> | 2020-01-31 15:59:16 +0100 |
commit | a464ce819ccd1fa07ff8c6d0be74cff5eec5cf34 (patch) | |
tree | 31ed9d18b9c7802a93b4e4c8e6e85d1121b201d8 /ipc/examples | |
parent | b9b6533bd5394cd5cdb6b91b5c5ca7a02e3ea199 (diff) |
openpgp: Add a policy object.
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
Diffstat (limited to 'ipc/examples')
-rw-r--r-- | ipc/examples/gpg-agent-decrypt.rs | 12 | ||||
-rw-r--r-- | ipc/examples/gpg-agent-sign.rs | 5 |
2 files changed, 13 insertions, 4 deletions
diff --git a/ipc/examples/gpg-agent-decrypt.rs b/ipc/examples/gpg-agent-decrypt.rs index 69ba9d3b..0f0b3beb 100644 --- a/ipc/examples/gpg-agent-decrypt.rs +++ b/ipc/examples/gpg-agent-decrypt.rs @@ -21,9 +21,13 @@ use crate::openpgp::parse::{ MessageLayer, }, }; +use crate::openpgp::policy::Policy; +use crate::openpgp::policy::StandardPolicy as P; use crate::ipc::gnupg::{Context, KeyPair}; fn main() { + let p = &P::new(); + let matches = clap::App::new("gpg-agent-decrypt") .version(env!("CARGO_PKG_VERSION")) .about("Connects to gpg-agent and decrypts a message.") @@ -51,7 +55,7 @@ fn main() { // Now, create a decryptor with a helper using the given Certs. let mut decryptor = - Decryptor::from_reader(io::stdin(), Helper::new(&ctx, certs), None) + Decryptor::from_reader(p, io::stdin(), Helper::new(&ctx, p, certs), None) .unwrap(); // Finally, stream the decrypted data to stdout. @@ -70,11 +74,13 @@ struct Helper<'a> { impl<'a> Helper<'a> { /// Creates a Helper for the given Certs with appropriate secrets. - fn new(ctx: &'a Context, certs: Vec<openpgp::Cert>) -> Self { + fn new(ctx: &'a Context, policy: &'a dyn Policy, certs: Vec<openpgp::Cert>) + -> Self + { // Map (sub)KeyIDs to secrets. let mut keys = HashMap::new(); for cert in certs { - for ka in cert.keys().policy(None) + for ka in cert.keys().set_policy(policy, None) .for_storage_encryption().for_transport_encryption() { let key = ka.key(); diff --git a/ipc/examples/gpg-agent-sign.rs b/ipc/examples/gpg-agent-sign.rs index a80f3935..424f2a74 100644 --- a/ipc/examples/gpg-agent-sign.rs +++ b/ipc/examples/gpg-agent-sign.rs @@ -9,9 +9,12 @@ extern crate sequoia_ipc as ipc; use crate::openpgp::armor; use crate::openpgp::parse::Parse; use crate::openpgp::serialize::stream::{Message, LiteralWriter, Signer}; +use crate::openpgp::policy::StandardPolicy as P; use crate::ipc::gnupg::{Context, KeyPair}; fn main() { + let p = &P::new(); + let matches = clap::App::new("gpg-agent-sign") .version(env!("CARGO_PKG_VERSION")) .about("Connects to gpg-agent and creates a dummy signature.") @@ -39,7 +42,7 @@ fn main() { // Construct a KeyPair for every signing-capable (sub)key. let mut signers = certs.iter().flat_map(|cert| { - cert.keys().policy(None).alive().revoked(false).for_signing() + cert.keys().set_policy(p, None).alive().revoked(false).for_signing() .filter_map(|ka| { KeyPair::new(&ctx, ka.key()).ok() }) |