diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-09-06 13:47:50 +0200 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-09-06 16:42:12 +0200 |
commit | 38a4d2b4ff4fc4512b31a4ff4e4ddd8a6b3c7503 (patch) | |
tree | 469d667b6bab8333df02c7a2402b9edabbe08419 /openpgp/examples | |
parent | 4d642187f1df0c9a4c60dc2355c797ebac6fcd4f (diff) |
openpgp: Rework streaming encryptor.
- Instead of giving a set of TPKs to the encryptor, hand in a set of
recipients, which are (keyid, key)-tuples, conveniently created
from key queries over TPKs. This simplifies the encryptor, and
makes the key selection explicit.
- Drop the EncryptionMode type.
- As a nice side effect, we can now generate encrypted messages with
wildcard recipient addresses.
Diffstat (limited to 'openpgp/examples')
-rw-r--r-- | openpgp/examples/encrypt-for.rs | 17 | ||||
-rw-r--r-- | openpgp/examples/generate-encrypt-decrypt.rs | 13 | ||||
-rw-r--r-- | openpgp/examples/pad.rs | 18 |
3 files changed, 34 insertions, 14 deletions
diff --git a/openpgp/examples/encrypt-for.rs b/openpgp/examples/encrypt-for.rs index d416c321..327cb56d 100644 --- a/openpgp/examples/encrypt-for.rs +++ b/openpgp/examples/encrypt-for.rs @@ -7,9 +7,10 @@ use std::io; extern crate sequoia_openpgp as openpgp; use crate::openpgp::armor; use crate::openpgp::constants::DataFormat; +use crate::openpgp::packet::KeyFlags; use crate::openpgp::parse::Parse; use crate::openpgp::serialize::stream::{ - Message, LiteralWriter, Encryptor, EncryptionMode, + Message, LiteralWriter, Encryptor, }; fn main() { @@ -21,8 +22,8 @@ fn main() { } let mode = match args[1].as_ref() { - "at-rest" => EncryptionMode::AtRest, - "for-transport" => EncryptionMode::ForTransport, + "at-rest" => KeyFlags::default().set_encrypt_at_rest(true), + "for-transport" => KeyFlags::default().set_encrypt_for_transport(true), x => panic!("invalid mode: {:?}, \ must be either 'at-rest' or 'for-transport'", x), @@ -33,8 +34,13 @@ fn main() { openpgp::TPK::from_file(f) .expect("Failed to read key") }).collect(); - // Build a vector of references to hand to Encryptor. - let recipients: Vec<&openpgp::TPK> = tpks.iter().collect(); + + // Build a vector of recipients to hand to Encryptor. + let recipients = + tpks.iter() + .flat_map(|tpk| tpk.keys_valid().key_flags(mode.clone())) + .map(|(_, _, key)| key.into()) + .collect::<Vec<_>>(); // Compose a writer stack corresponding to the output format and // packet structure we want. First, we want the output to be @@ -49,7 +55,6 @@ fn main() { let encryptor = Encryptor::new(message, &[], // No symmetric encryption. &recipients, - mode, None, None) .expect("Failed to create encryptor"); let mut literal_writer = LiteralWriter::new(encryptor, DataFormat::Binary, diff --git a/openpgp/examples/generate-encrypt-decrypt.rs b/openpgp/examples/generate-encrypt-decrypt.rs index 301a4340..c0c4c4ed 100644 --- a/openpgp/examples/generate-encrypt-decrypt.rs +++ b/openpgp/examples/generate-encrypt-decrypt.rs @@ -6,6 +6,7 @@ extern crate sequoia_openpgp as openpgp; use crate::openpgp::crypto::SessionKey; use crate::openpgp::constants::SymmetricAlgorithm; use crate::openpgp::serialize::stream::*; +use crate::openpgp::packet::KeyFlags; use crate::openpgp::parse::stream::*; const MESSAGE: &'static str = "дружба"; @@ -40,14 +41,22 @@ fn generate() -> openpgp::Result<openpgp::TPK> { /// Encrypts the given message. fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK) -> openpgp::Result<()> { + // Build a vector of recipients to hand to Encryptor. + let recipients = + recipient.keys_valid() + .key_flags(KeyFlags::default() + .set_encrypt_at_rest(true) + .set_encrypt_for_transport(true)) + .map(|(_, _, key)| key.into()) + .collect::<Vec<_>>(); + // Start streaming an OpenPGP message. let message = Message::new(sink); // We want to encrypt a literal data packet. let encryptor = Encryptor::new(message, &[], // No symmetric encryption. - &[recipient], - EncryptionMode::ForTransport, + &recipients, None, None)?; // Emit a literal data packet. diff --git a/openpgp/examples/pad.rs b/openpgp/examples/pad.rs index b4e0f175..a959786d 100644 --- a/openpgp/examples/pad.rs +++ b/openpgp/examples/pad.rs @@ -7,9 +7,11 @@ use std::io; extern crate sequoia_openpgp as openpgp; use crate::openpgp::armor; use crate::openpgp::constants::DataFormat; +use crate::openpgp::KeyID; +use crate::openpgp::packet::KeyFlags; use crate::openpgp::parse::Parse; use crate::openpgp::serialize::stream::{ - Message, LiteralWriter, Encryptor, EncryptionMode, + Message, LiteralWriter, Encryptor, Recipient, }; use crate::openpgp::serialize::padding::*; @@ -22,8 +24,8 @@ fn main() { } let mode = match args[1].as_ref() { - "at-rest" => EncryptionMode::AtRest, - "for-transport" => EncryptionMode::ForTransport, + "at-rest" => KeyFlags::default().set_encrypt_at_rest(true), + "for-transport" => KeyFlags::default().set_encrypt_for_transport(true), x => panic!("invalid mode: {:?}, \ must be either 'at-rest' or 'for-transport'", x), @@ -34,8 +36,13 @@ fn main() { openpgp::TPK::from_file(f) .expect("Failed to read key") }).collect(); - // Build a vector of references to hand to Encryptor. - let recipients: Vec<&openpgp::TPK> = tpks.iter().collect(); + + // Build a vector of recipients to hand to Encryptor. + let recipients = + tpks.iter() + .flat_map(|tpk| tpk.keys_valid().key_flags(mode.clone())) + .map(|(_, _, key)| Recipient::new(KeyID::wildcard(), key)) + .collect::<Vec<_>>(); // Compose a writer stack corresponding to the output format and // packet structure we want. First, we want the output to be @@ -50,7 +57,6 @@ fn main() { let encryptor = Encryptor::new(message, &[], // No symmetric encryption. &recipients, - mode, None, None) .expect("Failed to create encryptor"); |