diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2020-01-21 16:32:07 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2020-01-21 16:38:09 +0100 |
| commit | 0a90c63dd3fe0beaa905d1c28924513d79e48c89 (patch) | |
| tree | ae848fd45ce2dd33c237e1781ffcf84a3aac7fb2 /openpgp | |
| parent | ea15543a1bebb1e9c985ac85a348e8ae3d5a7cb3 (diff) | |
openpgp: Avoid use of Cert::primary_key.
Diffstat (limited to 'openpgp')
| -rw-r--r-- | openpgp/src/cert/bindings.rs | 18 | ||||
| -rw-r--r-- | openpgp/src/cert/builder.rs | 18 | ||||
| -rw-r--r-- | openpgp/src/cert/mod.rs | 40 | ||||
| -rw-r--r-- | openpgp/src/cert/parser/mod.rs | 2 | ||||
| -rw-r--r-- | openpgp/src/cert/revoke.rs | 10 | ||||
| -rw-r--r-- | openpgp/src/crypto/hash.rs | 6 | ||||
| -rw-r--r-- | openpgp/src/packet/key/mod.rs | 6 | ||||
| -rw-r--r-- | openpgp/src/packet/signature/mod.rs | 10 | ||||
| -rw-r--r-- | openpgp/src/serialize/cert.rs | 9 | ||||
| -rw-r--r-- | openpgp/src/serialize/mod.rs | 2 |
10 files changed, 60 insertions, 61 deletions
diff --git a/openpgp/src/cert/bindings.rs b/openpgp/src/cert/bindings.rs index cfa90755..fa372680 100644 --- a/openpgp/src/cert/bindings.rs +++ b/openpgp/src/cert/bindings.rs @@ -31,7 +31,7 @@ impl<P: key::KeyParts> Key<P, key::SubordinateRole> { /// # fn f() -> Result<()> { /// // Generate a Cert, and create a keypair from the primary key. /// let (cert, _) = CertBuilder::new().generate()?; - /// let mut keypair = cert.primary_key().clone() + /// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// /// // Let's add an encryption subkey. @@ -64,7 +64,8 @@ impl<P: key::KeyParts> Key<P, key::SubordinateRole> { signature .set_issuer_fingerprint(signer.public().fingerprint())? .set_issuer(signer.public().keyid())? - .sign_subkey_binding(signer, cert.primary_key(), self) + .sign_subkey_binding( + signer, cert.primary().key().mark_role_primary_ref(), self) } } @@ -92,7 +93,7 @@ impl UserID { /// # fn f() -> Result<()> { /// // Generate a Cert, and create a keypair from the primary key. /// let (cert, _) = CertBuilder::new().generate()?; - /// let mut keypair = cert.primary_key().clone() + /// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// assert_eq!(cert.userids().len(), 0); /// @@ -116,7 +117,7 @@ impl UserID { .set_issuer_fingerprint(signer.public().fingerprint())? .set_issuer(signer.public().keyid())? .sign_userid_binding( - signer, cert.primary_key(), self) + signer, cert.primary().key().mark_role_primary_ref(), self) } /// Returns a certificate for the user id. @@ -150,7 +151,7 @@ impl UserID { /// .primary_key_flags(KeyFlags::default().set_certification(true)) /// .add_userid("alice@example.org") /// .generate()?; - /// let mut keypair = alice.primary_key().clone() + /// let mut keypair = alice.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// /// // Generate a Cert for Bob. @@ -227,7 +228,7 @@ impl UserAttribute { /// // Generate a Cert, and create a keypair from the primary key. /// let (cert, _) = CertBuilder::new() /// .generate()?; - /// let mut keypair = cert.primary_key().clone() + /// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// assert_eq!(cert.userids().len(), 0); /// @@ -253,7 +254,8 @@ impl UserAttribute { signature .set_issuer_fingerprint(signer.public().fingerprint())? .set_issuer(signer.public().keyid())? - .sign_user_attribute_binding(signer, cert.primary_key(), self) + .sign_user_attribute_binding( + signer, cert.primary().key().mark_role_primary_ref(), self) } /// Returns a certificate for the user attribute. @@ -287,7 +289,7 @@ impl UserAttribute { /// let (alice, _) = CertBuilder::new() /// .add_userid("alice@example.org") /// .generate()?; - /// let mut keypair = alice.primary_key().clone() + /// let mut keypair = alice.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// /// // Generate a Cert for Bob. diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs index ae0c0562..40f8e856 100644 --- a/openpgp/src/cert/builder.rs +++ b/openpgp/src/cert/builder.rs @@ -513,14 +513,14 @@ mod tests { .set_cipher_suite(CipherSuite::RSA3k) .set_cipher_suite(CipherSuite::Cv25519) .generate().unwrap(); - assert_eq!(cert1.primary_key().pk_algo(), PublicKeyAlgorithm::EdDSA); + assert_eq!(cert1.primary().pk_algo(), PublicKeyAlgorithm::EdDSA); let (cert2, _) = CertBuilder::new() .set_cipher_suite(CipherSuite::RSA3k) .add_userid("test2@example.com") .add_transport_encryption_subkey() .generate().unwrap(); - assert_eq!(cert2.primary_key().pk_algo(), + assert_eq!(cert2.primary().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); assert_eq!(cert2.subkeys().next().unwrap().key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); @@ -531,7 +531,7 @@ mod tests { let (cert1, _) = CertBuilder::new() .add_userid("test2@example.com") .generate().unwrap(); - assert_eq!(cert1.primary_key().pk_algo(), + assert_eq!(cert1.primary().pk_algo(), PublicKeyAlgorithm::EdDSA); assert!(cert1.subkeys().next().is_none()); if let Some(sig) = cert1.primary_key_signature(None) { @@ -546,7 +546,7 @@ mod tests { let (cert1, _) = CertBuilder::autocrypt(Autocrypt::V1, Some("Foo")) .generate().unwrap(); - assert_eq!(cert1.primary_key().pk_algo(), + assert_eq!(cert1.primary().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); assert_eq!(cert1.subkeys().next().unwrap().key().pk_algo(), PublicKeyAlgorithm::RSAEncryptSign); @@ -558,7 +558,7 @@ mod tests { let (cert1, _) = CertBuilder::autocrypt(Autocrypt::V1_1, Some("Foo")) .generate().unwrap(); - assert_eq!(cert1.primary_key().pk_algo(), + assert_eq!(cert1.primary().pk_algo(), PublicKeyAlgorithm::EdDSA); assert_eq!(cert1.subkeys().next().unwrap().key().pk_algo(), PublicKeyAlgorithm::ECDH); @@ -638,7 +638,7 @@ mod tests { .set_cipher_suite(CipherSuite::Cv25519) .set_password(Some(String::from("streng geheim").into())) .generate().unwrap(); - assert!(cert.primary_key().secret().unwrap().is_encrypted()); + assert!(cert.primary().secret().unwrap().is_encrypted()); } #[test] @@ -663,9 +663,9 @@ mod tests { None) .generate().unwrap(); - let now = cert.primary_key().creation_time() + let now = cert.primary().creation_time() + 5 * s; // The subkeys may be created a tad later. - let key = cert.primary_key(); + let key = cert.primary().key(); let sig = cert.primary_key_signature(None).unwrap(); assert!(sig.key_alive(key, now).is_ok()); assert!(sig.key_alive(key, now + 590 * s).is_ok()); @@ -696,7 +696,7 @@ mod tests { .add_signing_subkey() .generate().unwrap(); - assert_eq!(cert.primary_key().creation_time(), UNIX_EPOCH); + assert_eq!(cert.primary().creation_time(), UNIX_EPOCH); assert_eq!(cert.primary_key_signature(None).unwrap() .signature_creation_time().unwrap(), UNIX_EPOCH); assert_eq!(rev.signature_creation_time().unwrap(), UNIX_EPOCH); diff --git a/openpgp/src/cert/mod.rs b/openpgp/src/cert/mod.rs index 3f702e0f..83f1271c 100644 --- a/openpgp/src/cert/mod.rs +++ b/openpgp/src/cert/mod.rs @@ -353,7 +353,7 @@ type UnknownBindings = ComponentBindings<Unknown>; /// # let ppr = PacketParser::from_bytes(&b""[..])?; /// match Cert::from_packet_parser(ppr) { /// Ok(cert) => { -/// println!("Key: {}", cert.primary_key()); +/// println!("Key: {}", cert.fingerprint()); /// for binding in cert.userids().bindings() { /// println!("User ID: {}", binding.userid()); /// } @@ -536,7 +536,7 @@ impl Cert { /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, /// cert.revoked(None)); /// - /// let mut keypair = cert.primary_key().clone() + /// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// let cert = cert.revoke_in_place(&mut keypair, /// ReasonForRevocation::KeyCompromised, @@ -569,7 +569,7 @@ impl Cert { { let t = t.into(); if let Some(sig) = self.primary_key_signature(t) { - sig.key_alive(self.primary_key(), t) + sig.key_alive(self.primary().key(), t) } else { Err(Error::MalformedCert("No primary key signature".into()).into()) } @@ -596,7 +596,7 @@ impl Cert { let hash_algo = HashAlgorithm::SHA512; let mut hash = hash_algo.context()?; - self.primary_key().hash(&mut hash); + self.primary().hash(&mut hash); if let Some((userid, _)) = userid { userid.userid().hash(&mut hash); } else { @@ -1187,17 +1187,17 @@ impl Cert { /// Returns the Cert's fingerprint. pub fn key_handle(&self) -> KeyHandle { - self.primary_key().key_handle() + self.primary.key().key_handle() } /// Returns the Cert's fingerprint. pub fn fingerprint(&self) -> Fingerprint { - self.primary_key().fingerprint() + self.primary.key().fingerprint() } /// Returns the Cert's keyid. pub fn keyid(&self) -> KeyID { - self.primary_key().keyid() + self.primary.key().keyid() } /// Converts the Cert into an iterator over a sequence of packets. @@ -1303,7 +1303,7 @@ impl Cert { /// Returns whether at least one of the keys includes a secret /// part. pub fn is_tsk(&self) -> bool { - if self.primary_key().secret().is_some() { + if self.primary().secret().is_some() { return true; } self.subkeys().any(|sk| { @@ -1793,14 +1793,14 @@ mod test { let cert = Cert::from_bytes(crate::tests::key("about-to-expire.expired.pgp")) .unwrap(); assert!(! cert.primary_key_signature(None).unwrap() - .key_alive(cert.primary_key(), None).is_ok()); + .key_alive(cert.primary().key(), None).is_ok()); let update = Cert::from_bytes(crate::tests::key("about-to-expire.update-no-uid.pgp")) .unwrap(); let cert = cert.merge(update).unwrap(); assert!(cert.primary_key_signature(None).unwrap() - .key_alive(cert.primary_key(), None).is_ok()); + .key_alive(cert.primary().key(), None).is_ok()); } #[test] @@ -1860,14 +1860,14 @@ mod test { let (cert, _) = CertBuilder::autocrypt(None, Some("Test")) .generate().unwrap(); - let now = cert.primary_key().creation_time(); + let now = cert.primary().creation_time(); let a_sec = time::Duration::new(1, 0); let expiry_orig = cert.primary_key_signature(None).unwrap() .key_expiration_time() .expect("Keys expire by default."); - let mut keypair = cert.primary_key().clone().mark_parts_secret() + let mut keypair = cert.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); // Clear the expiration. @@ -2040,7 +2040,7 @@ mod test { assert_eq!(RevocationStatus::NotAsFarAsWeKnow, cert.revoked(None)); - let mut keypair = cert.primary_key().clone().mark_parts_secret() + let mut keypair = cert.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); let sig = CertRevocationBuilder::new() @@ -2062,7 +2062,7 @@ mod test { let (other, _) = CertBuilder::autocrypt(None, Some("Test 2")) .generate().unwrap(); - let mut keypair = other.primary_key().clone().mark_parts_secret() + let mut keypair = other.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); let sig = CertRevocationBuilder::new() @@ -2088,7 +2088,7 @@ mod test { let subkey = cert.subkeys().nth(0).unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, subkey.revoked(None)); - let mut keypair = cert.primary_key().clone().mark_parts_secret() + let mut keypair = cert.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); SubkeyRevocationBuilder::new() .set_reason_for_revocation( @@ -2117,7 +2117,7 @@ mod test { let uid = cert.userids().policy(None).nth(1).unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, uid.revoked()); - let mut keypair = cert.primary_key().clone().mark_parts_secret() + let mut keypair = cert.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); UserIDRevocationBuilder::new() .set_reason_for_revocation( @@ -2862,7 +2862,7 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // Have alice cerify the binding "bob@bar.com" and bob's key. let alice_certifies_bob = bob_userid_binding.userid().bind( - &mut alice.primary_key().clone().mark_parts_secret() + &mut alice.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(), &bob, sig_template).unwrap(); @@ -2888,8 +2888,8 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // Make sure the certification is correct. alice_certifies_bob - .verify_userid_binding(&alice.primary_key().clone(), - &bob.primary_key().clone(), + .verify_userid_binding(alice.primary().key().mark_role_primary_ref(), + bob.primary().key().mark_role_primary_ref(), bob_userid_binding.userid()).unwrap(); } } @@ -2903,7 +2903,7 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= assert_eq!(cert.keys().secret().count(), 2); assert_eq!(cert.keys().unencrypted_secret().count(), 0); - let mut primary = cert.primary_key().clone(); + let mut primary = cert.primary().key().clone(); let algo = primary.pk_algo(); primary.secret_mut().unwrap() .decrypt_in_place(algo, &"streng geheim".into()).unwrap(); diff --git a/openpgp/src/cert/parser/mod.rs b/openpgp/src/cert/parser/mod.rs index df558e23..35b8ac3f 100644 --- a/openpgp/src/cert/parser/mod.rs +++ b/openpgp/src/cert/parser/mod.rs @@ -401,7 +401,7 @@ enum PacketSource<'a, I: Iterator<Item=Packet>> { /// for certo in CertParser::from_packet_parser(ppr) { /// match certo { /// Ok(cert) => { -/// println!("Key: {}", cert.primary_key()); +/// println!("Key: {}", cert.fingerprint()); /// for uid in cert.userids() { /// println!("User ID: {}", uid); /// } diff --git a/openpgp/src/cert/revoke.rs b/openpgp/src/cert/revoke.rs index 6b8e2b28..fea84064 100644 --- a/openpgp/src/cert/revoke.rs +++ b/openpgp/src/cert/revoke.rs @@ -54,7 +54,7 @@ use crate::cert::Cert; /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, /// cert.revoked(None)); /// -/// let mut signer = cert.primary_key().clone() +/// let mut signer = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// let sig = CertRevocationBuilder::new() /// .set_reason_for_revocation(ReasonForRevocation::KeyCompromised, @@ -108,7 +108,7 @@ impl CertRevocationBuilder { let hash_algo = hash_algo.into().unwrap_or(HashAlgorithm::SHA512); let mut hash = hash_algo.context()?; - cert.primary_key().hash(&mut hash); + cert.primary().hash(&mut hash); let creation_time = self.signature_creation_time() @@ -161,7 +161,7 @@ impl Deref for CertRevocationBuilder { /// let (cert, _) = CertBuilder::new() /// .add_transport_encryption_subkey() /// .generate()?; -/// let mut keypair = cert.primary_key().clone() +/// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// let subkey = cert.keys().subkeys().nth(0).unwrap(); /// @@ -274,7 +274,7 @@ impl Deref for SubkeyRevocationBuilder { /// let (cert, _) = CertBuilder::new() /// .add_userid("some@example.org") /// .generate()?; -/// let mut keypair = cert.primary_key().clone() +/// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// let userid = cert.userids().nth(0).unwrap(); /// @@ -389,7 +389,7 @@ impl Deref for UserIDRevocationBuilder { /// let (cert, _) = CertBuilder::new() /// .add_user_attribute(some_user_attribute) /// .generate()?; -/// let mut keypair = cert.primary_key().clone() +/// let mut keypair = cert.primary().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// let ua = cert.user_attributes().nth(0).unwrap(); /// diff --git a/openpgp/src/crypto/hash.rs b/openpgp/src/crypto/hash.rs index 4afe0f89..31c5099a 100644 --- a/openpgp/src/crypto/hash.rs +++ b/openpgp/src/crypto/hash.rs @@ -495,7 +495,7 @@ mod test { for selfsig in binding.self_signatures() { let h = Signature::hash_userid_binding( selfsig, - cert.primary_key(), + cert.primary().key().mark_role_primary_ref(), binding.userid()).unwrap(); if &h[..2] != selfsig.digest_prefix() { eprintln!("{:?}: {:?} / {:?}", @@ -512,7 +512,7 @@ mod test { for selfsig in binding.self_signatures() { let h = Signature::hash_user_attribute_binding( selfsig, - cert.primary_key(), + cert.primary().key().mark_role_primary_ref(), binding.user_attribute()).unwrap(); if &h[..2] != selfsig.digest_prefix() { eprintln!("{:?}: {:?} / {:?}", @@ -528,7 +528,7 @@ mod test { for selfsig in binding.self_signatures() { let h = Signature::hash_subkey_binding( selfsig, - cert.primary_key(), + cert.primary().key().mark_role_primary_ref(), binding.key()).unwrap(); if &h[..2] != selfsig.digest_prefix() { eprintln!("{:?}: {:?}", i, binding); diff --git a/openpgp/src/packet/key/mod.rs b/openpgp/src/packet/key/mod.rs index 3e709873..40f6905a 100644 --- a/openpgp/src/packet/key/mod.rs +++ b/openpgp/src/packet/key/mod.rs @@ -43,10 +43,10 @@ //! // Get a handle to the Cert's primary key that allows using the //! // secret key material. //! use std::convert::TryInto; -//! let sk: &Key<key::SecretParts, key::PrimaryRole> = cert.primary_key().try_into()?; +//! let sk: &Key<key::SecretParts, key::PrimaryRole> = cert.primary().key().try_into()?; //! //! // Make the conversion explicit. -//! let sk = cert.primary_key().mark_parts_secret_ref()?; +//! let sk = cert.primary().key().mark_parts_secret_ref()?.mark_role_primary_ref(); //! # Ok(()) //! # } //! ``` @@ -1328,7 +1328,7 @@ mod tests { fn encrypted_rsa_key() { let cert = Cert::from_bytes( crate::tests::key("testy-new-encrypted-with-123.pgp")).unwrap(); - let mut pair = cert.primary_key().clone(); + let mut pair = cert.primary().key().clone(); let pk_algo = pair.pk_algo(); let secret = pair.secret.as_mut().unwrap(); diff --git a/openpgp/src/packet/signature/mod.rs b/openpgp/src/packet/signature/mod.rs index 840c9404..a44a8929 100644 --- a/openpgp/src/packet/signature/mod.rs +++ b/openpgp/src/packet/signature/mod.rs @@ -1212,7 +1212,7 @@ mod test { crate::tests::message(test.data)).unwrap(); while let PacketParserResult::Some(pp) = ppr { if let Packet::Signature(ref sig) = pp.packet { - let result = sig.verify(cert.primary_key()) + let result = sig.verify(cert.primary().key()) .map(|_| true).unwrap_or(false); eprintln!(" Primary {:?}: {:?}", cert.fingerprint(), result); @@ -1274,7 +1274,7 @@ mod test { "emmelie-dorothea-dina-samantha-awina-ed25519-private.pgp", ] { let cert = Cert::from_bytes(crate::tests::key(key)).unwrap(); - let mut pair = cert.primary_key().clone() + let mut pair = cert.primary().key().clone() .mark_parts_secret().unwrap() .into_keypair() .expect("secret key is encrypted/missing"); @@ -1331,7 +1331,7 @@ mod test { panic!("Expected a Signature, got: {:?}", p); }; - sig.verify_message(cert.primary_key(), &msg[..]).unwrap(); + sig.verify_message(cert.primary().key(), &msg[..]).unwrap(); } #[test] @@ -1389,7 +1389,7 @@ mod test { let cert = &uid_binding.certifications()[0]; cert.verify_userid_binding(cert_key1, - test2.primary_key(), + test2.primary().key().mark_role_primary_ref(), uid_binding.userid()).unwrap(); } @@ -1473,7 +1473,7 @@ mod test { if let Packet::Signature(sig) = p { let digest = Signature::hash_standalone(&sig).unwrap(); eprintln!("{}", crate::fmt::hex::encode(&digest)); - sig.verify_timestamp(alpha.primary_key()).unwrap(); + sig.verify_timestamp(alpha.primary().key()).unwrap(); } else { panic!("expected a signature packet"); } diff --git a/openpgp/src/serialize/cert.rs b/openpgp/src/serialize/cert.rs index c749c28d..c3ec4f6d 100644 --- a/openpgp/src/serialize/cert.rs +++ b/openpgp/src/serialize/cert.rs @@ -325,15 +325,12 @@ impl<'a> TSK<'a> { /// // Only write out the primary key's secret. /// let mut buf = Vec::new(); /// cert.as_tsk() - /// .set_filter( - /// |k| k == cert.primary_key() - /// .mark_parts_secret_ref().unwrap() - /// .mark_role_unspecified_ref()) + /// .set_filter(|k| k.fingerprint() == cert.fingerprint()) /// .serialize(&mut buf)?; /// /// let cert_ = Cert::from_bytes(&buf)?; /// assert_eq!(cert_.keys().policy(None).alive().revoked(false).secret().count(), 1); - /// assert!(cert_.primary_key().secret().is_some()); + /// assert!(cert_.primary().secret().is_some()); /// # Ok(()) } pub fn set_filter<P>(mut self, predicate: P) -> Self where P: 'a + Fn(&'a key::UnspecifiedSecret) -> bool @@ -736,7 +733,7 @@ mod test { }; let (cert, _) = CertBuilder::new().generate().unwrap(); - let mut keypair = cert.primary_key().clone().mark_parts_secret() + let mut keypair = cert.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); let key: key::SecretSubkey = diff --git a/openpgp/src/serialize/mod.rs b/openpgp/src/serialize/mod.rs index 4d0d1e7e..7319cc0d 100644 --- a/openpgp/src/serialize/mod.rs +++ b/openpgp/src/serialize/mod.rs @@ -2958,7 +2958,7 @@ mod test { use crate::cert::CertBuilder; let (cert, _) = CertBuilder::new().generate().unwrap(); - let mut keypair = cert.primary_key().clone().mark_parts_secret() + let mut keypair = cert.primary().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); let uid = UserID::from("foo"); |