diff options
46 files changed, 1568 insertions, 637 deletions
diff --git a/guide/src/chapter_01.md b/guide/src/chapter_01.md index 8d973e07..d82d8bb0 100644 --- a/guide/src/chapter_01.md +++ b/guide/src/chapter_01.md @@ -14,6 +14,7 @@ use std::io::{self, Write}; extern crate failure; extern crate sequoia_openpgp as openpgp; use openpgp::serialize::stream::*; +use openpgp::packet::prelude::*; use openpgp::parse::stream::*; const MESSAGE: &'static str = "дружба"; @@ -49,8 +50,9 @@ fn main() { # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::TPK) # -> openpgp::Result<()> { # // Get the keypair to do the signing from the TPK. -# let mut keypair = tsk.keys_valid().signing_capable().nth(0).unwrap().2 -# .clone().into_keypair()?; +# let key : key::UnspecifiedSecret +# = tsk.keys_valid().signing_capable().nth(0).unwrap().2.clone().into(); +# let mut keypair = key.into_keypair()?; # # // Start streaming an OpenPGP message. # let message = Message::new(sink); @@ -156,6 +158,7 @@ create it: # extern crate sequoia_openpgp as openpgp; # use openpgp::serialize::stream::*; # use openpgp::parse::stream::*; +# use openpgp::packet::prelude::*; # # const MESSAGE: &'static str = "дружба"; # @@ -190,8 +193,9 @@ fn generate() -> openpgp::Result<openpgp::TPK> { # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::TPK) # -> openpgp::Result<()> { # // Get the keypair to do the signing from the TPK. -# let mut keypair = tsk.keys_valid().signing_capable().nth(0).unwrap().2 -# .clone().into_keypair()?; +# let key : key::UnspecifiedSecret +# = tsk.keys_valid().signing_capable().nth(0).unwrap().2.clone().into(); +# let mut keypair = key.into_keypair()?; # # // Start streaming an OpenPGP message. # let message = Message::new(sink); @@ -296,6 +300,7 @@ implements [`io::Write`], and we simply write the plaintext to it. # extern crate failure; # extern crate sequoia_openpgp as openpgp; # use openpgp::serialize::stream::*; +# use openpgp::packet::prelude::*; # use openpgp::parse::stream::*; # # const MESSAGE: &'static str = "дружба"; @@ -331,8 +336,9 @@ implements [`io::Write`], and we simply write the plaintext to it. fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::TPK) -> openpgp::Result<()> { // Get the keypair to do the signing from the TPK. - let mut keypair = tsk.keys_valid().signing_capable().nth(0).unwrap().2 - .clone().into_keypair()?; + let key : key::UnspecifiedSecret + = tsk.keys_valid().signing_capable().nth(0).unwrap().2.clone().into(); + let mut keypair = key.into_keypair()?; // Start streaming an OpenPGP message. let message = Message::new(sink); @@ -448,6 +454,7 @@ Verified data can be read from this using [`io::Read`]. # extern crate failure; # extern crate sequoia_openpgp as openpgp; # use openpgp::serialize::stream::*; +# use openpgp::packet::prelude::*; # use openpgp::parse::stream::*; # # const MESSAGE: &'static str = "дружба"; @@ -483,8 +490,9 @@ Verified data can be read from this using [`io::Read`]. # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::TPK) # -> openpgp::Result<()> { # // Get the keypair to do the signing from the TPK. -# let mut keypair = tsk.keys_valid().signing_capable().nth(0).unwrap().2 -# .clone().into_keypair()?; +# let key : key::UnspecifiedSecret +# = tsk.keys_valid().signing_capable().nth(0).unwrap().2.clone().into(); +# let mut keypair = key.into_keypair()?; # # // Start streaming an OpenPGP message. # let message = Message::new(sink); diff --git a/guide/src/chapter_02.md b/guide/src/chapter_02.md index b6463033..7c564ff0 100644 --- a/guide/src/chapter_02.md +++ b/guide/src/chapter_02.md @@ -15,6 +15,7 @@ extern crate sequoia_openpgp as openpgp; use openpgp::crypto::SessionKey; use openpgp::constants::SymmetricAlgorithm; use openpgp::serialize::stream::*; +use openpgp::packet::prelude::*; use openpgp::parse::stream::*; const MESSAGE: &'static str = "дружба"; @@ -118,9 +119,10 @@ fn main() { # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> # { # // The encryption key is the first and only subkey. -# let key = self.secret.subkeys().nth(0) +# let key : key::UnspecifiedSecret +# = self.secret.subkeys().nth(0) # .map(|binding| binding.key().clone()) -# .unwrap(); +# .unwrap().into(); # # // The secret key is not encrypted. # let mut pair = key.into_keypair().unwrap(); @@ -149,6 +151,7 @@ create it: # use openpgp::crypto::SessionKey; # use openpgp::constants::SymmetricAlgorithm; # use openpgp::serialize::stream::*; +# use openpgp::packet::prelude::*; # use openpgp::parse::stream::*; # # const MESSAGE: &'static str = "дружба"; @@ -252,9 +255,10 @@ fn generate() -> openpgp::Result<openpgp::TPK> { # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> # { # // The encryption key is the first and only subkey. -# let key = self.secret.subkeys().nth(0) +# let key : key::UnspecifiedSecret +# = self.secret.subkeys().nth(0) # .map(|binding| binding.key().clone()) -# .unwrap(); +# .unwrap().into(); # # // The secret key is not encrypted. # let mut pair = key.into_keypair().unwrap(); @@ -283,6 +287,7 @@ implements [`io::Write`], and we simply write the plaintext to it. # use openpgp::crypto::SessionKey; # use openpgp::constants::SymmetricAlgorithm; # use openpgp::serialize::stream::*; +# use openpgp::packet::prelude::*; # use openpgp::parse::stream::*; # # const MESSAGE: &'static str = "дружба"; @@ -386,9 +391,10 @@ fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::TPK) # where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> # { # // The encryption key is the first and only subkey. -# let key = self.secret.subkeys().nth(0) +# let key : key::UnspecifiedSecret +# = self.secret.subkeys().nth(0) # .map(|binding| binding.key().clone()) -# .unwrap(); +# .unwrap().into(); # # // The secret key is not encrypted. # let mut pair = key.into_keypair().unwrap(); @@ -431,6 +437,7 @@ Decrypted data can be read from this using [`io::Read`]. # use openpgp::crypto::SessionKey; # use openpgp::constants::SymmetricAlgorithm; # use openpgp::serialize::stream::*; +# use openpgp::packet::prelude::*; # use openpgp::parse::stream::*; # # const MESSAGE: &'static str = "дружба"; @@ -534,9 +541,10 @@ impl<'a> DecryptionHelper for Helper<'a> { where D: FnMut(SymmetricAlgorithm, &SessionKey) -> openpgp::Result<()> { // The encryption key is the first and only subkey. - let key = self.secret.subkeys().nth(0) + let key : key::UnspecifiedSecret + = self.secret.subkeys().nth(0) .map(|binding| binding.key().clone()) - .unwrap(); + .unwrap().into(); // The secret key is not encrypted. let mut pair = key.into_keypair().unwrap(); diff --git a/ipc/examples/gpg-agent-decrypt.rs b/ipc/examples/gpg-agent-decrypt.rs index 8a783f7a..0faa57a3 100644 --- a/ipc/examples/gpg-agent-decrypt.rs +++ b/ipc/examples/gpg-agent-decrypt.rs @@ -63,7 +63,7 @@ fn main() { /// verification policy. struct Helper<'a> { ctx: &'a Context, - keys: HashMap<openpgp::KeyID, openpgp::packet::Key>, + keys: HashMap<openpgp::KeyID, openpgp::packet::key::UnspecifiedPublic>, } impl<'a> Helper<'a> { @@ -77,7 +77,7 @@ impl<'a> Helper<'a> { || s.key_flags().can_encrypt_for_transport())) .unwrap_or(false) { - keys.insert(key.keyid(), key.clone()); + keys.insert(key.keyid(), key.clone().into()); } } } diff --git a/ipc/examples/gpg-agent-sign.rs b/ipc/examples/gpg-agent-sign.rs index 43435b46..e7dd6e53 100644 --- a/ipc/examples/gpg-agent-sign.rs +++ b/ipc/examples/gpg-agent-sign.rs @@ -41,11 +41,11 @@ fn main() { // Construct a KeyPair for every signing-capable (sub)key. let mut keypairs = tpks.iter().flat_map(|tpk| tpk.keys_valid().signing_capable().filter_map(|(_, _, key)| { KeyPair::new(&ctx, key).ok() - })).collect::<Vec<KeyPair>>(); + })).collect::<Vec<KeyPair<_>>>(); // Well, this is awkward... let signers = keypairs.iter_mut() - .map(|s| -> &mut dyn openpgp::crypto::Signer { s }) + .map(|s| -> &mut dyn openpgp::crypto::Signer<_> { s }) .collect(); // Compose a writer stack corresponding to the output format and diff --git a/ipc/src/gnupg.rs b/ipc/src/gnupg.rs index ede757b0..068ae1c7 100644 --- a/ipc/src/gnupg.rs +++ b/ipc/src/gnupg.rs @@ -16,6 +16,7 @@ use crate::openpgp::constants::HashAlgorithm; use crate::openpgp::conversions::hex; use crate::openpgp::crypto; use crate::openpgp::crypto::sexp::Sexp; +use crate::openpgp::packet::prelude::*; use crate::openpgp::parse::Parse; use crate::openpgp::serialize::Serialize; @@ -283,20 +284,24 @@ impl Agent { /// Creates a signature over the `digest` produced by `algo` using /// `key` with the secret bits managed by the agent. - pub fn sign<'a>(&'a mut self, key: &'a openpgp::packet::Key, - algo: HashAlgorithm, digest: &'a [u8]) - -> impl Future<Item = crypto::mpis::Signature, - Error = failure::Error> + 'a + pub fn sign<'a, R>(&'a mut self, + key: &'a Key<key::PublicParts, R>, + algo: HashAlgorithm, digest: &'a [u8]) + -> impl Future<Item = crypto::mpis::Signature, + Error = failure::Error> + 'a + where R: key::KeyRole { SigningRequest::new(&mut self.c, key, algo, digest) } /// Decrypts `ciphertext` using `key` with the secret bits managed /// by the agent. - pub fn decrypt<'a>(&'a mut self, key: &'a openpgp::packet::Key, - ciphertext: &'a crypto::mpis::Ciphertext) - -> impl Future<Item = crypto::SessionKey, - Error = failure::Error> + 'a + pub fn decrypt<'a, R>(&'a mut self, + key: &'a Key<key::PublicParts, R>, + ciphertext: &'a crypto::mpis::Ciphertext) + -> impl Future<Item = crypto::SessionKey, + Error = failure::Error> + 'a + where R: key::KeyRole { DecryptionRequest::new(&mut self.c, key, ciphertext) } @@ -345,18 +350,22 @@ impl Agent { } } -struct SigningRequest<'a, 'b, 'c> { +struct SigningRequest<'a, 'b, 'c, R> + where R: key::KeyRole +{ c: &'a mut assuan::Client, - key: &'b openpgp::packet::Key, + key: &'b Key<key::PublicParts, R>, algo: HashAlgorithm, digest: &'c [u8], options: Vec<String>, state: SigningRequestState, } -impl<'a, 'b, 'c> SigningRequest<'a, 'b, 'c> { +impl<'a, 'b, 'c, R> SigningRequest<'a, 'b, 'c, R> + where R: key::KeyRole +{ fn new(c: &'a mut assuan::Client, - key: &'b openpgp::packet::Key, + key: &'b Key<key::PublicParts, R>, algo: HashAlgorithm, digest: &'c [u8]) -> Self { @@ -394,7 +403,9 @@ fn protocol_error<T>(response: &assuan::Response) -> Result<T> { .into()) } -impl<'a, 'b, 'c> Future for SigningRequest<'a, 'b, 'c> { +impl<'a, 'b, 'c, R> Future for SigningRequest<'a, 'b, 'c, R> + where R: key::KeyRole +{ type Item = crypto::mpis::Signature; type Error = failure::Error; @@ -504,17 +515,21 @@ impl<'a, 'b, 'c> Future for SigningRequest<'a, 'b, 'c> { } } -struct DecryptionRequest<'a, 'b, 'c> { +struct DecryptionRequest<'a, 'b, 'c, R> + where R: key::KeyRole +{ c: &'a mut assuan::Client, - key: &'b openpgp::packet::Key, + key: &'b Key<key::PublicParts, R>, ciphertext: &'c crypto::mpis::Ciphertext, options: Vec<String>, state: DecryptionRequestState, } -impl<'a, 'b, 'c> DecryptionRequest<'a, 'b, 'c> { +impl<'a, 'b, 'c, R> DecryptionRequest<'a, 'b, 'c, R> + where R: key::KeyRole +{ fn new(c: &'a mut assuan::Client, - key: &'b openpgp::packet::Key, + key: &'b Key<key::PublicParts, R>, ciphertext: &'c crypto::mpis::Ciphertext) -> Self { Self { @@ -536,7 +551,9 @@ enum DecryptionRequestState { Inquire(Vec<u8>, bool), // Buffer and padding. } -impl<'a, 'b, 'c> Future for DecryptionRequest<'a, 'b, 'c> { +impl<'a, 'b, 'c, R> Future for DecryptionRequest<'a, 'b, 'c, R> + where R: key::KeyRole +{ type Item = crypto::SessionKey; type Error = failure::Error; @@ -668,19 +685,23 @@ impl<'a, 'b, 'c> Future for DecryptionRequest<'a, 'b, 'c> { /// A `KeyPair` is a combination of public and secret key. This /// particular implementation does not have the secret key, but /// diverges the cryptographic operations to `gpg-agent`. -pub struct KeyPair<'a> { - public: &'a openpgp::packet::Key, +pub struct KeyPair<'a, R> + where R: key::KeyRole +{ + public: &'a Key<key::PublicParts, R>, agent_socket: PathBuf, } -impl<'a> KeyPair<'a> { +impl<'a, R> KeyPair<'a, R> + where R: key::KeyRole +{ /// Returns a `KeyPair` for `key` with the secret bits managed by /// the agent. /// /// This provides a convenient, synchronous interface for use with /// the low-level Sequoia crate. - pub fn new(ctx: &Context, key: &'a openpgp::packet::Key) - -> Result<KeyPair<'a>> { + pub fn new(ctx: &Context, key: &'a Key<key::PublicParts, R>) + -> Result<KeyPair<'a, R>> { Ok(KeyPair { public: key, agent_socket: ctx.socket("agent")?.into(), @@ -688,8 +709,10 @@ impl<'a> KeyPair<'a> { } } -impl<'a> crypto::Signer for KeyPair<'a> { - fn public(&self) -> &openpgp::packet::Key { +impl<'a, R> crypto::Signer<R> for KeyPair<'a, R> + where R: key::KeyRole +{ + fn public(&self) -> &Key<key::PublicParts, R> { self.public } @@ -719,8 +742,10 @@ impl<'a> crypto::Signer for KeyPair<'a> { } } -impl<'a> crypto::Decryptor for KeyPair<'a> { - fn public(&self) -> &openpgp::packet::Key { +impl<'a, R> crypto::Decryptor<R> for KeyPair<'a, R> + where R: key::KeyRole +{ + fn public(&self) -> &Key<key::PublicParts, R> { self.public } diff --git a/openpgp-ffi/src/crypto.rs b/openpgp-ffi/src/crypto.rs index 0e3eff7b..5cd736b7 100644 --- a/openpgp-ffi/src/crypto.rs +++ b/openpgp-ffi/src/crypto.rs @@ -58,7 +58,8 @@ fn pgp_password_from_bytes(buf: *const u8, size: size_t) -> *mut Password { /// Frees a signer. #[::sequoia_ffi_macros::extern_fn] #[no_mangle] pub extern "C" fn pgp_signer_free - (s: Option<&mut &'s |