diff options
| -rw-r--r-- | openpgp-ffi/include/sequoia/openpgp.h | 26 | ||||
| -rw-r--r-- | openpgp-ffi/src/tpk.rs | 44 | ||||
| -rw-r--r-- | openpgp/src/tpk/keyiter.rs | 14 |
3 files changed, 84 insertions, 0 deletions
diff --git a/openpgp-ffi/include/sequoia/openpgp.h b/openpgp-ffi/include/sequoia/openpgp.h index 6c8584c0..a440abd1 100644 --- a/openpgp-ffi/include/sequoia/openpgp.h +++ b/openpgp-ffi/include/sequoia/openpgp.h @@ -566,6 +566,32 @@ void pgp_tpk_key_iter_certification_capable (pgp_tpk_key_iter_t iter); void pgp_tpk_key_iter_signing_capable (pgp_tpk_key_iter_t iter); /*/ +/// Changes the iterator to only return keys that are capable of +/// encrypting data at rest. +/// +/// If you call this function and, e.g., the `signing_capable` +/// function, the *union* of the values is used. That is, the +/// iterator will return keys that are certification capable *or* +/// signing capable. +/// +/// Note: you may not call this function after starting to iterate. +/*/ +void pgp_tpk_key_iter_encrypting_capable_at_rest (pgp_tpk_key_iter_t); + +/*/ +/// Changes the iterator to only return keys that are capable of +/// encrypting data for transport. +/// +/// If you call this function and, e.g., the `signing_capable` +/// function, the *union* of the values is used. That is, the +/// iterator will return keys that are certification capable *or* +/// signing capable. +/// +/// Note: you may not call this function after starting to iterate. +/*/ +void pgp_tpk_key_iter_encrypting_capable_for_transport (pgp_tpk_key_iter_t); + +/*/ /// Changes the iterator to only return keys that are alive. /// /// If you call this function (or `pgp_tpk_key_iter_alive_at`), only diff --git a/openpgp-ffi/src/tpk.rs b/openpgp-ffi/src/tpk.rs index a2e894c6..9777292b 100644 --- a/openpgp-ffi/src/tpk.rs +++ b/openpgp-ffi/src/tpk.rs @@ -568,6 +568,50 @@ pub extern "C" fn pgp_tpk_key_iter_signing_capable<'a>( iter_wrapper.iter = tmp.signing_capable(); } +/// Changes the iterator to only return keys that are capable of +/// encrypting data at rest. +/// +/// If you call this function and, e.g., the `signing_capable` +/// function, the *union* of the values is used. That is, the +/// iterator will return keys that are certification capable *or* +/// signing capable. +/// +/// Note: you may not call this function after starting to iterate. +#[::sequoia_ffi_macros::extern_fn] #[no_mangle] +pub extern "C" fn pgp_tpk_key_iter_encrypting_capable_at_rest<'a>( + iter_wrapper: *mut KeyIterWrapper<'a>) +{ + let iter_wrapper = ffi_param_ref_mut!(iter_wrapper); + if iter_wrapper.next_called { + panic!("Can't change KeyIter filter after iterating."); + } + + let tmp = std::mem::replace(&mut iter_wrapper.iter, KeyIter::empty()); + iter_wrapper.iter = tmp.encrypting_capable_at_rest(); +} + +/// Changes the iterator to only return keys that are capable of +/// encrypting data for transport. +/// +/// If you call this function and, e.g., the `signing_capable` +/// function, the *union* of the values is used. That is, the +/// iterator will return keys that are certification capable *or* +/// signing capable. +/// +/// Note: you may not call this function after starting to iterate. +#[::sequoia_ffi_macros::extern_fn] #[no_mangle] +pub extern "C" fn pgp_tpk_key_iter_encrypting_capable_for_transport<'a>( + iter_wrapper: *mut KeyIterWrapper<'a>) +{ + let iter_wrapper = ffi_param_ref_mut!(iter_wrapper); + if iter_wrapper.next_called { + panic!("Can't change KeyIter filter after iterating."); + } + + let tmp = std::mem::replace(&mut iter_wrapper.iter, KeyIter::empty()); + iter_wrapper.iter = tmp.encrypting_capable_for_transport(); +} + /// Changes the iterator to only return keys that are alive. /// /// If you call this function (or `pgp_tpk_key_iter_alive_at`), only diff --git a/openpgp/src/tpk/keyiter.rs b/openpgp/src/tpk/keyiter.rs index 16e51cc4..9c1635dc 100644 --- a/openpgp/src/tpk/keyiter.rs +++ b/openpgp/src/tpk/keyiter.rs @@ -274,6 +274,20 @@ impl<'a, P: 'a + key::KeyParts, R: 'a + key::KeyRole> KeyIter<'a, P, R> self.key_flags(KeyFlags::default().set_sign(true)) } + /// Returns keys that are capable of encrypting data at rest. + /// + /// See `key_flags` for caveats. + pub fn encrypting_capable_at_rest(self) -> Self { + self.key_flags(KeyFlags::default().set_encrypt_at_rest(true)) + } + + /// Returns keys that are capable of encrypting data for transport. + /// + /// See `key_flags` for caveats. + pub fn encrypting_capable_for_transport(self) -> Self { + self.key_flags(KeyFlags::default().set_encrypt_for_transport(true)) + } + /// Only returns keys that are live as of `now`. /// /// If `now` is none, then all keys are returned whether they are |