diff options
Diffstat (limited to 'openpgp/src/cert/mod.rs')
-rw-r--r-- | openpgp/src/cert/mod.rs | 323 |
1 files changed, 193 insertions, 130 deletions
diff --git a/openpgp/src/cert/mod.rs b/openpgp/src/cert/mod.rs index 7c16f6dd..9e884553 100644 --- a/openpgp/src/cert/mod.rs +++ b/openpgp/src/cert/mod.rs @@ -9,6 +9,8 @@ use std::fmt; use std::ops::{Deref, DerefMut}; use std::time; +use failure::ResultExt; + use crate::{ crypto::{hash::Hash, Signer}, Error, @@ -29,6 +31,7 @@ use crate::{ KeyID, Fingerprint, KeyHandle, + policy::Policy, }; use crate::parse::{Parse, PacketParserResult, PacketParser}; use crate::types::{ @@ -433,14 +436,14 @@ impl Cert { /// /// Note: this only returns whether this Cert is revoked; it does /// not imply anything about the Cert or other components. - pub fn revoked<T>(&self, t: T) -> RevocationStatus + pub fn revoked<T>(&self, policy: &dyn Policy, t: T) -> RevocationStatus where T: Into<Option<time::SystemTime>> { let t = t.into(); // Both a primary key signature and the primary userid's // binding signature can override a soft revocation. Compute // the most recent one. - let vkao = self.primary_key().policy(t).ok(); + let vkao = self.primary_key().set_policy(policy, t).ok(); let mut sig = vkao.as_ref().map(|vka| vka.binding_signature()); if let Some(direct) = vkao.as_ref() .and_then(|vka| vka.direct_key_signature()) @@ -452,7 +455,7 @@ impl Cert { _ => () } } - self.primary_key().binding()._revoked(true, sig, t) + self.primary_key().binding()._revoked(policy, t, true, sig) } /// Revokes the Cert in place. @@ -474,21 +477,25 @@ impl Cert { /// use openpgp::cert::{CipherSuite, CertBuilder}; /// use openpgp::crypto::KeyPair; /// use openpgp::parse::Parse; + /// use sequoia_openpgp::policy::StandardPolicy; + /// /// # fn main() { f().unwrap(); } /// # fn f() -> Result<()> /// # { + /// let p = &StandardPolicy::new(); + /// /// let (mut cert, _) = CertBuilder::new() /// .set_cipher_suite(CipherSuite::Cv25519) /// .generate()?; /// assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - /// cert.revoked(None)); + /// cert.revoked(p, None)); /// /// let mut keypair = cert.primary_key().key().clone() /// .mark_parts_secret()?.into_keypair()?; /// let cert = cert.revoke_in_place(&mut keypair, /// ReasonForRevocation::KeyCompromised, /// b"It was the maid :/")?; - /// if let RevocationStatus::Revoked(sigs) = cert.revoked(None) { + /// if let RevocationStatus::Revoked(sigs) = cert.revoked(p, None) { /// assert_eq!(sigs.len(), 1); /// assert_eq!(sigs[0].typ(), SignatureType::KeyRevocation); /// assert_eq!(sigs[0].reason_for_revocation(), @@ -511,11 +518,12 @@ impl Cert { } /// Returns whether or not the Cert is alive at `t`. - pub fn alive<T>(&self, t: T) -> Result<()> + pub fn alive<T>(&self, policy: &dyn Policy, t: T) -> Result<()> + where T: Into<Option<time::SystemTime>> { let t = t.into(); - self.primary_key().policy(t)?.alive() + self.primary_key().set_policy(policy, t).context("Primary key")?.alive() } /// Sets the key to expire in delta seconds. @@ -525,12 +533,13 @@ impl Cert { /// /// This function exists to facilitate testing, which is why it is /// not exported. - fn set_expiry_as_of(self, primary_signer: &mut dyn Signer, + fn set_expiry_as_of(self, policy: &dyn Policy, + primary_signer: &mut dyn Signer, expiration: Option<time::Duration>, now: time::SystemTime) -> Result<Cert> { - let primary = self.primary_key().policy(now)?; + let primary = self.primary_key().set_policy(policy, now)?; let mut sigs = Vec::new(); let binding = primary.binding_signature(); for template in [ @@ -558,7 +567,7 @@ impl Cert { | SignatureType::PersonaCertification | SignatureType::CasualCertification | SignatureType::PositiveCertification => - self.primary_userid(now) + self.primary_userid(policy, now) .expect("this type must be from a userid binding, \ hence there must be a userid valid at `now`") .userid().hash(&mut hash), @@ -579,21 +588,26 @@ impl Cert { /// /// Note: the time is relative to the primary key's creation time, /// not the current time! - pub fn set_expiry(self, primary_signer: &mut dyn Signer, + /// + /// A policy is needed, because the expiration is updated by adding + /// a self-signature to the primary user id, + pub fn set_expiry(self, policy: &dyn Policy, + primary_signer: &mut dyn Signer, expiration: Option<time::Duration>) -> Result<Cert> { - self.set_expiry_as_of(primary_signer, expiration, + self.set_expiry_as_of(policy, primary_signer, expiration, time::SystemTime::now()) } /// Returns the amalgamated primary userid at `t`, if any. - pub fn primary_userid<T>(&self, t: T) - -> Option<ValidComponentAmalgamation<UserID>> + pub fn primary_userid<'a, T>(&'a self, policy: &'a dyn Policy, t: T) + -> Option<ValidComponentAmalgamation<'a, UserID>> where T: Into<Option<std::time::SystemTime>> { let t = t.into().unwrap_or_else(std::time::SystemTime::now); - ValidComponentAmalgamation::primary(self, self.userids.iter(), t) + ValidComponentAmalgamation::primary(self, self.userids.iter(), + policy, t) } /// Returns an iterator over the Cert's userids. @@ -602,12 +616,13 @@ impl Cert { } /// Returns the amalgamated primary user attribute at `t`, if any. - pub fn primary_user_attribute<T>(&self, t: T) - -> Option<ValidComponentAmalgamation<UserAttribute>> + pub fn primary_user_attribute<'a, T>(&'a self, policy: &'a dyn Policy, t: T) + -> Option<ValidComponentAmalgamation<'a, UserAttribute>> where T: Into<Option<std::time::SystemTime>> { let t = t.into().unwrap_or_else(std::time::SystemTime::now); - ValidComponentAmalgamation::primary(self, self.user_attributes.iter(), t) + ValidComponentAmalgamation::primary(self, self.user_attributes.iter(), + policy, t) } /// Returns an iterator over the Cert's valid `UserAttributeBinding`s. @@ -1279,7 +1294,7 @@ impl Cert { return true; } self.subkeys().any(|sk| { - sk.binding_signature(None).is_some() && sk.key().secret().is_some() + sk.key().secret().is_some() }) } } @@ -1288,6 +1303,7 @@ impl Cert { mod test { use crate::serialize::Serialize; use super::components::Amalgamation; + use crate::policy::StandardPolicy as P; use super::*; use crate::{ @@ -1763,15 +1779,17 @@ mod test { #[test] fn merge_with_incomplete_update() { + let p = &P::new(); + let cert = Cert::from_bytes(crate::tests::key("about-to-expire.expired.pgp")) .unwrap(); - cert.primary_key().policy(None).unwrap().alive().unwrap_err(); + cert.primary_key().set_policy(p, None).unwrap().alive().unwrap_err(); let update = Cert::from_bytes(crate::tests::key("about-to-expire.update-no-uid.pgp")) .unwrap(); let cert = cert.merge(update).unwrap(); - cert.primary_key().policy(None).unwrap().alive().unwrap(); + cert.primary_key().set_policy(p, None).unwrap().alive().unwrap(); } #[test] @@ -1828,6 +1846,8 @@ mod test { #[test] fn set_expiry() { + let p = &P::new(); + let (cert, _) = CertBuilder::autocrypt(None, Some("Test")) .generate().unwrap(); assert_eq!(cert.clone().into_packet_pile().children().count(), @@ -1838,7 +1858,7 @@ mod test { + 1 // subkey + 1 // binding signature ); - let cert = check_set_expiry(cert); + let cert = check_set_expiry(p, cert); assert_eq!(cert.clone().into_packet_pile().children().count(), 1 // primary key + 1 // direct key signature @@ -1852,6 +1872,8 @@ mod test { } #[test] fn set_expiry_uidless() { + let p = &P::new(); + let (cert, _) = CertBuilder::new() .set_expiration(None) // Just to assert this works. .set_expiration( @@ -1861,18 +1883,18 @@ mod test { 1 // primary key + 1 // direct key signature ); - let cert = check_set_expiry(cert); + let cert = check_set_expiry(p, cert); assert_eq!(cert.clone().into_packet_pile().children().count(), 1 // primary key + 1 // direct key signature + 2 // two new direct key signatures ); } - fn check_set_expiry(cert: Cert) -> Cert { + fn check_set_expiry(policy: &dyn Policy, cert: Cert) -> Cert { let now = cert.primary_key().creation_time(); let a_sec = time::Duration::new(1, 0); - let expiry_orig = cert.primary_key().policy(now).unwrap() + let expiry_orig = cert.primary_key().set_policy(policy, now).unwrap() .key_expiration_time() .expect("Keys expire by default."); @@ -1882,19 +1904,17 @@ mod test { // Clear the expiration. let as_of1 = now + time::Duration::new(10, 0); let cert = cert.set_expiry_as_of( - &mut keypair, - None, - as_of1).unwrap(); + policy, &mut keypair, None, as_of1).unwrap(); { // If t < as_of1, we should get the original expiry. - assert_eq!(cert.primary_key().policy(now).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, now).unwrap() .key_expiration_time(), Some(expiry_orig)); - assert_eq!(cert.primary_key().policy(as_of1 - a_sec).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, as_of1 - a_sec).unwrap() .key_expiration_time(), Some(expiry_orig)); // If t >= as_of1, we should get the new expiry. - assert_eq!(cert.primary_key().policy(as_of1).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, as_of1).unwrap() .key_expiration_time(), None); } @@ -1907,27 +1927,25 @@ mod test { let as_of2 = as_of1 + time::Duration::new(10, 0); let cert = cert.set_expiry_as_of( - &mut keypair, - Some(expiry_new), - as_of2).unwrap(); + policy, &mut keypair, Some(expiry_new), as_of2).unwrap(); { // If t < as_of1, we should get the original expiry. - assert_eq!(cert.primary_key().policy(now).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, now).unwrap() .key_expiration_time(), Some(expiry_orig)); - assert_eq!(cert.primary_key().policy(as_of1 - a_sec).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, as_of1 - a_sec).unwrap() .key_expiration_time(), Some(expiry_orig)); // If as_of1 <= t < as_of2, we should get the second // expiry (None). - assert_eq!(cert.primary_key().policy(as_of1).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, as_of1).unwrap() .key_expiration_time(), None); - assert_eq!(cert.primary_key().policy(as_of2 - a_sec).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, as_of2 - a_sec).unwrap() .key_expiration_time(), None); // If t <= as_of2, we should get the new expiry. - assert_eq!(cert.primary_key().policy(as_of2).unwrap() + assert_eq!(cert.primary_key().set_policy(policy, as_of2).unwrap() .key_expiration_time(), Some(expiry_new)); } @@ -1940,6 +1958,8 @@ mod test { // XXX: testing sequoia against itself isn't optimal, but I couldn't // find a tool to generate direct key signatures :-( + let p = &P::new(); + let (cert1, _) = CertBuilder::new().generate().unwrap(); let mut buf = Vec::default(); @@ -1947,7 +1967,7 @@ mod test { let cert2 = Cert::from_bytes(&buf).unwrap(); assert_eq!( - cert2.primary_key().policy(None).unwrap() + cert2.primary_key().set_policy(p, None).unwrap() .direct_key_signature().unwrap().typ(), SignatureType::DirectKey); assert_eq!(cert2.userids().count(), 0); @@ -1957,14 +1977,16 @@ mod test { fn revoked() { fn check(cert: &Cert, direct_revoked: bool, userid_revoked: bool, subkey_revoked: bool) { + let p = &P::new(); + // If we have a user id---even if it is revoked---we have // a primary key signature. - let typ = cert.primary_key().policy(None).unwrap() + let typ = cert.primary_key().set_policy(p, None).unwrap() .binding_signature().typ(); assert_eq!(typ, SignatureType::PositiveCertification, "{:#?}", cert); - let revoked = cert.revoked(None); + let revoked = cert.revoked(p, None); if direct_revoked { assert_match!(RevocationStatus::Revoked(_) = revoked, "{:#?}", cert); @@ -1973,7 +1995,7 @@ mod test { "{:#?}", cert); } - for userid in cert.userids().policy(None) { + for userid in cert.userids().set_policy(p, None) { let typ = userid.binding_signature().typ(); assert_eq!(typ, SignatureType::PositiveCertification, "{:#?}", cert); @@ -1988,11 +2010,11 @@ mod test { } for subkey in cert.subkeys() { - let typ = subkey.binding_signature(None).unwrap().typ(); + let typ = subkey.binding_signature(p, None).unwrap().typ(); assert_eq!(typ, SignatureType::SubkeyBinding, "{:#?}", cert); - let revoked = subkey.revoked(None); + let revoked = subkey.revoked(p, None); if subkey_revoked { assert_match!(RevocationStatus::Revoked(_) = revoked); } else { @@ -2048,10 +2070,12 @@ mod test { #[test] fn revoke() { + let p = &P::new(); + let (cert, _) = CertBuilder::autocrypt(None, Some("Test")) .generate().unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - cert.revoked(None)); + cert.revoked(p, None)); let mut keypair = cert.primary_key().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); @@ -2068,7 +2092,7 @@ mod test { Some(&cert.fingerprint())); let cert = cert.merge_packets(vec![sig.into()]).unwrap(); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(None)); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, None)); // Have other revoke cert. @@ -2093,13 +2117,15 @@ mod test { #[test] fn revoke_subkey() { + let p = &P::new(); let (cert, _) = CertBuilder::new() .add_transport_encryption_subkey() .generate().unwrap(); let sig = { let subkey = cert.subkeys().nth(0).unwrap(); - assert_eq!(RevocationStatus::NotAsFarAsWeKnow, subkey.revoked(None)); + assert_eq!(RevocationStatus::NotAsFarAsWeKnow, + subkey.revoked(p, None)); let mut keypair = cert.primary_key().key().clone().mark_parts_secret() .unwrap().into_keypair().unwrap(); @@ -2113,21 +2139,23 @@ mod test { assert_eq!(sig.typ(), SignatureType::SubkeyRevocation); let cert = cert.merge_packets(vec![sig.into()]).unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - cert.revoked(None)); + cert.revoked(p, None)); let subkey = cert.subkeys().nth(0).unwrap(); - assert_match!(RevocationStatus::Revoked(_) = subkey.revoked(None)); + assert_match!(RevocationStatus::Revoked(_) + = subkey.revoked(p, None)); } #[test] fn revoke_uid() { + let p = &P::new(); let (cert, _) = CertBuilder::new() .add_userid("Test1") .add_userid("Test2") .generate().unwrap(); let sig = { - let uid = cert.userids().policy(None).nth(1).unwrap(); + let uid = cert.userids().set_policy(p, None).nth(1).unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, uid.revoked()); let mut keypair = cert.primary_key().key().clone().mark_parts_secret() @@ -2142,9 +2170,9 @@ mod test { assert_eq!(sig.typ(), SignatureType::CertificationRevocation); let cert = cert.merge_packets(vec![sig.into()]).unwrap(); assert_eq!(RevocationStatus::NotAsFarAsWeKnow, - cert.revoked(None)); + cert.revoked(p, None)); - let uid = cert.userids().policy(None).nth(1).unwrap(); + let uid = cert.userids().set_policy(p, None).nth(1).unwrap(); assert_match!(RevocationStatus::Revoked(_) = uid.revoked()); } @@ -2154,6 +2182,9 @@ mod test { use crate::packet::key::Key4; use crate::types::Curve; use rand::{thread_rng, Rng, distributions::Open01}; + + let p = &P::new(); + /* * t1: 1st binding sig ctime * t2: soft rev sig ctime @@ -2234,41 +2265,43 @@ mod test { let t23 = t2 + time::Duration::new((60. * 60. * 24. * 300.0 * f3) as u64, 0); let t34 = t3 + time::Duration::new((60. * 60. * 24. * 300.0 * f4) as u64, 0); - assert_eq!(cert.revoked(te1), RevocationStatus::NotAsFarAsWeKnow); - assert_eq!(cert.revoked(t12), RevocationStatus::NotAsFarAsWeKnow); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(t23)); - assert_eq!(cert.revoked(t34), RevocationStatus::NotAsFarAsWeKnow); + assert_eq!(cert.revoked(p, te1), RevocationStatus::NotAsFarAsWeKnow); + assert_eq!(cert.revoked(p, t12), RevocationStatus::NotAsFarAsWeKnow); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, t23)); + assert_eq!(cert.revoked(p, t34), RevocationStatus::NotAsFarAsWeKnow); // Merge in the hard revocation. let cert = cert.merge_packets(vec![ rev2.into() ]).unwrap(); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(te1)); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(t12)); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(t23)); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(t34)); - assert_match!(RevocationStatus::Revoked(_) = cert.revoked(t4)); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, te1)); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, t12)); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, t23)); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, t34)); + assert_match!(RevocationStatus::Revoked(_) = cert.revoked(p, t4)); assert_match!(RevocationStatus::Revoked(_) - = cert.revoked(time::SystemTime::now())); + = cert.revoked(p, time::SystemTime::now())); } #[test] fn key_revoked2() { tracer!(true, "cert_revoked2", 0); - fn cert_revoked<T>(cert: &Cert, t: T) -> bool + let p = &P::new(); + + fn cert_revoked<T>(p: &dyn Policy, cert: &Cert, t: T) -> bool where T: Into<Option<time::SystemTime>> { !destructures_to!(RevocationStatus::NotAsFarAsWeKnow - = cert.revoked(t)) + = cert.revoked(p, t)) } - fn subkey_revoked<T>(cert: &Cert, t: T) -> bool + fn subkey_revoked<T>(p: &dyn Policy, cert: &Cert, t: T) -> bool where T: Into<Option<time::SystemTime>> { !destructures_to!(RevocationStatus::NotAsFarAsWeKnow - = cert.subkeys().nth(0).unwrap().revoked(t)) + = cert.subkeys().nth(0).unwrap().revoked(p, t)) } - let tests : [(&str, Box<dyn Fn(&Cert, _) -> bool>); 2] = [ + let tests : [(&str, Box<dyn Fn(&dyn Policy, &Cert, _) -> bool>); 2] = [ ("cert", Box::new(cert_revoked)), ("subkey", Box::new(subkey_revoked)), ]; @@ -2281,11 +2314,11 @@ mod test { let cert = Cert::from_bytes( crate::tests::key( &format!("really-revoked-{}-0-public.pgp", f))).unwrap(); - let selfsig0 = cert.primary_key().policy(None).unwrap() + let selfsig0 = cert.primary_key().set_policy(p, None).unwrap() .binding_signature().signature_creation_time().unwrap(); - assert!(!revoked(&cert, Some(selfsig0))); - assert!(!revoked(&cert, None)); + assert!(!revoked(p, &cert, Some(selfsig0))); + assert!(!revoked(p, &cert, None)); t!("Soft revocation"); let cert = cert.merge( @@ -2295,8 +2328,8 @@ mod test { ).unwrap()).unwrap(); // A soft revocation made after `t` is ignored when // determining whether the key is revoked at time `t`. - assert!(!revoked(&cert, Some(selfsig0))); - assert!(revoked(&cert, None)); + assert!(!revoked(p, &cert, Some(selfsig0))); + assert!(revoked(p, &cert, None)); t!("New self signature"); let cert = cert.merge( @@ -2304,9 +2337,9 @@ mod test { crate::tests::key( &format!("really-revoked-{}-2-new-self-sig.pgp", f)) ).unwrap()).unwrap(); - assert!(!revoked(&cert, Some(selfsig0))); + assert!(!revoked(p, &cert, Some(selfsig0))); // Newer self-sig override older soft revocations. - assert!(!revoked(&cert, None)); + assert!(!revoked(p, &cert, None)); t!("Hard revocation"); let cert = cert.merge( @@ -2315,8 +2348,8 @@ mod test { &format!("really-revoked-{}-3-hard-revocation.pgp", f)) ).unwrap()).unwrap(); // Hard revocations trump all. - assert!(revoked(&cert, Some(selfsig0))); - assert!(revoked(&cert, None)); + assert!(revoked(p, &cert, Some(selfsig0))); + assert!(revoked(p, &cert, None)); t!("New self signature"); let cert = cert.merge( @@ -2324,22 +2357,22 @@ mod test { crate::tests::key( &format!("really-revoked-{}-4-new-self-sig.pgp", f)) ).unwrap()).unwrap(); - assert!(revoked(&cert, Some(selfsig0))); - assert!(revoked(&cert, None)); + assert!(revoked(p, &cert, Some(selfsig0))); + assert!(revoked(p, &cert, None)); } } #[test] fn userid_revoked2() { - fn check_userids<T>(cert: &Cert, revoked: bool, t: T) + fn check_userids<T>(p: &dyn Policy, cert: &Cert, revoked: bool, t: T) where T: Into<Option<time::SystemTime>>, T: Copy { assert_match!(RevocationStatus::NotAsFarAsWeKnow - = cert.revoked(None)); + = cert.revoked(p, None)); let mut slim_shady = false; let mut eminem = false; - for b in cert.userids().policy(t) { + for b in cert.userids().set_policy(p, t) { if b.userid().value() == b"Slim Shady" { assert!(!slim_shady); slim_shady = true; @@ -2364,26 +2397,27 @@ mod test { assert!(eminem); } - fn check_uas<T>(cert: &Cert, revoked: bool, t: T) + fn check_uas<T>(p: &dyn Policy, cert: &Cert, revoked: bool, t: T) where T: Into<Option<time::SystemTime>>, T: Copy { assert_match!(RevocationStatus::NotAsFarAsWeKnow - = cert.revoked(None)); + = cert.revoked(p, None)); assert_eq!(cert.user_attributes().count(), 1); let ua = cert.user_attributes().bindings().nth(0).unwrap(); if revoked { assert_match!(RevocationStatus::Revoked(_) - = ua.revoked(t)); + = ua.revoked(p, t)); } else { assert_match!(RevocationStatus::NotAsFarAsWeKnow - = ua.revoked(t)); + = ua.revoked(p, t)); } } tracer!(true, "userid_revoked2", 0); - let tests : [(&str, Box<dyn Fn(&Cert, bool, _)>); 2] = [ + let p = &P::new(); + let tests : [(&str, Box<dyn Fn(&dyn Policy, &Cert, bool, _)>); 2] = [ ("userid", Box::new(check_userids)), ("user-attribute", Box::new(check_uas)), ]; @@ -2399,13 +2433,13 @@ mod test { let now = time::SystemTime::now(); let selfsig0 - = cert.userids().policy(now).map(|b| { + = cert.userids().set_policy(p, now).map(|b| { b.binding_signature().signature_creation_time().unwrap() }) .max().unwrap(); - check(&cert, false, selfsig0); - check(&cert, false, now); + check(p, &cert, false, selfsig0); + check(p, &cert, false, now); // A soft-revocation. let cert = cert.merge( @@ -2414,8 +2448,8 @@ mod test { &format!("really-revoked-{}-1-soft-revocation.pgp", f)) ).unwrap()).unwrap(); - check(&cert, false, selfsig0); - check(&cert, true, now); + check(p, &cert, false, selfsig0); + check(p, &cert, true, now); // A new self signature. This should override the soft-revocation. let cert = cert.merge( @@ -2424,8 +2458,8 @@ mod test { &format!("really-revoked-{}-2-new-self-sig.pgp", f)) ).unwrap()).unwrap(); - check(&cert, false, selfsig0); - check(&cert, false, now); + check(p, &cert, false, selfsig0); + check(p, &cert, false, now); // A hard revocation. Unlike for Certs, this does NOT trumps // everything. @@ -2435,8 +2469,8 @@ mod test { &format!("really-revoked-{}-3-hard-revocation.pgp", f)) ).unwrap()).unwrap(); - check(&cert, false, selfsig0); - check(&cert, true, now); + check(p, &cert, false, selfsig0); + check(p, &cert, true, now); // A newer self siganture. let cert = cert.merge( @@ -2445,17 +2479,18 @@ mod test { &format!("really-revoked-{}-4-new-self-sig.pgp", f)) ).unwrap()).unwrap(); - check(&cert, false, selfsig0); - check(&cert, false, now); + check(p, &cert, false, selfsig0); + check(p, &cert, false, now); } } #[test] fn unrevoked() { + let p = &P::new(); let cert = Cert::from_bytes(crate::tests::key("un-revoked-userid.pgp")).unwrap(); - for uid in cert.userids().policy(None) { + for uid in cert.userids().set_policy(p, None) { assert_eq!(uid.revoked(), RevocationStatus::NotAsFarAsWeKnow); } } @@ -2591,6 +2626,7 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= #[test] fn signature_order() { + let p = &P::new(); let neal = Cert::from_bytes(crate::tests::key("neal.pgp")).unwrap(); // This test is useless if we don't have some lists with more @@ -2613,7 +2649,7 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // Make sure we return the most recent first. assert_eq!(uid.self_signatures().first().unwrap(), - uid.binding_signature(None).unwrap()); + uid.binding_signature(p, None).unwrap()); } assert!(cmps > 0); @@ -2643,12 +2679,13 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // unrevoked user ids to revoked user ids, even if the latter // have newer self signatures. + let p = &P::new(); let cert = Cert::from_bytes( crate::tests::key("really-revoked-userid-0-public.pgp")).unwrap(); let now = time::SystemTime::now(); let selfsig0 - = cert.userids().policy(now).map(|b| { + = cert.userids().set_policy(p, now).map(|b| { b.binding_signature().signature_creation_time().unwrap() }) .max().unwrap(); @@ -2657,8 +2694,10 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // // Slim Shady: 2019-09-14T14:21 // Eminem: 2019-09-14T14:22 - assert_eq!(cert.primary_userid(selfsig0).unwrap().userid().value(), b"Eminem"); - assert_eq!(cert.primary_userid(now).unwrap().userid().value(), b"Eminem"); + assert_eq!(cert.primary_userid(p, selfsig0).unwrap().userid().value(), |