From 4df9befdb10cc336a9df49b65fdfef659296aa61 Mon Sep 17 00:00:00 2001 From: Wiktor Kwapisiewicz Date: Tue, 15 Dec 2020 11:08:38 +0100 Subject: openpgp: Make ComponentAmalgamation return iterator for signatures. - Adjust `self_signatures`, `certifications`, `self_revocations` and `other_revocations` to return `impl Iterator` over the signatures. - Adjust all call-sites including doc tests. - Adjust downstream projects (sq, autocrypt). --- autocrypt/src/lib.rs | 2 +- openpgp/src/cert.rs | 51 ++++++++++++------------ openpgp/src/cert/amalgamation.rs | 64 ++++++------------------------- openpgp/src/cert/bindings.rs | 4 +- openpgp/src/cert/builder.rs | 3 +- openpgp/src/cert/bundle.rs | 8 ++-- openpgp/src/packet/signature.rs | 10 ++--- openpgp/src/packet/signature/subpacket.rs | 12 +++--- openpgp/src/serialize/cert.rs | 16 ++++---- sq/src/commands/inspect.rs | 18 +++++---- 10 files changed, 77 insertions(+), 111 deletions(-) diff --git a/autocrypt/src/lib.rs b/autocrypt/src/lib.rs index 7a51b5f3..fe56fd08 100644 --- a/autocrypt/src/lib.rs +++ b/autocrypt/src/lib.rs @@ -114,7 +114,7 @@ impl AutocryptHeader { // The primary key and the most recent selfsig. let primary = cert.primary_key().with_policy(policy, None)?; acc.push(primary.key().clone().into()); - primary.self_signatures().iter().take(1) + primary.self_signatures().take(1) .for_each(|s| acc.push(s.clone().into())); // The subkeys and the most recent selfsig. diff --git a/openpgp/src/cert.rs b/openpgp/src/cert.rs index 5a840ab5..e7eb32c3 100644 --- a/openpgp/src/cert.rs +++ b/openpgp/src/cert.rs @@ -1261,14 +1261,13 @@ impl Cert { // All valid self-signatures. let sec = ua.hash_algo_security; ua.self_signatures() - .iter() .filter(move |sig| { policy.signature(sig, sec).is_ok() }) }) // All direct-key signatures. .chain(self.primary_key() - .self_signatures().iter() + .self_signatures() .filter(|sig| { policy.signature(sig, pk_sec).is_ok() })) @@ -2228,9 +2227,9 @@ impl Cert { /// /// /// // Merge in the revocation certificate. - /// assert_eq!(cert.primary_key().self_revocations().len(), 0); + /// assert_eq!(cert.primary_key().self_revocations().count(), 0); /// let cert = cert.insert_packets(rev)?; - /// assert_eq!(cert.primary_key().self_revocations().len(), 1); + /// assert_eq!(cert.primary_key().self_revocations().count(), 1); /// /// /// // Add an unknown packet. @@ -2303,11 +2302,12 @@ impl Cert { /// let (cert, _) = /// CertBuilder::general_purpose(None, Some("alice@example.org")) /// .generate()?; - /// assert_eq!(cert.userids().nth(0).unwrap().self_signatures().len(), 1); + /// assert_eq!(cert.userids().nth(0).unwrap().self_signatures().count(), 1); /// /// // Grab the binding signature so that we can modify it. /// let mut sig = - /// cert.userids().nth(0).unwrap().self_signatures()[0].clone(); + /// cert.userids().nth(0).unwrap().self_signatures().nth(0) + /// .unwrap().clone(); /// /// // Add a notation subpacket. Note that the information is not /// // authenticated, therefore it may only be trusted if the @@ -2324,8 +2324,9 @@ impl Cert { /// let cert = cert.insert_packets(sig)?; /// /// // The old binding signature is replaced. - /// assert_eq!(cert.userids().nth(0).unwrap().self_signatures().len(), 1); - /// assert_eq!(cert.userids().nth(0).unwrap().self_signatures()[0] + /// assert_eq!(cert.userids().nth(0).unwrap().self_signatures().count(), 1); + /// assert_eq!(cert.userids().nth(0).unwrap().self_signatures().nth(0) + /// .unwrap() /// .unhashed_area() /// .subpackets(SubpacketTag::NotationData).count(), 1); /// # Ok(()) } @@ -4865,10 +4866,10 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= for uid in neal.userids() { for sigs in [ - uid.self_signatures(), - uid.certifications(), - uid.self_revocations(), - uid.other_revocations() + uid.self_signatures().collect::>(), + uid.certifications().collect::>(), + uid.self_revocations().collect::>(), + uid.other_revocations().collect::>() ].iter() { for sigs in sigs.windows(2) { cmps += 1; @@ -4878,7 +4879,7 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= } // Make sure we return the most recent first. - assert_eq!(uid.self_signatures().first().unwrap(), + assert_eq!(uid.self_signatures().nth(0).unwrap(), uid.binding_signature(p, None).unwrap()); } @@ -5212,8 +5213,8 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // type (GenericCertification), we know that it can only // go to the only userid, so there is no ambiguity in this // case. - assert_eq!(bob_userid_binding.certifications(), - &[ alice_certifies_bob.clone() ]); + assert_eq!(bob_userid_binding.certifications().collect::>(), + vec![&alice_certifies_bob]); // Make sure the certification is correct. alice_certifies_bob @@ -5312,8 +5313,8 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= assert_eq!(cert.unknowns().count(), 1); assert_eq!(cert.unknowns().nth(0).unwrap().unknown().tag(), packet::Tag::PublicSubkey); - assert_eq!(cert.unknowns().nth(0).unwrap().self_signatures(), - &[fake_binding]); + assert_eq!(cert.unknowns().nth(0).unwrap().self_signatures().collect::>(), + vec![&fake_binding]); Ok(()) } @@ -5685,9 +5686,9 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= assert_eq!(cert.subkeys().count(), 2); assert_eq!(cert.unknowns().count(), 0); assert_eq!(cert.bad_signatures().count(), 0); - assert_eq!(cert.userids().nth(0).unwrap().self_signatures().len(), 1); - assert_eq!(cert.subkeys().nth(0).unwrap().self_signatures().len(), 1); - assert_eq!(cert.subkeys().nth(1).unwrap().self_signatures().len(), 1); + assert_eq!(cert.userids().nth(0).unwrap().self_signatures().count(), 1); + assert_eq!(cert.subkeys().nth(0).unwrap().self_signatures().count(), 1); + assert_eq!(cert.subkeys().nth(1).unwrap().self_signatures().count(), 1); // Create a variant of cert where the signatures have // additional information in the unhashed area. @@ -5710,9 +5711,9 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= assert_eq!(cert.subkeys().count(), 2); assert_eq!(cert.unknowns().count(), 0); assert_eq!(cert.bad_signatures().count(), 0); - assert_eq!(cert.userids().nth(0).unwrap().self_signatures().len(), 1); - assert_eq!(cert.subkeys().nth(0).unwrap().self_signatures().len(), 1); - assert_eq!(cert.subkeys().nth(1).unwrap().self_signatures().len(), 1); + assert_eq!(cert.userids().nth(0).unwrap().self_signatures().count(), 1); + assert_eq!(cert.subkeys().nth(0).unwrap().self_signatures().count(), 1); + assert_eq!(cert.subkeys().nth(1).unwrap().self_signatures().count(), 1); Ok(()) } @@ -5868,11 +5869,11 @@ Pu1xwz57O4zo1VYf6TqHJzVC3OMvMUM2hhdecMUe5x6GorNaj6g= // Specifically, the issuer information should have been added // back by the canonicalization. assert_eq!( - cert.userids().nth(0).unwrap().self_signatures()[0] + cert.userids().nth(0).unwrap().self_signatures().nth(0).unwrap() .unhashed_area().subpackets(SubpacketTag::Issuer).count(), 1); assert_eq!( - cert.keys().subkeys().nth(0).unwrap().self_signatures()[0] + cert.keys().subkeys().nth(0).unwrap().self_signatures().nth(0).unwrap() .unhashed_area().subpackets(SubpacketTag::Issuer).count(), 1); Ok(()) diff --git a/openpgp/src/cert/amalgamation.rs b/openpgp/src/cert/amalgamation.rs index c9ffc6e8..169898a8 100644 --- a/openpgp/src/cert/amalgamation.rs +++ b/openpgp/src/cert/amalgamation.rs @@ -800,65 +800,25 @@ impl<'a, C> ComponentAmalgamation<'a, C> { } /// The component's self-signatures. - /// - /// This method is a forwarder for - /// [`ComponentBundle::self_signatures`]. Although - /// `ComponentAmalgamation` derefs to a `&ComponentBundle`, this - /// method provides a more accurate lifetime, which is helpful - /// when returning the reference from a function. [See the - /// module's documentation] for more details. - /// - /// [`ComponentBundle::self_signatures`]: ../bundle/struct.ComponentBundle.html#method.self_signatures - /// [See the module's documentation]: index.html - pub fn self_signatures(&self) -> &'a [Signature] { - self.bundle().self_signatures() + pub fn self_signatures(&self) -> impl Iterator + Send + Sync { + self.bundle().self_signatures().iter() } /// The component's third-party certifications. - /// - /// This method is a forwarder for - /// [`ComponentBundle::certifications`]. Although - /// `ComponentAmalgamation` derefs to a `&ComponentBundle`, this - /// method provides a more accurate lifetime, which is helpful - /// when returning the reference from a function. [See the - /// module's documentation] for more details. - /// - /// [`ComponentBundle::certifications`]: ../bundle/struct.ComponentBundle.html#method.certifications - /// [See the module's documentation]: index.html - pub fn certifications(&self) -> &'a [Signature] { - self.bundle().certifications() + pub fn certifications(&self) -> impl Iterator + Send + Sync { + self.bundle().certifications().iter() } /// The component's revocations that were issued by the /// certificate holder. - /// - /// This method is a forwarder for - /// [`ComponentBundle::self_revocations`]. Although - /// `ComponentAmalgamation` derefs to a `&ComponentBundle`, this - /// method provides a more accurate lifetime, which is helpful - /// when returning the reference from a function. [See the - /// module's documentation] for more details. - /// - /// [`ComponentBundle::self_revocations`]: ../bundle/struct.ComponentBundle.html#method.self_revocations - /// [See the module's documentation]: index.html - pub fn self_revocations(&self) -> &'a [Signature] { - self.bundle().self_revocations() + pub fn self_revocations(&self) -> impl Iterator + Send + Sync { + self.bundle().self_revocations().iter() } /// The component's revocations that were issued by other /// certificates. - /// - /// This method is a forwarder for - /// [`ComponentBundle::other_revocations`]. Although - /// `ComponentAmalgamation` derefs to a `&ComponentBundle`, this - /// method provides a more accurate lifetime, which is helpful - /// when returning the reference from a function. [See the - /// module's documentation] for more details. - /// - /// [`ComponentBundle::other_revocations`]: ../bundle/struct.ComponentBundle.html#method.other_revocations - /// [See the module's documentation]: index.html - pub fn other_revocations(&self) -> &'a [Signature] { - self.bundle().other_revocations() + pub fn other_revocations(&self) -> impl Iterator + Send + Sync { + self.bundle().other_revocations().iter() } } @@ -1194,7 +1154,7 @@ impl<'a, C> ValidComponentAmalgamation<'a, C> /// /// This method only returns signatures that are valid under the current policy. pub fn self_signatures(&self) -> impl Iterator + Send + Sync { - std::ops::Deref::deref(self).self_signatures().iter() + std::ops::Deref::deref(self).self_signatures() .filter(move |sig| self.cert.policy().signature(sig, HashAlgoSecurity::SecondPreImageResistance).is_ok()) } @@ -1203,7 +1163,7 @@ impl<'a, C> ValidComponentAmalgamation<'a, C> /// /// This method only returns signatures that are valid under the current policy. pub fn certifications(&self) -> impl Iterator + Send + Sync { - std::ops::Deref::deref(self).certifications().iter() + std::ops::Deref::deref(self).certifications() .filter(move |sig| self.cert.policy().signature(sig, HashAlgoSecurity::CollisionResistance).is_ok()) } @@ -1213,7 +1173,7 @@ impl<'a, C> ValidComponentAmalgamation<'a, C> /// /// This method only returns signatures that are valid under the current policy. pub fn self_revocations(&self) -> impl Iterator + Send + Sync { - std::ops::Deref::deref(self).self_revocations().iter() + std::ops::Deref::deref(self).self_revocations() .filter(move |sig|self.cert.policy().signature(sig, HashAlgoSecurity::SecondPreImageResistance).is_ok()) } @@ -1223,7 +1183,7 @@ impl<'a, C> ValidComponentAmalgamation<'a, C> /// /// This method only returns signatures that are valid under the current policy. pub fn other_revocations(&self) -> impl Iterator + Send + Sync { - std::ops::Deref::deref(self).other_revocations().iter() + std::ops::Deref::deref(self).other_revocations() .filter(move |sig| self.cert.policy().signature(sig, HashAlgoSecurity::CollisionResistance).is_ok()) } diff --git a/openpgp/src/cert/bindings.rs b/openpgp/src/cert/bindings.rs index 1d1ee3c5..49f4b4f7 100644 --- a/openpgp/src/cert/bindings.rs +++ b/openpgp/src/cert/bindings.rs @@ -176,7 +176,7 @@ impl UserID { /// /// // Check that we have a certification on the userid. /// assert_eq!(bob.userids().nth(0).unwrap() - /// .certifications().len(), 1); + /// .certifications().count(), 1); /// # Ok(()) } pub fn certify(&self, signer: &mut dyn Signer, cert: &Cert, signature_type: S, @@ -314,7 +314,7 @@ impl UserAttribute { /// /// // Check that we have a certification on the userid. /// assert_eq!(bob.user_attributes().nth(0).unwrap() - /// .certifications().len(), + /// .certifications().count(), /// 1); /// # Ok(()) } pub fn certify(&self, signer: &mut dyn Signer, cert: &Cert, diff --git a/openpgp/src/cert/builder.rs b/openpgp/src/cert/builder.rs index 627bd4f0..7a50ac66 100644 --- a/openpgp/src/cert/builder.rs +++ b/openpgp/src/cert/builder.rs @@ -342,7 +342,8 @@ impl CertBuilder<'_> { /// Some("Alice Lovelace ")) /// .set_creation_time(t) /// .generate()?; - /// assert_eq!(cert.primary_key().self_signatures()[0].signature_creation_time(), + /// assert_eq!(cert.primary_key().self_signatures().nth(0).unwrap() + /// .signature_creation_time(), /// Some(t)); /// # Ok(()) /// # } diff --git a/openpgp/src/cert/bundle.rs b/openpgp/src/cert/bundle.rs index 272088ce..d37f5158 100644 --- a/openpgp/src/cert/bundle.rs +++ b/openpgp/src/cert/bundle.rs @@ -397,7 +397,7 @@ impl ComponentBundle { /// for (i, ka) in cert.keys().enumerate() { /// eprintln!("Key #{} ({}) has {:?} self signatures", /// i, ka.fingerprint(), - /// ka.self_signatures().len()); + /// ka.self_signatures().count()); /// } /// # Ok(()) } /// ``` @@ -426,7 +426,7 @@ impl ComponentBundle { /// for ua in cert.userids() { /// eprintln!("User ID {} has {:?} unverified, third-party certifications", /// String::from_utf8_lossy(ua.userid().value()), - /// ua.certifications().len()); + /// ua.certifications().count()); /// } /// # Ok(()) } /// ``` @@ -456,7 +456,7 @@ impl ComponentBundle { /// for u in cert.userids() { /// eprintln!("User ID {} has {:?} revocation certificates.", /// String::from_utf8_lossy(u.userid().value()), - /// u.self_revocations().len()); + /// u.self_revocations().count()); /// } /// # Ok(()) } /// ``` @@ -486,7 +486,7 @@ impl ComponentBundle { /// for u in cert.userids() { /// eprintln!("User ID {} has {:?} unverified, third-party revocation certificates.", /// String::from_utf8_lossy(u.userid().value()), - /// u.other_revocations().len()); + /// u.other_revocations().count()); /// } /// # Ok(()) } /// ``` diff --git a/openpgp/src/packet/signature.rs b/openpgp/src/packet/signature.rs index 5b903114..079d09d1 100644 --- a/openpgp/src/packet/signature.rs +++ b/openpgp/src/packet/signature.rs @@ -3379,13 +3379,13 @@ mod test { let mut primary_signer = alice.primary_key().key().clone() .parts_into_secret()?.into_keypair()?; assert_eq!(alice.userids().len(), 1); - assert_eq!(alice.userids().nth(0).unwrap().self_signatures().len(), 1); + assert_eq!(alice.userids().nth(0).unwrap().self_signatures().count(), 1); let creation_time = - alice.userids().nth(0).unwrap().self_signatures()[0] + alice.userids().nth(0).unwrap().self_signatures().nth(0).unwrap() .signature_creation_time().unwrap(); for i in 0..2 * SIG_BACKDATE_BY { - assert_eq!(alice.userids().nth(0).unwrap().self_signatures().len(), + assert_eq!(alice.userids().nth(0).unwrap().self_signatures().count(), 1 + i as usize); // Get the binding signature so that we can modify it. @@ -3474,11 +3474,11 @@ mod test { assert_eq!(cert.bad_signatures().count(), 1); assert_eq!(cert.keys().subkeys().count(), 1); let subkey = cert.keys().subkeys().nth(0).unwrap(); - assert_eq!(subkey.self_signatures().len(), 1); + assert_eq!(subkey.self_signatures().count(), 1); // All the authentic information in the self signature has // been authenticated by the verification process. - let sig = &subkey.self_signatures()[0]; + let sig = &subkey.self_signatures().nth(0).unwrap(); assert!(sig.hashed_area().iter().all(|p| p.authenticated())); // All but our fake issuer information. assert!(sig.unhashed_area().iter().all(|p| { diff --git a/openpgp/src/packet/signature/subpacket.rs b/openpgp/src/packet/signature/subpacket.rs index 35c37b09..d97593c0 100644 --- a/openpgp/src/packet/signature/subpacket.rs +++ b/openpgp/src/packet/signature/subpacket.rs @@ -4393,7 +4393,7 @@ impl signature::SignatureBuilder { /// // Merge in the new signature. /// let bob = bob.insert_packets(certification)?; /// # assert_eq!(bob.bad_signatures().count(), 0); - /// # assert_eq!(bob.userids().nth(0).unwrap().certifications().len(), 1); + /// # assert_eq!(bob.userids().nth(0).unwrap().certifications().count(), 1); /// # Ok(()) } /// ``` pub fn set_exportable_certification(mut self, exportable: bool) @@ -4474,7 +4474,7 @@ impl signature::SignatureBuilder { /// // Merge in the new signature. /// let bob = bob.insert_packets(certification)?; /// # assert_eq!(bob.bad_signatures().count(), 0); - /// # assert_eq!(bob.userids().nth(0).unwrap().certifications().len(), 1); + /// # assert_eq!(bob.userids().nth(0).unwrap().certifications().count(), 1); /// # Ok(()) } /// ``` pub fn set_trust_signature(mut self, level: u8, trust: u8) @@ -4568,7 +4568,7 @@ impl signature::SignatureBuilder { /// // Merge in the new signature. /// let example_com = example_com.insert_packets(certification)?; /// # assert_eq!(example_com.bad_signatures().count(), 0); - /// # assert_eq!(example_com.userids().nth(0).unwrap().certifications().len(), 1); + /// # assert_eq!(example_com.userids().nth(0).unwrap().certifications().count(), 1); /// # Ok(()) } /// ``` pub fn set_regular_expression(mut self, re: R) -> Result @@ -4665,7 +4665,7 @@ impl signature::SignatureBuilder { /// // Merge in the new signature. /// let example_com = example_com.insert_packets(certification)?; /// # assert_eq!(example_com.bad_signatures().count(), 0); - /// # assert_eq!(example_com.userids().nth(0).unwrap().certifications().len(), 1); + /// # assert_eq!(example_com.userids().nth(0).unwrap().certifications().count(), 1); /// # Ok(()) } /// ``` pub fn add_regular_expression(mut self, re: R) -> Result @@ -4747,7 +4747,7 @@ impl signature::SignatureBuilder { /// // Merge in the new signature. /// let bob = bob.insert_packets(certification)?; /// # assert_eq!(bob.bad_signatures().count(), 0); - /// # assert_eq!(bob.userids().nth(0).unwrap().certifications().len(), 1); + /// # assert_eq!(bob.userids().nth(0).unwrap().certifications().count(), 1); /// # Ok(()) } /// ``` pub fn set_revocable(mut self, revocable: bool) -> Result { @@ -5127,7 +5127,7 @@ impl signature::SignatureBuilder { /// // Merge in the new signature. /// let alice = alice.insert_packets(sig)?; /// # assert_eq!(alice.bad_signatures().count(), 0); - /// # assert_eq!(alice.primary_key().self_signatures().len(), 2); + /// # assert_eq!(alice.primary_key().self_signatures().count(), 2); /// # Ok(()) } /// ``` pub fn set_revocation_key(mut self, rk: Vec) -> Result { diff --git a/openpgp/src/serialize/cert.rs b/openpgp/src/serialize/cert.rs index 5dee3b82..1f6268fa 100644 --- a/openpgp/src/serialize/cert.rs +++ b/openpgp/src/serialize/cert.rs @@ -63,7 +63,7 @@ impl Cert { } for u in self.userids() { - if export && ! u.self_signatures().iter().chain(u.self_revocations()).any( + if export && ! u.self_signatures().chain(u.self_revocations()).any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -86,7 +86,7 @@ impl Cert { } for u in self.user_attributes() { - if export && ! u.self_signatures().iter().chain(u.self_revocations()).any( + if export && ! u.self_signatures().chain(u.self_revocations()).any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -109,7 +109,7 @@ impl Cert { } for k in self.subkeys() { - if export && ! k.self_signatures().iter().chain(k.self_revocations()).any( + if export && ! k.self_signatures().chain(k.self_revocations()).any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -132,7 +132,7 @@ impl Cert { } for u in self.unknowns() { - if export && ! u.certifications().iter().any( + if export && ! u.certifications().any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -546,7 +546,7 @@ impl<'a> TSK<'a> { } for u in self.cert.userids() { - if export && ! u.self_signatures().iter().chain(u.self_revocations()).any( + if export && ! u.self_signatures().chain(u.self_revocations()).any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -569,7 +569,7 @@ impl<'a> TSK<'a> { } for u in self.cert.user_attributes() { - if export && ! u.self_signatures().iter().chain(u.self_revocations()).any( + if export && ! u.self_signatures().chain(u.self_revocations()).any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -592,7 +592,7 @@ impl<'a> TSK<'a> { } for k in self.cert.subkeys() { - if export && ! k.self_signatures().iter().chain(k.self_revocations()).any( + if export && ! k.self_signatures().chain(k.self_revocations()).any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. @@ -616,7 +616,7 @@ impl<'a> TSK<'a> { } for u in self.cert.unknowns() { - if export && ! u.certifications().iter().any( + if export && ! u.certifications().any( |s| s.exportable().is_ok()) { // No exportable selfsig on this component, skip it. diff --git a/sq/src/commands/inspect.rs b/sq/src/commands/inspect.rs index 29223422..53d7c8e5 100644 --- a/sq/src/commands/inspect.rs +++ b/sq/src/commands/inspect.rs @@ -278,7 +278,7 @@ fn inspect_key(policy: &dyn Policy, writeln!(output, "{} Key flags: {}", indent, flags)?; } } - inspect_certifications(output, bundle.certifications(), + inspect_certifications(output, bundle.certifications().iter(), print_certifications)?; Ok(()) @@ -382,11 +382,14 @@ fn inspect_signatures(output: &mut dyn io::Write, Ok(()) } -fn inspect_certifications(output: &mut dyn io::Write, - certs: &[openpgp::packet::Signature], - print_certifications: bool) -> Result<()> { +fn inspect_certifications<'a, A>(output: &mut dyn io::Write, + certs: A, + print_certifications: bool) -> Result<()> where + A: std::iter::Iterator { if print_certifications { + let mut verified_cerifications = false; for sig in certs { + verified_cerifications = true; let mut fps: Vec<_> = sig.issuer_fingerprints().collect(); fps.sort(); fps.dedup(); @@ -403,14 +406,15 @@ fn inspect_certifications(output: &mut dyn io::Write, } } } - if ! certs.is_empty() { + if !verified_cerifications { writeln!(output, " \ Certifications have NOT been verified!")?; } } else { - if ! certs.is_empty() { + let count = certs.count(); + if count > 0 { writeln!(output, " Certifications: {}, \ - use --certifications to list", certs.len())?; + use --certifications to list", count)?; } } -- cgit v1.2.3