From 7e78e716610ac3a9bff86035c52b344b437951a2 Mon Sep 17 00:00:00 2001
From: "Neal H. Walfield" <neal@pep.foundation>
Date: Mon, 6 Jan 2020 10:29:13 +0100
Subject: openpgp: Pass a timestamp to the KeyIter instead of each filter.

  - KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
    take a time stamp so they could only be used for filtering keys
    based on their current state, not their state at some time in the
    past.  Adding a time stamp to each of the filters would have fixed
    the problem, but it would have made the interface ugly: callers
    always want the same time stamp for all filters.

  - Split KeyIter into two structures: a KeyIter and a ValidKeyIter.

  - Add KeyIter::policy.  It takes a time stamp, which is then used
    for filters like `alive` and `revoked`, and it returns a
    ValidKeyIter, which exposes filters that require a time stamp.
---
 guide/src/chapter_01.md | 8 ++++----
 guide/src/chapter_02.md | 8 ++++----
 2 files changed, 8 insertions(+), 8 deletions(-)

(limited to 'guide')

diff --git a/guide/src/chapter_01.md b/guide/src/chapter_01.md
index 56c131fb..78978161 100644
--- a/guide/src/chapter_01.md
+++ b/guide/src/chapter_01.md
@@ -51,7 +51,7 @@ fn main() {
 # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
 #            -> openpgp::Result<()> {
 #     // Get the keypair to do the signing from the Cert.
-#     let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+#     let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
 #         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 #
 #     // Start streaming an OpenPGP message.
@@ -196,7 +196,7 @@ fn generate() -> openpgp::Result<openpgp::Cert> {
 # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
 #            -> openpgp::Result<()> {
 #     // Get the keypair to do the signing from the Cert.
-#     let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+#     let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
 #         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 #
 #     // Start streaming an OpenPGP message.
@@ -341,7 +341,7 @@ implements [`io::Write`], and we simply write the plaintext to it.
 fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
            -> openpgp::Result<()> {
     // Get the keypair to do the signing from the Cert.
-    let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+    let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 
     // Start streaming an OpenPGP message.
@@ -497,7 +497,7 @@ Verified data can be read from this using [`io::Read`].
 # fn sign(sink: &mut Write, plaintext: &str, tsk: &openpgp::Cert)
 #            -> openpgp::Result<()> {
 #     // Get the keypair to do the signing from the Cert.
-#     let keypair = tsk.keys().alive().revoked(false).for_signing().nth(0).unwrap().
+#     let keypair = tsk.keys().policy(None).alive().revoked(false).for_signing().nth(0).unwrap().
 #         key().clone().mark_parts_secret().unwrap().into_keypair()?;
 # 
 #     // Start streaming an OpenPGP message.
diff --git a/guide/src/chapter_02.md b/guide/src/chapter_02.md
index 9f4c3a0a..f6cb4b48 100644
--- a/guide/src/chapter_02.md
+++ b/guide/src/chapter_02.md
@@ -51,7 +51,7 @@ fn main() {
 #            -> openpgp::Result<()> {
 #    // Build a vector of recipients to hand to Encryptor.
 #    let mut recipients =
-#        recipient.keys().alive().revoked(false)
+#        recipient.keys().policy(None).alive().revoked(false)
 #        .for_transport_encryption()
 #        .map(|ka| ka.key().into())
 #        .collect::<Vec<_>>();
@@ -192,7 +192,7 @@ fn generate() -> openpgp::Result<openpgp::Cert> {
 #            -> openpgp::Result<()> {
 #    // Build a vector of recipients to hand to Encryptor.
 #    let mut recipients =
-#        recipient.keys().alive().revoked(false)
+#        recipient.keys().policy(None).alive().revoked(false)
 #        .for_transport_encryption()
 #        .map(|ka| ka.key().into())
 #        .collect::<Vec<_>>();
@@ -333,7 +333,7 @@ fn encrypt(sink: &mut Write, plaintext: &str, recipient: &openpgp::Cert)
            -> openpgp::Result<()> {
     // Build a vector of recipients to hand to Encryptor.
     let mut recipients =
-        recipient.keys().alive().revoked(false)
+        recipient.keys().policy(None).alive().revoked(false)
         .for_transport_encryption()
         .map(|ka| ka.key().into())
         .collect::<Vec<_>>();
@@ -488,7 +488,7 @@ Decrypted data can be read from this using [`io::Read`].
 #            -> openpgp::Result<()> {
 #    // Build a vector of recipients to hand to Encryptor.
 #    let mut recipients =
-#        recipient.keys().alive().revoked(false)
+#        recipient.keys().policy(None).alive().revoked(false)
 #        .for_transport_encryption()
 #        .map(|ka| ka.key().into())
 #        .collect::<Vec<_>>();
-- 
cgit v1.2.3