From 38a4d2b4ff4fc4512b31a4ff4e4ddd8a6b3c7503 Mon Sep 17 00:00:00 2001
From: Justus Winter <justus@sequoia-pgp.org>
Date: Fri, 6 Sep 2019 13:47:50 +0200
Subject: openpgp: Rework streaming encryptor.

  - Instead of giving a set of TPKs to the encryptor, hand in a set of
    recipients, which are (keyid, key)-tuples, conveniently created
    from key queries over TPKs.  This simplifies the encryptor, and
    makes the key selection explicit.

  - Drop the EncryptionMode type.

  - As a nice side effect, we can now generate encrypted messages with
    wildcard recipient addresses.
---
 openpgp/examples/pad.rs | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

(limited to 'openpgp/examples/pad.rs')

diff --git a/openpgp/examples/pad.rs b/openpgp/examples/pad.rs
index b4e0f175..a959786d 100644
--- a/openpgp/examples/pad.rs
+++ b/openpgp/examples/pad.rs
@@ -7,9 +7,11 @@ use std::io;
 extern crate sequoia_openpgp as openpgp;
 use crate::openpgp::armor;
 use crate::openpgp::constants::DataFormat;
+use crate::openpgp::KeyID;
+use crate::openpgp::packet::KeyFlags;
 use crate::openpgp::parse::Parse;
 use crate::openpgp::serialize::stream::{
-    Message, LiteralWriter, Encryptor, EncryptionMode,
+    Message, LiteralWriter, Encryptor, Recipient,
 };
 use crate::openpgp::serialize::padding::*;
 
@@ -22,8 +24,8 @@ fn main() {
     }
 
     let mode = match args[1].as_ref() {
-        "at-rest" => EncryptionMode::AtRest,
-        "for-transport" => EncryptionMode::ForTransport,
+        "at-rest" => KeyFlags::default().set_encrypt_at_rest(true),
+        "for-transport" => KeyFlags::default().set_encrypt_for_transport(true),
         x => panic!("invalid mode: {:?}, \
                      must be either 'at-rest' or 'for-transport'",
                     x),
@@ -34,8 +36,13 @@ fn main() {
         openpgp::TPK::from_file(f)
             .expect("Failed to read key")
     }).collect();
-    // Build a vector of references to hand to Encryptor.
-    let recipients: Vec<&openpgp::TPK> = tpks.iter().collect();
+
+    // Build a vector of recipients to hand to Encryptor.
+    let recipients =
+        tpks.iter()
+        .flat_map(|tpk| tpk.keys_valid().key_flags(mode.clone()))
+        .map(|(_, _, key)| Recipient::new(KeyID::wildcard(), key))
+        .collect::<Vec<_>>();
 
     // Compose a writer stack corresponding to the output format and
     // packet structure we want.  First, we want the output to be
@@ -50,7 +57,6 @@ fn main() {
     let encryptor = Encryptor::new(message,
                                    &[], // No symmetric encryption.
                                    &recipients,
-                                   mode,
                                    None, None)
         .expect("Failed to create encryptor");
 
-- 
cgit v1.2.3