wip

author: Nora Widdecke <nora@sequoia-pgp.org> 2020-06-03 13:35:20 +0200
committer: Nora Widdecke <nora@sequoia-pgp.org> 2020-06-05 11:44:49 +0200
commit: 8bfaf937bda7a246d5a075eb1cfdce3e7c7cf0a0 (patch)
tree: b17dbdcaee0949eb9462f3bd435d805d26628c6a
parent: 7267102380e70112888796eb553b56c35414e316 (diff)
3 files changed, 27 insertions, 20 deletions
diff --git a/openpgp/src/fingerprint.rs b/openpgp/src/fingerprint.rs
index 5147cbdf..f5b1b0c0 100644
--- a/openpgp/src/fingerprint.rs
+++ b/openpgp/src/fingerprint.rs
@@ -9,6 +9,11 @@ use quickcheck::{Arbitrary, Gen};
 /// For more details about how a fingerprint is generated, see
 /// [Section 12.2 of RFC 4880].
 ///
+/// Fingerprints are used, for example, to reference the issuing key of a signature in
+/// its IssuerFingerprint subpacket.
+/// As a general rule of thumb, you should prefer using fingerprints instead of
+/// keyids because they are vulnerable to [birthday attack]s.
+///
 /// See also [`KeyID`], [`KeyHandle`].
 ///
 ///   [Section 12.2 of RFC 4880]:
@@ -17,8 +22,6 @@ use quickcheck::{Arbitrary, Gen};
 ///   [`KeyID`]: ./enum.KeyID.html
 ///   [`KeyHandle`]: ./enum.KeyHandle.html
 ///
-/// # Example
-/// TODO: signature.issuer
 #[derive(PartialEq, Eq, PartialOrd, Ord, Clone, Hash)]
 pub enum Fingerprint {
     /// A 20 byte SHA-1 hash of the public key packet as defined in the RFC.
diff --git a/openpgp/src/keyhandle.rs b/openpgp/src/keyhandle.rs
index 4c37ea4d..90b9c4aa 100644
--- a/openpgp/src/keyhandle.rs
+++ b/openpgp/src/keyhandle.rs
@@ -16,26 +16,32 @@ use crate::{
 /// This is needed because signatures can reference their issuer either by
 /// `Fingerprint` or by `KeyID`.
 ///
-/// , as defined in
-/// [Section 12.2 of RFC 4880].
-///
-///
 /// A fingerprint is, essentially, a 20-byte SHA-1 hash over the key's public key packet.
 /// A keyid is defined as the fingerprint's lower 8 bytes.
-/// Both are used to identify a key, e.g., the issuer of a signature.
+///
+/// For the exact definition, see [Section 12.2 of RFC 4880].
+///
+/// Both fingerprint and keyid are used to identify a key, e.g., the issuer of a
+/// signature.
 ///
 ///   [Section 12.2 of RFC 4880]: https://tools.ietf.org/html/rfc4880#section-12.2
 ///
 ///   [`Fingerprint`]: ./enum.Fingerprint.html
 ///   [`KeyID`]: ./enum.KeyID.html
 ///
+/// KeyHandle
+/// - enum representing either Fingerprint or keyID
+/// - either can be used to reference the issuer of a signature
+/// - definition:
+///   - fingerprint: 20byte sha-1 hash of (essentially) public key packet
+///   - keyid: lower 8 bytes of fingerprint
+/// - keyid vulnerable to birthday attacks
+/// - advice: prefer fingerprint over keyid (necessary here at keyHandle? confusing?)
+///
 /// ## Implementation of `PartialEq` for `KeyHandle`
-/// * The relationship 
-/// * Determining if two keyhandles are equal
-/// * trivial if comparing two fingerprints or two keyids
-/// * 
-/// * difficult if f is a fingerprint and k is 
-/// * if f = 1234 1234 1234 1234 1234  1234 1234 1234 1234 1234
+/// - Determining if two keyhandles are equal
+/// - trivial if comparing two fingerprints or two keyids
+/// - problem: if a is a fingerprint and b is a keyid, and b is the end of a
 ///
 /// # Examples
 ///
@@ -69,8 +75,7 @@ use crate::{
 /// # }
 /// ```
 ///
-///
-/// ```ignore
+/// ```
 /// # use sequoia_openpgp as openpgp;
 /// # use openpgp::Result;
 /// # use openpgp::{Fingerprint, KeyHandle};
@@ -92,7 +97,7 @@ use crate::{
 ///     cert.keys().key_handle(self_sig.issuer().unwrap()).next().is_some()
 /// });
 ///
-/// //self_sig.verify(keyhandle);
+/// self_sig.verify(keyhandle);
 /// //assert_eq!(keyhandle, self_sig.issuer())
 /// Ok(())
 /// }
@@ -346,7 +351,6 @@ mod tests {
         use crate::crypto::KeyPair;
         use crate::Packet;
         use crate::types::{Curve, SignatureType};
-        use crate::packet::signature::Builder;
         use crate::cert::CertParser;
         use crate::parse::Parse;
         use crate::policy::StandardPolicy as P;
diff --git a/openpgp/src/keyid.rs b/openpgp/src/keyid.rs
index b960251f..9feaf031 100644
--- a/openpgp/src/keyid.rs
+++ b/openpgp/src/keyid.rs
@@ -13,7 +13,7 @@ use crate::Result;
 /// As a general rule of thumb, you should prefer the fingerprint as it is
 /// possible to create keys with a colliding KeyID using a [birthday attack].
 ///
-/// KeyIds are used for example to reference the issuing key of a signature in
+/// KeyIds are used, for example, to reference the issuing key of a signature in
 /// its Issuer subpacket.
 ///
 /// For more details about how a KeyID is generated, see [Section 12.2 of RFC 4880].
@@ -36,8 +36,8 @@ use crate::Result;
 pub enum KeyID {
     /// Lower 8 byte SHA-1 hash.
     V4([u8;8]),
-    /// Used for holding keyids encountered during parsing that do not match
-    /// the specification, e.g. wrong number of bytes.
+    /// Used for holding invalid keyids encountered during parsing
+    /// e.g. wrong number of bytes.
     Invalid(Box<[u8]>)
 }
author	Nora Widdecke <nora@sequoia-pgp.org>	2020-06-03 13:35:20 +0200
committer	Nora Widdecke <nora@sequoia-pgp.org>	2020-06-05 11:44:49 +0200
commit	8bfaf937bda7a246d5a075eb1cfdce3e7c7cf0a0 (patch)
tree	b17dbdcaee0949eb9462f3bd435d805d26628c6a
parent	7267102380e70112888796eb553b56c35414e316 (diff)