diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2021-03-22 14:49:19 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2021-03-22 14:57:38 +0100 |
commit | e55f5ab5440962f705ec47da7bf8283e1d6b660c (patch) | |
tree | fac77d0f5ba53f7af36535a65d583b5ba468fd3d /openpgp/src/packet_pile.rs | |
parent | 2779c2d60678ca36d0553bab3a2b18f25803cf0e (diff) |
openpgp: Add test demonstrating that canonicalization is robust.
- At some point, invalid self-signatures would be mis-classified as
third-party certifications by Cert::canonicalize. As a side-effect,
invalid self-revocations would be considered third-party
revocations, changing the certificates revocation status to
CouldBe. Confusingly, also changing the digest prefix would break
this mis-classification, resulting in a revocation status of
NotAsFarAsWeKnow.
- The underlying issue was fixed in
7afee60b7cf0f19559bfccd8c42fdc77f6b9c655.
- Add a test that demonstrates that bad signatures are now
recognized as such, and that the confusing behavior previously
observed is now consistent.
- Fixes #486.
Diffstat (limited to 'openpgp/src/packet_pile.rs')
-rw-r--r-- | openpgp/src/packet_pile.rs | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/openpgp/src/packet_pile.rs b/openpgp/src/packet_pile.rs index 2eb841d0..8aef9e82 100644 --- a/openpgp/src/packet_pile.rs +++ b/openpgp/src/packet_pile.rs @@ -96,7 +96,7 @@ use crate::parse::Cookie; /// /// let cert = Cert::try_from(pp)?; /// if let NotAsFarAsWeKnow = cert.revocation_status(policy, None) { -/// // revocation signature is broken and the key is not definitely revoked +/// // revocation signature is broken and the cert is not revoked /// assert_eq!(cert.bad_signatures().count(), 1); /// } /// # else { |