Age | Commit message (Collapse) | Author |
|
- A wrapper object may be deallocated either if the object is
freed *or* the object is moved. Change the error message to
mention both of these possibilities.
|
|
- A Rust boolean maps to a C _Bool, not a C int.
- Note: this mapping has recently been formalized. See, for
instance, https://github.com/rust-lang/rust/pull/46176 .
|
|
- CDefError is not exposed as cffi.error.CDefError, but as
cffi.api.CDefError in python3-cffi 1.9.1-2. This change is
forwards compatible with python3-cffi 1.11.5-3 (from Debian
Testing).
- enum.auto is only available in Python v3.6. Albeit uglier,
manually assigning values works in Python v3.5 (and later).
|
|
- When we transfer ownership from C to Rust, we move the wrapped
object out of the wrapper, and poison the wrapper.
- This prevents reuse of the wrapper object. When a stale reference
is given to us, we check the tag encoding the type information.
- If the tag field is poisoned, we can produce a more helpful error
message. This is not exact, of course. As soon as the memory is
reused, our tag is overwritten.
|
|
- This change adds a tag to the derived wrapper types that identify
the type of the wrapped value.
- At runtime, we can verify that references to wrapper objects
indeed carry the right tag.
- Fixes #166.
|
|
- With the abstractions for moving ownership and references across
the FFI boundary, we can now switch to actually using the wrapper
types by changing the function signatures to use the wrapper type,
and updating the generated functions.
|
|
|
|
|
|
|
|
|
|
|
|
- This is a framework for dealing with ownership and references at
the FFI boundary. Previously, we used macros to do that. This
change introduces a more idiomatic interface, we use traits
converting from raw pointers of a wrapper type to objects,
references, or mutable references to a wrapped type.
- For now, we use the wrapped type as wrapper type. We merely
introduce a new mechanism replacing the macro-based one.
- This patch also converts all the derived functions.
- The following patches will convert all the functions that are
already using the ffi_wrapper_type. Once this conversion is done,
we can introduce our own wrapper type.
|
|
- In case of errors, set *tpk_out to None.
|
|
|
|
- We need at least version 1.31.0 of rustc.
- Prefix commands that require root with sudo.
|
|
|
|
This patch splits off the deterministic stage into it's
own function to make it easier to write tests for ECDH keys.
|
|
This fixes a crash in the TPK parser resulting from reaching and
unreachable branch. The problem is triggered by an invalid SecretSubkey
packet. The packet is parsed as Packet::Unknown(Tag::SecretSubkey,...).
The parser then calls pkt.tag() to convert the Packet into a Token.
The patch uses a match instead of tag() when converting. Closes #120.
|
|
|
|
|
|
|
|
- Fixes tests not being found because the functions signature were
formatted differently. In the end, only proper parsing will help
here.
|
|
|
|
- This function was used early on to demonstrate the FFI layer. It
can now be expressed using pgp_tpk_debug().
|
|
|
|
|
|
|
|
|
|
- Note that the wrapper type is not actually used for now, the
functions still operate on the original type. But, this lets us
derive functions, and for that we merge it now.
- See #166.
|
|
|
|
|
|
|
|
- For C code fragments, we use the highlight.js highlighter to apply
syntax highlighting. Previously, highlight.js was only used in
the FFI documentation, and was loaded from a CDN.
- We now distribute highlight.js with our documentation. This is
done in the 'doc' make target.
- This helps to protect the privacy of users viewing the
documentation.
- Unfortunately, highlighting no longer works when viewing the
documentation locally in a browser using the file:// scheme.
|
|
|
|
|
|
- Prepend the documentation for the openpgp crate as introduction.
- Explain how to read the documentation, examples, Rust types.
- Explain the FFI contract.
|
|
|
|
|
|
Setters of signature::Builer now consume self and return self.
Closes #165
|
|
|
|
Closes #164
|
|
Subkeys weren't signing capable. I also added to re-create the test data
to improve transparency.
|
|
|
|
|
|
|
|
Closes #44
|
|
- This is the result of the following command:
git grep -il pgp_p_key | while read F ; do sed -E -i -e 's/pgp_p_key/pgp_key/g' $F ; done
- Fixes #155.
|
|
- This change is the result of the following command, which can also
be used to automatically convert existing users of Sequoia's C
API:
git grep -il sq_ | while read F ; do sed -E -i -e 's/sq_(arbitrary_writer_new|armor_reader_from_bytes|armor_reader_from_file|armor_reader_headers|armor_reader_kind|armor_reader_new|armor_writer_new|decrypt|encryptor_new|error_free|error_status|error_string|fingerprint_as_bytes|fingerprint_clone|fingerprint_equal|fingerprint_free|fingerprint_from_bytes|fingerprint_from_hex|fingerprint_hash|fingerprint_to_hex|fingerprint_to_keyid|fingerprint_to_string|keyid_clone|keyid_equal|keyid_free|keyid_from_bytes|keyid_from_hex|keyid_hash|keyid_to_hex|keyid_to_string|key_pair_as_signer|key_pair_free|key_pair_new|literal_writer_new|packet_free|packet_kind|packet_parser_buffer_unread_content|packet_parser_decrypt|packet_parser_eof_free|packet_parser_eof_is_message|packet_parser_finish|packet_parser_free|packet_parser_from_bytes|packet_parser_from_file|packet_parser_from_reader|packet_parser_next|packet_parser_packet|packet_parser_recurse|packet_parser_recursion_depth|packet_parser_result_eof|packet_parser_result_free|packet_parser_result_packet_parser|packet_parser_result_tag|packet_pile_clone|packet_pile_free|packet_pile_from_bytes|packet_pile_from_file|packet_pile_from_reader|packet_pile_serialize|packet_tag|pkesk_decrypt|pkesk_recipient|p_key_alive|p_key_alive_at|p_key_clone|p_key_creation_time|p_key_expired|p_key_expired_at|p_key_fingerprint|p_key_into_key_pair|p_key_keyid|p_key_public_key_algo|p_key_public_key_bits|reader_free|reader_from_bytes|reader_from_fd|reader_from_file|reader_read|revocation_status_free|revocation_status_variant|secret_cached|signature_alive|signature_alive_at|signature_can_authenticate|signature_can_certify|signature_can_encrypt_at_rest|signature_can_encrypt_for_transport|signature_can_sign|signature_expired|signature_expired_at|signature_free|signature_is_group_key|signature_is_split_key|signature_issuer|signature_issuer_fingerprint|signature_to_packet|signer_free|signer_new|signer_new_detached|skesk_decrypt|tag_to_string|tpk_alive|tpk_alive_at|tpk_builder_add_certification_subkey|tpk_builder_add_encryption_subkey|tpk_builder_add_signing_subkey|tpk_builder_add_userid|tpk_builder_autocrypt|tpk_builder_default|tpk_builder_free|tpk_builder_generate|tpk_builder_set_cipher_suite|tpk_clone|tpk_dump|tpk_equal|tpk_expired|tpk_expired_at|tpk_fingerprint|tpk_free|tpk_from_bytes|tpk_from_file|tpk_from_packet_parser|tpk_from_packet_pile|tpk_from_reader|tpk_into_tsk|tpk_is_tsk|tpk_key_iter|tpk_key_iter_free|tpk_key_iter_next|tpk_merge|tpk_merge_packets|tpk_primary|tpk_primary_user_id|tpk_revocation_status|tpk_revoke|tpk_revoke_in_place|tpk_serialize|tpk_set_expiry|tpk_user_id_binding_iter|tsk_free|tsk_into_tpk|tsk_new|tsk_serialize|tsk_tpk|user_attribute_value|user_id_binding_iter_free|user_id_binding_iter_next|user_id_binding_selfsig|user_id_binding_user_id|user_id_value|verification_result_code|verification_result_level|verification_results_at_level|verification_result_signature|verify|writer_alloc|writer_free|writer_from_bytes|writer_from_fd|writer_from_file|writer_stack_finalize|writer_stack_finalize_one|writer_stack_message|writer_stack_write|writer_stack_write_all|writer_write|reader|writer|packet_parser|packet_parser_result|packet_parser_eof|keyid|fingerprint|revocation_status|revocation_status_variant|armor_kind|armor_header|tag|unknown|signature|one_pass_sig|p_key|user_id|user_attribute|literal|compressed_data|pkesk|skesk|seip|mdc|packet|packet_pile|reason_for_revocation|user_id_binding|user_id_binding_iter|tpk_key_iter|tpk|tsk|tpk_builder|tpk_cipher_suite|public_key_algorithm|writer_stack|encryption_mode|secret|verification_results|verification_result|verification_result_code|sequoia_decrypt_get_public_keys_cb_t|sequoia_decrypt_get_secret_keys_cb_t|sequoia_decrypt_check_signatures_cb_t|mpi|signer|key_pair|p_key|status|error)/pgp_\1/g' -e 's/SQ_(ARMOR_KIND_ANY|ARMOR_KIND_FILE|ARMOR_KIND_FORCE_WIDTH|ARMOR_KIND_MESSAGE|ARMOR_KIND_PUBLICKEY|ARMOR_KIND_SECRETKEY|ARMOR_KIND_SIGNATURE|ENCRYPTION_MODE_AT_REST|ENCRYPTION_MODE_FOR_TRANSPORT|PUBLIC_KEY_ALGO_DSA|PUBLIC_KEY_ALGO_ECDH|PUBLIC_KEY_ALGO_ECDSA|PUBLIC_KEY_ALGO_EDDSA|PUBLIC_KEY_ALGO_ELGAMAL_ENCRYPT|PUBLIC_KEY_ALGO_ELGAMAL_ENCRYPT_SIGN|PUBLIC_KEY_ALGO_FORCE_WIDTH|PUBLIC_KEY_ALGO_RSA_ENCRYPT|PUBLIC_KEY_ALGO_RSA_ENCRYPT_SIGN|PUBLIC_KEY_ALGO_RSA_SIGN|REASON_FOR_REVOCATION_FORCE_WIDTH|REASON_FOR_REVOCATION_KEY_COMPROMISED|REASON_FOR_REVOCATION_KEY_RETIRED|REASON_FOR_REVOCATION_KEY_SUPERSEDED|REASON_FOR_REVOCATION_UID_RETIRED|REASON_FOR_REVOCATION_UNSPECIFIED|REVOCATION_STATUS_COULD_BE|REVOCATION_STATUS_FORCE_WIDTH|REVOCATION_STATUS_NOT_AS_FAR_AS_WE_KNOW|REVOCATION_STATUS_REVOKED|STATUS_BAD_SIGNATURE|STATUS_FORCE_WIDTH|STATUS_INDEX_OUT_OF_RANGE|STATUS_INVALID_ARGUMENT|STATUS_INVALID_OPERATION|STATUS_INVALID_PASSWORD|STATUS_INVALID_SESSION_KEY|STATUS_IO_ERROR|STATUS_MALFORMED_MESSAGE|STATUS_MALFORMED_PACKET|STATUS_MALFORMED_TPK|STATUS_MANIPULATED_MESSAGE|STATUS_MISSING_SESSION_KEY|STATUS_NETWORK_POLICY_VIOLATION|STATUS_SUCCESS|STATUS_UNKNOWN_ERROR|STATUS_UNSUPPORTED_AEAD_ALGORITHM|STATUS_UNSUPPORTED_ELLIPTIC_CURVE|STATUS_UNSUPPORTED_HASH_ALGORITHM|STATUS_UNSUPPORTED_PUBLICKEY_ALGORITHM|STATUS_UNSUPPORTED_SIGNATURE_TYPE|STATUS_UNSUPPORTED_SYMMETRIC_ALGORITHM|STATUS_UNSUPPORTED_TPK|TAG_COMPRESSED_DATA|TAG_LITERAL|TAG_MARKER|TAG_MDC|TAG_ONE_PASS_SIG|TAG_PKESK|TAG_PRIVATE|TAG_PUBLIC_KEY|TAG_PUBLIC_SUBKEY|TAG_RESERVED|TAG_SECRET_KEY|TAG_SECRET_SUBKEY|TAG_SED|TAG_SEIP|TAG_SIGNATURE|TAG_SKESK|TAG_TRUST|TAG_UNASSIGNED|TAG_USER_ATTRIBUTE|TAG_USER_ID|TPK_CIPHER_SUITE_CV|TPK_CIPHER_SUITE_FORCE_WIDTH|TPK_CIPHER_SUITE_RSA|VERIFICATION_RESULT_CODE_BAD_CHECKSUM|VERIFICATION_RESULT_CODE_FORCE_WIDTH|VERIFICATION_RESULT_CODE_GOOD_CHECKSUM|VERIFICATION_RESULT_CODE_MISSING_KEY)/PGP_\1/g' $F ; done
|
|
- This creates a new crate, 'sequoia-openpgp-ffi', and moves a
handful of functions from 'sequoia-ffi' to it.
- The 'sequoia-ffi' crate is a superset of the 'sequoia-openpgp-ffi'
crate. This is accomplished by some include! magic.
- My first attempt involved having 'sequoia-ffi' depend on
'sequoia-openpgp-ffi', so that the former just re-exports the
symbols. However, that turned out to be unreliable, and might be
not what we want, because it could also duplicate parts of Rust's
standard library.
- Fixes #144.
|
|
|