Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
- Put the Issuer, IssuerFingerprint, and EmbeddedSignature
subpackets into the hashed subpacket area.
- Even though this information is self-authenticating (the act of
validating the signature authenticates the subpacket), it is stored
in the unhashed subpacket area. This has the advantage that the
signer authenticates the set of issuers. Furthermore, it makes
handling of the resulting signatures more robust: If there are two
two signatures that are equal modulo the contents of the unhashed
area, there is the question of how to merge the information in the
unhashed areas. Storing issuer information in the hashed area avoids
this problem.
|
|
|
|
- In order to deduplicate signatures, we need to sort them first.
Previously, we used sig_cmp for that, which sorts by signature
creation time and uses the actual signature data as a tie breaker.
This, however, is not a suitable relation for deduplication with
Signature::normalized_eq: Here, we need an order that is consistent
with the equality operation, which sig_cmp is not.
- Fix this by providing and using Signature::normalized_cmp.
- Fixes #573.
|
|
- In order to deduplicate signatures, we need to be able to sort
them. This change implements PartialOrd and Ord for all relevant
types. Like PartialEq and Eq it is based on the serialized form,
and can be derived for most of the types.
|
|
This looks like an accident and should just be a build-release of the
store crate. The built lib will by linked in ffi language modules like
python with LD_LIBRARY_PATH so no system installation is and should be
needed for purely building.
|
|
|
|
- Fixes #523.
|
|
- crypto::mpi::SecretKeyMaterial is the sole exception to this rule,
because we are trying to compare them in constant time. Add a
hint for clippy that this is okay.
- KeyHandle no longer implements Eq, so there is no point in
implementing Hash. Simply remove it.
- Implement Hash for SubpacketLength by hashing the serialized
form. Manually implement Eq for consistency.
- Fixes #567.
|
|
- Use the correct equality function when deduplicating signatures.
- Fixes #568.
|
|
|
|
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#unused_io_amount
- Replace `read` with `read_exact`, so that an error is returned if
the buffer cannot be filled.
|
|
|
|
|
|
- Fixes #564.
|
|
- The tests used a certificate that expired by now. However,
because Sequoia did not consider subkeys of expired certificates
to be also expired, the tests were happy.
|
|
- We erroneously assumed that when BufferedReader::next() is called,
a SEIP container must be opaque and hence there cannot be a
buffered_reader::Reserve on the stack with Cookie::fake_eof set.
But, we could simply call BufferedReader::next() after the SEIP
packet is decrypted, or buffer a SEIP packet's body, then call
BufferedReader::recurse(), which falls back to
BufferedReader::next() because some data has been read.
- Remove the erroneous assertion.
- Fixes #455.
|
|
- Mark `aead_algo` as available only during tests,
- Remove support for AEAD from `sop`,
- Mark `aead` parameter in FFI as unused,
- openpgp-ffi: Drop `aead_algo` argument from `pgp_encryptor_new`,
- Fixes #550.
|
|
- Adjust code to test for `cfg(test)` only,
- Remove `quickcheck` and `rand` from dependencies so that they stay
only in dev-dependencies,
- Remove mention of `x-quickcheck` feature from the documentation,
- Fixes #545.
|
|
|
|
|
|
- Ingore all target dirs.
- Adapt to new codespell dictionary:
Add keyserver, keypair, dedup, fpr to ingore list.
|
|
|
|
- move codespell job to bullseye
- move valgrind test to bullseye
|
|
|
|
|
|
|
|
- 0.19 had vulnerability RUSTSEC-2020-0014.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- ECDH public fields have a mechanism for future extensions.
Currently, this field has to be set to 1. Enforce this at parse
time.
- Fixes #561.
|
|
|
|
- Rust 1.46.0 warns that the callback function types are not FFI-safe.
This declares them `extern fn`, as the compiler suggests.
|
|
|
|
|
|
|
|
- Change `expect` to `context(...)?`,
- Change `unwrap` to `?`.
|
|
- Rename `literal_writer` to `message`,
- Rename `signer` to `message`,
- Rename `encryptor` to `message`.
|
|
|
|
|