Age | Commit message (Collapse) | Author |
|
- A start
|
|
- Improve the documentation for `Cert::sort_and_dedup`,
`Cert::merge_public` and `Cert::merge_public_and_secret`, and add
more examples.
|
|
- Fixes #970.
|
|
- We cannot manipulate BufferedReader stacks across different cookie
types. Use our struct Cookie for the RawCertParser so that we
don't need adapters to translate between the cookie types. This
way, we can pop the armored reader off if we want to.
|
|
- Also bump syn so that we can get bindgen 0.63.
- This fixes a build error that we have seen on mingw builds:
https://gitlab.com/sequoia-pgp/sequoia/-/jobs/4122192520
|
|
|
|
|
|
|
|
|
|
- For GCM, OpenSSL returns 1 for the block size. However, the
digest_size must be 16. Use our size instead of (ab)using
OpenSSL's block size interface to infer the digest size.
|
|
|
|
- Instead of using use a `HashMap` to map `SubpacketTag`s to
indexes, which means hashing a `u8`, multiple heap allocations,
and traversing pointers, use a `Vec` to do a table look up.
- Also, use a `OnceCell` instead of implementing it using a `Mutex`
and a `RefCell`.
- I did the following micro-benchmark: `sq wot list neal` on a
cert-d with 1500 certificates. I used sq 54fd575. I profiled it
using valgrind's callgrind tool.
The total number of cycles according to callgrind drops from
49,887,487,592 to 44,253,794,643 (delta: -5,633,692,949), and the
number of cycles for `SubpacketAreas::subpacket` drops from
5,509,345,486 to the function no longer being present in the
trace.
|
|
- This function allows accepting hash algorithm for one particular
security property.
- Closes https://gitlab.com/sequoia-pgp/sequoia/-/issues/595
|
|
|
|
|
|
- Previously, every crypto backend had to implement these methods.
Instead, implement them just once and hard code the lengths.
Anchor them using the values from the crypto backends, if
available.
- Fixes #966.
|
|
- Previously, we incorrectly selected the 2TDEA variant that uses
112-bit keys.
|
|
- Supply key and block size for IDEA. Without that information,
IDEA is not usable in practice.
|
|
|
|
|
|
- Most of the logic in this function is the same across backends.
- Introduce `Key4::derive_cv25519_public_key` that does
backend-specific derivation.
- Fixes https://gitlab.com/sequoia-pgp/sequoia/-/issues/958
|
|
- We implement `Parse` for `Cert`. Do the same for `RawCert` and
check that they have the same semantics.
|
|
- We use this in our API, and re-exporting it here makes it easy to
use the correct version of the crate in downstream code without
having to explicitly depend on it.
|
|
|
|
- Let's not rely on the linker to deduplicate our 50k test vector.
|
|
- This is like io::copy, but more efficient as it avoids an extra
copy, and it will try to copy all the data the reader has already
buffered.
- Fixes #974.
|
|
|
|
|
|
- Instead, rely on the base images to be up-to-date. We still want
to pin clippy, because updating that tends to be very noisy.
|
|
|
|
- We run these under qemu because we lack real hardware, and it is
one of the slower jobs. Speed it up a little by not running the
benchmarks as tests here.
|
|
- Doctests have to be individually compiled, linked, and executed.
This seems to be very slow on Windows: running the doctests
accounts for two thirds of the total job runtime.
|
|
|
|
|
|
- Fixes #892.
|
|
|
|
- Fixes #645.
|
|
- Remove development remnants, actually use the creation time when
importing RSA keys.
|
|
- OpenSSL can be compiled with no support for CAST5.
- This will be indicated by setting `osslconf` variable to
`OPENSSL_NO_CAST`.
- See https://github.com/sfackler/rust-openssl/pull/1786
|
|
|
|
- Notably, this zeros symmetric encryption keys in memory once we're
done encrypting or decrypting.
|
|
- This is a more comprehensive fix than
bee82c2952512a5585e93f180180ca45468d4f2b.
|
|
- Avoid creating an MPI first, as this may leak the secrets.
|
|
|
|
|
|
- Not only was the heap allocation superfluous, it also leaked
secrets into the heap.
|
|
|
|
|
|
|
|
- This has to move to sq's new repository.
|