Age | Commit message (Collapse) | Author |
|
|
|
- Require at least one valid signature for `sq verify`. For `sq
decrypt`, require one if at least one signer cert is given.
- Document what happens if signature verification fails, or message
tampering is detected using the SEIP packet.
- Fixes #677.
|
|
- Fixes #273.
|
|
- Add 'Note:' and fix alignment.
|
|
- The conditional was inverted by mistake.
- Fixes 4df9befdb10cc336a9df49b65fdfef659296aa61.
- Fixes #662.
|
|
- See #677.
|
|
|
|
|
|
- Implement verification of messages using the Cleartext Signature
Framework by detecting them in the armor reader, and transforming
them on the fly to inline signed messages.
- The transformation is not perfect. We need to synthesize
one-pass-signatures, but we only know the hash algorithm(s) used.
Luckily, this is the only information the packet parser needs.
- We only enable the transformation when using stream::Verifier.
The transformation is transparent to the caller. Currently, there
is no way to disable this. In the next major revision, we may add
ways to control this behavior.
- Fixes #151.
|
|
- Previously, we called VerificationHelper::get_certs once we saw
the literal data packet. The classic OpenPGP rationale for having
the signer's keyid in the OPS packet is so that consuming
implementations can avoid hashing the body if they don't have the
certificate to verify the signature with.
- However, there is a better opportunity to do that: Just in time
before doing the actual verification when we have seen all the
signatures. This has the advantage that we may know fingerprints
instead of mere keyids.
- This is crucial for verifying messages using the Cleartext
Signature Framework where we do not know the issuers before
encountering the signatures.
- Also, deduplicate aliasing key handles, preferring fingerprints.
|
|
- See #151.
|
|
- See #151.
|
|
- Previously, armor::Reader implemented BufferedReader using the
Generic reader on top of IoReader's io::Read implementation.
However, that is no longer good enough, because we need to access
the cookie from (Io)Reader::initialize.
- The real fix is to directly implement the BufferedReader protocol.
That would have been the right thing to do from the beginning,
instead of using buffered_reader::Generic. This may actually
simplify the code and reduce buffering. However, implementing the
BufferedReader protocol is a bit error-prone, so we defer it once
again!
- Instead, manually inline the code from the Generic reader.
- In the following commits, we will take advantage of that and
access the cookie.
|
|
- In the next commit, we will inline buffered_reader::Generic, which
also hash a field called 'buffer'. To avoid changing any code
copied from the generic reader, rename this field first.
|
|
- Anything beyond 24 bits is masked off anyway, so this doesn't
change the result of the checksum.
|
|
- setuptools 52.0.0, which is not in Debian bullseye, requires pip.
Thus, transitively, we do to.
|
|
|
|
|
|
- Previously, Sequoia did not properly consume excess bytes in a
compression container that were not part of the compressed data.
This resulted in the parser erroneously trying to parse the excess
data into packets. Fix this by dropping any excess data.
- We do this by reverting a previous change that made dropping
excess data conditional. However, the reason for that change is
unclear, and reverting it does not seem to have adverse effects.
- This reverts commit c0f3de2e7fecc12717313900fdf4348e40ffb1f4.
- Fixes #675.
|
|
- Reorder fields so that the inner reader comes last. When looking
at the derived debug output, it is easier to see the fields
belonging to the current reader. With the inner reader coming
last, it also resembles walking up the stack.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- smallvec < 1.6.1 has a vulnerability in SmallVec::insert_many.
Our two dependencies that use smallvec, rusqlite 0.24.2 and
num-bigint-dig 0.6.1, do not seem to use that specific function.
Bumping the dependency to be safe.
- https://rustsec.org/advisories/RUSTSEC-2021-0003
- https://github.com/servo/rust-smallvec/issues/252
- Fixes #661
|
|
|
|
|
|
|
|
|
|
|
|
- It comes with preinstalled debian packages and /target.
|
|
|
|
|
|
- Fixes a crash in Decryptor::verify_detached when verifying
detached signatures by rejecting any non-signature packets when
parsing the alleged signatures.
|
|
- See #665.
- Also add test for keyserver to make sure the fix is correct.
|
|
- GnuPG (tested with 2.2.25) doesn't handle certifications with critical
SignersUserID Subpacket.
|
|
|
|
|
|
- Fixes #383.
|
|
|
|
|
|
- Add a simple heuristic for bash.
- See #653.
|
|
The synopsis clearly places TARGET-KEY *after* the options. But the
example places it haphazardly within the options, which is harder to
read and understand.
Even if the original example works, the goal of the example should be
to make it easy to see what is happening in a standard usage, not to
show off the flexibility of the parser.
|
|
- Fixes #652.
|
|
- Fixes #655.
|
|
- We generate manpages from the cli definition. It turns out that '
is special character in troff, and the man crate doesn't take care
of escaping it correctly. As a pragmatic workaround, switch to "
instead.
|