Age | Commit message (Collapse) | Author |
|
|
|
|
|
- Once KeyIter::secret or KeyIter::unencrypted_secret is called,
change the iterator type to iterate over &Key<SecretParts, _>.
- Fixes #384.
|
|
- Fixes #381.
|
|
- A non-capture group is indicated by '?:', not ':?'.
|
|
|
|
|
|
|
|
- Fixes #380.
|
|
- Restore the functionality removed in 8693a005 when replacing the
RFC 2822 mailbox parser.
|
|
- In sq and sqv, use chrono to interface with the user.
- Fixes #341.
|
|
- Fixes #375.
|
|
- See #375.
|
|
- See #375.
|
|
- See #375.
|
|
|
|
- This adds and promotes the use of
signature::Builder::set_hash_algo instead. Adapt callsites.
- In particular, document why we use SHA512 when creating signatures
in the TPK builder.
|
|
- Consider the following scenario: computer A's clock says 9:00.00
and signs and sends a message to computer B. Computer B's clock
says 8:59.59, it receives the message and tries to verify it.
From Computer B's perspective, the signature is not valid, because
it was generated in the future.
- This situation occured, because the two clocks were not completely
synchronized. Unfortunately, a few seconds of clock skew are not
unusual, particularly when dealing with VMs.
- Since it is almost always better to consider such messages as
valid, be tolerant when deciding whether a signature is alive.
|
|
|
|
|
|
- Fixes #358.
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
- Fixes #372.
|
|
|
|
|
|
|
|
- Arguably, the user wanted to fetch a key with a certain ID. If the
server returns something different, we throw an error. That error
contains both the expected keyid as well as the TPK from the
server, in case the consumer wants to inspect the problem or make
use of the key regardless.
|
|
|
|
- Fixes #363.
|
|
- Fixes #362.
|
|
|
|
|
|
|
|
|
|
- And use them in the diagnostics.
|
|
- The last commit introduced a gratuitious and unreachable "else if"
branch, remove it.
|
|
- Return a different `VerificationResult` for signatures that are
not alive (BadSignature) from signatures that are actually
bad (BadCheck).
|
|
- The original function was nested too much.
|
|
|
|
|
|
- A SignatureGroup currently contains a hash mapping hash algorithms
to hash contexts. Typically this will only contain one or two
mappings. At most it will contain one mapping for each algorithm
that we support (currently, we support 7 hash algorithms).
- Given the small expected and small maximum size, a vector is the
better data structure:
- The small number of elements means that look up time will be
comparable whether we do a linear scan or look in a hash (in
fact, the linear scan is probably cache friendlier).
- Iterating over a vector is faster than iterating over a hash
map. The is the fast path.
- A vector takes up less space.
- Change SignatureGroup::hashes to use a Vec instead of a HashMap.
|
|
|
|
|
|
- RFC 4880 says that "by convention, [a User ID Packet] includes an
RFC 2822 [RFC2822] mail name-addr." This is not the actual
convention, and attempting to parse User IDs using an RFC 2822
parser means that many common User IDs cannot be parsed.
- Disparities between the actual convention and the stated
convention include:
- Neither users nor the software they use to create keys
correctly quotes User IDs:
- 'Nachname, Vorname <name@example.org>' is not valid, because
it contains an unquoted comma. It should be 'Nachname\,
Vorname <name@example.org>' or '"Nachname, Vorname"
<name@example.org>'. (The same goes for dots, single
quotes, etc.)
- 'user@example.org <user@example.org>' is not valid, because
it contains an unquoted at symbol.
- 'Bj=?utf-8?q?=C3=B6?=rn <bjoern@example.net>' is encoded
using RFC 2047, which is what RFC 2822 mandates when using
non-ASCII characters, but no OpenPGP software would decode
this User ID. In practice, everyone just uses UTF-8 (in
this case: 'Björn <bjoern@example.net>').
- There are many examples of User IDs containing raw email
addresses ('user@example.org'). But, these are not
"name-addr"s. At best, they are RFC 2822 "mailbox"es.
- Some User IDs only contain a name (e.g, "Frank PGP").
- RFC 2822 also includes a lot of complexity that no one uses or
needs. For instance, CFWS (comments and folding whitespace) can
be placed everywhere, and the rules for parsing them are
complex.
- Instead of continuing to bend the RFC 2822 parser to our will, we
instead accept reality.
- This patch replaces the RFC 2822 parser with a significantly
simpler parser, which is based on actual convention (i.e., User
IDs in the wild).
- This parser is based on dkg's mail to the OpenPGP working group
mailing list.
Message-ID: <87woe7zx7o.fsf@fifthhorseman.net>
https://mailarchive.ietf.org/arch/msg/openpgp/wNo27-0STfGR9JZSlC7s6OYOJkI
- This initial version has one notable regression with respect to
the RFC 2822 parser: it doesn't handle User IDs holding URIs.
|
|
- Fixes #351.
|
|
|
|
- Fixes 4f5699ef4ad8f84147edfa4785ed26d27c64d380.
|
|
- `cipher::Blowfish::KEY_SIZE` is the maximum key size supported by
Blowfish.
- Fixes #350.
|
|
- To avoid an infinite loop, we need to not only read data, but also
consume it.
- Add a regression test.
- Fixes #349.
|