Age | Commit message (Collapse) | Author |
|
|
|
|
|
- Add two new traits: `Marshal` and `MarshalInto`.
- Implement them instead of `Serialize` and `SerializeInto`.
- Only implement `Serialize` and `SerializeInto` for data structures
that are normally exported.
- This should prevent users from accidentally serializing a bare
signature (`Signature`) when they meant to serialize a signature
packet (`Packet`), for instance.
- Fixes #368.
|
|
|
|
|
|
- Fixes #446.
|
|
- Since a `KeyAmalgamation` wraps a `KeyBundle` and we can get a
`&KeyBundle` from a `KeyAmalgamation`, there is no need to have a
`KeyBundleIter`, which iterates over a certificate's key bundles.
We can instead just use a `KeyIter` to iterate over a
certificate's `KeyAmalgamation`s, and extract the corresponding
`KeyBundle` from them. In fact, this is trivial since a
`KeyAmalgamation` derefs to a `&KeyBundle`.
|
|
|
|
- A `CertAmalgamation` is more like a `ValidKeyAmalgamation` than a
`KeyAmalgamation`: it contains a policy and a reference time. So,
add the `Valid` prefix.
- Since a `CertAmalgamation` doesn't actually amalgamate anything
like a `KeyAmalgamation` (it just contains a back reference to the
`Cert`), and we don't have a `CertAmalgamation` data type, remove
the `Amalgamation` suffix.
|
|
- Change `Cert::with_policy` to only create a `CertAmalgamation` if
the certificate is valid for the given policy at the specified
reference time.
- These semantics match `Amalgamation::with_policy` and
`KeyAmalgmation::with_policy`.
- Fixes #445.
|
|
- When generating armor headers, use a policy to determine what
components are valid.
|
|
- A binding signature is only returned if it is alive at time `t`.
Don't check again.
|
|
- When creating an Autocrypt header, make sure the components are
valid according to the policy and not revoked, and include the
current valid binding signature, not the newest one, whose
creation time may be in the future.
|
|
- Add an equivalent method to `KeyIter::subkeys` to `ValidKeyIter`.
|
|
- Change `KeyIter::subkeys` to return a `SubordinateKeyAmalgamation`
instead of a `KeyBundle`.
- Remove `KeyIter::skip_primary`. It does the samething as
`KeyIter::subkeys`, but `KeyIter::subkeys` has a more accurate
type.
|
|
- Add additional conversion functions for ValidKeyAmalgamation and
KeyAmalgamation to simultaneously convert the parts and erase the
role.
- We can't use a blanket conversion, because converting a
`KeyAmaglamation` with public or unspecified parts to one with
secret parts is not infallible.
|
|
- Add a method to explicitly return the `KeyAmgalamtion` wrapped by
a `ValidKeyAmgalamtion`.
- Although this is possible using `into`, an explicit function makes
it easy to do a second conversion, e.g., a change to the
`KeyAmgalamtion`'s parts or role. Using two `into`s in a row is
not possible. Instead, an intermediate variable with an explicit
type is needed, which is less ergonomic.
|
|
- Implement `Iterator` on KeyIter and ValidKeyIter for the cross
product of {Primary, Subordinate, Unspecified} and {Public,
Secret, Unspecified}.
|
|
- Generalize `TryFrom<ErasedKeyAmalgamation>` and
`TryFrom<ValidErasedKeyAmalgamation>` to convert not only the
`KeyAmalgamation`'s role, but also its parts (i.e., between
`PublicParts`, `SecretParts`, and `UnspecifiedParts`).
|
|
|
|
|
|
|
|
- A `ComponentAmalgamation` derefs to a `ComponentBundle`. Don't
use `ComponentAmalgamation::bundle` if it is unnecessary and
doesn't improve legibility.
|
|
- Started in d183e12a3231e4c505f5f2cf48b6c1f881ad258a.
|
|
- Slightly reduce the number of reexports in `cert::components`.
- Make `cert::amalgamation` public.
|
|
- Introduce three KeyAmalgamation variants:
`PrimaryKeyAmalgamation`, `SubordinateKeyAmalgamation`, and
`ErasedKeyAmalgamation`.
- Unlike a `Key` or a `KeyBundle` with an `UnspecifiedRole`, an
`ErasedKeyAmalgamation` remembers its role. This means that an
`ErasedKeyAmalgamation` can implement the correct semantics even
though the role marker has been erased (hence the name).
- Have `Cert::keys` return `ErasedKeyAmalgamation`s. Recall:
`Cert::keys` can't return a more specific type, because it returns
an iterator that can contain both primary and subordinate keys.
- We use a concrete type instead of a trait object so that when
the user converts a `KeyAmalgamation` to a
`ValidKeyAmalgamation` (via `with_policy`), the
`ValidKeyAmalgamation` retains the type information about the
`KeyAmalgamation`'s role.
- Preserving this type information increases type safety for users
of this API.
|
|
|
|
|
|
- The reference returned by `ComponentAmalgamation::userid` and
`ComponentAmalgamation::user_attribute` is bound by the reference
to the `Component` in the `ComponentAmalgamation`, not the
`ComponentAmalgamation` itself.
- This matters, for instance, for:
cert.userids().map(|ua| ua.userid())
|
|
|
|
- derive(Clone) doesn't work with generic parameters that don't
implement clone.
- In the case of ComponentAmalgamation and
ValidComponentAmalgamation, we don't need to require that their
generic parameter implements Clone, because we're not cloning C,
just the reference.
See https://github.com/rust-lang/rust/issues/26925 .
|
|
|
|
- Add `openpgp/src/cert/prelude.rs` to import most types and traits
related to certificates.
- Use it instead of using the types and traits individually.
|
|
- Define the trait before we use it.
|
|
- We don't have to reset the `content_was_read` flag here: In
PacketParser::next() we either return an error, EOF or a new
PacketParser, which will have the flag cleared anyway.
- Fixes #410.
|
|
|
|
|
|
|
|
- Error::MalformedPacket seems appropriate.
|
|
- We no longer use that crate.
|
|
- Opened #441.
|
|
- Previously, we used a thread-local cache of the Yarrow CPRNG
state. However, without fork(2)-detection this is not safe. For
now, just initialize a fresh one on every invocation.
|
|
|
|
- See #274.
|
|
|
|
|
|
|
|
- Fixes #437.
|
|
|
|
- SHA512 is almost twice as fast as SHA256 on 64-bit architectures
because it operates on 64-bit words.
|