Age | Commit message (Collapse) | Author |
|
|
|
- `SignatureBuilder::set_intended_recipients` sets multiple Intended
Recipient subpackets at once. However, if we want to build the
intended recipients gradually, it is not appropriate: it first
clears any existing Intended Recipient subpackets.
- Add `SignatureBuilder::add_intended_recipient` to add an Intended
Recipient subpacket without first clearing any existing Intended
Recipient subpackets.
|
|
- `SignatureBuilder::set_issuer` and
`SignatureBuilder::set_issuer_fingerprint` first clear the
unhashed area of any existing Issuer or Issuer Fingerprint
subpackets, respectively.
- Add a variant to add an additional Issuer or Issuer Fingerprint
subpacket.
|
|
- See #474.
|
|
- See #474.
|
|
- Do not explicitly shortcut the iteration by using fold instead of
find.
|
|
|
|
|
|
|
|
|
|
- encrypt_shared is also used by the ECDH over NIST curves.
|
|
- See #474.
|
|
- See #474.
|
|
- See #474.
|
|
- See #474.
|
|
- Use the type from the template instead of hardcoding it to binary.
|
|
|
|
- `SignatureBuilder::set_signature_expiration_time` takes an
absolute time and converts it to a duration relative to the
`Signature Creation Time` subpacket.
- Since we sometimes set the `Signature Creation Time` subpacket
lazily, this should probably also be set lazily.
- But that makes the `SignatureBuilder` more complicated. And, it
means that `SignatureBuilder::modify_hashed_area`'s behavior is
more complicated.
- Instead of adding complexity, only provide the
`SignatureBuilder::set_signature_validity_period` method, which is
what is appears to be needed in practice.
|
|
- Most of the setters do not take an `Option` where `None` means
remove the subpacket. There is no particular reason that
set_signature_validity_period or set_signature_expiration_time
should either. So, don't.
- Don't take a bare `time::Duration` or `time::SystemTime`, but
anything that implements `Into<time::Duration>` or
`Into<time::SystemTime>`.
|
|
|
|
- For the most part, `SignatureBuilder` provides a builder-style
API.
- Adding custom subpackets requires working with a mutable reference
to a subpacket area, which is jarring:
let mut builder = SignatureBuilder::new(SignatureType::Binary)
// Build up the signature.
;
builder.unhashed_area_mut().add(Subpacket::new(
SubpacketValue::Unknown {
tag: SubpacketTag::Private(61),
body: [ 0x6D, 0x6F, 0x6F ].to_vec(),
},
true)?)?;
let sig = builder.sign_message(&mut signer, msg)?;
- Provide a function to allow the user to work with subpacket areas
using a builder-style interface.
|
|
- It's useful to get a deduplicated list of all subpacket tags in a
subpacket area. For this, we need `Ord`.
|
|
- Implement `TryFrom<Signature>` for `Signature4`.
|
|
- Previously, Cert::TryFrom<PacketParserResult> expected the packet
sequence to contain exactly one certificate. If it finds anything
else, it fails. On the other hand, Cert::from_packet (and
therefore also Cert::TryFrom<Vec<Packet>> and TryFrom<PacketPile>)
expected the packet sequence to start with a certificate. If it
contains additional certificates or invalid packets, those were
silently ignored.
- Harmonize the behavior by changing Cert::from_packet (and
therefore also Cert::TryFrom<Vec<Packet>> and TryFrom<PacketPile>)
to behave like Cert::TryFrom<PacketParserResult> and fail if the
certificate is followed by any more packets.
- Fixes #504.
|
|
- Fixes undefined behavior (a likely crash) in pkcs5_pad.
|
|
- This also drops the implementation of PartialOrd since we did not
use it in the key selection after all.
- Fixes #525.
|
|
- Also improve the documentation of the KSP::no_modify and the
corresponding setters.
- See #525.
|
|
|
|
|
|
|
|
- Fixes #471.
|
|
|
|
- See #471.
|
|
- Previously, these method withheld information in the EOF case (and
in case of `map` this loss is irrecoverable). Fix this by
returning a Result instead.
|
|
- See #471.
|
|
- See #471.
|
|
- See #471.
|
|
- See #471.
|
|
|
|
- The implementation of `Default` for `Features` returned an empty
feature set. This is not a reasonable feature set: the MDC flag
should almost always be set.
- Remove the `Default` implementation and use `Features::empty` when
an empty feature set is really required.
|
|
- Change Features to only store the raw value, a vector of bytes.
Extract features on demand.
- Add methods to query and manipulate unknown features.
- Change `PartialEq` to implement serialized equality (like most
other data structures). Add `normalized_eq` to implement semantic
equality.
|
|
- There is no variant called `None`, so having this predicate seems
wrong.
- See #489.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|