Age | Commit message (Collapse) | Author |
|
- Mark `aead_algo` as available only during tests,
- Remove support for AEAD from `sop`,
- Mark `aead` parameter in FFI as unused,
- openpgp-ffi: Drop `aead_algo` argument from `pgp_encryptor_new`,
- Fixes #550.
|
|
- When updating the expiration time of signing-capable subkeys, also
create a new primary key binding signature.
- Fixes #534.
|
|
- Wrap functions to create a password-protected
certificate (`pgp_cert_builder_set_password`), and to work with
keys that are password
protected (`pgp_key_has_unencrypted_secret`,
`pgp_key_decrypt_secret`).
|
|
- In 4aee697b1a582be8f7e48e9ebc0f95a06d23e2b2, I changed the type of
`pgp_valid_key_amalgamation_set_expiration_time`'s arguments, but
I didn't update the declaration.
- Fix the declaration.
|
|
- Restore the function `pgp_cert_revoke_in_place`.
|
|
- Change `pgp_user_id_amalgamation_user_id` and
`pgp_valid_user_id_amalgamation_user_id` to return a
`pgp_packet_t`, not a `pgp_user_id_t`.
- Most functions work with `pgp_packet_t`s, not `pgp_user_id_t`s.
|
|
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- Fixes #507.
|
|
- Implement IntoIter and Deref to &'a [MessageLayer<'a>], drop the
custom iteration structs.
|
|
- Rename `Cert::revoke_in_place` to `Cert::revoke`.
- Return the revocation certificate; don't merge it.
- Fixes #485.
|
|
- Rename `Cert::revoked`, `ValidCert::revoked`,
`ValidAmalgamation::revoked`, and `ComponentBundle::revoked` to
revocation_status to more accurately match what it does.
- Don't rename `ValidComponentAmalgamationIter::revoked` or
`ValidKeyAmalgamationIter::revoked`. They don't return the
revocation status; they check whether the key is revoked.
|
|
|
|
|
|
- Rename `KeyIter` to `KeyAmalgamationIter`, `ValidKeyIter` to
`ValidKeyAmalgamationIter`.
- Rename `cert/keyiter.rs` to `cert/amalgamation/iter.rs`.
|
|
- Add the `UserID`, `UserIDAmalgamation` and
`ValidUserIDAmalgamation` types, and some associated methods.
- Replace the use of `UserIDBundle` with `UserIDAmalgamation` and
`ValidUserIDAmalgamation`.
|
|
|
|
- Cf. c4f087f886bd66f4177093569db615dc1c1e9e1d
|
|
- If looking up a binding signature fails, don't merely return None,
but an Err(_) that explains the lookup failure. For example, a
binding signature may be present, but it may not meet the policy.
- Fixes #460.
|
|
- Previously, we transformed data and detached signatures into
signed messages on the fly, then used the streaming Verifier to
verify the message. However, this introduces a nontrivial
overhead, even if unnecessary copies are carefully avoided.
- Instead, specialize the streaming Decryptor to handle detached
signatures. use crypto::hash_buffered_reader to compute the
hashes over the data, then attach the computed signatures to the
signature packets, and use Decryptor's verification machinery.
- While this is arguably less elegant, it is much simpler, and a lot
faster. Notably, if we operate on files and can mmap them into
memory, we can compute the hash in one call to the compression
function. Verification of detached signatures is an important use
case, so this speedup outweighs the loss of elegance.
- Fixes #457.
|
|
- Expose ValidKeyAmalgamation::with_policy in the C FFI.
|
|
- Expose `ValidKeyAmalgamation::set_expiration_time` to the C FFI.
|
|
- Introduce `KeyAmalgamation` and `ValidKeyAmalgamation` to the C
FFI.
- Change pgp_cert_key_iter_next and pgp_cert_valid_key_iter_next to
return them instead of keys.
|
|
|
|
- Add a new Null Policy, which accepts everything.
|
|
- Make the reference time an argument to pgp_cert_primary_user_id.
|
|
- Add two new traits: `Marshal` and `MarshalInto`.
- Implement them instead of `Serialize` and `SerializeInto`.
- Only implement `Serialize` and `SerializeInto` for data structures
that are normally exported.
- This should prevent users from accidentally serializing a bare
signature (`Signature`) when they meant to serialize a signature
packet (`Packet`), for instance.
- Fixes #368.
|
|
- Started in d183e12a3231e4c505f5f2cf48b6c1f881ad258a.
|
|
- Split VerificationResult into Result<GoodChecksum,
VerificationError>.
- Fixes #416.
|
|
|
|
- The certificate is a mid-level interface, and should therefore use
the more user-friendly way of specifying expiration.
- Fixes #429.
|
|
- The former is a misnomer inherited from the RFC: It is a
duration, not a point in time. 'Validity period' makes that
clear, and also emphasizes that the key or signature is valid
during that period.
- See #429.
|
|
|
|
- Move the autocrypt-related functionality to a new crate.
- Fixes #424.
|
|
- Likewise KeyBinding, UserIDBinding, UserAttributeBinding,
UnknownBinding, etc.
- Reason: a self-signature on a component is a binding, but
revocations and TPSes are not bindings.
- Consistently call collections of components and associated
signatures bundles now. Likewise for fields, methods.
- Fixes #425.
|
|
|
|
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
|
|
|
|
|
|
- This is better expressed as an error.
|
|
- Add an Error variant to VerificationResult.
|
|
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
|
|
- Cert::keys_valid() is just a short-cut for
Cert::keys_all().alive().revoked(false).
- Remove Cert::keys_valid() and rename Cert::keys_all() to
Cert::keys().
|
|
- Fixes #371.
|
|
- See #371.
|
|
- See #371.
|
|
- See #371.
|
|
- See #371.
|
|
|
|
|
|
|
|
- Fixes #359.
|