sequoia-pgp - Mirror of https://gitlab.com/sequoia-pgp/sequoia.git

Age	Commit message (Collapse)	Author
2023-05-22	openpgp: Implement GCM mode.	Justus Winter
	- The Galois/Counter mode for block ciphers is a FIPS-approved AEAD mode. It will be added to the upcoming OpenPGP standard so that we have a FIPS-compliant subset of OpenPGP.
2023-05-03	openpgp: Update win-crypto-ng to 0.5	Neal H. Walfield
	- Fixes #1014
2023-03-02	openpgp: Combine ciphertext and tag in Aead::decrypt_verify.	Justus Winter
	- It is easier (and cheaper) to tear apart in backends that need ciphertext and tag to be separate than to combine it for backends that expect the tag to be appended to the ciphertext. - The caller doesn't have to do anything, because in OpenPGP on the wire the tag is already appended to the ciphertext. The one exception is our current implementation of SKESKv5, but in our upcoming SKESKv6 implementation, we store the tag appended to the ciphertext, so it will be easy to use this interface there.
2023-02-28	openpgp: Further simplify AEAD abstraction.	Justus Winter
	- Hand in the additional authenticated data when constructing the context.
2023-02-27	openpgp: Rework the AEAD abstraction.	Justus Winter
	- Combine `encrypt` and `tag` to `encrypt_seal` similarly to we previously combined `decrypt_verify`. This better matches AEAD constructions, and the original interface was mostly informed by Nettle's relatively low-level interface.
2022-12-21	openpgp: Make AEAD interface functions fallible.	Wiktor Kwapisiewicz
	- Some backends may want to propagate their internal errors to the caller. - Modify all functions to return Results and their clients to either propagate the error or handle it.
2022-12-21	openpgp: Change `decrypt` into `decrypt_verify`.	Wiktor Kwapisiewicz
	- Some backends want to verify the AEAD block by themselves and need the tag to be passed in. - Change two step `decrypt` + `digest` into a one step `decrypt_verify`. - Old backends are modified to work like they did previously by utilizing decryption and the digest operation. - New backends can implement `decrypt_verify` using their respective cryptographic primitives.
2022-02-15	openpgp: Fallible conversion to GenericArray references.	Justus Winter
	- The former commit fixes a crash that should never have happened: with a fallible conversion to GenericArrays, the error can be handled at runtime. - Unfortunately, the upstream crate does not offer a convenient fallible conversion. Implement and use it.
2022-02-15	openpgp: Fix crash converting nonce slices to arrays.	Justus Winter
	- Doing the conversion before matching on the algorithm tries to convert nonces of different sizes to an array suitable for EAX, leading to a panic.
2020-12-04	openpgp: Use pure Rust EAX implementation under CNG backend	Igor Matuszewski
	- Fixes #556.
2020-11-24	openpgp: seal Aead trait.	Azul
	- Seal the Aead trait so it cannot be implemented outside the openpgp crate. - This way we can extend the trait without breaking the API compatibility. - See #538.
2020-08-13	openpgp: Implement CTR and EAX (AEAD) modes on top of CNG's AES	Igor Matuszewski
	Unfortunately, we need AEAD since it's used in quite a few of the tests. The implementation only works with AES since that's the only block cipher that's readily available in the CNG from the list of generally supported in Sequoia.
2020-08-13	openpgp: Add stubs for other crypto impls using Windows CNG API	Igor Matuszewski