sequoia-pgp - Mirror of https://gitlab.com/sequoia-pgp/sequoia.git

Age	Commit message (Collapse)	Author
2020-11-13	openpgp: Add the vectors from The first collision for full SHA-1.	Justus Winter

2020-11-12	openpgp: Add test vector from SHA-1 is a Shambles.	Justus Winter

2020-11-12	openpgp: Mitigate collision attacks on SHA-1.	Justus Winter
	- Use a collision detecting implementation of SHA-1. When a collision attack is detected, the algorithm employs a mitigation, changing the hash function to discriminate the colliding preimage.
2020-11-12	openpgp: Make crypto::Hash::digest fallible.	Justus Winter

2020-11-09	buffered-reader: Add Debug trait bound to Cookie.	Nora Widdecke

2020-11-06	openpgp: Use non_exhaustive attribute.	Nora Widdecke
	- Fixes #563 - With an MSRV >= 1.40.0, we can use #[non_exhaustive], as mentioned in #406. - This is also a clippy lint: https://rust-lang.github.io/rust-clippy/master/index.html#manual_non_exhaustive
2020-10-19	buffered-reader: Make Generic::reader private and add accessors.	Justus Winter

2020-10-13	openpgp: Unbox the slice containing secrets.	Justus Winter
	- Previously, we stored secrets as boxed slices. However, with Rust managing the allocation using a smart pointer, we are worried about potential optimizations. For example, Rust could conceivably compact the heap: The borrow checker knows when no references exist, and this is an excellent opportunity to move the object on the heap because only one pointer needs to be updated. - Avoid this by unboxing the slice storing a raw pointer to the slice. - Fixes #577.
2020-10-13	openpgp: Make Protected's methods not depend on the implementation.	Justus Winter

2020-10-13	openpgp: Explicitly implement Clone for Protected.	Justus Winter

2020-10-13	openpgp: Avoid possible reallocations in From::<Vec<u8>>.	Justus Winter

2020-10-09	openpgp: Don't rely on associate constants.	Justus Winter
	- Makes the crate compile with 1.39.
2020-10-08	openpgp: Warn about possible reallocation in mem::Protected	Igor Matuszewski

2020-10-08	openpgp: Don't mark memory-safe Protected::into_vec as unsafe	Igor Matuszewski
	In general, `unsafe` is an escape hatch for when do we suspicious but actually memory-safe fiddling that the compiler can't understand. Copying the secret into a raw `Vec` may be risky from the security point of view but is not `unsafe` in the sense above. Use established practice of using long/unwieldy names for functions that need careful thought.
2020-10-08	openpgp: Don't use Pin for Box-allocated secrets	Igor Matuszewski
	The pointed-to buffer is already immovable and pinned by `Box<[u8]>`. Moving `Box` value itself only moves the pointer and does not involve moving the backing storage.
2020-10-07	openpgp: Align MPI parsing functions with trait Parse.	Justus Winter
	- Change mpi::*::parse to take a Reader instead of a AsRef<u8>. The former is a more general interface.
2020-10-06	openpgp: Remove one unreachable thanks to newer match exhaustive checks	Igor Matuszewski

2020-10-06	openpgp: Implement two-octet checksums over secret key material.	Justus Winter
	- Also, rename methods to be more explicit.
2020-10-06	openpgp: Use padding instead of alignment in one more place	Igor Matuszewski

2020-10-06	openpgp: Create Protected first before zero-padding for CNG	Igor Matuszewski

2020-10-06	openpgp: Pad RSA ciphertext and ECC scalars for CNG	Igor Matuszewski
	We strip leading zeroes in our MPIs but CNG expects full-length values so make sure to add those back when interfacing with CNG.
2020-09-25	openpgp: Either derive both Eq and Hash, or impl both.	Justus Winter
	- crypto::mpi::SecretKeyMaterial is the sole exception to this rule, because we are trying to compare them in constant time. Add a hint for clippy that this is okay. - KeyHandle no longer implements Eq, so there is no point in implementing Hash. Simply remove it. - Implement Hash for SubpacketLength by hashing the serialized form. Manually implement Eq for consistency. - Fixes #567.
2020-09-25	openpgp: Fix deprecation notices.	Nora Widdecke

2020-09-22	openpgp: Remove `quickcheck` feature.	Wiktor Kwapisiewicz
	- Adjust code to test for `cfg(test)` only, - Remove `quickcheck` and `rand` from dependencies so that they stay only in dev-dependencies, - Remove mention of `x-quickcheck` feature from the documentation, - Fixes #545.
2020-09-21	openpgp: Fix typos.	Nora Widdecke

2020-09-09	openpgp: Explicitly annotate chunk_index type in aead.rs	Igor Matuszewski

2020-09-09	openpgp: Don't perform no-op en/decryption in AEAD	Igor Matuszewski

2020-09-09	openpgp: Get rid of some write_be_u64 calls	Igor Matuszewski

2020-08-20	openpgp: Add optional parameters to unknown S2K variants.	Justus Winter
	- This mirrors how we handle other unknown variants. However, since we do not know the length of the parameters for unknown S2K variants, we cannot parse them back. To work around that, the parameter field is optional, and will be `None` when an unknown S2K is parsed. The data is not lost, but stored in the packet containing the S2K object, so that we can serialize it again. - Carefully preserve the invariant that we can parse any packet we can serialize by comparing the serialized form of the packet fragments containing the S2K and any fields the parameters of unknown variants bleed into on parsing. - Unfortunately, this means that S2K on its own no longer roundtrips. Remove that test accordingly.
2020-08-20	openpgp: Drop implementation of Copy for S2K.	Justus Winter

2020-08-20	openpgp: New function S2K::is_supported.	Justus Winter

2020-08-17	openpgp: Move crypto::Keygrip to the ipc crate.	Justus Winter

2020-08-17	openpgp: Rename PublicKey::keygrip to Keygrip::of.	Justus Winter
	- This allows us to move Keygrip to a different crate.
2020-08-17	openpgp: Improve documentation of crypto::ecdh.	Justus Winter
	- Fixes #474.
2020-08-17	openpgp: Rename {en,de}crypt_shared to better reflect their use.	Justus Winter

2020-08-17	openpgp: Move crypto::sexp to the ipc crate.	Justus Winter
	- This is only used to communicate with the GnuPG agent, so it should not be in the openpgp crate.
2020-08-17	openpgp: Use a ProtectedMPI to handle the shared point.	Justus Winter
	- Also remove the now unused MPI::secure_memzero.
2020-08-17	openpgp: Add EC point constructors and destructor for ProtectedMPI.	Justus Winter
	- Sometimes, we store secret points, so we should provide these convenient methods.
2020-08-17	openpgp: Make crypto::ecdh::decrypt_shared public.	Justus Winter
	- This will be used by all the implementations of crypto::Decryptor, and if we don't want them to end up in the openpgp crate, we need to make it public.
2020-08-14	openpgp: Fix Ciphertext::arbitrary.	Justus Winter
	- Make sure not to generate ciphertexts with encrypted session keys 255 bytes as OpenPGP cannot represent those. - Fixes #544.
2020-08-13	openpgp: Add examples for Keygrip.	Justus Winter
	- See #474.
2020-08-13	openpgp: Add examples for Password.	Justus Winter
	- See #474.
2020-08-13	openpgp: Add note to enums that cannot be exhaustively matched.	Justus Winter

2020-08-13	openpgp: Adjust for SymmetricAlgorithm support diff. across backends	Igor Matuszewski

2020-08-13	openpgp: Implement ECDH and RSA encryption	Igor Matuszewski

2020-08-13	openpgp: Implement DSA signatures using Windows CNG	Igor Matuszewski

2020-08-13	openpgp: Implement ed25519 signatures with ed25519-dalek	Igor Matuszewski

2020-08-13	openpgp: Implement RSA and ECDSA signatures via Windows CNG API	Igor Matuszewski

2020-08-13	openpgp: Implement asymmetric key gen/import using Windows CNG API	Igor Matuszewski

2020-08-13	openpgp: Implement CTR and EAX (AEAD) modes on top of CNG's AES	Igor Matuszewski
	Unfortunately, we need AEAD since it's used in quite a few of the tests. The implementation only works with AES since that's the only block cipher that's readily available in the CNG from the list of generally supported in Sequoia.