Age | Commit message (Collapse) | Author | |
---|---|---|---|
2020-11-13 | openpgp: Add the vectors from The first collision for full SHA-1. | Justus Winter | |
2020-11-12 | openpgp: Add test vector from SHA-1 is a Shambles. | Justus Winter | |
2020-11-12 | openpgp: Mitigate collision attacks on SHA-1. | Justus Winter | |
- Use a collision detecting implementation of SHA-1. When a collision attack is detected, the algorithm employs a mitigation, changing the hash function to discriminate the colliding preimage. | |||
2020-11-12 | openpgp: Make crypto::Hash::digest fallible. | Justus Winter | |
2020-11-09 | buffered-reader: Add Debug trait bound to Cookie. | Nora Widdecke | |
2020-11-06 | openpgp: Use non_exhaustive attribute. | Nora Widdecke | |
- Fixes #563 - With an MSRV >= 1.40.0, we can use #[non_exhaustive], as mentioned in #406. - This is also a clippy lint: https://rust-lang.github.io/rust-clippy/master/index.html#manual_non_exhaustive | |||
2020-10-19 | buffered-reader: Make Generic::reader private and add accessors. | Justus Winter | |
2020-10-13 | openpgp: Unbox the slice containing secrets. | Justus Winter | |
- Previously, we stored secrets as boxed slices. However, with Rust managing the allocation using a smart pointer, we are worried about potential optimizations. For example, Rust could conceivably compact the heap: The borrow checker knows when no references exist, and this is an excellent opportunity to move the object on the heap because only one pointer needs to be updated. - Avoid this by unboxing the slice storing a raw pointer to the slice. - Fixes #577. | |||
2020-10-13 | openpgp: Make Protected's methods not depend on the implementation. | Justus Winter | |
2020-10-13 | openpgp: Explicitly implement Clone for Protected. | Justus Winter | |
2020-10-13 | openpgp: Avoid possible reallocations in From::<Vec<u8>>. | Justus Winter | |
2020-10-09 | openpgp: Don't rely on associate constants. | Justus Winter | |
- Makes the crate compile with 1.39. | |||
2020-10-08 | openpgp: Warn about possible reallocation in mem::Protected | Igor Matuszewski | |
2020-10-08 | openpgp: Don't mark memory-safe Protected::into_vec as unsafe | Igor Matuszewski | |
In general, `unsafe` is an escape hatch for when do we suspicious but actually memory-safe fiddling that the compiler can't understand. Copying the secret into a raw `Vec` may be risky from the security point of view but is not `unsafe` in the sense above. Use established practice of using long/unwieldy names for functions that need careful thought. | |||
2020-10-08 | openpgp: Don't use Pin for Box-allocated secrets | Igor Matuszewski | |
The pointed-to buffer is already immovable and *pinned* by `Box<[u8]>`. Moving `Box` value itself only moves the pointer and does not involve moving the backing storage. | |||
2020-10-07 | openpgp: Align MPI parsing functions with trait Parse. | Justus Winter | |
- Change mpi::*::parse to take a Reader instead of a AsRef<u8>. The former is a more general interface. | |||
2020-10-06 | openpgp: Remove one unreachable thanks to newer match exhaustive checks | Igor Matuszewski | |
2020-10-06 | openpgp: Implement two-octet checksums over secret key material. | Justus Winter | |
- Also, rename methods to be more explicit. | |||
2020-10-06 | openpgp: Use padding instead of alignment in one more place | Igor Matuszewski | |
2020-10-06 | openpgp: Create Protected first before zero-padding for CNG | Igor Matuszewski | |
2020-10-06 | openpgp: Pad RSA ciphertext and ECC scalars for CNG | Igor Matuszewski | |
We strip leading zeroes in our MPIs but CNG expects full-length values so make sure to add those back when interfacing with CNG. | |||
2020-09-25 | openpgp: Either derive both Eq and Hash, or impl both. | Justus Winter | |
- crypto::mpi::SecretKeyMaterial is the sole exception to this rule, because we are trying to compare them in constant time. Add a hint for clippy that this is okay. - KeyHandle no longer implements Eq, so there is no point in implementing Hash. Simply remove it. - Implement Hash for SubpacketLength by hashing the serialized form. Manually implement Eq for consistency. - Fixes #567. | |||
2020-09-25 | openpgp: Fix deprecation notices. | Nora Widdecke | |
2020-09-22 | openpgp: Remove `quickcheck` feature. | Wiktor Kwapisiewicz | |
- Adjust code to test for `cfg(test)` only, - Remove `quickcheck` and `rand` from dependencies so that they stay only in dev-dependencies, - Remove mention of `x-quickcheck` feature from the documentation, - Fixes #545. | |||
2020-09-21 | openpgp: Fix typos. | Nora Widdecke | |
2020-09-09 | openpgp: Explicitly annotate chunk_index type in aead.rs | Igor Matuszewski | |
2020-09-09 | openpgp: Don't perform no-op en/decryption in AEAD | Igor Matuszewski | |
2020-09-09 | openpgp: Get rid of some write_be_u64 calls | Igor Matuszewski | |
2020-08-20 | openpgp: Add optional parameters to unknown S2K variants. | Justus Winter | |
- This mirrors how we handle other unknown variants. However, since we do not know the length of the parameters for unknown S2K variants, we cannot parse them back. To work around that, the parameter field is optional, and will be `None` when an unknown S2K is parsed. The data is not lost, but stored in the packet containing the S2K object, so that we can serialize it again. - Carefully preserve the invariant that we can parse any packet we can serialize by comparing the serialized form of the packet fragments containing the S2K and any fields the parameters of unknown variants bleed into on parsing. - Unfortunately, this means that S2K on its own no longer roundtrips. Remove that test accordingly. | |||
2020-08-20 | openpgp: Drop implementation of Copy for S2K. | Justus Winter | |
2020-08-20 | openpgp: New function S2K::is_supported. | Justus Winter | |
2020-08-17 | openpgp: Move crypto::Keygrip to the ipc crate. | Justus Winter | |
2020-08-17 | openpgp: Rename PublicKey::keygrip to Keygrip::of. | Justus Winter | |
- This allows us to move Keygrip to a different crate. | |||
2020-08-17 | openpgp: Improve documentation of crypto::ecdh. | Justus Winter | |
- Fixes #474. | |||
2020-08-17 | openpgp: Rename {en,de}crypt_shared to better reflect their use. | Justus Winter | |
2020-08-17 | openpgp: Move crypto::sexp to the ipc crate. | Justus Winter | |
- This is only used to communicate with the GnuPG agent, so it should not be in the openpgp crate. | |||
2020-08-17 | openpgp: Use a ProtectedMPI to handle the shared point. | Justus Winter | |
- Also remove the now unused MPI::secure_memzero. | |||
2020-08-17 | openpgp: Add EC point constructors and destructor for ProtectedMPI. | Justus Winter | |
- Sometimes, we store secret points, so we should provide these convenient methods. | |||
2020-08-17 | openpgp: Make crypto::ecdh::decrypt_shared public. | Justus Winter | |
- This will be used by all the implementations of crypto::Decryptor, and if we don't want them to end up in the openpgp crate, we need to make it public. | |||
2020-08-14 | openpgp: Fix Ciphertext::arbitrary. | Justus Winter | |
- Make sure not to generate ciphertexts with encrypted session keys 255 bytes as OpenPGP cannot represent those. - Fixes #544. | |||
2020-08-13 | openpgp: Add examples for Keygrip. | Justus Winter | |
- See #474. | |||
2020-08-13 | openpgp: Add examples for Password. | Justus Winter | |
- See #474. | |||
2020-08-13 | openpgp: Add note to enums that cannot be exhaustively matched. | Justus Winter | |
2020-08-13 | openpgp: Adjust for SymmetricAlgorithm support diff. across backends | Igor Matuszewski | |
2020-08-13 | openpgp: Implement ECDH and RSA encryption | Igor Matuszewski | |
2020-08-13 | openpgp: Implement DSA signatures using Windows CNG | Igor Matuszewski | |
2020-08-13 | openpgp: Implement ed25519 signatures with ed25519-dalek | Igor Matuszewski | |
2020-08-13 | openpgp: Implement RSA and ECDSA signatures via Windows CNG API | Igor Matuszewski | |
2020-08-13 | openpgp: Implement asymmetric key gen/import using Windows CNG API | Igor Matuszewski | |
2020-08-13 | openpgp: Implement CTR and EAX (AEAD) modes on top of CNG's AES | Igor Matuszewski | |
Unfortunately, we need AEAD since it's used in quite a few of the tests. The implementation only works with AES since that's the only block cipher that's readily available in the CNG from the list of generally supported in Sequoia. |