Age | Commit message (Collapse) | Author |
|
- RFC 4880 explicitly allows the use of v3 signatures, but adds:
> Implementations SHOULD accept V3 signatures. Implementations
> SHOULD generate V4 signatures.
- In practice, rpm-based distributions are generating v3 signatures,
and it will be awhile before we can actually stop supporting them.
https://bugzilla.redhat.com/show_bug.cgi?id=2141686#c20
- Add support for parsing, verifying, and serializing v3
signatures (but not v3 certificates, and not generating v3
signatures!).
|
|
- Currently, if we don't understand a compression algorithm, parsing
a compressed data packet fails and it is turned into an Unknown
packet. This is rather unfortunate, and deviates from what we do
for the encryption containers.
- Encryption containers are either not decrypted, in which case they
have a Body::Unprocessed, decrypted with Body::Processed, or
decrypted and parsed Body::Structured.
- Likewise, if we don't understand a compression algorithm, we
should simply return a compressed data packet with an unprocessed
body. This change does exactly that.
- Fixes #830.
|
|
- Enables the test unconditionally, but avoids the panic if an
algorithm is not supported. This is a workaround until we have
reworked the compressed data handling.
- See https://gitlab.com/sequoia-pgp/sequoia/-/issues/830.
- This addresses the same problem like !1235 but in a more general
way.
|
|
- Supporting v5 fingerprints is important so that we can process
signature subpackets containing them, even if we don't yet support
any v5 formats. Consider being part of a group of recipients
where one of the recipients has a v5 key: then, the intended
recipient fingerprint subpacket contains a v5 fingerprint for that
v5 recipient. See also #820.
|
|
|
|
- Previously, during parsing and serialization, OpenPGP's unsigned
32-bit timestamps were converted to Rust's SystemTime, which uses
time_t. On platforms where that is a signed 32-bit value, the time
was truncated. See #668.
- One way to fix that is to make Rust's SystemTime independent of
time_t. See https://github.com/rust-lang/rust/issues/44394.
- The other way is not to convert to SystemTime at the API
boundary. See
https://gitlab.com/sequoia-pgp/sequoia/-/issues/806.
- This fixes handling during parsing and serialization, but doesn't
address the API issue.
- Fixes #802.
|
|
- Found by clippy::clone_on_copy lint.
|
|
- Found by clippy::redundant_slicing.
|
|
- In CamelCase, acronyms count as one word. Apply this rule where
API and lalrpop are not impacted.
- Found by clippy::upper_case_acronyms.
|
|
- Fixed with the help of clippy::needless_borrow.
|
|
|
|
The extra & in a pattern (match arm or if let) is unnecessary and only
makes the code harder to read. In most places it's enough to just
remove the & from the pattern, but in a few places a dereference (*)
needs to be added where the value captured in the pattern is used, as
removing the & changes the type of the captured value to be a
reference.
Overall, the changes are almost mechanical. Although the diff is huge,
it should be easy to read.
The clippy lint match_ref_pats warns about this. See:
https://rust-lang.github.io/rust-clippy/master/index.html#match_ref_pats
|
|
- openpgp: Make broken relative links absolute:
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+packet),\1crate::packet,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+cert),\1crate::cert,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+parse),\1crate::parse,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+policy),\1crate::policy,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+serialize),\1crate::serialize,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+armor),\1crate::armor,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+types),\1crate::types,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!] *(\[`PacketPile`\]):).*$,\1 crate::PacketPile,' {} +
- openpgp: Link to PacketParser and Policy structs, not the modules.
- ffi: Make links to sequoia_openpgp and sequoia_net absolute
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+sequoia_openpgp),\1sequoia_openpgp,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+sequoia_net),\1sequoia_net,' {} +
|
|
- Apply cargo intraconv.
|
|
|
|
- This is a low-level interface. We will provide nicer abstractions
in a followup.
- See #335.
|
|
|
|
- Use NetLength::gross_len that is both shorter and smart enough not
to compute the net length twice.
|
|
|
|
- Packets without framing should return their net length.
|
|
|
|
|
|
|
|
- Fixes 54e223d1b0aecc458fdfd78f7ed6a14a2fd59cc6.
|
|
|
|
- Previously, serializing Packet::PublicKey(k) would not serialize
any secret key material on k, but when comparing
Packet::PublicKey(k) with Packet::PublicKey(l), the secret key
material would be significant. This is in conflict with our
definition of equality, which states that two objects are
considered equal if their canonical serialized form is equal.
- Closely related, secret key material was considered significant
when comparing Key<_, _> objects, and secret key material was
emitted when they were serialized, even for objects of type
Key<PublicParts, _>.
- Align equality, serialization of Key<_, _> objects by ignoring any
secret key material when comparing and serializing objects of type
Key<PublicParts, _>.
- Fixes #632 and #633.
|
|
- Avoid the additional `fn f()`.
|
|
- See #615.
|
|
- seal `Marshal` and `MarshalInto` traits.
- this effectively also seals `Serialize` and `SerializeInto`
as they depend on the former.
- See #538.
|
|
|
|
- Fixes #563
- With an MSRV >= 1.40.0, we can use #[non_exhaustive], as mentioned
in #406.
- This is also a clippy lint:
https://rust-lang.github.io/rust-clippy/master/index.html#manual_non_exhaustive
|
|
- See #480.
|
|
- Encrypted key material can be protected by either SHA1 or a two
octet sum over the key material. The latter is not used anymore,
but GnuPG 2.1 emits this S2K usage octet when emitting TSKs with
detached keys.
- Fixes #569.
|
|
|
|
|
|
- Also, rename methods to be more explicit.
|
|
- This mirrors how we handle other unknown variants. However, since
we do not know the length of the parameters for unknown S2K
variants, we cannot parse them back. To work around that, the
parameter field is optional, and will be `None` when an unknown
S2K is parsed. The data is not lost, but stored in the packet
containing the S2K object, so that we can serialize it again.
- Carefully preserve the invariant that we can parse any packet we
can serialize by comparing the serialized form of the packet
fragments containing the S2K and any fields the parameters of
unknown variants bleed into on parsing.
- Unfortunately, this means that S2K on its own no longer
roundtrips. Remove that test accordingly.
|
|
|
|
|
|
|
|
|
|
|
|
- This is only used to communicate with the GnuPG agent, so it
should not be in the openpgp crate.
|
|
- When writing out fields with explicit length as u8, make sure that
we do not exceed that limit.
- See #542.
|
|
|
|
|
|
- In contrast with the other bitfields, this one has a fixed size.
Account for that in the API. Don't implement Default.
- Fixes #525.
|
|
- This also drops the implementation of PartialOrd since we did not
use it in the key selection after all.
- Fixes #525.
|
|
- Also improve the documentation of the KSP::no_modify and the
corresponding setters.
- See #525.
|
|
|