Age | Commit message (Collapse) | Author |
|
- Every iterator implements IntoIterator. Simplify accordingly.
|
|
|
|
|
|
|
|
|
|
- See #498.
|
|
- See #498.
|
|
- See #498.
|
|
- Rename all calls to `Builder` with `SignatureBuilder`.
- Fixes #481.
|
|
- We finalize the writer stack at the end of the streaming
operation, but we build the filters using the builder pattern.
|
|
- This allows customization of the generated signatures.
|
|
- Previously, when creating an armored message using the
armor::Writer and the streaming serialization interface, one had
to finalize both the writer stack and the armor writer, which is
unergonomic, not obvious, and error prone.
- This filter properly finalizes the armor writer when the writer
stack is finalized.
- Fixes #453.
|
|
|
|
- Previously, Signer::drop made an effort to finalize the filter.
This, however, is only a best-effort mechanism: It cannot report
errors.
- Because of this, we now believe that it actually exacerbates the
problem of downstream users not finalizing the filter: It will
work most of the time, but sometimes fail.
|
|
- Previously, Encryptor::drop made an effort to finalize the filter.
This, however, is only a best-effort mechanism: It cannot report
errors.
- Because of this, we now believe that it actually exacerbates the
problem of downstream users not finalizing the filter: It will
work most of the time, but sometimes fail.
|
|
- Previously, PartialBodyFilter::drop made an effort to finalize the
filter. This, however, is only a best-effort mechanism: It cannot
report errors.
- Because of this, we now believe that it actually exacerbates the
problem of downstream users not finalizing the filter: It will
work most of the time, but sometimes fail.
- Drop the implementation of Drop. Fix all the problematic test
cases.
|
|
This reverts commit 2e1eec5fe4157a391a13554ff7df3075cfe043cc.
|
|
- This avoids the partial implementation imitating
std::option::Option, replacing it with std::result::Result.
- As a benefit, std::result::Result is in the prelude, simplifying a
lot of parsing loops.
|
|
- Change `mark_role_primary` to `role_into_primary`.
- Change `mark_role_primary_ref` to `role_as_primary`.
- Change `mark_role_subordinate` to `role_into_subordinate`.
- Change `mark_role_subordinate_ref` to `role_as_subordinate`.
- Change `mark_role_unspecified` to `role_into_unspecified`.
- Change `mark_role_unspecified_ref` to `role_as_unspecified`.
- Fixes #452.
|
|
- Previously, Message was polymorphic over the cookie. However, the
writer stack framework only has one user, and it likely ever will,
so I don't really see the point in complicating our interface.
|
|
- This aligns it with AED::symmetric_algo and SKESK::symmetric_algo.
|
|
- Fixes #472.
|
|
|
|
|
|
|
|
|
|
|
|
- Change `mark_parts_public` to `parts_into_public`,
- Change `mark_parts_public_ref` to `parts_as_public`,
- Change `mark_parts_secret` to `parts_into_secret`,
- Change `mark_parts_secret_ref` to `parts_as_secret`,
- Change `mark_parts_unspecified` to `parts_into_unspecified`,
- Change `mark_parts_unspecified_ref` to `parts_as_unspecified`,
- Fixes #452.
|
|
- Previously, Message::new returned a writer::Stack, and Message was
just an empty struct. Unify the types. This makes sense, because
if you have a message, and encrypt it, you get a message.
- Make the writer module private. This is an implementation detail.
|
|
|
|
|
|
|
|
|
|
- Previously, we transformed data and detached signatures into
signed messages on the fly, then used the streaming Verifier to
verify the message. However, this introduces a nontrivial
overhead, even if unnecessary copies are carefully avoided.
- Instead, specialize the streaming Decryptor to handle detached
signatures. use crypto::hash_buffered_reader to compute the
hashes over the data, then attach the computed signatures to the
signature packets, and use Decryptor's verification machinery.
- While this is arguably less elegant, it is much simpler, and a lot
faster. Notably, if we operate on files and can mmap them into
memory, we can compute the hash in one call to the compression
function. Verification of detached signatures is an important use
case, so this speedup outweighs the loss of elegance.
- Fixes #457.
|
|
|
|
- Add two new traits: `Marshal` and `MarshalInto`.
- Implement them instead of `Serialize` and `SerializeInto`.
- Only implement `Serialize` and `SerializeInto` for data structures
that are normally exported.
- This should prevent users from accidentally serializing a bare
signature (`Signature`) when they meant to serialize a signature
packet (`Packet`), for instance.
- Fixes #368.
|
|
- Fixes #446.
|
|
- Add `openpgp/src/cert/prelude.rs` to import most types and traits
related to certificates.
- Use it instead of using the types and traits individually.
|
|
- Split VerificationResult into Result<GoodChecksum,
VerificationError>.
- Fixes #416.
|
|
|
|
|
|
|
|
- Fixes #427.
|
|
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
|
|
- Use the frozen time as policy. Simplify writer stack
finalization.
|
|
- Add Signer::creation_time so that a user of a Signer object can
determine the signature's creation time.
|
|
|
|
|
|
- Instead of passing MessageStructure to VerificationHelper::check
by reference, pass it by value.
- After calling VerificationHelper::check, it is dropped. Passing
it by value allows the caller to avoid some cloning.
|
|
- Use the convenient functions
KeyAmalgamation::for_storage_encryption,
KeyAmalgamation::for_transport_encryption, etc., instead of
building up a KeyFlags and then calling
KeyAmalgamation::key_flags.
- This pattern requires less boilerplate.
|