Age | Commit message (Collapse) | Author |
|
|
|
- The OpenSSL backend supports OCB, so we should test it!
|
|
- Previously the AEAD-based SKESK5 code was not being exercised
by the test suite due to a combination of being in a doctest
and being guarded by #[cfg(test)].
- Add a separate test case that additionally utilizes
`AEADAlgorithm::const_default`.
|
|
- Make `hash_update_text` a method on `HashingMode<Digest>`,
`HashingMode<Digest>::update`.
|
|
- Rename `iv_size` to `nonce_size`.
- Introduce `iv_size` that forwards to `nonce_size` for compatibility
reasons.
- Change all calls to `iv_size` to `nonce_size`.
|
|
- Previously, stream::Signer did not properly bracket OPS/Sig
packets when using more than one signer, i.e. OPS_a OPS_b Literal
Sig_a Sig_b instead of OPS_a OPS_b Literal Sig_b Sig_a.
- This is a regression introduced in
5bef3bde45f71126cdca3e8ad30b1047287c843a.
- Fixes #816.
|
|
|
|
- Introduce a trait that schedules nonce and additional
authenticated data for each AEAD chunk.
- Factoring that out allows us to support different schemes, and
decouple memory encryption from the OpenPGP schedules.
|
|
|
|
|
|
- Fixed with the help of clippy::needless_borrow.
|
|
- Fixes #769.
|
|
It is Rust custom that the new method for a type returns an instance
of that type. However, sometimes that's not wanted. Tell clippy that
these cases are OK. I opted to not do this globally, because that
would prevent clippy from catching future cases.
Found by clippy warning new_ret_no_self:
https://rust-lang.github.io/rust-clippy/master/index.html#new_ret_no_self
|
|
Instead of this:
if foo {
if bar {
...
}
}
do this:
if foo && bar {
...
}
Nesting statements implies a more complicated code structure than it
really is. Thus it's arguably simpler to write a combined condition by
joining the two conditions with a logical and operation.
Found by clippy lint collapsible_if:
https://rust-lang.github.io/rust-clippy/master/index.html#collapsible_if
|
|
- openpgp: Make broken relative links absolute:
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+packet),\1crate::packet,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+cert),\1crate::cert,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+parse),\1crate::parse,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+policy),\1crate::policy,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+serialize),\1crate::serialize,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+armor),\1crate::armor,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+types),\1crate::types,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!] *(\[`PacketPile`\]):).*$,\1 crate::PacketPile,' {} +
- openpgp: Link to PacketParser and Policy structs, not the modules.
- ffi: Make links to sequoia_openpgp and sequoia_net absolute
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+sequoia_openpgp),\1sequoia_openpgp,' {} +
- find -name "*.rs" -exec sed -i -E 's,^( *//[/!](.*): )((super::)+sequoia_net),\1sequoia_net,' {} +
|
|
- Apply cargo intraconv.
|
|
- Fixes #390.
|
|
|
|
|
|
- rustc 1.51 has activated the redundant_semicolons lint.
https://doc.rust-lang.org/rustc/lints/listing/warn-by-default.html#redundant-semicolons
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#iter_nth_zero
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#len_zero
- https://rust-lang.github.io/rust-clippy/master/index.html#comparison_to_empty
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#match_like_matches_macro
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#useless_conversion
|
|
- We discovered compatibility problems with the padding mechanism,
so we should caution against its use when compatibility with
certain implementations is required. Also, don't use padding in
the module's example.
|
|
|
|
|
|
- Implement verification of messages using the Cleartext Signature
Framework by detecting them in the armor reader, and transforming
them on the fly to inline signed messages.
- The transformation is not perfect. We need to synthesize
one-pass-signatures, but we only know the hash algorithm(s) used.
Luckily, this is the only information the packet parser needs.
- We only enable the transformation when using stream::Verifier.
The transformation is transparent to the caller. Currently, there
is no way to disable this. In the next major revision, we may add
ways to control this behavior.
- Fixes #151.
|
|
- See #151.
|
|
|
|
- Avoid the additional `fn f()`.
|
|
|
|
- With !928 merged more types are `Send` and `Sync` now.
- See #627.
|
|
- Use generics and the anonmymous lifetime in `assert_send_and_sync!`.
- See 627.
|
|
- See #627.
|
|
|
|
- See #615.
|
|
|
|
- Split Padder::new() into new and build.
- Adjust code in dependent projects (sop and sq).
- Fixes #600.
|
|
|
|
|
|
|
|
|
|
- See #480.
|
|
|
|
- This will allow us to mark subpackets as authenticated by the
verification operation.
|
|
- The tests used a certificate that expired by now. However,
because Sequoia did not consider subkeys of expired certificates
to be also expired, the tests were happy.
|
|
- Mark `aead_algo` as available only during tests,
- Remove support for AEAD from `sop`,
- Mark `aead` parameter in FFI as unused,
- openpgp-ffi: Drop `aead_algo` argument from `pgp_encryptor_new`,
- Fixes #550.
|
|
- Unlike the `Signature Creation Time` subpacket, there are
legitimate reasons to have multiple `Issuer` subpackets and
`Issuer Fingerprint` subpackets.
- Rename `SubpacketAreas::issuer` to `SubpacketAreas::issuers` and
return all `Issuer` subpackets.
- Likewise, Rename `SubpacketAreas::issuer_fingerprint` to
`SubpacketAreas::issuer_fingerprints` and return all `Issuer
Fingerprint` subpackets.
- Change `sq` to list all issuers. Deduplicate first, however.
|
|
- Previously, the symmetric algorithm argument conflated the
algorithm to protect the payload and the one to protect the
session key. Fix that by adding an argument to make the choice
explicit.
|