Age | Commit message (Collapse) | Author |
|
- See #471.
|
|
- Fixes #495.
|
|
- Add a new constructor that takes headers. This allows us to make
the header argument polymorphic.
|
|
This reverts commit 2e1eec5fe4157a391a13554ff7df3075cfe043cc.
|
|
- We don't throw away components with no (valid) self signatures.
- Add a test demonstrating this.
- Correct the documentation.
|
|
- This avoids the partial implementation imitating
std::option::Option, replacing it with std::result::Result.
- As a benefit, std::result::Result is in the prelude, simplifying a
lot of parsing loops.
|
|
- Writers should be finalized, builders should be built.
|
|
- Preferences should be implemented for ValidComponentAmalgamation
and ValidCert, not ValidComponentAmalgamation and
ValidKeyAmalgamation.
- Adjust the Preferences trait since ValidCert doesn't implement
ValidAmalgamation.
|
|
|
|
|
|
- If we strip the opaque encoding marker, preserve any leading
zeros.
- Fixes #439.
|
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
- Add two new traits: `Marshal` and `MarshalInto`.
- Implement them instead of `Serialize` and `SerializeInto`.
- Only implement `Serialize` and `SerializeInto` for data structures
that are normally exported.
- This should prevent users from accidentally serializing a bare
signature (`Signature`) when they meant to serialize a signature
packet (`Packet`), for instance.
- Fixes #368.
|
|
- This test demonstrates that we consider binding signatures valid
even if the primary key is not marked as certification-capable.
- Fixes #321.
|
|
- Now that we have the policy trait, we can enable weak hash
algorithms. Enable MD5 and RipeMD160.
- Add test vectors.
|
|
- This patch series adds methods to query key constraints and other
key-related signature subpackets to trait Amalgamation.
Key-related subpackets are relevant to all components. Recall
that primary key constraints may be expressed on userid binding
signatures, and that userid components may be stripped off.
- We do the same for the key holder's preference packets. These
subpackets are not relevant to subkeys, therefore we introduced a
new trait Preferences that is implemented for valid componentsand
primary keys.
- Add the original test case from the bug report.
- Fixes #215.
|
|
- Move the autocrypt-related functionality to a new crate.
- Fixes #424.
|
|
- Previously, signatures following an unknown packet (like a version
3 signature) were attributed to the unknown component. To fix
that, try to reorder all signatures on unknown components. If we
fail, we put them back where we found them, assuming they are at
the correct location on an component unknown to us.
- Also split signatures of unknown components.
- Add test case.
|
|
- The signatures are ordered from authenticated and most important
to not authenticated and most likely to be abused. The order is:
- Self revocations first. They are authenticated and the most
important information.
- Self signatures. They are authenticated.
- Other signatures. They are not authenticated at this point.
- Other revocations. They are not authenticated, and likely not
well supported in other implementations, hence the least
reliable way of revoking keys and therefore least useful and
most likely to be abused.
|
|
|
|
|
|
- Fixes #387.
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
- To avoid an infinite loop, we need to not only read data, but also
consume it.
- Add a regression test.
- Fixes #349.
|
|
- Add a heuristic to attempt to dearmor blocks which have a prefix
such as if they were quoted in an email.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
- Returns the TPK's primary User ID.
- Also add a variant `TPK::primary_userid_full`, which also returns
the primary User ID's binding signature and revocation status.
|
|
- Consider a TPK, subkey, User ID, or User Attribute to be revoked
at time `t` if the most recent revocation certificate that is live
at time `t` is younger than the most recent self signature that is
live at time `t`.
- Further, consider a TPK or a subkey to be revoked at all times if
there is a hard revocation (i.e., independent of what time that
revocation was created and whether or not the revocation is alive
at time `t`).
|
|
|
|
|
|
- This is the result of running `cargo fix --edition`, with some
manual adjustments.
- The vast majority of changes merely qualify module paths with
'crate::'.
- Two instances of adding an anonymous pattern to a trait's
function.
- `async` is a keyword in Rust 2018, and hence it needs to be
escaped (e.g. in the case of the net::r#async module).
- The manual adjustments were needed due to various shortcomings of
the analysis employed by `cargo fix`, e.g. unexpanded macros,
procedural macros, lalrpop grammars.
|
|
|
|
- *S-Expressions* as described in the internet draft
[S-Expressions], are a way to communicate cryptographic primitives
like keys, signatures, and ciphertexts between agents or
implementations.
[S-Expressions]: https://people.csail.mit.edu/rivest/Sexp.txt
|
|
|
|
- With a1e226f8f1418de43e577fdaa1d087b68bbb09ae in place, we have a
more general way to add components to a TPK. Retire the current
`TSK` type and replace it with a thin shim that only allows
serialization of secret keys.
- Fixes #107.
|
|
|
|
|
|
- Fixes #243.
|
|
|
|
- For every file in openpgp/tests/data, parse it, and roundtrip each
packet.
- Fixes 243.
|
|
- Previously, the framing information was off by four bytes.
|
|
|
|
|
|
- The bingings support basic manipulation of OpenPGP data, but are
quite incomplete. Furthermore, the Python API is not very
pythonic in some places, so expect it to break in the future.
|
|
|
|
Revocation signatures only revoke earlier self-sigs, not signatures made
after the rev-sig.
|
|
- This adds a new packet type, and enough infrastructure to decrypt
messages encrypted using AEAD.
|
|
- When parsing a compression packet using an old-style indeterminate
length encoding, the parser is supposed to read until it
encounters a "natural" EOF (i.e., the end of the compressed data),
but the decompressor blindly buffers data, so it usually swallows
the MDC packet.
- Since we know the size of the MDC packet apriori, we can use a
BufferedReaderReserve to prevent it from being consumed by the
decompressor.
|
|
- Add the new files referenced in last commit (f260618), but not
committed.
|
|
- When we find signatures that are bad or unused, keep them around,
they might be useful when merging the TPK later on. This may
happen if we see a partial TPK. For instance, if we have a key
server that doesn't return user id packets, it should still return
any self-signatures on those user id packets to allow propagation
of revocation certificates, etc.
- Fixes #34.
|
|
- This behavior can be changed using a switch.
- Fixes #18.
|