| Age | Commit message (Collapse) | Author |
|---|
|
- Fixes #1060.
|
|
|
|
- Use `cipher`'s reexport of `generic-array` instead of directly
depending on `generic-array` and having to worry about synchronizing
the versions.
|
|
|
|
|
|
|
|
- Require version 0.5.1.
|
|
- Upgrade regex-syntax to 0.8.
- Fixes #1056.
|
|
- `Cert::from_str`, `Cert::from_reader`, `Cert::from_file`, and
`Cert::from_bytes` return an error if the input contains multiple
certificates.
- Improve the documentation to make that clearer, and suggest the
use of `CertParser` to parse keyrings.
|
|
- Now that we use OnceCell for the cache, we can hand out references
to the cached data. This closes the gap between UserID and
ConventionallyParsedUserID, hence I think this addresses the
concern in #377.
- Deprecate the allocating variants.
- Fixes #377.
|
|
- Behaves the same, but is much nicer.
|
|
|
|
- Fixes #962.
|
|
- Instead, just accept that if other signature types come in, we
miscompute the hash, and we'll reject the signature later on.
|
|
Adapt the doc tests of `KeyAmalgamationIter::secret()`,
`KeyAmalgamationIter::unencrypted_secret()`,
`ValidKeyAmalgamationIter::secret()` and
`ValidKeyAmalgamationIter::unencrypted_secret()` to make use of
`CertBuilder::new()` instead of `CertBuilder::general_purpose()` to be
able to test for the amount of found keys more reliably.
Signed-off-by: David Runge <dave@sleepmap.de>
|
|
Add the new filter `encrypted_secret` to filter on whether secret key
material is present and encrypted.
Remove the `secret` field of `ValidKeyAmalgamationIter` and alter
`ValidKeyAmalgamationIter::secret()` to set both `encrypted_secret` and
`unencrypted_secret` to `Some(true)`.
Closes https://gitlab.com/sequoia-pgp/sequoia/-/issues/1040
Signed-off-by: David Runge <dave@sleepmap.de>
|
|
- Add the private function `skip_secret()` to evaluate whether a secret
key is skipped during filtering and provide a message in that case.
- Add the new filter `encrypted_secret` to filter on whether secret key
material is present and encrypted. Make use of the `skip_secret()`
function to evaluate whether a key is skipped when filtering or not.
- Remove the `secret` field of `KeyAmalgamationIter` and alter
`KeyAmalgamationIter::secret()` to set both `encrypted_secret` and
`unencrypted_secret` to `Some(true)`.
Closes https://gitlab.com/sequoia-pgp/sequoia/-/issues/1040
Signed-off-by: David Runge <dave@sleepmap.de>
|
|
- Fixes #954.
|
|
|
|
- We don't actually stop, and doing that seems like an optimization
for a very unlikely case.
|
|
|
|
- This came up as the new leak tests use our hex parsing functions
to parse /proc/self/maps and apparently Linux will drop leading
zeros from addresses.
- Fix this by allowing these functions to operate on an odd number
of nibbles. I see no reason no reason not to do that, except for
the fact that we don't want to establish that it is okay to drop
leading zeros from key IDs and fingerprints, hence I preserved the
behavior of parsing key IDs and fingerprints.
|
|
- SignatureBuilder::signature_expiration_time is broken. This is
because SignatureBuilder doesn't actually implement
signature_expiration_time. Instead, it is resolved via a Deref to
the SubpacketAreas::signature_expiration_time. That function
returns: creation_time subpacket + expiration_time subpacket, but
the actual creation time in a SignatureBuilder may not yet have
propagated to the subpacket area!
- Fixes #998.
|
|
|
|
- Fixes #973.
|
|
|
|
- Zeroing the stack is not something that upstream necessarily
considers their responsibility, hence we need to do it. In any
case, there is a bug in current versions of the AES crate that
spills the symmetric key into the stack when using AES-NI or the
ARMv8 Cryptography Extensions.
- See https://github.com/RustCrypto/block-ciphers/issues/385.
|
|
- This is only effective if the value is computed by a function that
is never inlined. Add a macro that takes care of that.
|
|
- Stack allocated values may be moved freely by the Rust compiler
leaving traces of the secret laying around the stack. Zeroize
doesn't help with that. Heap allocate the secret instead, which
prevents the moves.
|
|
- Fixes #989.
|
|
- Unfortunately, in all of the cipher crates other than the aes
crate this doesn't do anything besides enabling cipher/zeroize.
|
|
|
|
|
|
|
|
|
|
- `Encryptor` uses a single lifetime for two fields, which is too
restrictive in some situations.
- To avoid breaking the API, introduce `Encryptor2`, which is just
`Encryptor` renamed, and with an added lifetime parameter, and make
`Encryptor` a thin wrapper around `Encryptor2`.
- Deprecate `Encryptor`.
- See #1028.
|
|
- This way, we can accommodate signers with disjoint acceptable hash
algorithm sets.
- This also re-enables the use of Signer::hash_algo to select a
preferred hash algorithm, if that is supported by the signer.
- Fixes #1043 and #1045.
|
|
- Provide guidance for leaf crate and intermediate crates on how to
use sequoia-openpgp, and how to handle the cryptographic backend
features.
- Fixes #987.
|
|
- Previously, we did buffer the whole message, but the
implementation was done in a way that would have allowed a
constant-space operation with some more effort (maybe
considerable). However, the crypto-refresh abandons the idea of
doing one-pass processing of CSF messages on the basis that these
kind of messages are meant to be human-readable, and hence should
easily fit into memory. This means that we no longer need to
know the hash functions (and salt in case of v6 signatures) before
seeing the body, and indeed v6 CSF messages will no longer include
any Hash headers.
|
|
- Fixes https://gitlab.com/sequoia-pgp/sequoia/-/issues/1038
|
|
- When using the RustCrypto backend, we can avoid the dependency on
sha-1 by relying on sha1collisiondetection.
- See also #1051.
|
|
|
|
- Fixes https://gitlab.com/sequoia-pgp/sequoia/-/issues/1051.
|
|
|
|
|
|
- This solves the following issue reported to ed25519_dalek:
https://rustsec.org/advisories/RUSTSEC-2022-0093
- Upgrade win_crypto_ng so that it allows usage of rand_core that is
compatible with both win_crypto_ng and ed25519_dalek:
https://github.com/emgre/win-crypto-ng/pull/48
|
|
- This type of array is used by ed25519-dalek crate.
|
|
- Add regression unit test to catch this type of mistake in other
backends.
|
|
- Fixes #1019.
|
|
- When using classical ECDH with the upcoming SEIPDv2, we cannot
determine the expected plaintext length by looking at the cipher
octet, because that is not included in the plaintext. Instead, we
know it from the header of the SEIPDv2 packet, and hand the
expected length to the low-level decryption functions.
|
