| Age | Commit message (Collapse) | Author |
|---|
|
- From this point on, the crate sequoia-sqv will be maintained in
its own repository.
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#single_component_path_imports
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#len_zero
- https://rust-lang.github.io/rust-clippy/master/index.html#comparison_to_empty
|
|
- https://rust-lang.github.io/rust-clippy/master/index.html#redundant_closure
|
|
- .value_name(..) implies .takes_value(true).
|
|
|
|
|
|
- Unfortunately, we still need to commit the result. Once the
external doc feature is merged, we can avoid this. See
https://github.com/rust-lang/rust/issues/44732.
|
|
- Secret key material is not authenticated by OpenPGP, so care must
be taken when merging certificates.
- Rename Cert::merge to Cert::merge_public_and_secret.
- Add new function Cert::merge_public. This function can be used to
merge certificates from untrusted sources as it ignores secret key
material that cannot be authenticated by OpenPGP.
- Fixes #584.
|
|
|
|
- See #480.
|
|
- See #498.
|
|
|
|
|
|
|
|
- Previously, we transformed data and detached signatures into
signed messages on the fly, then used the streaming Verifier to
verify the message. However, this introduces a nontrivial
overhead, even if unnecessary copies are carefully avoided.
- Instead, specialize the streaming Decryptor to handle detached
signatures. use crypto::hash_buffered_reader to compute the
hashes over the data, then attach the computed signatures to the
signature packets, and use Decryptor's verification machinery.
- While this is arguably less elegant, it is much simpler, and a lot
faster. Notably, if we operate on files and can mmap them into
memory, we can compute the hash in one call to the compression
function. Verification of detached signatures is an important use
case, so this speedup outweighs the loss of elegance.
- Fixes #457.
|
|
- Replace all usages of `to_hex` with formatting string with :X
specifier.
- Fixes #456.
|
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
|
|
- Add `openpgp/src/cert/prelude.rs` to import most types and traits
related to certificates.
- Use it instead of using the types and traits individually.
|
|
- Split the ValidAmalgamation trait into two traits, Amalgamation
and ValidAmalgamation, so that the functionality made available by
the Amalgamation trait can be provided by a ComponentAmalgamation,
which doesn't have a policy.
|
|
- Split VerificationResult into Result<GoodChecksum,
VerificationError>.
- Fixes #416.
|
|
- All the trace messages are gone except for the summary.
|
|
- This improves usability, e.g. when copy&pasting.
- Fixes #422.
|
|
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
|
|
|
|
- sqv implements the same functionality as streaming verifier. Use
that instead of reimplementing it.
|
|
- Add the option `--time` to the `sign` and `encrypt` subcommands to
allow the user to set the signature's creation time.
- Use the value of this option to select the signing keys.
|
|
|
|
- The current PartialOrd and PartialEq implementations for
KeyHandles considers KeyIDs and Fingerprints to not be equal.
Since most users of this interface expect key identifiers to be
interchangeable, this means that they have to pull KeyHandles
apart when comparing them, like this:
match (a, b) {
(KeyHandle::Fingerprint(a),
KeyHandle::Fingerprint(b)) => a == b,
(KeyHandle::Fingerprint(a),
KeyHandle::KeyID(b)) => a.keyid() == b,
...
}
This is unergonomic, and easy to forget to do.
- The obvious fix would be to change the PartialOrd and PartialEq
implementations to do this for the user. Unfortunately, this is
not possible, because they must be transitive and two
fingerprints (a and b) maybe different but have the same keyid.
That is, the following is possible:
a == keyid, b == keyid, but a != b
That makes this comparison function non-transitive and
inappropriate for the PartialOrd and PartialEq traits.
- Nevertheless, we can implement PartialOrd and PartialEq and return
None when a keyid and a fingerprint match. (A consequence of this
is that KeyHandle can no longer implement Eq or Ord.) This
prevents users of this interface from naively comparing
KeyHandles.
- Using this interface, we provide the desired, non-transitive,
comparison function via a method (KeyHandle::aliases).
- This change means that a `KeyHandle` can no longer be used as a
Key in a HashMap. In these cases, we instead use a vector.
- Fixes #412.
|
|
- Including the reference time in the KeyAmalgamation structure
rather than having the user supply it to the individual
methods (like `KeyAmalgamation::alive`) helps ensure that the key
is used consistent. For instance, this makes it harder to
mistakenly query key's liveness at time t, but then use the
current time to determine the key's capabilities.
|
|
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
|
|
|
|
- The context knows the algorithm now.
|
|
- Cert::keys_valid() is just a short-cut for
Cert::keys_all().alive().revoked(false).
- Remove Cert::keys_valid() and rename Cert::keys_all() to
Cert::keys().
|
|
- A tuple is just an unnamed, inflexible struct. Use a struct
instead.
- Fixes #400.
|
|
- The subpacket areas now have a vector of subpackets. Change some
accessors here and there to accommodate this.
- This requires bit-perfect roundtripping of subpackets so that
signatures are not invalidated.
- First step towards fixing #200.
|
|
- ISO 9801 is "Opthalmic instruments -- Trial case lenses", not
"Representation of dates and times"
- The commit log of 4b7457928f2d57bdb881a70c762db7d4359d541f
references ISO 6801, which is "Rubber or plastics hoses —
Determination of volumetric expansion", which is also supposed to
be 8601.
|
|
- Fixes #403.
|
|
- Fixes #44.
|
|
|
|
- The signature knows the hash algorithm.
|
|
- Put all relevant certificates into a hash table indexed by all
keyhandles. Merge certificates once.
|
|
|
|
|
|
- Fixes #359.
|
|
- Fixes #387.
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
- Fixes #381.
|
|
- In sq and sqv, use chrono to interface with the user.
- Fixes #341.
|
