Age | Commit message (Collapse) | Author |
|
- In caa8e0df, we relaxed the dependency on colored as a way to more
flexibly constrain the MSRV. But colored was a transitive
dependency in the first place, and we wouldn't have required any
specific version of it if it wasn't present. We can let the
intermediate dependencies be responsible for the preferred minimum
version, rather than explicitly declaring it ourselves.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
- Add `openpgp/src/cert/prelude.rs` to import most types and traits
related to certificates.
- Use it instead of using the types and traits individually.
|
|
- Split the ValidAmalgamation trait into two traits, Amalgamation
and ValidAmalgamation, so that the functionality made available by
the Amalgamation trait can be provided by a ComponentAmalgamation,
which doesn't have a policy.
|
|
- In eaaaf33dc15df65a7d34b9f436080e49f30f9715, colored was fixed to
1.9.1 "to keep our MSRV stable" presumably because 1.9.2 bumped
the version of rustc required. However, older versions of colored
still work to build. This was tested on debian, which today has
1.6.1. It's possible that even earlier versions of colored work
as well, but this is all I've tested.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
- Split VerificationResult into Result<GoodChecksum,
VerificationError>.
- Fixes #416.
|
|
|
|
|
|
- All the trace messages are gone except for the summary.
|
|
- This improves usability, e.g. when copy&pasting.
- Fixes #422.
|
|
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
|
|
|
|
- sqv implements the same functionality as streaming verifier. Use
that instead of reimplementing it.
|
|
- Add the option `--time` to the `sign` and `encrypt` subcommands to
allow the user to set the signature's creation time.
- Use the value of this option to select the signing keys.
|
|
- Don't match on "predates" in stderr. If the signing key is
selected using the signature's creation time, the key selection
will fail, possibly producing a different error message.
|
|
|
|
- The current PartialOrd and PartialEq implementations for
KeyHandles considers KeyIDs and Fingerprints to not be equal.
Since most users of this interface expect key identifiers to be
interchangeable, this means that they have to pull KeyHandles
apart when comparing them, like this:
match (a, b) {
(KeyHandle::Fingerprint(a),
KeyHandle::Fingerprint(b)) => a == b,
(KeyHandle::Fingerprint(a),
KeyHandle::KeyID(b)) => a.keyid() == b,
...
}
This is unergonomic, and easy to forget to do.
- The obvious fix would be to change the PartialOrd and PartialEq
implementations to do this for the user. Unfortunately, this is
not possible, because they must be transitive and two
fingerprints (a and b) maybe different but have the same keyid.
That is, the following is possible:
a == keyid, b == keyid, but a != b
That makes this comparison function non-transitive and
inappropriate for the PartialOrd and PartialEq traits.
- Nevertheless, we can implement PartialOrd and PartialEq and return
None when a keyid and a fingerprint match. (A consequence of this
is that KeyHandle can no longer implement Eq or Ord.) This
prevents users of this interface from naively comparing
KeyHandles.
- Using this interface, we provide the desired, non-transitive,
comparison function via a method (KeyHandle::aliases).
- This change means that a `KeyHandle` can no longer be used as a
Key in a HashMap. In these cases, we instead use a vector.
- Fixes #412.
|
|
- Including the reference time in the KeyAmalgamation structure
rather than having the user supply it to the individual
methods (like `KeyAmalgamation::alive`) helps ensure that the key
is used consistent. For instance, this makes it harder to
mistakenly query key's liveness at time t, but then use the
current time to determine the key's capabilities.
|
|
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
|
|
|
|
- The context knows the algorithm now.
|
|
|
|
- Cert::keys_valid() is just a short-cut for
Cert::keys_all().alive().revoked(false).
- Remove Cert::keys_valid() and rename Cert::keys_all() to
Cert::keys().
|
|
- A tuple is just an unnamed, inflexible struct. Use a struct
instead.
- Fixes #400.
|
|
- The subpacket areas now have a vector of subpackets. Change some
accessors here and there to accommodate this.
- This requires bit-perfect roundtripping of subpackets so that
signatures are not invalidated.
- First step towards fixing #200.
|
|
- ISO 9801 is "Opthalmic instruments -- Trial case lenses", not
"Representation of dates and times"
- The commit log of 4b7457928f2d57bdb881a70c762db7d4359d541f
references ISO 6801, which is "Rubber or plastics hoses —
Determination of volumetric expansion", which is also supposed to
be 8601.
|
|
- Fixes #403.
|
|
- What the code called a "primary key binding" is actually a direct
key signature. Primary key bindings are signatures by
signing-capable subkeys over primary and subkey.
- See #402.
|
|
- Test all kinds of revocations, test signature that predates the
primary key. Same with a subkey.
|
|
- Fixes #44.
|
|
|
|
- The signature knows the hash algorithm.
|
|
- Backdate key creation time.
- Remove superfluous features subpacket from signatures.
- Check for "revoked" in stderr.
- Fix the code that created the artifacts, use common prefix for
filenames.
|
|
- Put all relevant certificates into a hash table indexed by all
keyhandles. Merge certificates once.
|
|
|
|
|
|
- Until sqv grows the ability to cerify JWS or CMS or other kinds of
signatures, we should be clear what it actually offers.
- This description is also ported to the debian packaging
information, so it shows up in apt listings, etc. Being more
descriptive will make the tool findable.
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
- Fixes #359.
|
|
- See #359.
|
|
- Fixes #387.
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
|
|
- Fixes #381.
|
|
- In sq and sqv, use chrono to interface with the user.
- Fixes #341.
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
|
|
|
|
- The primary key is not a binding; it is a single component.
Thus, returning a ComponentBinding is misleading.
- Add methods to the TPK structure to return the direct signatures,
certifications, self revocations, and other revocations.
|