Age | Commit message (Collapse) | Author |
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
- We use marker traits to track with the type system if a Key has
secret key material attached. Previously, it was possible to
subvert that by taking the secret key material using
Key4::set_secret, creating a Key4<SecretParts, ..> without any
secrets.
- Related, the accessor functions returned an
Option<SecretKeyMaterial> even for Key4<SecretParts, ..>.
- Replace set_secret by add_secret and take_secret that also change
the Key's type accordingly. Make the accessors infallible if we
know we have a secret key, rename Key4<P, R>::secret to
Key4<P, R>::optional_secret to make the distinction clear.
- Fixes #435.
|
|
|
|
|
|
- Fixes #427.
|
|
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
|
|
|
|
- Fixes #414.
|
|
|
|
- Instead of passing MessageStructure to VerificationHelper::check
by reference, pass it by value.
- After calling VerificationHelper::check, it is dropped. Passing
it by value allows the caller to avoid some cloning.
|
|
- They can still be used as a convenience, but the documentation
will refer to them as their expanded counterparts.
- This makes the structure of they Key<_, _> type more visible.
|
|
- This allows us to get rid of another dependency that uses winapi
0.2, the last being mio 0.6 (0.7 is not yet released). In terms
of linkage we still should only link to what we use - no new
Windows API usage introduced here.
|
|
|
|
- These are low-level cryptographic traits that are not concerned
with the role of a key.
- Fixes #382.
|
|
- Fixes #359.
|
|
|
|
- Fixes #387.
|
|
- To that end, make VerificationHelper::get_public_keys take
KeyHandles for all the issuers.
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
- Fixes #381.
|
|
Newer Rust compilers requre `dyn` marking trait objects.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
- The primary key is not a binding; it is a single component.
Thus, returning a ComponentBinding is misleading.
- Add methods to the TPK structure to return the direct signatures,
certifications, self revocations, and other revocations.
|
|
- Fixes #88.
|
|
- Change `TPK::primary_key_signature` and
`TPK::primary_key_signature_full` to take an additional parameter,
a time.
- Return the primary key signature at that time rather than the
newest primary key signature.
|
|
- Change ComponentBinding::binding_signature to take an optional
timestamp and return the self signature that is active at that
time.
|
|
|
|
- Decrypt encrypted keys in-place, so that we will never prompt
twice for the same key. Rework for clarity.
|
|
- In addition to providing some added protection, this allows us to
implement 'From<Key<_, _>> for Packet'.
|
|
|
|
- Also rename the `subkey` method to `key`.
|
|
- When the `SecretKey` type only refers to the secret key material
and not a TPK-like thing, call it `SecretKeyMaterial`.
|
|
- This is the result of running `cargo fix --edition`, with some
manual adjustments.
- The vast majority of changes merely qualify module paths with
'crate::'.
- Two instances of adding an anonymous pattern to a trait's
function.
- `async` is a keyword in Rust 2018, and hence it needs to be
escaped (e.g. in the case of the net::r#async module).
- The manual adjustments were needed due to various shortcomings of
the analysis employed by `cargo fix`, e.g. unexpanded macros,
procedural macros, lalrpop grammars.
|
|
- Try to decrypt all PKESKs, not just the first one.
|
|
|
|
- Fixes #100.
|
|
|
|
- Indent the hexdumps, but don't exceed a target width.
|
|
|
|
- Fixes #241.
|
|
- In the streaming verifier and decryptor, check that
signatures (and binding signatures) are valid at the given time.
- Fixes #247.
|
|
- Fixes #24.
|
|
|
|
- Simplify the protocol by removing the iteration. Instead, the
callee gets a proxy for PacketParser::decrypt() that she can use
to decrypt the message. If successful, the session key can be
cached without involving the DecryptionHelper trait. This also
allows us to dump session keys.
- Fixes #219.
|
|
|
|
|
|
|
|
|
|
- The packet parser's recursive depth can be computed from the path,
which we now track. As such, don't track the recursive depth
separately, just derive it from the path.
|
|
- decrypt called dumper.flush() with the same output destination as
that used for the decrypted data. But, the output of dump belongs
on stderr.
|
|
- Fixes #111.
|