| Age | Commit message (Collapse) | Author |
|---|
|
- Use the anyhow crate instead of failure to implement the dynamic
side of our error handling. anyhow::Error derefs to dyn
std::error::Error, allowing better interoperability with other
stdlib-based error handling libraries.
- Fixes #444.
|
|
- Add `openpgp/src/cert/prelude.rs` to import most types and traits
related to certificates.
- Use it instead of using the types and traits individually.
|
|
- Split the ValidAmalgamation trait into two traits, Amalgamation
and ValidAmalgamation, so that the functionality made available by
the Amalgamation trait can be provided by a ComponentAmalgamation,
which doesn't have a policy.
|
|
- Split VerificationResult into Result<GoodChecksum,
VerificationError>.
- Fixes #416.
|
|
- We use marker traits to track with the type system if a Key has
secret key material attached. Previously, it was possible to
subvert that by taking the secret key material using
Key4::set_secret, creating a Key4<SecretParts, ..> without any
secrets.
- Related, the accessor functions returned an
Option<SecretKeyMaterial> even for Key4<SecretParts, ..>.
- Replace set_secret by add_secret and take_secret that also change
the Key's type accordingly. Make the accessors infallible if we
know we have a secret key, rename Key4<P, R>::secret to
Key4<P, R>::optional_secret to make the distinction clear.
- Fixes #435.
|
|
- Fixes #427.
|
|
- Change all functions that need to evaluate the validity of a
signature (either directly or indirectly to take a policy object.
- Use the policy object to allow the user to place additional
constraints on a signature's validity.
- This addresses the first half of #274 (it introduces the policy
object, but does not yet implement any policy).
|
|
- Change KeyIter to return KeyAmalgamations instead of Keys.
- Given a `KeyAmalgamation`, it is possible to turn it into a
`ValidKeyAmalgamation`. This is not possible with a `Key`.
- With a `KeyAmalgamation`, it is still possible to query things
about the certificate.
|
|
- Structure the code better.
|
|
|
|
|
|
- Add the option `--time` to the `sign` and `encrypt` subcommands to
allow the user to set the signature's creation time.
- Use the value of this option to select the signing keys.
|
|
- This is better expressed as an error.
|
|
- VerificationResult::NotAlive means that the signature is not
alive. This has nothing to do with a specific key. Indeed, there
might not even be a key available, but we can still detect this
error condition.
- As such, remove the cert and key fields from
VerificationResult::NotAlive.
|
|
- Add an Error variant to VerificationResult.
|
|
- Instead of passing MessageStructure to VerificationHelper::check
by reference, pass it by value.
- After calling VerificationHelper::check, it is dropped. Passing
it by value allows the caller to avoid some cloning.
|
|
- Only the amalgamation allows proper checking of a key's
properties, the binding signature alone isn't sufficient.
- Fixes #408.
|
|
- KeyIter::revoked and KeyIter::key_flags (and its variants) didn't
take a time stamp so they could only be used for filtering keys
based on their current state, not their state at some time in the
past. Adding a time stamp to each of the filters would have fixed
the problem, but it would have made the interface ugly: callers
always want the same time stamp for all filters.
- Split KeyIter into two structures: a KeyIter and a ValidKeyIter.
- Add KeyIter::policy. It takes a time stamp, which is then used
for filters like `alive` and `revoked`, and it returns a
ValidKeyIter, which exposes filters that require a time stamp.
|
|
- Instead of taking a `KeyFlags`, change `KeyIter::key_flags` to
take a `Borrow<KeyFlags>`.
- Update callers to pass a reference instead of cloning.
|
|
|
|
- Cert::keys_valid() is just a short-cut for
Cert::keys_all().alive().revoked(false).
- Remove Cert::keys_valid() and rename Cert::keys_all() to
Cert::keys().
|
|
- A tuple is just an unnamed, inflexible struct. Use a struct
instead.
- Fixes #400.
|
|
|
|
- These are low-level cryptographic traits that are not concerned
with the role of a key.
- Fixes #382.
|
|
- See #359.
|
|
- Fixes #387.
|
|
- To that end, make VerificationHelper::get_public_keys take
KeyHandles for all the issuers.
|
|
- A signature can contain multiple hints as to who created the
signature. Return all those hints to the caller.
- Adapt all callers accordingly.
- Fixes #264.
|
|
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
- Fixes #381.
|
|
- In sq and sqv, use chrono to interface with the user.
- Fixes #341.
|
|
- Fixes #375.
|
|
- See #375.
|
|
- See #375.
|
|
- See #375.
|
|
- Return a different `VerificationResult` for signatures that are
not alive (BadSignature) from signatures that are actually
bad (BadCheck).
|
|
Newer Rust compilers requre `dyn` marking trait objects.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
|
|
- Fixes #88.
|
|
|
|
|
|
|
|
|
|
- Instead of giving a set of TPKs to the encryptor, hand in a set of
recipients, which are (keyid, key)-tuples, conveniently created
from key queries over TPKs. This simplifies the encryptor, and
makes the key selection explicit.
- Drop the EncryptionMode type.
- As a nice side effect, we can now generate encrypted messages with
wildcard recipient addresses.
|
|
|
|
- In contrast with cat, this also works on armored fragments.
- Fixes #288.
|
|
- In addition to providing some added protection, this allows us to
implement 'From<Key<_, _>> for Packet'.
|
|
- When the `SecretKey` type only refers to the secret key material
and not a TPK-like thing, call it `SecretKeyMaterial`.
|
|
- Automatically using AEAD if all recipients claim support is a
policy decision, which we'd rather avoid in the openpgp crate.
- Fixes #293.
|
