| Age | Commit message (Collapse) | Author |
|---|
|
|
|
- See #480.
|
|
|
|
- The former remembers the file's path and includes it in error
messages.
|
|
- An unknown packet is unknown either because we don't understand
the packet's type or we understand the type, but we don't support
the particular version, e.g., v3 keys.
- Improve 'sq packet dump''s description accordingly.
|
|
- This mirrors how we handle other unknown variants. However, since
we do not know the length of the parameters for unknown S2K
variants, we cannot parse them back. To work around that, the
parameter field is optional, and will be `None` when an unknown
S2K is parsed. The data is not lost, but stored in the packet
containing the S2K object, so that we can serialize it again.
- Carefully preserve the invariant that we can parse any packet we
can serialize by comparing the serialized form of the packet
fragments containing the S2K and any fields the parameters of
unknown variants bleed into on parsing.
- Unfortunately, this means that S2K on its own no longer
roundtrips. Remove that test accordingly.
|
|
|
|
|
|
|
|
- This allows us to move Keygrip to a different crate.
|
|
- Unlike the `Signature Creation Time` subpacket, there are
legitimate reasons to have multiple `Issuer` subpackets and
`Issuer Fingerprint` subpackets.
- Rename `SubpacketAreas::issuer` to `SubpacketAreas::issuers` and
return all `Issuer` subpackets.
- Likewise, Rename `SubpacketAreas::issuer_fingerprint` to
`SubpacketAreas::issuer_fingerprints` and return all `Issuer
Fingerprint` subpackets.
- Change `sq` to list all issuers. Deduplicate first, however.
|
|
|
|
|
|
- Previously, sq packet dump would often fail without dumping any
packets, even if a prefix of the data could be successfully
parsed.
- To fix this, we need to do two things. First, we need to clone
the packet while it is in the parser *before* we advance the
parser, which could potentially fail. Second, we need to flush
the output once the parser fails.
- Fixes #524.
|
|
- See #525.
|
|
|
|
- `CertBuilder::set_expiration_time` takes an absolute time.
- Most callers use a relative time.
- Internally, we need a relative time (that's what the Key
Expiration Time packet takes).
- Converting the absolute time to a relative time is error prone:
should it be relative to the creation time when called or when
`CertBuilder` is finalized?
- KISS: Change it to just take a relative time.
- To better reflect the new semantics, also change the name to
`CertBuilder::set_validity_period`.
|
|
- This also drops the implementation of PartialOrd since we did not
use it in the key selection after all.
- Fixes #525.
|
|
- Previously, these method withheld information in the EOF case (and
in case of `map` this loss is irrecoverable). Fix this by
returning a Result instead.
|
|
|
|
|
|
|
|
|
|
- Change `sq inspect` to also show whether any secret key material
is encrypted or not.
|
|
- `sq packet dump` only shows information about the secret key
material (whether it is encrypted, and how it is encrypted) when
`--mpis` is specified.
- `--mpis` should only control whether the mpis are printed, not the
summary information.
- Change `sq packet dump` always print the summary information.
|
|
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- Fixes #507.
|
|
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- See #507.
|
|
|
|
- See #498.
|
|
- See #498.
|
|
- See #498.
|
|
- See #498.
|
|
- Implement IntoIter and Deref to &'a [MessageLayer<'a>], drop the
custom iteration structs.
|
|
- Drop `Cert::from_packet_pile`.
- Fixes #462.
|
|
- Rename `Cert::revoked`, `ValidCert::revoked`,
`ValidAmalgamation::revoked`, and `ComponentBundle::revoked` to
revocation_status to more accurately match what it does.
- Don't rename `ValidComponentAmalgamationIter::revoked` or
`ValidKeyAmalgamationIter::revoked`. They don't return the
revocation status; they check whether the key is revoked.
|
|
|
|
|
|
- Add a new constructor that takes headers. This allows us to make
the header argument polymorphic.
|
|
This reverts commit 2e1eec5fe4157a391a13554ff7df3075cfe043cc.
|
|
- Fixes #484.
|
|
- This avoids the partial implementation imitating
std::option::Option, replacing it with std::result::Result.
- As a benefit, std::result::Result is in the prelude, simplifying a
lot of parsing loops.
|
|
|
|
- Writers should be finalized, builders should be built.
|
|
|
|
- `decrypted` implies that the packet was previously encrypted.
However, If we parse a signed-only message, the literal packet was
never encrypted. Provide the inverse predicate instead, which is
less misleading.
|
|
|
|
|
|
To be consistent; we don't use plural forms for modules anywhere else
and Rust always uses singular forms.
|
|
|
|
|
