| Age | Commit message (Collapse) | Author |
|---|
|
Cargo features are inherently additive, which means that if:
- package A walts to build package C with features ABC,
- package B walts to build package C with features BCD,
the package C will be built with *both* ABC and BCD enabled.
There is currently no way to specify mutually exclusive features
and these have to be implemented using existing, additive, ones.
That's problematic for us, because currently the cryptographic
backend in sequoia-openpgp is selected globally at build-time and
thus at most one can be selected for the compilation to succeed.
It's worth noting that we can't use Cargo build scripts to emit
the `--cfg`-passing [directive] because it does *not* affect
Cargo's dependency resolution and that's needed in order to skip
unbuildable backends on certain OSes (e.g. nettle when using Windows MSVC ABI).
To allow for other local crates, most notably sequoia-openpgp-ffi, to
build with different backends, we expose and forward any features that
may be used by the crates they transitively depend on.
At the time of writing, these different features seem to be implemented:
- buffered-reader: compression support
- openpgp: compression support and cryptographic backend
- store: background-services feature
[directive](https://doc.rust-lang.org/cargo/reference/build-scripts.html#cargorustc-cfgkeyvalue)
|
|
|
|
|
|
|
|
|
|
|
|
- The former remembers the file's path and includes it in error
messages.
|
|
- An unknown packet is unknown either because we don't understand
the packet's type or we understand the type, but we don't support
the particular version, e.g., v3 keys.
- Improve 'sq packet dump''s description accordingly.
|
|
|
|
- This mirrors how we handle other unknown variants. However, since
we do not know the length of the parameters for unknown S2K
variants, we cannot parse them back. To work around that, the
parameter field is optional, and will be `None` when an unknown
S2K is parsed. The data is not lost, but stored in the packet
containing the S2K object, so that we can serialize it again.
- Carefully preserve the invariant that we can parse any packet we
can serialize by comparing the serialized form of the packet
fragments containing the S2K and any fields the parameters of
unknown variants bleed into on parsing.
- Unfortunately, this means that S2K on its own no longer
roundtrips. Remove that test accordingly.
|
|
|
|
|
|
|
|
- This allows us to move Keygrip to a different crate.
|
|
- Unlike the `Signature Creation Time` subpacket, there are
legitimate reasons to have multiple `Issuer` subpackets and
`Issuer Fingerprint` subpackets.
- Rename `SubpacketAreas::issuer` to `SubpacketAreas::issuers` and
return all `Issuer` subpackets.
- Likewise, Rename `SubpacketAreas::issuer_fingerprint` to
`SubpacketAreas::issuer_fingerprints` and return all `Issuer
Fingerprint` subpackets.
- Change `sq` to list all issuers. Deduplicate first, however.
|
|
|
|
|
|
- Previously, sq packet dump would often fail without dumping any
packets, even if a prefix of the data could be successfully
parsed.
- To fix this, we need to do two things. First, we need to clone
the packet while it is in the parser *before* we advance the
parser, which could potentially fail. Second, we need to flush
the output once the parser fails.
- Fixes #524.
|
|
- See #525.
|
|
|
|
- `CertBuilder::set_expiration_time` takes an absolute time.
- Most callers use a relative time.
- Internally, we need a relative time (that's what the Key
Expiration Time packet takes).
- Converting the absolute time to a relative time is error prone:
should it be relative to the creation time when called or when
`CertBuilder` is finalized?
- KISS: Change it to just take a relative time.
- To better reflect the new semantics, also change the name to
`CertBuilder::set_validity_period`.
|
|
|
|
- This also drops the implementation of PartialOrd since we did not
use it in the key selection after all.
- Fixes #525.
|
|
- Previously, these method withheld information in the EOF case (and
in case of `map` this loss is irrecoverable). Fix this by
returning a Result instead.
|
|
|
|
|
|
|
|
|
|
- Add explicit build-release and install targets.
- Explicitly build the crates.
- Move installation to the crate's Makefile.
- This allows building of Sequoia's individual parts, e.g. by using
'make -Copenpgp-ffi install'.
|
|
|
|
- Change `sq inspect` to also show whether any secret key material
is encrypted or not.
|
|
- `sq packet dump` only shows information about the secret key
material (whether it is encrypted, and how it is encrypted) when
`--mpis` is specified.
- `--mpis` should only control whether the mpis are printed, not the
summary information.
- Change `sq packet dump` always print the summary information.
|
|
|
|
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- Fixes #507.
|
|
- Returning rich errors from this function may compromise secret key
material due to Bleichenbacher-style attacks. Change the API to
prevent this.
- Hat tip to Hanno Böck.
- See #507.
|
|
|
|
- See #498.
|
|
- See #498.
|
|
- See #498.
|
|
- See #498.
|
|
- Implement IntoIter and Deref to &'a [MessageLayer<'a>], drop the
custom iteration structs.
|
|
- Drop `Cert::from_packet_pile`.
- Fixes #462.
|
|
- Rename `Cert::revoked`, `ValidCert::revoked`,
`ValidAmalgamation::revoked`, and `ComponentBundle::revoked` to
revocation_status to more accurately match what it does.
- Don't rename `ValidComponentAmalgamationIter::revoked` or
`ValidKeyAmalgamationIter::revoked`. They don't return the
revocation status; they check whether the key is revoked.
|
|
|
|
|
|
- Add a new constructor that takes headers. This allows us to make
the header argument polymorphic.
|
|
This reverts commit 2e1eec5fe4157a391a13554ff7df3075cfe043cc.
|
|
- Fixes #484.
|
|
- This avoids the partial implementation imitating
std::option::Option, replacing it with std::result::Result.
- As a benefit, std::result::Result is in the prelude, simplifying a
lot of parsing loops.
|
|
|
