| Age | Commit message (Collapse) | Author |
|---|
|
- Fixes 9ce7ed2c8f53ece40b7f48d5cb9e7e06e80524e3.
|
|
- Also, make the `date` argument in the LiteralWriter's constructor
optional, and explain what the parameters are for.
|
|
|
|
- In the future, we want to return some summary information about a
parsed packet sequence after the packet sequence is fully parsed.
Currently, PacketParser::next() and PacketParser::recurse()
consume the PacketParser and return None on EOF. Thus, even if
the summary information were stored in the PacketParser, it
becomes inaccessible on EOF.
- This change introduces a new type, PacketParserResult, that
contains either a PacketParser or a PacketParserEOF.
PacketParserEOF is returned on EOF instead of None. Since it is a
struct, it can hold only any information that we want to return to
the caller.
|
|
|
|
- sqv only checked whether an *unvalidated* TPK was wanted; it needs
to double-check that this is really the case after validating the
TPK.
Consider the case where key X is needed to validate a signature
and the keyring contains two keys: Mallory's and Alice's, and both
have key X as a subkey, but the back-sig is only valid for Alice's
key. The current code will use Mallory's key, and the signature
validation will fail. If we had double checked, then we'd have
discarded Mallory's key, and correctly used Alice's.
- To fix this problem, this commit changes the code to use the new
TPKParser::unvalidated_tpk_filter, which is not only simpler to
use, but takes care of this double checking.
|
|
- Instead of giving it a path, just give it a reader. Adjust call site.
|
|
- Also implement 'sq autocrypt decode' to convert an autocrypt
header to an OpenPGP key.
|
|
|
|
|
|
- RFC 4880 defines an OpenPGP message to be a sequence of packets
with a particular structure (Section 11.3;
https://tools.ietf.org/html/rfc4880#section-11.3). Since there is
no term for an unstructured sequence of packets, we invent one.
|
|
|
|
|
|
|
|
- The `BufferedReader` trait is primarily an implementation detail.
Thus, we avoid exporting Foo::from_buffered_reader constructors,
and making public structures generic over `BufferedReader`.
|
|
|
|
- Make --store a top-level flag, and give it the default 'default'.
|
|
- When hex-dumping, add a newline before the hex dump.
- Process PKESK and SKESK packets after the call to 'recurse()'
avoiding the clone.
|
|
|
|
- Also support decryption with any SKESK in sq.
|
|
- Make the naming consistent.
|
|
- Clarify that multiple keyrings can be given, but only accept one
per '--keyring' argument. This lets us use the '--keyring'
argument in the front.
- Simplify by removing superfluous configurations.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Canonicalizing TPKs turned out to be quite expensive, even though
we do not check binding signatures at this point. If we want sqv
to be a drop-in replacement for gpgv, it needs to be able to
handle keyrings with a similar performance.
- This patch builds and canonicalizes TPKs iff we actually need
them, resulting in a performance similar to gpgv.
|
|
|
|
Adds enums for cryptographic and compression algorithms. Functions that
operate on algo identifiers are now member functions (hash_context ->
HashAlgo::context()).
The identifiers support convertions from and to u8 as well as Display.
|
|
- Add support for decrypting messages. For now, only symmetrically
encrypted messages are supported.
|
|
|
|
|
|
|
|
|
|
- We define all types in the root of the openpgp crate, and their
implementations in separate modules. This makes using these types
much simpler, yet keeps the root from getting too crowded.
- Also fix all users accordingly.
|
|
- Do not provide slug when listing entries related to a specific
binding.
|
|
- The failure crate is a young error handling solution for Rust. It
may change the API, but since we pin our dependencies, this should
not be a problem for us, albeit a bit inconvenient.
- Introduction of the crate is a bit noisy, but not as bad as
anticipated, because failure magically handles all errors used in
the standard library.
- Matching on concrete error values requires downcasting before
matching, which seems a bit unidiomatic. This is the cost of
using and "chaining" arbitrary error types. This is something
that may be improved later on in the library or language.
- Having said that, using the error type in the tool was nice. I
did not have to use a downcast, so maybe my worries about
downcasts are unjustified because it is not such a common use case
after all. On the other hand, the tool is quite simple and our
only mode of failure is to print the message.
|
|
- Replace StoreIterItem, BindingIterItem, and KeyIterItem with
tuples.
- Remove binding counts from the items. If such information is
needed, an RPC should be introduced.
- Update all callers.
|
|
- Use time::Timespec instead of std::time::SystemTime in the API.
- Record timestamps of encryptions and verifications.
- Adapt the tool.
|
|
- Move store::backend to its own directory, so that we can put the
store::backend::log module in its own file.
- Implement iterators for retrieving log messages related to stores,
bindings, and keys.
- Use loose coupling of logs and other entities, so that we can
delete either without worrying about the other.
- Add commands to the tool to retrieve logs.
|
|
- Update all keys stored in a store with network policy 'encrypted'
and 'insecure' periodically using the SKS keyserver pool.
- Slightly amend the net::ipc interface so that servers can spawn
futures on the reactor.
- As a background service cannot directly communicate failures, this
patch adds a logging mechanism.
- In sq, display the key update timestamp, and the status of the
last update.
|
|
- It only contains a KeyId type which is redundant relative to KeyID
and it is buggy (e.g., when it converts a Key ID to hex, it drops
any leading zeros).
- Update users to use KeyID instead.
|
|
- Also add corresponding commands to the tool.
|
|
- Also add commands in the tool.
|
|
- The only mutable reference that we need is to the reactor core,
which we store in a RefCell anyway. Requiring mutable references
makes using the store very awkward, because the borrow checker
works on lexical scopes, not dynamic scopes.
|
|
- Add commands to add, import, export keys, and to get binding and
key stats.
|
|
- Implement retrieving and sending keys.
- Improve usage generation to include nested subcommands.
|
