Age | Commit message (Collapse) | Author |
|
- A tuple is just an unnamed, inflexible struct. Use a struct
instead.
- Fixes #400.
|
|
- They can still be used as a convenience, but the documentation
will refer to them as their expanded counterparts.
- This makes the structure of they Key<_, _> type more visible.
|
|
- Now that we eagerly check the syntax, there no longer is the need
for storing Unknown packets there.
|
|
- As of 2524e1aa5fc2419956e7ab14e9fb6554f7c1d350, this variant is no
longer needed.
|
|
- The subpacket areas now have a vector of subpackets. Change some
accessors here and there to accommodate this.
- This requires bit-perfect roundtripping of subpackets so that
signatures are not invalidated.
- First step towards fixing #200.
|
|
|
|
|
|
- This allows us to get rid of another dependency that uses winapi
0.2, the last being mio 0.6 (0.7 is not yet released). In terms
of linkage we still should only link to what we use - no new
Windows API usage introduced here.
|
|
- See #371.
|
|
- See #371.
|
|
|
|
- These are low-level cryptographic traits that are not concerned
with the role of a key.
- Fixes #382.
|
|
- See #359.
|
|
|
|
- Fixes #359.
|
|
- See #359.
|
|
|
|
|
|
|
|
- Fixes #387.
|
|
- Fixes #366.
|
|
- To that end, make VerificationHelper::get_public_keys take
KeyHandles for all the issuers.
|
|
- A signature can contain multiple hints as to who created the
signature. Return all those hints to the caller.
- Adapt all callers accordingly.
- Fixes #264.
|
|
|
|
- Remove Fingerprint::to_keyid, use From instead.
|
|
|
|
- Fixes #381.
|
|
- In sq and sqv, use chrono to interface with the user.
- Fixes #341.
|
|
- Fixes #375.
|
|
- See #375.
|
|
- See #375.
|
|
- See #375.
|
|
- Consider the following scenario: computer A's clock says 9:00.00
and signs and sends a message to computer B. Computer B's clock
says 8:59.59, it receives the message and tries to verify it.
From Computer B's perspective, the signature is not valid, because
it was generated in the future.
- This situation occured, because the two clocks were not completely
synchronized. Unfortunately, a few seconds of clock skew are not
unusual, particularly when dealing with VMs.
- Since it is almost always better to consider such messages as
valid, be tolerant when deciding whether a signature is alive.
|
|
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
|
|
|
|
|
|
|
- Fixes #363.
|
|
- Fixes #362.
|
|
- Return a different `VerificationResult` for signatures that are
not alive (BadSignature) from signatures that are actually
bad (BadCheck).
|
|
- RFC 4880 says that "by convention, [a User ID Packet] includes an
RFC 2822 [RFC2822] mail name-addr." This is not the actual
convention, and attempting to parse User IDs using an RFC 2822
parser means that many common User IDs cannot be parsed.
- Disparities between the actual convention and the stated
convention include:
- Neither users nor the software they use to create keys
correctly quotes User IDs:
- 'Nachname, Vorname <name@example.org>' is not valid, because
it contains an unquoted comma. It should be 'Nachname\,
Vorname <name@example.org>' or '"Nachname, Vorname"
<name@example.org>'. (The same goes for dots, single
quotes, etc.)
- 'user@example.org <user@example.org>' is not valid, because
it contains an unquoted at symbol.
- 'Bj=?utf-8?q?=C3=B6?=rn <bjoern@example.net>' is encoded
using RFC 2047, which is what RFC 2822 mandates when using
non-ASCII characters, but no OpenPGP software would decode
this User ID. In practice, everyone just uses UTF-8 (in
this case: 'Björn <bjoern@example.net>').
- There are many examples of User IDs containing raw email
addresses ('user@example.org'). But, these are not
"name-addr"s. At best, they are RFC 2822 "mailbox"es.
- Some User IDs only contain a name (e.g, "Frank PGP").
- RFC 2822 also includes a lot of complexity that no one uses or
needs. For instance, CFWS (comments and folding whitespace) can
be placed everywhere, and the rules for parsing them are
complex.
- Instead of continuing to bend the RFC 2822 parser to our will, we
instead accept reality.
- This patch replaces the RFC 2822 parser with a significantly
simpler parser, which is based on actual convention (i.e., User
IDs in the wild).
- This parser is based on dkg's mail to the OpenPGP working group
mailing list.
Message-ID: <87woe7zx7o.fsf@fifthhorseman.net>
https://mailarchive.ietf.org/arch/msg/openpgp/wNo27-0STfGR9JZSlC7s6OYOJkI
- This initial version has one notable regression with respect to
the RFC 2822 parser: it doesn't handle User IDs holding URIs.
|
|
|
|
|
|
|
|
|
|
- Fixes #347.
|
|
Newer Rust compilers requre `dyn` marking trait objects.
Signed-off-by: Daniel Silverstone <dsilvers@digital-scurf.org>
|
|
- The primary key is not a binding; it is a single component.
Thus, returning a ComponentBinding is misleading.
- Add methods to the TPK structure to return the direct signatures,
certifications, self revocations, and other revocations.
|
|
- Combine Signature4::signature_alive and
Signature4::signature_alive_at.
- Use an Into<Option<time::Tm>> to distinguish the two previous
cases: the current time (None), and a specific time (a time::Tm).
|
|
- Combine Signature4::signature_expired and
Signature4::signature_expired_at.
- Use an Into<Option<time::Tm>> to distinguish the two previous
cases: the current time (None), and a specific time (a time::Tm).
|