1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
[package]
name = "sequoia-openpgp"
description = "OpenPGP data types and associated machinery"
version = "1.16.0"
authors = [
"Igor Matuszewski <igor@sequoia-pgp.org>",
"Justus Winter <justus@sequoia-pgp.org>",
"Kai Michaelis <kai@sequoia-pgp.org>",
"Neal H. Walfield <neal@sequoia-pgp.org>",
"Nora Widdecke <nora@sequoia-pgp.org>",
"Wiktor Kwapisiewicz <wiktor@sequoia-pgp.org>",
]
build = "build.rs"
documentation = "https://docs.rs/sequoia-openpgp"
autobenches = false
homepage = "https://sequoia-pgp.org/"
repository = "https://gitlab.com/sequoia-pgp/sequoia"
readme = "README.md"
keywords = ["cryptography", "openpgp", "pgp", "encryption", "signing"]
categories = ["cryptography", "authentication", "email"]
license = "LGPL-2.0-or-later"
edition = "2021"
rust-version = "1.60"
[badges]
gitlab = { repository = "sequoia-pgp/sequoia" }
maintenance = { status = "actively-developed" }
[dependencies]
anyhow = "1.0.18"
buffered-reader = { path = "../buffered-reader", version = "1.0.0", default-features = false }
base64 = "0.21"
bzip2 = { version = "0.4", optional = true }
dyn-clone = "1"
flate2 = { version = "1.0.1", optional = true }
idna = ">=0.2, <0.4"
lalrpop-util = ">=0.17, <0.20"
lazy_static = "1.4.0"
libc = "0.2.66"
memsec = { version = ">=0.5, <0.7", default-features = false }
nettle = { version = "7.2.2", optional = true }
once_cell = "1"
regex = "1"
regex-syntax = "0.6"
sha1collisiondetection = { version = "0.2.3", default-features = false, features = ["std"] }
thiserror = "1.0.2"
xxhash-rust = { version = "0.8", features = ["xxh3"] }
# At least 0.10.46 is needed due `no-cast` check:
# https://github.com/sfackler/rust-openssl/blob/master/openssl/CHANGELOG.md
openssl = { version = "0.10.47", optional = true }
# We need to directly depend on the sys crate so that the metadata produced
# in its build script is passed to sequoia-openpgp's build script
# see: https://doc.rust-lang.org/cargo/reference/build-scripts.html#the-links-manifest-key
openssl-sys = { version = "0.9.82", optional = true }
# Botan.
botan = { version = "0.10", optional = true }
# RustCrypto crates.
aes = { version = "0.8", optional = true }
block-padding = { version = "0.3", optional = true }
blowfish = { version = "0.9", optional = true }
cast5 = { version = "0.11", optional = true }
cipher = { version = "0.4", optional = true, features = ["std"] }
cfb-mode = { version = "0.8", optional = true }
des = { version = "0.8", optional = true }
digest = { version = "0.10", optional = true }
eax = { version = "0.5", optional = true }
ecb = { version = "0.1", optional = true }
ecdsa = { version = "0.16", optional = true, features = ["hazmat", "arithmetic"] } # XXX
# We don't directly use ed25519, but ed25519-dalek reexports it and we need the std feature.
ed25519 = { version = "1", default-features = false, features = ["std"], optional = true }
ed25519-dalek = { version = "1", default-features = false, features = ["rand", "u64_backend"], optional = true }
generic-array = { version = "0.14.4", optional = true }
idea = { version = "0.5", optional = true }
md-5 = { version = "0.10", features = ["oid"], optional = true }
num-bigint-dig = { version = "0.8", default-features = false, optional = true }
p256 = { version = "0.13", optional = true, features = ["ecdh", "ecdsa"] }
# XXX: ed25519-dalek 1.0.1 depends on rand 0.7 and doesn't reexport it.
# https://github.com/dalek-cryptography/ed25519-dalek/blob/1.0.1/Cargo.toml#L28
rand07 = { package = "rand", version = "0.7.3", optional = true }
rand = { package = "rand", version = "0.8", optional = true }
rand_core = { version = "0.6", optional = true }
ripemd = { version = "0.1", features = ["oid"], optional = true }
rsa = { version = "0.9.0", optional = true }
sha-1 = { version = "0.10", features = ["oid"], optional = true }
sha2 = { version = "0.10", features = ["oid"], optional = true }
twofish = { version = "0.7", optional = true }
typenum = { version = "1.12.0", optional = true }
# XXX: x25519-dalek-ng is a fork of x25519-dalek shortly before its
# last release. The latest stable release of x25519-dalek depends on
# zeroize =1.3, which is a problem, because other crates, like rsa,
# depend on newer versions of zeroize. Thus, depending on
# x25519-dalek prevents us from updating those crates. Although this
# problem is known for over two years (as of April 2023), upstream
# hasn't fixed it. The x25519-dalek-ng fork, however, has.
# Unfortunately, it is not actively developed. So we use
# x25519-dalek-ng for now. Medium term, we should find a replacement
# for this crate, or switch back to x25519-dalek if it becomes after
# again.
x25519-dalek-ng = { version = "1", optional = true }
[target.'cfg(windows)'.dependencies]
# win-crypt-ng 0.5.1 depends on version 0.5 or 0.6 of rand_core.
# ed25519-dalek requires version 0.5 of rand_core. cargo is happy to
# pull in rand_core 0.6 when compiling win-crypt-ng and 0.5 when
# compiling ed25519-dalek.
#
# This is a problem. We use a function from ed25519-dalek that takes
# a parameter that has to implement traits defined by rand_core 0.5.
# We pass it an object returned from win-crypt-ng. When win-crypt-ng
# uses rand_core 0.6, the types are incompatible. cargo does not have
# a way to expression this type of dependency (ed25519-dalek and
# win-crypto-ng must use the same version of rand_core).
#
# To work around this limitation, we force the use of version 0.5.0 of
# win-crypt-ng. It only allows version 0.5.0 of rand_core.
#
# See https://gitlab.com/sequoia-pgp/sequoia/-/issues/1052 .
win-crypto-ng = { version = ">=0.4, <0.5.1", features = ["rand", "block-cipher"], optional = true }
winapi = { version = "0.3.8", default-features = false, features = ["bcrypt"], optional = true }
[target.'cfg(all(target_arch = "wasm32", target_os = "unknown"))'.dependencies]
chrono = { version = "0.4.10", default-features = false, features = ["std", "wasmbind"] }
getrandom = { version = "0.2", features = ["js"] }
rand07 = { package = "rand", version = "0.7", features = ["wasm-bindgen"] }
[build-dependencies]
lalrpop = { version = ">=0.17, <0.20", default-features = false }
[dev-dependencies]
quickcheck = { version = "1", default-features = false }
rand = { version = "0.8" }
rpassword = "6.0"
criterion = { version = "0.4", features = ["html_reports"] }
[features]
default = ["compression", "crypto-nettle&qu
|
