diff --git a/Cargo.lock b/Cargo.lock index 49bba9ce..50a17770 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -91,6 +91,18 @@ dependencies = [ "x11rb", ] +[[package]] +name = "argon2" +version = "0.5.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "3c3610892ee6e0cbce8ae2700349fcf8f98adb0dbfbee85aec3c9179d29cc072" +dependencies = [ + "base64ct", + "blake2", + "cpufeatures", + "password-hash", +] + [[package]] name = "arraydeque" version = "0.5.1" @@ -171,6 +183,12 @@ version = "0.22.1" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "72b3254f16251a8381aa12e40e3c4d2f0199f8c6508fbecb9d91f575e0fbb8c6" +[[package]] +name = "base64ct" +version = "1.7.3" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "89e25b6adfb930f02d1981565a6e5d9c547ac15a96606256d3b59040e5cd4ca3" + [[package]] name = "bindgen" version = "0.70.1" @@ -234,6 +252,15 @@ dependencies = [ "serde", ] +[[package]] +name = "blake2" +version = "0.10.6" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "46502ad458c9a52b69d4d4d32775c788b7a1b85e8bc9d482d92250fc0e3f8efe" +dependencies = [ + "digest", +] + [[package]] name = "block" version = "0.1.6" @@ -394,9 +421,9 @@ dependencies = [ [[package]] name = "cc" -version = "1.2.16" +version = "1.2.17" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "be714c154be609ec7f5dad223a33bf1482fff90472de28f7362806e6d4832b8c" +checksum = "1fcb57c740ae1daf453ae85f16e37396f672b039e00d9d866e07ddb24e328e3a" dependencies = [ "jobserver", "libc", @@ -498,18 +525,18 @@ dependencies = [ [[package]] name = "clap" -version = "4.5.32" +version = "4.5.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6088f3ae8c3608d19260cd7445411865a485688711b78b5be70d78cd96136f83" +checksum = "e958897981290da2a852763fe9cdb89cd36977a5d729023127095fa94d95e2ff" dependencies = [ "clap_builder", ] [[package]] name = "clap_builder" -version = "4.5.32" +version = "4.5.34" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "22a7ef7f676155edfb82daa97f99441f3ebf4a58d5e32f295a56259f1b6facc8" +checksum = "83b0f35019843db2160b5bb19ae09b4e6411ac33fc6a712003c33e03090e2489" dependencies = [ "anstyle", "clap_lex", @@ -856,9 +883,9 @@ checksum = "ef8ae57c4978a2acd8b869ce6b9ca1dfe817bff704c220209fdef2c0b75a01b9" [[package]] name = "darling" -version = "0.20.10" +version = "0.20.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6f63b86c8a8826a49b8c21f08a2d07338eec8d900540f8630dc76284be802989" +checksum = "fc7f46116c46ff9ab3eb1597a45688b6715c6e628b5c133e288e709a29bcb4ee" dependencies = [ "darling_core", "darling_macro", @@ -866,9 +893,9 @@ dependencies = [ [[package]] name = "darling_core" -version = "0.20.10" +version = "0.20.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "95133861a8032aaea082871032f5815eb9e98cef03fa916ab4500513994df9e5" +checksum = "0d00b9596d185e565c2207a0b01f8bd1a135483d02d9b7b0a54b11da8d53412e" dependencies = [ "fnv", "ident_case", @@ -879,9 +906,9 @@ dependencies = [ [[package]] name = "darling_macro" -version = "0.20.10" +version = "0.20.11" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d336a2a514f6ccccaa3e09b02d41d35330c07ddf03a62165fcec10bb561c7806" +checksum = "fc34b93ccb385b40dc71c6fceac4b2ad23662c7eeb248cf10d529b7e055b6ead" dependencies = [ "darling_core", "quote", @@ -890,9 +917,9 @@ dependencies = [ [[package]] name = "deranged" -version = "0.4.0" +version = "0.4.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9c9e6a11ca8224451684bc0d7d5a7adbf8f2fd6887261a1cfc3c0432f9d4068e" +checksum = "28cfac68e08048ae1883171632c2aef3ebc555621ae56fbccce1cbf22dd7f058" dependencies = [ "powerfmt", ] @@ -1963,14 +1990,15 @@ dependencies = [ [[package]] name = "iana-time-zone" -version = "0.1.61" +version = "0.1.62" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "235e081f3925a06703c2d0117ea8b91f042756fd6e7a6e5d901e8ca1a996b220" +checksum = "b2fd658b06e56721792c5df4475705b6cda790e9298d19d2f8af083457bcd127" dependencies = [ "android_system_properties", "core-foundation-sys", "iana-time-zone-haiku", "js-sys", + "log", "wasm-bindgen", "windows-core", ] @@ -2025,9 +2053,9 @@ dependencies = [ [[package]] name = "icu_locid_transform_data" -version = "1.5.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fdc8ff3388f852bede6b579ad4e978ab004f139284d7b28715f773507b946f6e" +checksum = "7515e6d781098bf9f7205ab3fc7e9709d34554ae0b21ddbcb5febfa4bc7df11d" [[package]] name = "icu_normalizer" @@ -2049,9 +2077,9 @@ dependencies = [ [[package]] name = "icu_normalizer_data" -version = "1.5.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "f8cafbf7aa791e9b22bec55a167906f9e1215fd475cd22adfcf660e03e989516" +checksum = "c5e8338228bdc8ab83303f16b797e177953730f601a96c25d10cb3ab0daa0cb7" [[package]] name = "icu_properties" @@ -2070,9 +2098,9 @@ dependencies = [ [[package]] name = "icu_properties_data" -version = "1.5.0" +version = "1.5.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "67a8effbc3dd3e4ba1afa8ad918d5684b8868b3b26500753effea8d2eed19569" +checksum = "85fb8799753b75aee8d2a21d7c14d9f38921b54b3dbda10f5a3c7a7b82dba5e2" [[package]] name = "icu_provider" @@ -2131,9 +2159,9 @@ dependencies = [ [[package]] name = "image" -version = "0.25.5" +version = "0.25.6" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "cd6f44aed642f18953a158afeb30206f4d50da59fbc66ecb53c66488de73563b" +checksum = "db35664ce6b9810857a38a906215e75a9c879f0696556a39f59c62829710251a" dependencies = [ "bytemuck", "byteorder-lite", @@ -2325,9 +2353,9 @@ checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe" [[package]] name = "libadwaita" -version = "0.7.1" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8611ee9fb85e7606c362b513afcaf5b59853f79e4d98caaaf581d99465014247" +checksum = "500135d29c16aabf67baafd3e7741d48e8b8978ca98bac39e589165c8dc78191" dependencies = [ "gdk4", "gio", @@ -2340,9 +2368,9 @@ dependencies = [ [[package]] name = "libadwaita-sys" -version = "0.7.1" +version = "0.7.2" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "b099a223560118d4d4fa04b6d23f3ea5b7171fe1d83dfb7e6b45b54cdfc83af9" +checksum = "6680988058c2558baf3f548a370e4e78da3bf7f08469daa822ac414842c912db" dependencies = [ "gdk4-sys", "gio-sys", @@ -2475,9 +2503,9 @@ dependencies = [ [[package]] name = "log" -version = "0.4.26" +version = "0.4.27" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "30bde2b3dc3671ae49d8e2e9f044c7c005836e7a023ee57cffa25ab82764bb9e" +checksum = "13dc2df351e3202783a1fe0d44375f7295ffb4049267b0f3018346dc122a1d94" [[package]] name = "malloc_buf" @@ -2848,9 +2876,9 @@ dependencies = [ [[package]] name = "once_cell" -version = "1.21.1" +version = "1.21.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "d75b0bedcc4fe52caa0e03d9f1151a323e4aa5e2d78ba3580400cd3c9e2bc4bc" +checksum = "42f5e15c9953c5e4ccceeb2e7382a716482c34515315f7b03532b8b4e8393d2d" [[package]] name = "oorandom" @@ -2975,6 +3003,17 @@ dependencies = [ "windows-targets 0.52.6", ] +[[package]] +name = "password-hash" +version = "0.5.0" +source = "registry+https://github.com/rust-lang/crates.io-index" +checksum = "346f04948ba92c43e8469c1ee6736c7563d71012b17d40745260fe106aac2166" +dependencies = [ + "base64ct", + "rand_core", + "subtle", +] + [[package]] name = "pathdiff" version = "0.2.3" @@ -2989,9 +3028,9 @@ checksum = "e3148f5046208a5d56bcfc03053e3ca6334e51da8dfb19b6cdc8b306fae3283e" [[package]] name = "pest" -version = "2.7.15" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "8b7cafe60d6cf8e62e1b9b2ea516a089c008945bb5a275416789e7db0bc199dc" +checksum = "198db74531d58c70a361c42201efde7e2591e976d518caf7662a47dc5720e7b6" dependencies = [ "memchr", "thiserror 2.0.12", @@ -3000,9 +3039,9 @@ dependencies = [ [[package]] name = "pest_derive" -version = "2.7.15" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "816518421cfc6887a0d62bf441b6ffb4536fcc926395a69e1a85852d4363f57e" +checksum = "d725d9cfd79e87dccc9341a2ef39d1b6f6353d68c4b33c177febbe1a402c97c5" dependencies = [ "pest", "pest_generator", @@ -3010,9 +3049,9 @@ dependencies = [ [[package]] name = "pest_generator" -version = "2.7.15" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "7d1396fd3a870fc7838768d171b4616d5c91f6cc25e377b673d714567d99377b" +checksum = "db7d01726be8ab66ab32f9df467ae8b1148906685bbe75c82d1e65d7f5b3f841" dependencies = [ "pest", "pest_meta", @@ -3023,9 +3062,9 @@ dependencies = [ [[package]] name = "pest_meta" -version = "2.7.15" +version = "2.8.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e1e58089ea25d717bfd31fb534e4f3afcc2cc569c70de3e239778991ea3b7dea" +checksum = "7f9f832470494906d1fca5329f8ab5791cc60beb230c74815dff541cbd2b5ca0" dependencies = [ "once_cell", "pest", @@ -3132,7 +3171,7 @@ version = "0.2.21" source = "registry+https://github.com/rust-lang/crates.io-index" checksum = "85eae3c4ed2f50dcfe72643da4befc30deadb458a9b590d720cde2f2b1e97da9" dependencies = [ - "zerocopy 0.8.23", + "zerocopy 0.8.24", ] [[package]] @@ -3161,9 +3200,9 @@ dependencies = [ [[package]] name = "quick-xml" -version = "0.37.2" +version = "0.37.3" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "165859e9e55f79d67b96c5d96f4e88b6f2695a1972849c15a6a3f5c59fc2c003" +checksum = "bf763ab1c7a3aa408be466efc86efe35ed1bd3dd74173ed39d6b0d0a6f0ba148" dependencies = [ "memchr", ] @@ -3509,9 +3548,9 @@ checksum = "917ce264624a4b4db1c364dcc35bfca9ded014d0a958cd47ad3e960e988ea51c" [[package]] name = "rustls-webpki" -version = "0.103.0" +version = "0.103.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "0aa4eeac2588ffff23e9d7a7e9b3f971c5fb5b7ebc9452745e0c232c64f83b2f" +checksum = "fef8b8769aaccf73098557a87cd1816b4f9c7c16811c9c77142aa695c16f2c03" dependencies = [ "ring", "rustls-pki-types", @@ -3585,9 +3624,9 @@ checksum = "56e6fa9c48d24d85fb3de5ad847117517440f6beceb7798af16b4a87d616b8d0" [[package]] name = "sequoia-gpg-agent" -version = "0.5.1" +version = "0.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "10a28bcdf6c4ab432b1bf572c8cbde6b5d9fd951ca70f7ca5447c86e355777c8" +checksum = "c7f01803c82bdada34baa0f049e523c77b446ee347035df239a1f890c5d70c48" dependencies = [ "anyhow", "chrono", @@ -3599,32 +3638,30 @@ dependencies = [ "sequoia-openpgp", "stfu8", "tempfile", - "thiserror 1.0.69", + "thiserror 2.0.12", "tokio", ] [[package]] name = "sequoia-ipc" -version = "0.35.1" +version = "0.36.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "89aecb8a95233361c172546b037e0ea4c63b0dacbaeb52a25bcf1dddf78a3ee3" +checksum = "c92579bbd37f62bbcc41e4dce7771fea395037bebaf9b8e10c20b765be8280ab" dependencies = [ "anyhow", - "buffered-reader", "capnp-rpc", "ctor", "dirs", "fs2", "lalrpop 0.20.2", "lalrpop-util 0.20.2", - "lazy_static", "libc", "memsec", "rand", "sequoia-openpgp", "socket2", "tempfile", - "thiserror 1.0.69", + "thiserror 2.0.12", "tokio", "tokio-util", "winapi", @@ -3632,11 +3669,12 @@ dependencies = [ [[package]] name = "sequoia-openpgp" -version = "1.22.0" +version = "2.0.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "e858e4e9e48ff079cede92e1b45c942a5466ce9a4e3cc0c2a7e66586a718ef59" +checksum = "015e5fc3d023418b9db98ca9a7f3e90b305872eeafe5ca45c5c32b5eb335c1e8" dependencies = [ "anyhow", + "argon2", "base64 0.22.1", "buffered-reader", "bzip2", @@ -3647,15 +3685,13 @@ dependencies = [ "idna", "lalrpop 0.20.2", "lalrpop-util 0.20.2", - "lazy_static", "libc", "memsec", "nettle", - "once_cell", "regex", "regex-syntax", "sha1collisiondetection", - "thiserror 1.0.69", + "thiserror 2.0.12", "xxhash-rust", ] @@ -3819,9 +3855,9 @@ checksum = "7fcf8323ef1faaee30a44a340193b1ac6814fd9b7b4e88e9d4519a3e4abe1cfd" [[package]] name = "socket2" -version = "0.5.8" +version = "0.5.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "c970269d99b64e60ec3bd6ad27270092a5394c4e309314b18ae3fe575695fbe8" +checksum = "4f5fd57c80058a56cf5c777ab8a126398ece8e442983605d280a44ce79d0edef" dependencies = [ "libc", "windows-sys 0.52.0", @@ -3847,9 +3883,9 @@ checksum = "e51f1e89f093f99e7432c491c382b88a6860a5adbe6bf02574bf0a08efff1978" [[package]] name = "string_cache" -version = "0.8.8" +version = "0.8.9" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "938d512196766101d333398efde81bc1f37b00cb42c2f8350e5df639f040bbbe" +checksum = "bf776ba3fa74f83bf4b63c3dcbbf82173db2632ed8452cb2d891d33f459de70f" dependencies = [ "new_debug_unreachable", "parking_lot", @@ -3960,9 +3996,9 @@ checksum = "61c41af27dd6d1e27b1b16b489db798443478cef1f06a660c96db617ba5de3b1" [[package]] name = "tempfile" -version = "3.19.0" +version = "3.19.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "488960f40a3fd53d72c2a29a58722561dee8afdd175bd88e3db4677d7b2ba600" +checksum = "7437ac7763b9b123ccf33c338a5cc1bac6f69b45a136c19bdd8a65e3916435bf" dependencies = [ "fastrand", "getrandom 0.3.2", @@ -4055,9 +4091,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.40" +version = "0.3.41" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "9d9c75b47bdff86fa3334a3db91356b8d7d86a9b839dab7d0bdc5c3d3a077618" +checksum = "8a7619e19bc266e0f9c5e6686659d394bc57973859340060a69221e57dbc0c40" dependencies = [ "deranged", "itoa", @@ -4078,9 +4114,9 @@ checksum = "c9e9a38711f559d9e3ce1cdb06dd7c5b8ea546bc90052da6d06bb76da74bb07c" [[package]] name = "time-macros" -version = "0.2.21" +version = "0.2.22" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "29aa485584182073ed57fd5004aa09c371f021325014694e432313345865fd04" +checksum = "3526739392ec93fd8b359c8e98514cb3e8e021beb4e5f597b00a0221f8ed8a49" dependencies = [ "num-conv", "time-core", @@ -4590,9 +4626,9 @@ checksum = "53a85b86a771b1c87058196170769dd264f66c0782acf1ae6cc51bfd64b39082" [[package]] name = "whoami" -version = "1.5.2" +version = "1.6.0" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "372d5b87f58ec45c384ba03563b03544dc5fadc3983e434b286913f5b4a9bb6d" +checksum = "6994d13118ab492c3c80c1f81928718159254c53c472bf9ce36f8dae4add02a7" dependencies = [ "redox_syscall", "wasite", @@ -4996,9 +5032,9 @@ checksum = "fdd20c5420375476fbd4394763288da7eb0cc0b8c11deed431a91562af7335d3" [[package]] name = "yaml-rust2" -version = "0.10.0" +version = "0.10.1" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "232bdb534d65520716bef0bbb205ff8f2db72d807b19c0bc3020853b92a0cd4b" +checksum = "818913695e83ece1f8d2a1c52d54484b7b46d0f9c06beeb2649b9da50d9b512d" dependencies = [ "arraydeque", "encoding_rs", @@ -5040,11 +5076,11 @@ dependencies = [ [[package]] name = "zerocopy" -version = "0.8.23" +version = "0.8.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "fd97444d05a4328b90e75e503a34bad781f14e28a823ad3557f0750df1ebcbc6" +checksum = "2586fea28e186957ef732a5f8b3be2da217d65c5969d4b1e17f973ebbe876879" dependencies = [ - "zerocopy-derive 0.8.23", + "zerocopy-derive 0.8.24", ] [[package]] @@ -5060,9 +5096,9 @@ dependencies = [ [[package]] name = "zerocopy-derive" -version = "0.8.23" +version = "0.8.24" source = "registry+https://github.com/rust-lang/crates.io-index" -checksum = "6352c01d0edd5db859a63e2605f4ea3183ddbd15e2c4a9e7d32184df75e4f154" +checksum = "a996a8f63c5c4448cd959ac1bab0aaa3306ccfd060472f85943ee0750f0169be" dependencies = [ "proc-macro2", "quote", diff --git a/Cargo.toml b/Cargo.toml index 7c99afab..f5762186 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -20,9 +20,9 @@ toml = "0.8" reqwest = { version = "0.12", features = ["blocking"] } hex = "0.4" totp-rs = { version = "5", features = ["otpauth"] } -sequoia-openpgp = "1" +sequoia-openpgp = "2" anyhow = "1" -sequoia-gpg-agent = "0.5" +sequoia-gpg-agent = "0.6" zeroize = { version = "1", features = ["zeroize_derive", "alloc"] } [dependencies.config] diff --git a/src/crypto.rs b/src/crypto.rs index 4c84de98..5b48c611 100644 --- a/src/crypto.rs +++ b/src/crypto.rs @@ -10,7 +10,7 @@ use std::{ use hex::FromHex; use sequoia_openpgp::{ - Cert, KeyHandle, + Cert, Fingerprint, KeyHandle, KeyID, crypto::SessionKey, parse::{ Parse, @@ -22,7 +22,7 @@ use sequoia_openpgp::{ policy::Policy, serialize::{ Serialize, - stream::{Armorer, Encryptor2, LiteralWriter, Message, Signer}, + stream::{Armorer, Encryptor, LiteralWriter, Message, Signer}, }, types::{RevocationStatus, SymmetricAlgorithm}, }; @@ -443,7 +443,7 @@ struct Helper<'a> { /// A sequoia policy to use in various operations policy: &'a dyn Policy, /// the users cert - secret: Option<&'a Cert>, + secret: Option>, /// all certs key_ring: &'a HashMap<[u8; 20], Arc>, /// This is all the certificates that are allowed to sign something @@ -461,7 +461,7 @@ impl VerificationHelper for Helper<'_> { for handle in handles { for cert in &self.public_keys { for c in cert.keys() { - if c.key_handle().aliases(handle) { + if c.key().keyid().aliases(handle) { certs.push(cert.as_ref().clone()); } } @@ -489,61 +489,83 @@ impl VerificationHelper for Helper<'_> { fn find( key_ring: &HashMap<[u8; 20], Arc>, - recipient: &sequoia_openpgp::KeyID, + recipient: &Option, ) -> Result> { - let bytes: &[u8; 8] = match recipient { - sequoia_openpgp::KeyID::V4(bytes) => bytes, - _ => return Err(Error::Generic("not an v4 keyid")), - }; + let recipient = recipient.as_ref().ok_or(Error::Generic("No recipient"))?; - for (key, value) in key_ring { - if key[0..8] == *bytes { - return Ok(value.clone()); + match recipient { + KeyHandle::Fingerprint(fpr) => { + match fpr { + Fingerprint::V6(_v6) => { + return Err(Error::Generic("v6 keys not supported yet")); + } + Fingerprint::V4(v4) => { + for (key, value) in key_ring { + if key == v4 { + return Ok(value.clone()); + } + } + } + Fingerprint::Unknown { .. } => { + return Err(Error::Generic("unknown fingerprint version")); + } + _ => {} + }; } + KeyHandle::KeyID(key_id) => match key_id { + KeyID::Long(bytes) => { + for (key, value) in key_ring { + if key[0..8] == *bytes { + return Ok(value.clone()); + } + } + } + KeyID::Invalid(_) => { + return Err(Error::Generic("Invalid key ID")); + } + _ => {} + }, } Err(Error::Generic("key not found in keyring")) } impl DecryptionHelper for Helper<'_> { - fn decrypt( + fn decrypt( &mut self, pkesks: &[sequoia_openpgp::packet::PKESK], _skesks: &[sequoia_openpgp::packet::SKESK], sym_algo: Option, - mut decrypt: D, - ) -> sequoia_openpgp::Result> - where - D: FnMut(SymmetricAlgorithm, &SessionKey) -> bool, - { + decrypt: &mut dyn FnMut(Option, &SessionKey) -> bool, + ) -> sequoia_openpgp::Result> { if self.secret.is_none() { // we don't know which key is the users own key, so lets try them all - - let mut selected_fingerprint: Option = None; + let mut selected_fingerprint: Option> = None; for pkesk in pkesks { - if let Ok(cert) = find(self.key_ring, pkesk.recipient()) { - let key = cert.primary_key(); + if let Ok(cert) = find(self.key_ring, &pkesk.recipient()) { + let key = cert.primary_key().key(); let mut pair = sequoia_gpg_agent::KeyPair::new_for_gnupg_context( self.ctx .as_ref() .ok_or_else(|| anyhow::anyhow!("no context configured"))?, - &*key, + key, )?; if pkesk .decrypt(&mut pair, sym_algo) .is_some_and(|(algo, session_key)| decrypt(algo, &session_key)) { - selected_fingerprint = Some(cert.fingerprint()); + selected_fingerprint = Some(cert); break; } } } - return Ok(selected_fingerprint); + return Ok(selected_fingerprint.map(|f| f.as_ref().clone())); } // The encryption key is the first and only subkey. let key = self .secret + .as_ref() .ok_or_else(|| anyhow::anyhow!("no user secret"))? .keys() .unencrypted_secret() @@ -564,9 +586,11 @@ impl DecryptionHelper for Helper<'_> { .unwrap_or(false) { return Ok(Some( - self.secret - .ok_or_else(|| anyhow::anyhow!("no user secret"))? - .fingerprint(), + (*self + .secret + .clone() + .ok_or_else(|| anyhow::anyhow!("no user secret"))?) + .clone(), )); } } @@ -597,7 +621,10 @@ pub struct SequoiaKey { impl Key for SequoiaKey { fn user_id_names(&self) -> Vec { - self.cert.userids().map(|ui| ui.to_string()).collect() + self.cert + .userids() + .map(|ui| ui.userid().to_string()) + .collect() } fn fingerprint(&self) -> Result<[u8; 20]> { @@ -743,7 +770,7 @@ impl Crypto for Sequoia { // decryptor. let helper = Helper { policy: &p, - secret: Some(decrypt_key), + secret: Some(decrypt_key.clone()), key_ring: &self.key_ring, public_keys: vec![], ctx: None, @@ -764,7 +791,7 @@ impl Crypto for Sequoia { // decryptor. let helper = Helper { policy: &p, - secret: Some(decrypt_key), + secret: Some(decrypt_key.clone()), key_ring: &self.key_ring, public_keys: vec![], ctx: Some( @@ -810,7 +837,7 @@ impl Crypto for Sequoia { let message = Message::new(&mut sink); // We want to encrypt a literal data packet. - let message = Encryptor2::for_recipients(message, recipient_keys).build()?; + let message = Encryptor::for_recipients(message, recipient_keys).build()?; // Emit a literal data packet. let mut message = LiteralWriter::new(message).build()?; @@ -862,7 +889,7 @@ impl Crypto for Sequoia { .build()?; // We want to sign a literal data packet. - let mut message = Signer::new(message, keypair).detached().build()?; + let mut message = Signer::new(message, keypair)?.detached().build()?; // Sign the data. message.write_all(to_sign.as_bytes())?; diff --git a/src/tests/crypto.rs b/src/tests/crypto.rs index 2754f73f..5487be0a 100644 --- a/src/tests/crypto.rs +++ b/src/tests/crypto.rs @@ -80,7 +80,7 @@ pub fn new_one_cert() { .next() .unwrap() .userid() - .email2() + .email() .unwrap() .unwrap() ); diff --git a/src/tests/pass.rs b/src/tests/pass.rs index bf97ecff..e8fca627 100644 --- a/src/tests/pass.rs +++ b/src/tests/pass.rs @@ -1850,7 +1850,11 @@ fn sign(to_sign: &str, tsk: &sequoia_openpgp::Cert) -> String { .unwrap(); // We want to sign a literal data packet. - let mut message = Signer::new(message, keypair).detached().build().unwrap(); + let mut message = Signer::new(message, keypair) + .unwrap() + .detached() + .build() + .unwrap(); // Sign the data. message.write_all(to_sign.as_bytes()).unwrap(); diff --git a/src/tests/test_helpers.rs b/src/tests/test_helpers.rs index 78da9553..12ab0495 100644 --- a/src/tests/test_helpers.rs +++ b/src/tests/test_helpers.rs @@ -7,6 +7,9 @@ use std::{ use flate2::read::GzDecoder; use hex::FromHex; +use sequoia_openpgp::crypto::SessionKey; +use sequoia_openpgp::packet::UserID; +use sequoia_openpgp::types::SymmetricAlgorithm; use sequoia_openpgp::{ Cert, KeyHandle, KeyID, cert::CertBuilder, @@ -301,7 +304,7 @@ pub fn recipient_alex_old() -> Recipient { } pub fn recipient_from_cert(cert: &Cert) -> Recipient { Recipient { - name: String::from_utf8(cert.userids().next().unwrap().value().to_vec()).unwrap(), + name: String::from_utf8(cert.userids().next().unwrap().userid().value().to_vec()).unwrap(), comment: Comment { pre_comment: None, post_comment: None, @@ -322,7 +325,7 @@ pub fn append_file_name(file: &Path) -> PathBuf { } pub fn generate_sequoia_cert(email: &str) -> Cert { - let (cert, _) = CertBuilder::general_purpose(None, Some(email)) + let (cert, _) = CertBuilder::general_purpose([UserID::from(email)]) .generate() .unwrap(); @@ -330,7 +333,7 @@ pub fn generate_sequoia_cert(email: &str) -> Cert { } pub fn generate_sequoia_cert_without_private_key(email: &str) -> Cert { - let (cert, _) = CertBuilder::general_purpose(None, Some(email)) + let (cert, _) = CertBuilder::general_purpose([UserID::from(email)]) .generate() .unwrap(); @@ -352,24 +355,23 @@ impl VerificationHelper for &mut KeyLister { } impl DecryptionHelper for &mut KeyLister { - fn decrypt( + fn decrypt( &mut self, pkesks: &[sequoia_openpgp::packet::PKESK], _: &[sequoia_openpgp::packet::SKESK], - _: Option, - _: D, - ) -> std::result::Result, anyhow::Error> - where - D: FnMut( - sequoia_openpgp::types::SymmetricAlgorithm, - &sequoia_openpgp::crypto::SessionKey, - ) -> bool, - { + _: Option, + _: &mut dyn FnMut(Option, &SessionKey) -> bool, + ) -> std::result::Result, anyhow::Error> { self.ids.extend( pkesks .iter() - .map(|p| p.recipient().clone()) - .collect::>(), + .map(|p| { + return match p.recipient().clone().unwrap() { + KeyHandle::Fingerprint(fpr) => Ok(fpr.into()), + KeyHandle::KeyID(key_id) => Ok(key_id), + }; + }) + .collect::, anyhow::Error>>()?, ); Ok(None) } @@ -378,9 +380,33 @@ impl DecryptionHelper for &mut KeyLister { pub fn count_recipients(data: &[u8]) -> usize { let p = StandardPolicy::new(); let mut h = KeyLister { ids: vec![] }; + + // result ignored since it's always an error, as we are not decrypting for real let _ = DecryptorBuilder::from_bytes(&data) .unwrap() .with_policy(&p, None, &mut h); h.ids.len() } + +#[test] +fn test_count_recipients() { + let data = vec![ + 0xc1, 0x6c, 0x06, 0x15, 0x04, 0x08, 0x6f, 0x6c, 0x69, 0x12, 0x24, 0xad, 0x6e, 0x3c, 0x0c, + 0x86, 0xfc, 0xa2, 0x26, 0xb7, 0x82, 0xd7, 0xfc, 0xd2, 0x44, 0x12, 0x01, 0x07, 0x40, 0x72, + 0xb0, 0x2f, 0x8b, 0x35, 0x5a, 0x34, 0xe1, 0x05, 0xbf, 0x6f, 0x35, 0x2d, 0xc8, 0x33, 0xed, + 0xaa, 0xdf, 0x76, 0xbf, 0xfb, 0x54, 0x8b, 0x73, 0x2c, 0xac, 0x7d, 0xd4, 0xd8, 0xc9, 0xdf, + 0x1b, 0x30, 0x0d, 0x09, 0x53, 0x11, 0x31, 0x03, 0x99, 0xfb, 0x77, 0xa0, 0xa1, 0x1a, 0x0d, + 0x9a, 0xb2, 0xf0, 0x22, 0xe6, 0xf1, 0x63, 0x90, 0x29, 0xb8, 0x37, 0xd4, 0x75, 0xd8, 0x03, + 0xc7, 0x22, 0xdb, 0xe3, 0x9d, 0x62, 0xea, 0x70, 0x69, 0xfa, 0x29, 0x4b, 0x00, 0x11, 0x49, + 0x0c, 0xbf, 0x96, 0x39, 0xa9, 0xd2, 0x54, 0x02, 0x09, 0x02, 0x06, 0x55, 0x14, 0xe8, 0x76, + 0xdd, 0x0f, 0x25, 0x13, 0x16, 0xe5, 0xfd, 0xb4, 0x57, 0x3b, 0xce, 0xa0, 0x3c, 0x81, 0x3d, + 0xc1, 0x82, 0x27, 0x46, 0x91, 0xf1, 0x9e, 0xc1, 0x09, 0x94, 0x9b, 0xbb, 0x55, 0xd4, 0xa4, + 0x26, 0x31, 0xb8, 0x17, 0xef, 0xd8, 0x48, 0xbd, 0x1b, 0x3a, 0xbd, 0x40, 0xec, 0xc6, 0x0b, + 0x33, 0xb0, 0x2f, 0x8c, 0x71, 0xb1, 0x90, 0xf6, 0xda, 0x35, 0xe5, 0x8b, 0xb5, 0x3e, 0x23, + 0xa3, 0x80, 0x35, 0x11, 0x83, 0x79, 0xf4, 0x79, 0x09, 0x71, 0xac, 0xee, 0xc5, 0x65, 0x0e, + 0xb8, + ]; + + assert_eq!(1, count_recipients(&data)); +}