45341ee9ce
- We were previously using `github.com/keybase/go-crypto`, because the package for openpgp by Go itself is deprecated and no longer maintained. This library provided a maintained version of the openpgp package. However, it hasn't seen any activity for the last five years, and I would therefore consider this also unmaintained. - This patch switches the package to `github.com/ProtonMail/go-crypto` which provides a maintained version of the openpgp package and was already being used in the tests. - Adds unit tests, I've carefully checked the callstacks to ensure the OpenPGP-related code was covered under either a unit test or integration tests to avoid regression, as this can easily turn into security vulnerabilities if a regression happens here. - Small behavior update, revocations are now checked correctly instead of checking if they merely exist and the expiry time of a subkey is used if one is provided (this is just cosmetic and doesn't impact security). - One more dependency eliminated :D |
||
|---|---|---|
| .. | ||
| 3139.md | ||
| 3285.md | ||
| 3307.md | ||
| 3334.md | ||
| 3337.md | ||
| 3363.md | ||
| 3383.md | ||
| 3414.md | ||
| 3430.md | ||
| 3434.md | ||
| 3442.md | ||
| 3616.md | ||
| 3642.md | ||
| 3654.md | ||
| 3723.md | ||
| 3724.md | ||
| 3729.md | ||
| 3791.md | ||
| 3808.md | ||
| 3811.md | ||
| 3830.md | ||
| 3836.md | ||
| 3838.md | ||
| 3847.md | ||
| 3870.md | ||
| 3886.md | ||
| 3917.md | ||
| 3922.md | ||
| 3934.md | ||
| 3985.md | ||
| 3989.md | ||
| 4026.md | ||
| 4027.md | ||
| 4072.md | ||
| 4083.md | ||
| 4095.md | ||
| 4134.md | ||
| 4136.md | ||
| 4139.md | ||
| 4143.md | ||
| 4145.md | ||
| 4160.md | ||
| 4189.md | ||
| 4201.md | ||
| 4218.md | ||
| 4222.md | ||
| 4240.md | ||
| 4253.md | ||
| 4262.md | ||
| 4266.md | ||
| 4291.md | ||
| 4367.md | ||
| 4375.md | ||
| 4400.md | ||
| 4427.md | ||
| 4429.md | ||
| 4439.md | ||
| 4506.md | ||