mirrors/rage
1
0
Fork 0
mirror of https://github.com/str4d/rage.git synced 2025-04-06 04:17:41 +03:00
Code Issues Projects Releases Packages Wiki Activity
754 commits 12 branches 25 tags 4.6 MiB
Commit graph

754 commits

This branch
This branch
All branches
Author SHA1 Message Date
Jack Grigg
cb443e55e0 plugins: Add request-public command to bi-directional phase 
This enables plugins to request a non-secret value, which won't trigger
any passphrase-specific user prompt (that e.g. hides the user's input).
 2021-02-05 23:49:13 +00:00
Jack Grigg
933dfe1157 age: Add Callbacks::request_public_string 2021-02-05 23:49:13 +00:00
Jack Grigg
9821146284 age: Move Callbacks trait to root module 
It is no longer decryption-specific.
 2021-02-05 23:49:13 +00:00
Jack Grigg
395502f503 age-core: Add missing entry for age_core::plugin module 2021-02-05 23:49:13 +00:00
Jack Grigg
cd0d79e14c plugins: Extend recipient-v1 state machine with add-identities message 
This enables plugins to wrap file keys to identities, for example when
the plugin is built around a symmetric primitive (since we do not want
the recipients encoding to ever contain secrets).
 2021-02-05 23:49:13 +00:00
Jack Grigg
91804960d9 plugins: Change recipient-v1 state machine phase 2 to be bidirectional 
The previous iteration of the recipient-v1 state machine assumed that
user interaction would never be required during encryption. This is
almost certainly true for asymmetric recipients, but is not the case
for symmetric recipients (e.g. the symmetric key might be stored on a
hardware token that requires a PIN).

The recipient-v1 state machine now uses a bi-directional second phase,
matching the identity-v1 state machine. It defines the same commands
for interacting with users.
 2021-02-05 23:49:11 +00:00
Jack Grigg
386ccc91bd Fix clippy lint 2021-01-30 15:05:21 +00:00
Jack Grigg
fd534614bd cargo update 2021-01-30 15:01:40 +00:00
str4d
9f82462519
Merge pull request #198 from str4d/189-rage-mount-errors 
Return mount_fs errors from rage-mount instead of logging
 2021-01-31 03:53:59 +13:00
Jack Grigg
8abd54838e Return mount_fs errors from rage-mount instead of logging 
We disabled logging by default, so FUSE errors were not being shown.

Fixes str4d/rage#189.
 2021-01-30 14:44:03 +00:00
str4d
a28c8ec5cd
Merge pull request #197 from str4d/seek-from-end-fixes 
Fix security issue and bug in StreamReader::seek(SeekFrom::End(_))
 2021-01-25 13:24:59 +13:00
Jack Grigg
b2ec5279d7 Authenticate ciphertext length when seeking from end of StreamReader 
`StreamReader::seek(SeekFrom::End(offset))` did not previously authenticate
the ciphertext length; if the ciphertext had been truncated or extended by
`adversary_offset`, it would instead seek to `offset + adversary_offset`.
This allowed an adversary with temporary control of an encrypted age file
to control the location of a plaintext read following a seek-from-end.

`age` now returns an error if the last chunk is invalid.

Fixes str4d/rage#195.
 2021-01-24 21:47:52 +00:00
Jack Grigg
fe8fed6911 Use ceiling division to calculate the number of chunks when seeking 
The previous calculation did not correctly implement ceiling division,
and would compute an invalid offset when the ciphertext was equal to or
slightly shorter than an exact multiple of the chunk size.

Fixes str4d/rage#196.
 2021-01-24 21:45:08 +00:00
Jack Grigg
7ba9a135e2 Add test case for SeekFrom::End(0) bug from str4d/rage#196 2021-01-24 21:29:15 +00:00
Jack Grigg
fca71b89f0 Add test case for security issue from str4d/rage#195 2021-01-24 21:29:15 +00:00
str4d
9f96c9c076
Merge pull request #193 from str4d/age-load-default-language 
age: Ensure that the fallback language is always loaded
 2021-01-19 13:52:53 +13:00
Jack Grigg
dad8eb8e6c age: Update CHANGELOG 2021-01-19 00:45:07 +00:00
Jack Grigg
54af54a167 age: Ensure that the fallback language is always loaded 
Fixes str4d/rage#159.
 2021-01-19 00:33:45 +00:00
Jack Grigg
d052af4410 cargo fmt 2021-01-18 23:38:42 +00:00
str4d
85428f03cc
Merge pull request #192 from kanru/wasm-web-sys 
age: Add support for using web performance timer to calculate scrypt work factor
 2021-01-19 12:38:30 +13:00
Kan-Ru Chen
13aeae847d
Apply suggestions from code review 
Co-authored-by: str4d <thestr4d@gmail.com>
 2021-01-15 22:29:13 +09:00
Kan-Ru Chen
4a04e61b07 age: Add support for using web performance timer to calculate scrypt work factor 2021-01-15 21:36:07 +09:00
str4d
9c56470647
Merge pull request #186 from str4d/dependency-updates 
Dependency updates
 2021-01-13 02:49:56 +13:00
Jack Grigg
6ce0942258 quickcheck 1 2021-01-12 13:41:23 +00:00
Jack Grigg
cb584384f2 console 0.14 2021-01-12 13:38:40 +00:00
Jack Grigg
2f902ae05f nom 6 2021-01-12 13:38:40 +00:00
Jack Grigg
0e860a672a base64 0.13 2021-01-12 13:38:40 +00:00
Jack Grigg
c2c1aa257f cargo update 2021-01-12 13:38:35 +00:00
str4d
5b38e29028
Merge pull request #187 from str4d/i18n-embed-fl-0.3 
i18n-embed-fl 0.3
 2021-01-13 02:36:31 +13:00
Jack Grigg
a4712dea4b Require i18n-embed 0.10.2 
Includes a workaround for https://github.com/kellpossible/cargo-i18n/issues/57.
 2021-01-12 13:08:07 +00:00
Jack Grigg
cd5be09328 i18n-embed-fl 0.3 
Fixes an issue where `cargo update` breaks builds (due to how
i18n-embed-fl 0.2 was not pinning its pre-release dashmap dependency).
 2021-01-11 21:55:25 +00:00
str4d
bf82a7e683
Merge pull request #173 from str4d/windows-test-vectors 
age: Re-enable age test vectors on Windows
 2021-01-11 16:04:12 +13:00
Jack Grigg
3d2c9489d2 age: Allow either kind of line ending in SSH identities 2021-01-11 02:51:36 +00:00
Jack Grigg
484c0ae732 age: Require ssh feature for test_vectors test 2021-01-11 02:28:01 +00:00
Jack Grigg
e18e58ea53 age: Add filename and line number to identity file parsing error 2021-01-11 02:19:08 +00:00
Jack Grigg
4fbd82ec94 age: Re-enable age test vectors on Windows 2021-01-11 01:54:23 +00:00
str4d
4cf2ec5e9f
Merge pull request #185 from str4d/plugin-fixes 
Plugin fixes
 2021-01-11 14:53:22 +13:00
Jack Grigg
7ca30df146 age: Verify number of arguments in recipient-stanza responses 
Closes str4d/rage#180.
 2021-01-11 01:39:11 +00:00
Jack Grigg
21013e8c61 age-core: Assume two commands in Connection::unidir_receive 
This places the command parsing function right next to the command
definitions.
 2021-01-11 01:39:11 +00:00
str4d
1c6de015f8
Merge pull request #184 from str4d/clippy-lints 
Fix a bunch of clippy lints
 2021-01-11 07:17:55 +13:00
Jack Grigg
9163005402 rage-mount: Switch from ZipFile::sanitized_name to ZipFile::enclosed_name 
The former was deprecated, as it would rewrite the path, resulting in
potentially-unexpected behaviour (files showing up in the wrong folders).
The latter validates the file path instead, ignoring malicious files.
 2021-01-10 17:27:31 +00:00
Jack Grigg
6adac45b44 age: Silence clippy false-positive 2021-01-10 17:17:15 +00:00
Jack Grigg
7a22329489 Fix a bunch of clippy lints 2021-01-10 17:09:24 +00:00
str4d
4f009cc60d
Merge pull request #183 from str4d/178-plugins-in-recipients-file 
Allow plugin recipients in -R/--recipients-file
 2021-01-11 05:52:36 +13:00
Jack Grigg
c650c6b9d5 rage: Add line number to recipients file parsing errors 2021-01-10 16:22:31 +00:00
Jack Grigg
371bb7ecee rage: Use the same parsing logic for --recipient and --recipients-file 
Closes str4d/rage#178.
 2021-01-10 16:21:33 +00:00
str4d
22200f25d5
Merge pull request #182 from str4d/plugins-beta 
Move plugin support into beta
 2021-01-11 05:00:38 +13:00
Jack Grigg
d7a91adc87 Plugin docs and changelog entries 2021-01-10 15:47:43 +00:00
Jack Grigg
f4bee7af74 Move plugin support out from behind the unstable feature flag 
FiloSottile/age has implemented the client side of the specification,
and is able to communicate with our plugin side. This is sufficient for
releasing beta plugin support!
 2021-01-10 15:11:12 +00:00
str4d
7fb88a1513
Merge pull request #181 from str4d/armor-oil 
age: Encode armor in 8kiB chunks
 2021-01-11 03:24:50 +13:00