This is necessary for /dev/null writes to work properly.

This fixes a compiler warning.

Suggested-by: Marek Marczykowski-Górecki <[email protected]>

The new API properly distinguishes between trusted and untrusted
digests, and also has unit-tests.

It previously had a clone of the (former) `rpm-syntax` documentation.

Good catch, rustc!

These are needed to ensure malformed packages are detected.

Otherwise it is rather risky.

This modifies the code to allow reading from a pipe or socket, avoiding
the requirement to buffe...

A 5-tuple is replaced with a proper struct, and it is now possible to
preserve the header+payloa...

This is a prerequisite for streaming.

No change in behavior.

This makes the code simpler and ― more importantly ― far more
maintainable.

Emitting types with non-zero alignment is not yet implemented.

This removes some unused helper functions.

This massively simplifies the OpenPGP packet parser, largely by removing
the unneeded `Subpacket...

Initialization should be the job of the application, not the library.

DNF rejects them when signature verification is turned on, and this is
the default for remote re...

This is necessary to parse Zoom RPMs. In particular, the list of
allowed hash algorithms must b...

openpgp_parser’s buffer module had only two items. Just export both
from the root.

Zoom and Google Chrome RPMs are signed with SHA-1!

This is necessary to even parse signed RPMs generated by qubes-builder

These repositories are not used.

This avoids writing an empty file.

This lead to a massive refactoring, removing `Reader::get`.

Also allow key ID to be hashed

It checks that the output of rpmcanon is installable.

This is expected for Rust crates

This will help catch bugs.

Signature info is immutable, so use getters instead of public fields.
Also require creation time...

This is needed to canonicalize signatures.

This is part of a major refactor of the OpenPGP code.

This test came from ‘cargo new’ and serves no purpose.

See doc comment for details

The new test better explains what is happening.

rpmcanon now verifies signatures, and regenerates the lead from the
header.

Another refactoring.

No change in functionality.

Minor refactoring that simplifies the code

It didn’t pull its weight.

Yet another refactoring.

Purely a simple refactoring.

This validates the package lead against the package header. This
required extracting the name, ...

This implements rpmcanon, an RPM canonicalization tool. Specifically,
rpmcanon takes an input R...

The package lead must be consistent with the header. Ensure this by
checking that the package n...

This allows them to be reserialized later.

This allows serializing user-created TagData entries.

It is useful for other tools.

Purely a readability improvement

This makes rpmcheck sufficient to ensure the recent DNF bug can’t be
exploited. Specifically, i...

Asking users to provide a separate digest context to check a signature
makes little sense and is...

by checking that we can verify a real RPM package’s payload digest.

This adds Rust bindings to RPM’s built-in digest functionality.

In production, it is better to just return ‘None’, but in tests, panic
so that the developers kn...

It is always a programming error.

This can be used to validate an RPM file before passing it to
‘rpmkeys --checksig’.

rpm-parser can now read a real-world RPM package!

These will be needed to actually parse packages. Fortunately, the lead
is simple enough I could...

Using an ‘FnMut’ closure is much nicer than emulating it with an enum.

This eliminates a bunch of crufty expects.

This makes for clearer code.

This avoids needing an explanatory comment.

This is already tested by the RPM parser’s own test suite.

Some of the documentation claimed that these methods read little-endian
integers. The code was ...

Both big- and little-endian are supported.

The payload digest is now extracted from immutable headers, as is its
algorithm. Warnings are n...

This successfully parses the Lua 5.4.2-1 RPM from Fedora 33!

These will be used by the RPM header parser. See the diff for details.

just as with ECDSA.

In the interest of strictness, forbid this.

They are only used in certification signatures, so they are pointless in
data signatures. Rejec...

This allows us to give a better error message.

As is often the case, the tests are nearly as long as the code.

These APIs will be quite useful for the RPM parser.

This parses a signature from a real RPM file!

This needs to be checked with Marek before it is published.

So far, this just includes some basic functions for reading packets.

Yay!