Template
1
0
Fork 0
mirror of https://codeberg.org/forgejo/forgejo synced 2024-11-22 18:04:24 +01:00
forgejo/models/asymkey
Gusted 45341ee9ce
[CHORE] Use github.com/ProtonMail/go-crypto
- We were previously using `github.com/keybase/go-crypto`, because the
package for openpgp by Go itself is deprecated and no longer
maintained. This library provided a maintained version of the openpgp
package. However, it hasn't seen any activity for the last five years,
 and I would therefore consider this also unmaintained.
- This patch switches the package to `github.com/ProtonMail/go-crypto`
which provides a maintained version of the openpgp package and was
already being used in the tests.
- Adds unit tests, I've carefully checked the callstacks to ensure the
OpenPGP-related code was covered under either a unit test or integration
tests to avoid regression, as this can easily turn into security
vulnerabilities if a regression happens here.
- Small behavior update, revocations are now checked correctly instead
of checking if they merely exist and the expiry time of a subkey is used
if one is provided (this is just cosmetic and doesn't impact security).
- One more dependency eliminated :D
2024-07-15 17:27:37 +02:00
..
error.go Improve error report when user passes a private key (#22726) 2023-02-02 18:25:54 +00:00
gpg_key.go [CHORE] Use github.com/ProtonMail/go-crypto 2024-07-15 17:27:37 +02:00
gpg_key_add.go [CHORE] Use github.com/ProtonMail/go-crypto 2024-07-15 17:27:37 +02:00
gpg_key_commit_verification.go models/asymkey: Implement Tag verification 2024-03-30 16:22:05 +01:00
gpg_key_common.go [CHORE] Use github.com/ProtonMail/go-crypto 2024-07-15 17:27:37 +02:00
gpg_key_import.go Final round of db.DefaultContext refactor (#27587) 2023-10-14 08:37:24 +00:00
gpg_key_list.go Move more functions to db.Find (#28419) 2024-01-15 02:19:25 +00:00
gpg_key_object_verification.go [CHORE] Use github.com/ProtonMail/go-crypto 2024-07-15 17:27:37 +02:00
gpg_key_tag_verification.go models/asymkey: Implement Tag verification 2024-03-30 16:22:05 +01:00
gpg_key_test.go [CHORE] Use github.com/ProtonMail/go-crypto 2024-07-15 17:27:37 +02:00
gpg_key_verify.go Fix GPG subkey verify (#30193) 2024-04-07 15:40:31 +02:00
main_test.go [GITEA] Add noreply email address as verified for SSH signed Git commits 2024-02-05 16:09:40 +01:00
ssh_key.go Move more functions to db.Find (#28419) 2024-01-15 02:19:25 +00:00
ssh_key_authorized_keys.go Fix some pending problems (#29985) 2024-03-26 19:04:26 +01:00
ssh_key_authorized_principals.go Fix some pending problems (#29985) 2024-03-26 19:04:26 +01:00
ssh_key_deploy.go Remove GetByBean method because sometimes it's danger when query condition parameter is zero and also introduce new generic methods (#28220) 2023-12-07 15:27:36 +08:00
ssh_key_fingerprint.go Clean up log messages (#30313) 2024-04-15 20:01:35 +02:00
ssh_key_object_verification.go models/asymkey: Implement Tag verification 2024-03-30 16:22:05 +01:00
ssh_key_object_verification_test.go models/asymkey: Implement Tag verification 2024-03-30 16:22:05 +01:00
ssh_key_parse.go Prefer native parser for SSH public key parsing (#23798) 2023-04-11 14:34:28 +08:00
ssh_key_principals.go Move more functions to db.Find (#28419) 2024-01-15 02:19:25 +00:00
ssh_key_test.go Replace assert.Fail with assert.FailNow (#27578) 2023-10-11 11:02:24 +00:00
ssh_key_verify.go Retry SSH key verification with additional CRLF if it failed (#28392) 2023-12-14 02:39:32 +00:00