rnp
rnp copied to clipboard
rnpgp
[#1783] FFI: Add rnp_signature_export()
This changeset adds an FFI API function to export specifically a signature, in binary or armored form.
Codecov Report
Base: 81.86% // Head: 81.88% // Increases project coverage by +0.01% :tada:
Coverage data is based on head (
8ecf090) compared to base (4a96fc0). Patch coverage: 96.66% of modified lines in pull request are covered.
Additional details and impacted files
@@ Coverage Diff @@
## master #1867 +/- ##
==========================================
+ Coverage 81.86% 81.88% +0.01%
==========================================
Files 141 141
Lines 28995 29025 +30
==========================================
+ Hits 23737 23766 +29
- Misses 5258 5259 +1
| Impacted Files | Coverage Δ | |
|---|---|---|
| src/lib/rnp.cpp | 79.77% <94.11%> (+0.05%) |
:arrow_up: |
| src/tests/ffi-key-sig.cpp | 82.71% <100.00%> (+0.45%) |
:arrow_up: |
Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.
:umbrella: View full report at Codecov.
:loudspeaker: Do you have feedback about the report comment? Let us know in this issue.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
@ni4 a couple of things which I thought of doing here in addition to this bare minimum are armoring support in flags and a meaningful test. What else would you say we need here?
The test I have in mind is of a "user story" kind, dumping the idea here for your evaluation.
Carol sends her key to Bob. Carol claims Alice knows her. Bob has verified only Alice's key. Alice signs Carol's key and sends that signature to Bob. Bob imports Alice's signature and can prove that Carol is Alice's friend.
Case 2: Mallory instead of Carol, but liar.
@ni4 a couple of things which I thought of doing here in addition to this bare minimum are armoring support in flags and a meaningful test. What else would you say we need here?
Yeah, having armoring here would be handy for users. This functionality was requested, as far as I remember, to be able to export selected revocation signature of the already loaded key. And it would be good to have it armored.
Carol sends her key to Bob. Carol claims Alice knows her. Bob has verified only Alice's key. Alice signs Carol's key and sends that signature to Bob. Bob imports Alice's signature and can prove that Carol is Alice's friend.
Case 2: Mallory instead of Carol, but liar.
This is sort of web of trust, but now we do not implement automatic web of trust checks and leave key trust settings to the FFI API user.
It would be nice to test that exported signature can be imported back and successfully verified.
It would be nice to test that exported signature can be imported back and successfully verified.
Amended the test in the last commit. Please re-review.
