http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/keys.go File src/pkg/crypto/openpgp/keys.go (right): http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/keys.go#newcode52 src/pkg/crypto/openpgp/keys.go:52: type KeyRing struct { could you make this into ...
14 years, 1 month ago
(2011-01-31 20:36:16 UTC)
#3
On Mon, Jan 31, 2011 at 3:36 PM, <bradfitz@golang.org> wrote: > http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/keys.go#newcode52 > src/pkg/crypto/openpgp/keys.go:52: type ...
14 years, 1 month ago
(2011-01-31 21:01:38 UTC)
#4
On Mon, Jan 31, 2011 at 3:36 PM, <bradfitz@golang.org> wrote:
>
http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/keys.g...
> src/pkg/crypto/openpgp/keys.go:52: type KeyRing struct {
> could you make this into an interface? I'm going to need a bizarre
> KeyRing I think. Definitely not a static list of in-memory keys.
What are the limitations on your KeyRing? Is GetKeysById ok to
implement? GetAllDecryptionKeys is only needed when a recipient isn't
specified so you could skip that.
> Given the comment below, I wonder if it's better to name this
> "UntrustedBody" or "UnverifiedBody". It'd be uglier, but that's kinda
> the point? It'd be hard to mess up that way.
True and, in this case, hard to mess up is important. Any opinion on
whether the error should be on Close() or EOF?
>
http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/read.g...
> src/pkg/crypto/openpgp/read.go:70: // correct, the function will be
> called again.
> forever?
I assumed that it would be a closure, so it could keep its own count
of the number of times which it had been called. If the prompt
function always decrypts at least one private key then ReadMessage
will eventually figure out that none of the keys are going to work and
exit. If the message is passphrase encrypted then it will be called
forever to retry a different passphrase.
> should this also take the try number then? is there a way to signal
> from this function's return value that retries should stop?
prompt can return an error value and that'll be passed up through ReadMessage.
AGL
On Mon, Jan 31, 2011 at 1:01 PM, Adam Langley <agl@golang.org> wrote: > On Mon, ...
14 years, 1 month ago
(2011-01-31 21:43:54 UTC)
#5
On Mon, Jan 31, 2011 at 1:01 PM, Adam Langley <agl@golang.org> wrote:
> On Mon, Jan 31, 2011 at 3:36 PM, <bradfitz@golang.org> wrote:
> >
>
http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/keys.g...
> > src/pkg/crypto/openpgp/keys.go:52: type KeyRing struct {
> > could you make this into an interface? I'm going to need a bizarre
> > KeyRing I think. Definitely not a static list of in-memory keys.
>
> What are the limitations on your KeyRing? Is GetKeysById ok to
> implement? GetAllDecryptionKeys is only needed when a recipient isn't
> specified so you could skip that.
>
Yes, given a keyid I need to go do database/network requests to find it, if
possible.
> > Given the comment below, I wonder if it's better to name this
> > "UntrustedBody" or "UnverifiedBody". It'd be uglier, but that's kinda
> > the point? It'd be hard to mess up that way.
>
> True and, in this case, hard to mess up is important. Any opinion on
> whether the error should be on Close() or EOF?
>
I'd do it on EOF. Harder to miss that way. People are likely to ignore the
return value of Close().
(aside: I love that in Perl you can check whether you're being called in
scalar, list, or void context. That means a function like Close() here
could panic() or do something explosive if the caller was in void context
and wasn't checking the return value... but I know that's not really Go
style anyway.)
>
> >
>
http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/read.g...
> > src/pkg/crypto/openpgp/read.go:70: // correct, the function will be
> > called again.
> > forever?
>
> I assumed that it would be a closure, so it could keep its own count
> of the number of times which it had been called. If the prompt
> function always decrypts at least one private key then ReadMessage
> will eventually figure out that none of the keys are going to work and
> exit. If the message is passphrase encrypted then it will be called
> forever to retry a different passphrase.
>
I think you need to document the expected return values of PromptFunction
then. I misunderstood.
>
> > should this also take the try number then? is there a way to signal
> > from this function's return value that retries should stop?
>
> prompt can return an error value and that'll be passed up through
> ReadMessage.
>
>
> AGL
>
If you're deciding between a signature verifier giving the error on the final read instead ...
14 years, 1 month ago
(2011-01-31 23:55:40 UTC)
#6
If you're deciding between a signature verifier giving
the error on the final read instead of EOF or giving
the error on Close, please choose the former.
I'm pretty sure I have used that pattern elsewhere,
but I do not remember where. In any event, people
checking return value from Read is much more common
than people checking return value from Close.
Russ
http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/canonical_text.go File src/pkg/crypto/openpgp/canonical_text.go (right): http://codereview.appspot.com/3989052/diff/4001/src/pkg/crypto/openpgp/canonical_text.go#newcode12 src/pkg/crypto/openpgp/canonical_text.go:12: // NewCanonicalTextHash returns a hash which wraps another while ...
14 years, 1 month ago
(2011-02-14 17:37:07 UTC)
#8
Issue 3989052: code review 3989052: crypto/openpgp: add package.
(Closed)
Created 14 years, 1 month ago by agl1
Modified 14 years ago
Reviewers:
Base URL:
Comments: 27
