From 7bd5d7dbf1d725fd4004307a30f283050be9a76a Mon Sep 17 00:00:00 2001
From: ryan <ryan@distrust.co>
Date: Sun, 14 Jan 2024 15:33:10 -0500
Subject: [PATCH] keyfork: allow changing Sequoia backend

---
 Cargo.lock                        | 311 +++++++++++++++++++++++++++++-
 keyfork-derive-openpgp/Cargo.toml |   2 +-
 keyfork-shard/Cargo.toml          |   4 +-
 keyfork-zbar-sys/Cargo.toml       |   2 +-
 keyfork/Cargo.toml                |  15 +-
 5 files changed, 325 insertions(+), 9 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index a97ced3..99265ae 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -36,6 +36,7 @@ dependencies = [
  "cfg-if",
  "cipher",
  "cpufeatures",
+ "zeroize",
 ]
 
 [[package]]
@@ -454,6 +455,15 @@ dependencies = [
  "generic-array",
 ]
 
+[[package]]
+name = "block-padding"
+version = "0.3.3"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a8894febbff9f758034a5b8e12d87918f56dfc64a8e1fe757d65e29041538d93"
+dependencies = [
+ "generic-array",
+]
+
 [[package]]
 name = "blocking"
 version = "1.5.1"
@@ -470,6 +480,16 @@ dependencies = [
  "tracing",
 ]
 
+[[package]]
+name = "blowfish"
+version = "0.9.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "e412e2cd0f2b2d93e02543ceae7917b3c70331573df19ee046bcbc35e45e87d7"
+dependencies = [
+ "byteorder",
+ "cipher",
+]
+
 [[package]]
 name = "buffered-reader"
 version = "1.3.0"
@@ -527,6 +547,16 @@ dependencies = [
  "pkg-config",
 ]
 
+[[package]]
+name = "camellia"
+version = "0.1.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "3264e2574e9ef2b53ce6f536dea83a69ac0bc600b762d1523ff83fe07230ce30"
+dependencies = [
+ "byteorder",
+ "cipher",
+]
+
 [[package]]
 name = "card-backend"
 version = "0.2.0"
@@ -548,6 +578,15 @@ dependencies = [
  "pcsc",
 ]
 
+[[package]]
+name = "cast5"
+version = "0.11.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "26b07d673db1ccf000e90f54b819db9e75a8348d6eb056e9b8ab53231b7a9911"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "cc"
 version = "1.0.83"
@@ -566,6 +605,15 @@ dependencies = [
  "nom",
 ]
 
+[[package]]
+name = "cfb-mode"
+version = "0.8.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "738b8d467867f80a71351933f70461f5b56f24d5c93e0cf216e59229c968d330"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "cfg-if"
 version = "1.0.0"
@@ -594,6 +642,7 @@ checksum = "773f3b9af64447d2ce9850330c473515014aa235e6a783b02db81ff39e4a3dad"
 dependencies = [
  "crypto-common",
  "inout",
+ "zeroize",
 ]
 
 [[package]]
@@ -657,6 +706,17 @@ version = "0.6.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "702fc72eb24e5a1e48ce58027a675bc24edd52096d5397d4aea7c6dd9eca0bd1"
 
+[[package]]
+name = "cmac"
+version = "0.7.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8543454e3c3f5126effff9cd44d562af4e31fb8ce1cc0d3dcd8f084515dbc1aa"
+dependencies = [
+ "cipher",
+ "dbl",
+ "digest",
+]
+
 [[package]]
 name = "color_quant"
 version = "1.1.0"
@@ -814,6 +874,15 @@ dependencies = [
  "parking_lot_core",
 ]
 
+[[package]]
+name = "dbl"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "bd2735a791158376708f9347fe8faba9667589d82427ef3aed6794a8981de3d9"
+dependencies = [
+ "generic-array",
+]
+
 [[package]]
 name = "der"
 version = "0.6.1"
@@ -821,7 +890,7 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "f1a467a65c5e759bce6e65eaf91cc29f466cdc57cb65777bd646872a8a1fd4de"
 dependencies = [
  "const-oid",
- "pem-rfc7468",
+ "pem-rfc7468 0.6.0",
  "zeroize",
 ]
 
@@ -832,9 +901,19 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "fffa369a668c8af7dbf8b5e56c9f744fbd399949ed171606040001947de40b1c"
 dependencies = [
  "const-oid",
+ "pem-rfc7468 0.7.0",
  "zeroize",
 ]
 
+[[package]]
+name = "des"
+version = "0.8.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "ffdd80ce8ce993de27e9f063a444a4d53ce8e8db4c1f00cc03af5ad5a9867a1e"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "diff"
 version = "0.1.13"
@@ -874,12 +953,50 @@ dependencies = [
  "winapi",
 ]
 
+[[package]]
+name = "dsa"
+version = "0.6.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d88afbb2443ba68ef8593de497e830b2e276434e1408f85cd760b1107b44ead0"
+dependencies = [
+ "digest",
+ "num-bigint-dig",
+ "num-traits",
+ "pkcs8 0.10.2",
+ "rfc6979",
+ "sha2",
+ "signature",
+ "zeroize",
+]
+
 [[package]]
 name = "dyn-clone"
 version = "1.0.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "545b22097d44f8a9581187cdf93de7a71e4722bf51200cfaba810865b49a495d"
 
+[[package]]
+name = "eax"
+version = "0.5.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "9954fabd903b82b9d7a68f65f97dc96dd9ad368e40ccc907a7c19d53e6bfac28"
+dependencies = [
+ "aead",
+ "cipher",
+ "cmac",
+ "ctr",
+ "subtle",
+]
+
+[[package]]
+name = "ecb"
+version = "0.1.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "1a8bfa975b1aec2145850fcaa1c6fe269a16578c44705a532ae3edc92b8881c7"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "ecdsa"
 version = "0.16.9"
@@ -887,7 +1004,9 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "ee27f32b5c5292967d2d4a9d7f1e0b0aed2c15daded5a60300e4abb9d8020bca"
 dependencies = [
  "der 0.7.8",
+ "digest",
  "elliptic-curve",
+ "rfc6979",
  "signature",
  "spki 0.7.3",
 ]
@@ -910,6 +1029,7 @@ checksum = "1f628eaec48bfd21b865dc2950cfa014450c01d2fa2b69a86c2fd5844ec523c0"
 dependencies = [
  "curve25519-dalek",
  "ed25519",
+ "rand_core",
  "serde",
  "sha2",
  "subtle",
@@ -934,6 +1054,8 @@ dependencies = [
  "ff",
  "generic-array",
  "group",
+ "hkdf",
+ "pem-rfc7468 0.7.0",
  "pkcs8 0.10.2",
  "rand_core",
  "sec1",
@@ -1057,6 +1179,21 @@ dependencies = [
  "miniz_oxide",
 ]
 
+[[package]]
+name = "foreign-types"
+version = "0.3.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f6f339eb8adc052cd2ca78910fda869aefa38d22d5cb648e6485e4d3fc06f3b1"
+dependencies = [
+ "foreign-types-shared",
+]
+
+[[package]]
+name = "foreign-types-shared"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "00b0228411908ca8685dba7fc2cdd70ec9990a6e753e89b6ac91a84c40fbaf4b"
+
 [[package]]
 name = "futures"
 version = "0.3.30"
@@ -1381,6 +1518,15 @@ dependencies = [
  "cc",
 ]
 
+[[package]]
+name = "idea"
+version = "0.5.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "075557004419d7f2031b8bb7f44bb43e55a83ca7b63076a8fb8fe75753836477"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "idna"
 version = "0.4.0"
@@ -1421,6 +1567,7 @@ version = "0.1.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "a0c10553d664a4d0bcff9f4215d0aac67a639cc68ef660840afe309b807bc9f5"
 dependencies = [
+ "block-padding",
  "generic-array",
 ]
 
@@ -1537,6 +1684,7 @@ dependencies = [
  "keyforkd-client",
  "openpgp-card",
  "openpgp-card-sequoia",
+ "sequoia-openpgp",
  "serde",
  "smex",
  "thiserror",
@@ -1901,6 +2049,16 @@ dependencies = [
  "regex-automata 0.1.10",
 ]
 
+[[package]]
+name = "md-5"
+version = "0.10.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "d89e7ee0cfbedfc4da3340218492196241d89eefb6dab27de5df917a6d2e78cf"
+dependencies = [
+ "cfg-if",
+ "digest",
+]
+
 [[package]]
 name = "memchr"
 version = "2.7.1"
@@ -2108,17 +2266,67 @@ dependencies = [
  "chrono",
  "log",
  "openpgp-card",
- "rsa",
+ "rsa 0.8.2",
  "sequoia-openpgp",
  "thiserror",
 ]
 
+[[package]]
+name = "openssl"
+version = "0.10.62"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "8cde4d2d9200ad5909f8dac647e29482e07c3a35de8a13fce7c9c7747ad9f671"
+dependencies = [
+ "bitflags 2.4.1",
+ "cfg-if",
+ "foreign-types",
+ "libc",
+ "once_cell",
+ "openssl-macros",
+ "openssl-sys",
+]
+
+[[package]]
+name = "openssl-macros"
+version = "0.1.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a948666b637a0f465e8564c73e89d4dde00d72d4d473cc972f390fc3dcee7d9c"
+dependencies = [
+ "proc-macro2",
+ "quote",
+ "syn 2.0.48",
+]
+
+[[package]]
+name = "openssl-sys"
+version = "0.9.98"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c1665caf8ab2dc9aef43d1c0023bd904633a6a05cb30b0ad59bec2ae986e57a7"
+dependencies = [
+ "cc",
+ "libc",
+ "pkg-config",
+ "vcpkg",
+]
+
 [[package]]
 name = "overload"
 version = "0.1.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "b15813163c1d831bf4a13c3610c05c0d03b39feb07f7e09fa234dac9b15aaf39"
 
+[[package]]
+name = "p256"
+version = "0.13.2"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c9863ad85fa8f4460f9c48cb909d38a0d689dba1f6f6988a5e3e0d31071bcd4b"
+dependencies = [
+ "ecdsa",
+ "elliptic-curve",
+ "primeorder",
+ "sha2",
+]
+
 [[package]]
 name = "parking"
 version = "2.2.0"
@@ -2192,6 +2400,15 @@ dependencies = [
  "base64ct",
 ]
 
+[[package]]
+name = "pem-rfc7468"
+version = "0.7.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "88b39c9bfcfc231068454382784bb460aae594343fb030d46e9f50a645418412"
+dependencies = [
+ "base64ct",
+]
+
 [[package]]
 name = "petgraph"
 version = "0.6.4"
@@ -2266,6 +2483,17 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "pkcs1"
+version = "0.7.5"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "c8ffb9f10fa047879315e6625af03c164b16962a5368d724ed16323b68ace47f"
+dependencies = [
+ "der 0.7.8",
+ "pkcs8 0.10.2",
+ "spki 0.7.3",
+]
+
 [[package]]
 name = "pkcs8"
 version = "0.9.0"
@@ -2362,6 +2590,15 @@ dependencies = [
  "syn 2.0.48",
 ]
 
+[[package]]
+name = "primeorder"
+version = "0.13.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "353e1ca18966c16d9deb1c69278edbc5f194139612772bd9537af60ac231e1e6"
+dependencies = [
+ "elliptic-curve",
+]
+
 [[package]]
 name = "proc-macro2"
 version = "1.0.76"
@@ -2480,6 +2717,16 @@ version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f"
 
+[[package]]
+name = "rfc6979"
+version = "0.4.0"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "f8dd2a808d456c4a54e300a23e9f5a67e122c3024119acbfd73e3bf664491cb2"
+dependencies = [
+ "hmac",
+ "subtle",
+]
+
 [[package]]
 name = "ripemd"
 version = "0.1.3"
@@ -2512,7 +2759,7 @@ dependencies = [
  "num-integer",
  "num-iter",
  "num-traits",
- "pkcs1",
+ "pkcs1 0.4.1",
  "pkcs8 0.9.0",
  "rand_core",
  "signature",
@@ -2520,6 +2767,26 @@ dependencies = [
  "zeroize",
 ]
 
+[[package]]
+name = "rsa"
+version = "0.9.6"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "5d0e5124fcb30e76a7e79bfee683a2746db83784b86289f6251b54b7950a0dfc"
+dependencies = [
+ "const-oid",
+ "digest",
+ "num-bigint-dig",
+ "num-integer",
+ "num-traits",
+ "pkcs1 0.7.5",
+ "pkcs8 0.10.2",
+ "rand_core",
+ "signature",
+ "spki 0.7.3",
+ "subtle",
+ "zeroize",
+]
+
 [[package]]
 name = "rustc-demangle"
 version = "0.1.23"
@@ -2612,28 +2879,56 @@ version = "1.17.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "2ea026cf8a70d331c742e3ad7e68fd405d0743ff86630fb4334a1bf8d0e194c7"
 dependencies = [
+ "aes",
+ "aes-gcm",
  "anyhow",
  "base64",
+ "block-padding",
+ "blowfish",
  "buffered-reader",
  "bzip2",
+ "camellia",
+ "cast5",
+ "cfb-mode",
  "chrono",
+ "cipher",
+ "des",
+ "digest",
+ "dsa",
  "dyn-clone",
+ "eax",
+ "ecb",
+ "ecdsa",
  "ed25519",
+ "ed25519-dalek",
  "flate2",
  "getrandom",
+ "idea",
  "idna",
  "lalrpop",
  "lalrpop-util",
  "lazy_static",
  "libc",
+ "md-5",
  "memsec",
  "nettle",
+ "num-bigint-dig",
  "once_cell",
+ "openssl",
+ "openssl-sys",
+ "p256",
  "rand",
+ "rand_core",
  "regex",
  "regex-syntax 0.8.2",
+ "ripemd",
+ "rsa 0.9.6",
  "sha1collisiondetection",
+ "sha2",
  "thiserror",
+ "twofish",
+ "typenum",
+ "x25519-dalek",
  "xxhash-rust",
 ]
 
@@ -2699,6 +2994,7 @@ version = "0.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "31c0b86a052106b16741199985c9ec2bf501f619f70c48fa479b44b093ad9a68"
 dependencies = [
+ "const-oid",
  "digest",
  "generic-array",
 ]
@@ -3123,6 +3419,15 @@ dependencies = [
  "tracing-log",
 ]
 
+[[package]]
+name = "twofish"
+version = "0.7.1"
+source = "registry+https://github.com/rust-lang/crates.io-index"
+checksum = "a78e83a30223c757c3947cd144a31014ff04298d8719ae10d03c31c0448c8013"
+dependencies = [
+ "cipher",
+]
+
 [[package]]
 name = "typenum"
 version = "1.17.0"
diff --git a/keyfork-derive-openpgp/Cargo.toml b/keyfork-derive-openpgp/Cargo.toml
index 411bb6e..b59872e 100644
--- a/keyfork-derive-openpgp/Cargo.toml
+++ b/keyfork-derive-openpgp/Cargo.toml
@@ -10,6 +10,6 @@ license = "AGPL-3.0-only"
 keyfork-derive-util = { version = "0.1.0", path = "../keyfork-derive-util", default-features = false, features = ["ed25519"] }
 keyforkd-client = { version = "0.1.0", path = "../keyforkd-client", default-features = false, features = ["ed25519"] }
 ed25519-dalek = "2.0.0"
-sequoia-openpgp = { version = "1.16.1", features = ["ed25519"] }
+sequoia-openpgp = { version = "1.17.0", default-features = false }
 anyhow = "1.0.75"
 thiserror = "1.0.49"
diff --git a/keyfork-shard/Cargo.toml b/keyfork-shard/Cargo.toml
index f50f6be..da3af95 100644
--- a/keyfork-shard/Cargo.toml
+++ b/keyfork-shard/Cargo.toml
@@ -32,6 +32,6 @@ keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp"
 anyhow = { version = "1.0.79", optional = true }
 card-backend = { version = "0.2.0", optional = true }
 card-backend-pcsc = { version = "0.5.0", optional = true }
-openpgp-card-sequoia = { version = "0.2.0", optional = true }
+openpgp-card-sequoia = { version = "0.2.0", optional = true, default-features = false }
 openpgp-card = { version = "0.4.0", optional = true }
-sequoia-openpgp = { version = "1.16.1", optional = true }
+sequoia-openpgp = { version = "1.17.0", optional = true, default-features = false }
diff --git a/keyfork-zbar-sys/Cargo.toml b/keyfork-zbar-sys/Cargo.toml
index 22a2f49..a0e0aab 100644
--- a/keyfork-zbar-sys/Cargo.toml
+++ b/keyfork-zbar-sys/Cargo.toml
@@ -10,5 +10,5 @@ license = "MIT"
 [dependencies]
 
 [build-dependencies]
-bindgen = { version = "0.68", default-features = false }
+bindgen = { version = "0.68", default-features = false, features = ["runtime"] }
 pkg-config = "0.3"
diff --git a/keyfork/Cargo.toml b/keyfork/Cargo.toml
index 0a8d0d0..007c465 100644
--- a/keyfork/Cargo.toml
+++ b/keyfork/Cargo.toml
@@ -5,11 +5,21 @@ edition = "2021"
 license = "AGPL-3.0-only"
 
 [features]
-default = ["completion", "qrcode-decode-backend-rqrr"]
+default = [
+	"completion",
+	"qrcode-decode-backend-rqrr",
+#	"sequoia-crypto-backend-nettle",
+]
+
 completion = ["dep:clap_complete"]
+
 qrcode-decode-backend-rqrr = ["keyfork-qrcode/decode-backend-rqrr"]
 qrcode-decode-backend-zbar = ["keyfork-qrcode/decode-backend-zbar"]
 
+sequoia-crypto-backend-nettle = ["sequoia-openpgp/crypto-nettle"]
+sequoia-crypto-backend-rust = ["sequoia-openpgp/crypto-rust"]
+sequoia-crypto-backend-openssl = ["sequoia-openpgp/crypto-openssl"]
+
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
 
 [dependencies]
@@ -25,9 +35,10 @@ keyfork-derive-openpgp = { version = "0.1.0", path = "../keyfork-derive-openpgp"
 keyforkd-client = { version = "0.1.0", path = "../keyforkd-client", default-features = false, features = ["ed25519"] }
 keyfork-derive-util = { version = "0.1.0", path = "../keyfork-derive-util", default-features = false, features = ["ed25519"] }
 card-backend-pcsc = "0.5.0"
-openpgp-card-sequoia = "0.2.0"
+openpgp-card-sequoia = { version = "0.2.0", default-features = false }
 openpgp-card = "0.4.1"
 keyfork-prompt = { version = "0.1.0", path = "../keyfork-prompt" }
 keyfork-entropy = { version = "0.1.0", path = "../keyfork-entropy" }
 clap_complete = { version = "4.4.6", optional = true }
 keyfork-qrcode = { version = "0.1.0", path = "../keyfork-qrcode" }
+sequoia-openpgp = { version = "1.17.0", default-features = false, features = ["compression"] }