parent
6645fdee6c
commit
359245db14
@ -5,7 +5,6 @@ use std::path::PathBuf;
|
||||
use clap::{ArgGroup, Parser, ValueEnum};
|
||||
|
||||
use sequoia_openpgp::{
|
||||
KeyHandle,
|
||||
types::SignatureType,
|
||||
};
|
||||
|
||||
@ -15,6 +14,7 @@ use super::types::FileOrStdout;
|
||||
|
||||
use crate::cli::examples;
|
||||
use examples::*;
|
||||
use crate::cli::types::cert_designator::*;
|
||||
|
||||
const SIGN_EXAMPLES: Actions = Actions {
|
||||
actions: &[
|
||||
@ -148,24 +148,24 @@ may change line endings. In doubt, create binary signatures.",
|
||||
"detached",
|
||||
"cleartext",
|
||||
"notarize",
|
||||
"secret_key_file",
|
||||
"signer",
|
||||
"signer-file",
|
||||
"signer-email",
|
||||
"signer-userid",
|
||||
],
|
||||
help = "Merge signatures from the input and SIGNED-MESSAGE",
|
||||
)]
|
||||
pub merge: Option<PathBuf>,
|
||||
#[clap(
|
||||
long = "signer-file",
|
||||
value_name = "KEY_FILE",
|
||||
help = "Sign the message using the key in KEY_FILE",
|
||||
)]
|
||||
pub secret_key_file: Vec<PathBuf>,
|
||||
|
||||
#[clap(
|
||||
long = "signer",
|
||||
value_name = "KEYID|FINGERPRINT",
|
||||
help = "Sign the message using the specified key on the key store",
|
||||
)]
|
||||
pub signer_key: Vec<KeyHandle>,
|
||||
#[command(flatten)]
|
||||
pub signers: CertDesignators<CertUserIDEmailFileArgs,
|
||||
SignerPrefix,
|
||||
// XXX: should be NoOptions, but we
|
||||
// cannot express that one cert
|
||||
// designator must be given unless
|
||||
// merge is given.
|
||||
OptionalValue,
|
||||
SignerDoc>,
|
||||
|
||||
#[clap(
|
||||
long,
|
||||
@ -187,6 +187,24 @@ may change line endings. In doubt, create binary signatures.",
|
||||
pub notation: Vec<String>,
|
||||
}
|
||||
|
||||
/// Documentation for signer arguments.
|
||||
pub struct SignerDoc {}
|
||||
impl AdditionalDocs for SignerDoc {
|
||||
fn help(arg: &'static str, help: &'static str) -> clap::builder::StyledStr {
|
||||
match arg {
|
||||
"file" =>
|
||||
"Create the signature using the key read from PATH"
|
||||
.into(),
|
||||
_ => {
|
||||
debug_assert!(help.starts_with("Use certificates"));
|
||||
help.replace("Use certificates",
|
||||
"Create the signature using the key")
|
||||
.into()
|
||||
},
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Signature mode, either binary or text.
|
||||
#[derive(ValueEnum, Clone, Copy, Debug, Default)]
|
||||
pub enum Mode {
|
||||
|
@ -18,12 +18,10 @@ use openpgp::serialize::Serialize;
|
||||
use openpgp::serialize::stream::{
|
||||
Message, Armorer, Signer, LiteralWriter,
|
||||
};
|
||||
use openpgp::types::KeyFlags;
|
||||
use openpgp::types::SignatureType;
|
||||
|
||||
|
||||
use crate::Sq;
|
||||
use crate::load_certs;
|
||||
use crate::parse_notations;
|
||||
|
||||
use crate::cli;
|
||||
@ -47,14 +45,12 @@ pub fn dispatch(sq: Sq, command: cli::sign::Command) -> Result<()> {
|
||||
return Err(anyhow::anyhow!("Notarizing messages is not supported."));
|
||||
}
|
||||
|
||||
let mut secrets =
|
||||
load_certs(command.secret_key_file.iter())?;
|
||||
|
||||
for kh in command.signer_key {
|
||||
let cert = sq.lookup_one(
|
||||
kh, Some(KeyFlags::empty().set_signing()), true)?;
|
||||
secrets.push(cert);
|
||||
};
|
||||
let signers =
|
||||
sq.resolve_certs_or_fail(&command.signers, sequoia_wot::FULLY_TRUSTED)?;
|
||||
let signers = sq.get_signing_keys(&signers, None)?;
|
||||
if signers.is_empty() && command.merge.is_none() {
|
||||
return Err(anyhow::anyhow!("No signing keys found"));
|
||||
}
|
||||
|
||||
let notations = parse_notations(command.notation)?;
|
||||
|
||||
@ -69,11 +65,6 @@ pub fn dispatch(sq: Sq, command: cli::sign::Command) -> Result<()> {
|
||||
return merge_signatures(&mut input, &mut input2, output);
|
||||
}
|
||||
|
||||
let signers = sq.get_signing_keys(&secrets, None)?;
|
||||
if signers.is_empty() {
|
||||
return Err(anyhow::anyhow!("No signing keys found"));
|
||||
}
|
||||
|
||||
if command.cleartext {
|
||||
let output = output.create_safe(&sq)?;
|
||||
clearsign(sq, input, output, signers, ¬ations)?;
|
||||
|
Loading…
Reference in New Issue
Block a user