Make --rev-cert argument mandatory if --output has been given.
- Fixes #132.
This commit is contained in:
Justus Winter
parent
aaae90ce6e
commit
72de5d1234
2
NEWS
2
NEWS
@ -50,6 +50,8 @@
|
||||
primary keys and subkeys.
|
||||
- The argument `sq network keyserver publish --require-all` is the
|
||||
default now and has been removed.
|
||||
- The argument `sq key generate --rev-cert ...` is now mandatory if
|
||||
`--output` has been given.
|
||||
|
||||
* Changes in 0.38.0
|
||||
** Notable changes
|
||||
|
||||
192
sq-subplot.md
192
sq-subplot.md
@ -140,7 +140,7 @@ care of that. Here we merely verify that the new key looks OK.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Alice"
|
||||
then stdout contains "Expiration time: 20"
|
||||
@ -157,7 +157,7 @@ any user identifiers._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
then file key.pgp contains "-----BEGIN PGP PRIVATE KEY BLOCK-----"
|
||||
~~~
|
||||
|
||||
@ -169,7 +169,7 @@ more than one user identifier._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --userid '<alice@example.com>' --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --userid '<alice@example.com>' --output key.pgp --rev-cert key.pgp.rev
|
||||
then file key.pgp contains "Comment: Alice"
|
||||
then file key.pgp contains "Comment: <alice@example.com>"
|
||||
~~~
|
||||
@ -184,7 +184,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cannot-sign --cannot-authenticate --cannot-encrypt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cannot-sign --cannot-authenticate --cannot-encrypt
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout doesn't contain "Key flags: signing"
|
||||
@ -201,7 +201,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cannot-sign --cannot-authenticate
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cannot-sign --cannot-authenticate
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout doesn't contain "Key flags: signing"
|
||||
@ -216,7 +216,7 @@ for at-rest (storage) encryption._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --can-encrypt=storage
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --can-encrypt=storage
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout doesn't contain "transport encryption"
|
||||
@ -230,7 +230,7 @@ for transport encryption._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --can-encrypt=transport
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --can-encrypt=transport
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout contains "Key flags: transport encryption"
|
||||
@ -244,7 +244,7 @@ for signing, and can't be used for encryption._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cannot-encrypt --cannot-authenticate
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cannot-encrypt --cannot-authenticate
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout contains "Key flags: signing"
|
||||
@ -262,7 +262,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --can-authenticate --cannot-sign --cannot-encrypt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --can-authenticate --cannot-sign --cannot-encrypt
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout contains "Key flags: authentication"
|
||||
@ -280,7 +280,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cannot-sign
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cannot-sign
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout contains "Key flags: authentication"
|
||||
@ -298,7 +298,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cannot-authenticate
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cannot-authenticate
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout contains "Key flags: transport encryption, data-at-rest encryption"
|
||||
@ -316,7 +316,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cannot-encrypt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cannot-encrypt
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout doesn't contain "Key flags: transport encryption, data-at-rest encryption"
|
||||
@ -335,7 +335,7 @@ Note that `sq` always creates a key usable for certification.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Key flags: certification"
|
||||
then stdout contains "Key flags: authentication"
|
||||
@ -354,7 +354,7 @@ the default ever changes.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cipher-suite=cv25519
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cipher-suite=cv25519
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Public-key algo: EdDSA"
|
||||
then stdout contains "Public-key size: 256 bits"
|
||||
@ -366,7 +366,7 @@ _Requirement: We must be able to generate a 3072-bit RSA key._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cipher-suite=rsa3k
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cipher-suite=rsa3k
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Public-key algo: RSA"
|
||||
then stdout contains "Public-key size: 3072 bits"
|
||||
@ -378,7 +378,7 @@ _Requirement: We must be able to generate a 4096-bit RSA key._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --cipher-suite=rsa4k
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --cipher-suite=rsa4k
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Public-key algo: RSA"
|
||||
then stdout contains "Public-key size: 4096 bits"
|
||||
@ -396,7 +396,7 @@ cases.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
then file key.pgp.rev contains "Comment: Revocation certificate for"
|
||||
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key2.pgp --rev-cert rev.pgp
|
||||
@ -411,7 +411,7 @@ We generate a key with defaults, and check the key expires.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Expiration time: 20"
|
||||
~~~
|
||||
@ -430,7 +430,7 @@ inspect output is the last second of validity.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --expiration=2038-01-19T03:14:07+00:00
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --expiration=2038-01-19T03:14:07+00:00
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Expiration time: 2038-01-19 03:14"
|
||||
when I run sq --no-cert-store --no-key-store inspect --time 2038-01-20T00:00:00+00:00 key.pgp
|
||||
@ -444,7 +444,7 @@ given time._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --expiration=1y
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev --expiration=1y
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Expiration time: 20"
|
||||
~~~
|
||||
@ -456,7 +456,7 @@ password._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Secret key: Unencrypted"
|
||||
~~~
|
||||
@ -469,7 +469,7 @@ password._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file password.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --no-userids --output key.pgp --new-password-file password.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --no-userids --output key.pgp --rev-cert key.pgp.rev --new-password-file password.txt
|
||||
when I run sq --no-cert-store --no-key-store inspect key.pgp
|
||||
then stdout contains "Secret key: Encrypted"
|
||||
~~~
|
||||
@ -480,7 +480,7 @@ _Requirement: We must be able to generate a key and add User IDs to it._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key userid add --cert-file key.pgp --name Juliet --email juliet@example.org --output new.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect new.pgp
|
||||
then stdout contains "UserID: Juliet"
|
||||
@ -493,7 +493,7 @@ _Requirement: We must be able to generate a key with a User ID, and then strip t
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<juliet@example.org>" --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<juliet@example.org>" --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox strip-userid --cert-file key.pgp --userid "<juliet@example.org>" --output new.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect new.pgp
|
||||
then stdout doesn't contain "UserID:"
|
||||
@ -513,7 +513,7 @@ output._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp
|
||||
then stdout contains "-----BEGIN PGP PUBLIC KEY BLOCK-----"
|
||||
then stdout contains "-----END PGP PUBLIC KEY BLOCK-----"
|
||||
@ -527,7 +527,7 @@ file._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --output key.pgp --userid Alice
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --output key.pgp --rev-cert key.pgp.rev --userid Alice
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect cert.pgp
|
||||
then stdout contains "OpenPGP Certificate."
|
||||
@ -545,7 +545,7 @@ textual certificate. It could certainly be improved.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --binary
|
||||
then stdout doesn't contain "-----BEGIN PGP PUBLIC KEY BLOCK-----"
|
||||
then stdout doesn't contain "-----END PGP PUBLIC KEY BLOCK-----"
|
||||
@ -563,7 +563,7 @@ placeholder until Subplot learns a new trick.
|
||||
|
||||
~~~
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert < key.pgp
|
||||
then stdout contains "-----BEGIN PGP PUBLIC KEY BLOCK-----"
|
||||
then stdout contains "-----END PGP PUBLIC KEY BLOCK-----"
|
||||
@ -589,8 +589,8 @@ This is for secret keys, with the output going to stdout in text form.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring list ring.pgp
|
||||
then stdout contains "Alice"
|
||||
@ -606,8 +606,8 @@ This is for secret keys, with the output going to a file in text form.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
then file ring.pgp contains "-----BEGIN PGP PRIVATE KEY BLOCK-----"
|
||||
then file ring.pgp contains "-----END PGP PRIVATE KEY BLOCK-----"
|
||||
@ -623,8 +623,8 @@ _Requirement: we can join two keys into a keyring in binary form._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp --binary
|
||||
when I try to run grep PGP ring.pgp
|
||||
then command fails
|
||||
@ -644,8 +644,8 @@ so we don't change writing to stdout separately.
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice-cert.pgp bob-cert.pgp --output ring.pgp
|
||||
@ -674,8 +674,8 @@ certificates._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --to-cert ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -692,8 +692,8 @@ file._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --to-cert ring.pgp
|
||||
then stdout contains "-----BEGIN PGP PUBLIC KEY BLOCK-----"
|
||||
@ -706,8 +706,8 @@ _Requirement: we can get filter output in binary form._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --binary --to-cert ring.pgp
|
||||
then stdout doesn't contain "-----BEGIN PGP PUBLIC KEY BLOCK-----"
|
||||
@ -720,7 +720,7 @@ criteria._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --userid Bob --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --userid Bob --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --prune-certs --name Alice alice.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
then stdout contains "Alice"
|
||||
@ -734,8 +734,8 @@ specific user id._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --userid Alice ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -750,8 +750,8 @@ specific user ids._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --userid Alice --userid Bob ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -766,8 +766,8 @@ part of a user ids._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@example.com>' --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@example.com>' --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --name Alice ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -782,8 +782,8 @@ several names as part of the user id._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@example.com>' --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@example.com>' --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --name Alice --name Bob ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -798,8 +798,8 @@ part of a user ids._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@sequoia-pgp.org>' --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@sequoia-pgp.org>' --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --domain example.com ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -814,8 +814,8 @@ several names as part of the user id._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@sequoia-pgp.org>' --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Alice <alice@example.com>' --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid 'Bob <bob@sequoia-pgp.org>' --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring filter --domain example.com --domain sequoia-pgp.org ring.pgp --output filtered.pgp
|
||||
when I run sq --no-cert-store --no-key-store inspect filtered.pgp
|
||||
@ -834,8 +834,8 @@ _Requirement: we can list the keys in a keyring._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring list ring.pgp
|
||||
then stdout contains "Alice"
|
||||
@ -848,7 +848,7 @@ _Requirement: we can list the keys in a key file._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring list alice.pgp
|
||||
then stdout contains "Alice"
|
||||
then stdout doesn't contain "Bob"
|
||||
@ -860,7 +860,7 @@ _Requirement: we can list all user ids._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --userid Bob --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --userid Bob --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring list alice.pgp --all-userids
|
||||
then stdout contains "Alice"
|
||||
then stdout contains "Bob"
|
||||
@ -886,8 +886,8 @@ is a placeholder.
|
||||
|
||||
~~~
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring merge alice.pgp bob.pgp --output ring.pgp
|
||||
when I run sq --no-cert-store --no-key-store toolbox keyring split ring.pgp
|
||||
then the resulting files match alice,pgp and bob.pgp
|
||||
@ -911,7 +911,7 @@ in cleartext, just in case.
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output cert.pgp key.pgp
|
||||
when I run sq --no-cert-store --no-key-store encrypt --for-file cert.pgp hello.txt
|
||||
then stdout contains "-----BEGIN PGP MESSAGE-----"
|
||||
@ -930,7 +930,7 @@ in cleartext, just in case.
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output cert.pgp key.pgp
|
||||
when I run sq --no-cert-store --no-key-store encrypt --binary --for-file cert.pgp hello.txt
|
||||
then stdout doesn't contain "-----BEGIN PGP MESSAGE-----"
|
||||
@ -952,7 +952,7 @@ files, etc).
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output cert.pgp key.pgp
|
||||
when I run sq --no-cert-store --no-key-store encrypt --output x.pgp --for-file cert.pgp hello.txt
|
||||
when I run sq --no-cert-store --no-key-store decrypt --output output.txt --recipient-file key.pgp x.pgp
|
||||
@ -968,9 +968,9 @@ recipients at a time._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output alice-cert.pgp alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output bob-cert.pgp bob.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store encrypt --for-file alice-cert.pgp --for-file bob-cert.pgp hello.txt --output x.pgp
|
||||
@ -991,7 +991,7 @@ same time._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output alice-cert.pgp alice.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store encrypt --for-file alice-cert.pgp --signer-file alice.pgp hello.txt --output x.pgp
|
||||
@ -1010,9 +1010,9 @@ there should be no output._
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
given file empty
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output alice-cert.pgp alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert --output bob-cert.pgp bob.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store encrypt --for-file alice-cert.pgp --signer-file alice.pgp hello.txt --output x.pgp
|
||||
@ -1036,9 +1036,9 @@ _Requirement: We can certify a user identity on a key._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store inspect bob-cert.pgp
|
||||
@ -1057,9 +1057,9 @@ _Requirement: We can certify a user identity on a key._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store inspect bob-cert.pgp
|
||||
@ -1079,9 +1079,9 @@ email address._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<alice@example.org>" --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<alice@example.org>" --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<bob@example.org>" --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<bob@example.org>" --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store pki certify --certifier-file alice.pgp bob-cert.pgp --email bob@example.org --output cert.pgp
|
||||
@ -1096,9 +1096,9 @@ identified by email address._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<alice@example.org>" --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<alice@example.org>" --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<bob@example.org>" --userid "Bob <bob@example.org>" --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid "<bob@example.org>" --userid "Bob <bob@example.org>" --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store pki certify --certifier-file alice.pgp bob-cert.pgp --email bob@example.org --output cert.pgp
|
||||
@ -1120,9 +1120,9 @@ self-signature._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store inspect bob-cert.pgp
|
||||
@ -1142,9 +1142,9 @@ self-signature._
|
||||
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store pki certify --certifier-file alice.pgp --add-userid bob-cert.pgp --email "bob@example.org" --output cert.pgp
|
||||
@ -1169,7 +1169,7 @@ stdout in ASCII armor form._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file key.pgp hello.txt
|
||||
then stdout contains "-----BEGIN PGP MESSAGE-----"
|
||||
then stdout contains "-----END PGP MESSAGE-----"
|
||||
@ -1183,7 +1183,7 @@ stdout in binary form._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file key.pgp hello.txt --binary
|
||||
then stdout doesn't contain "-----BEGIN PGP MESSAGE-----"
|
||||
then stdout doesn't contain "-----END PGP MESSAGE-----"
|
||||
@ -1197,7 +1197,7 @@ file._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file key.pgp hello.txt --output signed.txt
|
||||
then file signed.txt contains "-----BEGIN PGP MESSAGE-----"
|
||||
then file signed.txt contains "-----END PGP MESSAGE-----"
|
||||
@ -1210,7 +1210,7 @@ _Requirement: We can sign a file and verify the signature._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file key.pgp hello.txt --output signed.txt
|
||||
when I run sq --no-cert-store --no-key-store verify --signer-file cert.pgp signed.txt
|
||||
@ -1229,9 +1229,9 @@ not enough, when we need two.
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file alice.pgp hello.txt --output signed1.txt
|
||||
@ -1259,7 +1259,7 @@ the file by definition can't be valid anymore.
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
given file sed-in-place
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file key.pgp hello.txt --output signed.txt
|
||||
when I run sh sed-in-place 3d signed.txt
|
||||
@ -1285,7 +1285,7 @@ included in a readable form._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --cleartext-signature --signer-file key.pgp hello.txt --output signed.txt
|
||||
@ -1306,7 +1306,7 @@ verified._
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
given file sed-in-place
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --cleartext-signature --signer-file key.pgp hello.txt --output signed.txt
|
||||
@ -1323,7 +1323,7 @@ data it signs._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --detached --signer-file key.pgp hello.txt --output sig.txt
|
||||
@ -1344,7 +1344,7 @@ modified, the signature can't be verified._
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
given file sed-in-place
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --no-userids --output key.pgp --rev-cert key.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert key.pgp --output cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --detached --signer-file key.pgp hello.txt --output sig.txt
|
||||
@ -1362,9 +1362,9 @@ message._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file alice.pgp hello.txt --output signed1.txt
|
||||
@ -1382,9 +1382,9 @@ twice separately._
|
||||
~~~scenario
|
||||
given an installed sq
|
||||
given file hello.txt
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Alice --output alice.pgp --rev-cert alice.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert alice.pgp --output alice-cert.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp
|
||||
when I run sq --no-cert-store --no-key-store key generate --without-password --userid Bob --output bob.pgp --rev-cert bob.pgp.rev
|
||||
when I run sq --no-cert-store --no-key-store toolbox extract-cert bob.pgp --output bob-cert.pgp
|
||||
|
||||
when I run sq --no-cert-store --no-key-store sign --signer-file alice.pgp hello.txt --output signed1.txt
|
||||
|
||||
@ -200,6 +200,7 @@ universal]",
|
||||
Write the key to the specified file.
|
||||
|
||||
When not specified, the key is saved on the key store.",
|
||||
requires = "rev_cert",
|
||||
)]
|
||||
pub output: Option<FileOrStdout>,
|
||||
|
||||
@ -214,10 +215,9 @@ When the key is stored on the key store, the revocation certificate is \
|
||||
stored in {} by default.
|
||||
|
||||
When `--output` is specified, the revocation certificate is written to \
|
||||
`FILE.rev` by default.
|
||||
the file specified by `--rev-cert`.
|
||||
|
||||
If `--output` is `-`, then this option must be provided, and must not \
|
||||
also be `-`.",
|
||||
If `--output` is `-`, then this option must not also be `-`.",
|
||||
sequoia_directories::Home::default()
|
||||
.map(|home| {
|
||||
let p = home.data_dir(sequoia_directories::Component::Other(
|
||||
@ -257,6 +257,7 @@ Generate a key, and save it in a file instead of in the key store.",
|
||||
"--name", "Alice",
|
||||
"--email", "alice@example.org",
|
||||
"--output", "alice-priv.pgp",
|
||||
"--rev-cert", "alice-priv.rev",
|
||||
],
|
||||
}),
|
||||
Action::Example(Example {
|
||||
|
||||
@ -152,12 +152,6 @@ pub fn generate(
|
||||
(cert, rev) = gen()?;
|
||||
|
||||
rev_cert
|
||||
} else if let Some(path) = command.output.as_ref().and_then(|o| o.path()) {
|
||||
(cert, rev) = gen()?;
|
||||
|
||||
let mut path = path.clone();
|
||||
path.as_mut_os_string().push(".rev");
|
||||
FileOrStdout::from(path)
|
||||
} else if on_keystore {
|
||||
let dir = sq.home.data_dir(sequoia_directories::Component::Other(
|
||||
"revocation-certificates".into()));
|
||||
@ -172,8 +166,8 @@ pub fn generate(
|
||||
cert.fingerprint()))))
|
||||
} else {
|
||||
return Err(anyhow::anyhow!(
|
||||
"Missing arguments: --rev-cert is mandatory if --output is '-' \
|
||||
or not provided."
|
||||
"Missing arguments: --rev-cert is mandatory if --output is \
|
||||
given."
|
||||
));
|
||||
};
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user