Remove sq encrypt --set-metadata-time.

- The literal data packet's time field is problematic for a variety
    of reasons.  The previous timestamp interface allows a number of
    time sources (ctime, mtime, message time (that is way better
    encoded in the signature creation time), explicit timestamp), but
    the information about what kind of timestamp this should be is
    lost when the time is encoded, without warning.

  - Remove it.

  - See #351.
This commit is contained in:
Justus Winter 2024-11-14 16:42:34 +01:00
parent f16ef5d878
commit b916a13426
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
4 changed files with 1 additions and 122 deletions

1
NEWS
View File

@ -65,6 +65,7 @@
instead, `--userid`.
- Add `sq pki path --email` and `sq pki path --name` as additional
ways to specify the user ID to authenticate.
- The argument `sq encrypt --set-metadata-time` has been removed.
* Changes in 0.39.0
** Notable changes

View File

@ -4,7 +4,6 @@ use clap::{ValueEnum, Parser};
use super::types::ClapData;
use super::types::EncryptPurpose;
use super::types::MetadataTime;
use super::types::FileOrStdin;
use super::types::FileOrStdout;
@ -97,32 +96,6 @@ pub struct Command {
dangerous.",
)]
pub set_metadata_filename: bool,
#[clap(
default_value_t = MetadataTime::default(),
help = "Set time for encrypted file as metadata",
long,
long_help = format!(
"Set time for encrypted file as metadata. \
Allows setting TIME either as ISO 8601 formatted string or by \
providing custom keywords. \
With `{}`, the metadata is not set. \
With `{}`, the metadata is set to the file's creation \
timestamp. \
With `{}`, the metadata is set to the file's last \
modification timestamp. \
With `{}`, the metadata is set to the creation \
timestamp of the message for which the metadata is added. \
Do note, that this metadata is not signed and as such relying on \
it - on sender or receiver side - is generally considered \
dangerous.",
MetadataTime::None,
MetadataTime::FileCreation,
MetadataTime::FileModification,
MetadataTime::MessageCreation,
),
value_name = "TIME",
)]
pub set_metadata_time: MetadataTime,
#[command(flatten)]
pub signers: CertDesignators<CertUserIDEmailFileArgs,

View File

@ -540,64 +540,6 @@ impl From<ArmorKind> for Option<openpgp::armor::Kind> {
}
}
/// Time for metadata in literal data packet
///
/// This enum tracks time information for literal data packets, which may carry
/// unsigned metadata about the encrypted file.
#[derive(Debug, Clone, Eq, PartialEq)]
#[non_exhaustive]
pub enum MetadataTime {
/// No time is added
None,
/// The timestamp of the file creation
FileCreation,
/// The timestamp of the file modification
FileModification,
/// The timestamp of the message creation
MessageCreation,
/// A specific timestamp
Timestamp(Time),
}
impl MetadataTime {
/// Create a new MetadataTime in a Result
pub fn new(date: &str) -> Result<Self> {
match date {
"none" => Ok(Self::None),
"file-creation" => Ok(Self::FileCreation),
"file-modification" => Ok(Self::FileModification),
"message-creation" => Ok(Self::MessageCreation),
_ => Ok(Self::Timestamp(Time::from_str(date)?))
}
}
}
impl FromStr for MetadataTime {
type Err = anyhow::Error;
fn from_str(s: &str) -> Result<MetadataTime> {
MetadataTime::new(s)
}
}
impl Display for MetadataTime {
fn fmt(&self, f: &mut Formatter) -> std::fmt::Result {
match self {
MetadataTime::Timestamp(time) => write!(f, "{}", time),
MetadataTime::FileCreation => write!(f, "{}", "file-creation"),
MetadataTime::FileModification => write!(f, "{}", "file-modification"),
MetadataTime::MessageCreation => write!(f, "{}", "message-creation"),
MetadataTime::None => write!(f, "none"),
}
}
}
impl Default for MetadataTime {
fn default() -> Self {
MetadataTime::None
}
}
/// Describes the purpose of the encryption.
#[derive(ValueEnum, Clone, Debug)]
pub enum EncryptPurpose {

View File

@ -1,4 +1,3 @@
use std::fs::metadata;
use std::io;
use std::path::PathBuf;
use std::time::SystemTime;
@ -25,7 +24,6 @@ use openpgp::types::KeyFlags;
use crate::cli;
use crate::cli::types::EncryptPurpose;
use crate::cli::types::FileOrStdin;
use crate::cli::types::MetadataTime;
use crate::Sq;
use crate::Result;
use crate::common::password;
@ -71,7 +69,6 @@ pub fn dispatch(sq: Sq, command: cli::encrypt::Command) -> Result<()> {
Some(sq.time),
command.use_expired_subkey,
command.set_metadata_filename,
command.set_metadata_time
)?;
Ok(())
@ -91,7 +88,6 @@ pub fn encrypt<'a, 'b: 'a>(
time: Option<SystemTime>,
use_expired_subkey: bool,
set_metadata_filename: bool,
set_metadata_time: MetadataTime,
)
-> Result<()>
{
@ -204,39 +200,6 @@ pub fn encrypt<'a, 'b: 'a>(
}
let mut literal_writer = LiteralWriter::new(sink);
match set_metadata_time {
MetadataTime::None => {}
MetadataTime::FileCreation => {
let metadata = metadata(
input.inner()
.ok_or_else(|| {
anyhow!(
"Can not get metadata of file, when reading from stdin."
)
})?)?;
literal_writer = literal_writer.date(SystemTime::from(metadata.created()?))?;
}
MetadataTime::FileModification => {
let metadata = metadata(
input.inner()
.ok_or_else(|| {
anyhow!(
"Can not get metadata of file, when reading from stdin."
)
})?)?;
literal_writer = literal_writer.date(
SystemTime::from(metadata.modified()?)
)?;
}
MetadataTime::MessageCreation => {
literal_writer = literal_writer.date(
time.ok_or(anyhow!("Unable to get reference time"))?
)?;
}
MetadataTime::Timestamp(time) => {
literal_writer = literal_writer.date(time.to_system_time(sq.time)?)?;
}
}
if set_metadata_filename {
literal_writer = literal_writer