Make sq key password change the password of weakly bound keys.

- Change `sq key password` to also change the password of keys that
    are weakly bound.  Users are likely to be more surprised when a
    password is not changed.
This commit is contained in:
Neal H. Walfield 2024-11-22 16:55:23 +01:00
parent 493ab3ab31
commit d5c4c50326
No known key found for this signature in database
GPG Key ID: 6863C9AD5B4D22D3
2 changed files with 48 additions and 1 deletions

View File

@ -8,6 +8,7 @@ use openpgp::Cert;
use crate::Result;
use crate::Sq;
use crate::cli;
use crate::common::NULL_POLICY;
use crate::common::key::get_keys;
use crate::common::key::password;
@ -17,13 +18,23 @@ pub fn dispatch(sq: Sq, command: cli::key::password::Command)
let (cert, cert_source)
= sq.resolve_cert(&command.cert, sequoia_wot::FULLY_TRUSTED)?;
let vc = Cert::with_policy(&cert, sq.policy, sq.time)
// We require the certificate be valid under the standard policy.
Cert::with_policy(&cert, sq.policy, sq.time)
.with_context(|| {
format!("The certificate {} is not valid under the \
current policy.",
cert.fingerprint())
})?;
// But we change the password for all keys with plausible
// bindings.
let vc = Cert::with_policy(&cert, NULL_POLICY, sq.time)
.with_context(|| {
format!("The certificate {} is not valid under the \
null policy.",
cert.fingerprint())
})?;
let kas = vc.keys().collect::<Vec<_>>();
let kas = kas.iter().collect::<Vec<_>>();

View File

@ -205,6 +205,42 @@ fn hard_revoked_subkey() {
}
}
#[test]
fn sha1_subkey() {
// Make sure we can change the password of keys that are bound
// using SHA-1.
let sq = Sq::new();
let new_password = sq.scratch_file("new-password.txt");
std::fs::write(&new_password, "crazy passw0rd").unwrap();
let cert_path = sq.test_data()
.join("keys")
.join("sha1-subkey-priv.pgp");
let cert = Cert::from_file(&cert_path).expect("can read");
let vc = cert.with_policy(STANDARD_POLICY, sq.now())
.expect("valid cert");
// Make sure the subkey key is there and really uses SHA-1.
let valid_subkeys: Vec<_> = vc.keys().subkeys()
.map(|ka| ka.fingerprint())
.collect();
let all_subkeys: Vec<_> = cert.keys().subkeys()
.map(|ka| ka.fingerprint())
.collect();
assert_eq!(valid_subkeys.len(), 0);
assert_eq!(all_subkeys.len(), 1);
let updated = sq.key_password(
cert_path, None, Some(new_password.as_path()), None);
for ka in updated.keys() {
assert!(! ka.has_unencrypted_secret());
}
}
#[test]
fn subkey_without_secret_key_material() {
// Make sure we can change the password of keys where some of the