tests: Abstract user ID argument passing.

- Add a new type, `UserIDArg`, which represents a user ID argument.

  - Change functions that take user IDs like `Sq::key_generate` to use
    it.
This commit is contained in:
Neal H. Walfield 2024-11-13 09:20:18 +01:00
parent 82a5f13a96
commit fbd7f260e7
No known key found for this signature in database
GPG Key ID: 6863C9AD5B4D22D3
9 changed files with 251 additions and 110 deletions

View File

@ -227,6 +227,71 @@ impl FileOrBytes {
}
}
/// An enum for user ID arguments.
#[derive(Debug, Clone)]
pub enum UserIDArg<'a> {
UserID(&'a str),
Email(&'a str),
Name(&'a str),
AddUserID(&'a str),
AddEmail(&'a str),
}
impl<'a> From<&'a str> for UserIDArg<'a> {
fn from(userid: &'a str) -> Self {
UserIDArg::UserID(userid)
}
}
impl<'a> From<&'a &'a str> for UserIDArg<'a> {
fn from(userid: &'a &'a str) -> Self {
UserIDArg::UserID(userid)
}
}
impl<'a> From<&'a String> for UserIDArg<'a> {
fn from(userid: &'a String) -> Self {
UserIDArg::UserID(&userid)
}
}
impl UserIDArg<'_> {
/// Return the raw string.
fn raw(&self) -> &str {
match self {
UserIDArg::UserID(s)
| UserIDArg::Email(s)
| UserIDArg::Name(s)
| UserIDArg::AddUserID(s)
| UserIDArg::AddEmail(s) =>
{
s
}
}
}
/// Add the argument to a `Command`.
fn as_arg(&self, cmd: &mut Command) {
match self {
UserIDArg::UserID(userid) =>
cmd.arg("--userid").arg(userid),
UserIDArg::Email(email) =>
cmd.arg("--email").arg(email),
UserIDArg::Name(name) =>
cmd.arg("--name").arg(name),
UserIDArg::AddUserID(userid) =>
cmd.arg("--add-userid").arg(userid),
UserIDArg::AddEmail(email) =>
cmd.arg("--add-email").arg(email),
};
}
}
// When calling a function like `Sq::key_generate` that has an `&[U]
// where U: Into<UserIDArg` parameter, we can't pass `&[]`, because
// rust can't infer a type for `U`. Instead, we can use this.
pub const NO_USERIDS: &[UserIDArg] = &[];
pub struct Sq {
base: TempDir,
// Whether to preserve the directory on exit. Normally we clean
@ -658,11 +723,17 @@ impl Sq {
///
/// Returns the certificate, the certificate's filename, and the
/// revocation certificate's filename.
pub fn key_generate(&self,
extra_args: &[&str],
userids: &[&str])
pub fn key_generate<'a, U>(&self,
extra_args: &[&str],
userids: &[U])
-> (Cert, PathBuf, PathBuf)
where U: Into<UserIDArg<'a>> + Clone
{
let userids: Vec<UserIDArg> = userids.iter()
.cloned()
.map(|u| u.into())
.collect();
let mut cmd = self.command();
cmd.args([ "key", "generate" ]);
@ -680,17 +751,17 @@ impl Sq {
if ! any_userids {
cmd.arg("--no-userids");
} else {
for userid in userids {
cmd.arg("--userid").arg(userid);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
}
let cert_filename = self.scratch_file(
userids.get(0).map(|u| format!("{}-cert", u)).as_deref());
userids.get(0).map(|u| format!("{}-cert", u.raw())).as_deref());
cmd.arg("--output").arg(&cert_filename);
let rev_filename = self.scratch_file(
userids.get(0).map(|u| format!("{}-rev", u)).as_deref());
userids.get(0).map(|u| format!("{}-rev", u.raw())).as_deref());
cmd.arg("--rev-cert").arg(&rev_filename);
let output = self.run(cmd, Some(true));
@ -1284,7 +1355,16 @@ impl Sq {
}
/// Adds user IDs to the given key.
pub fn key_userid_add(&self, key: Cert, args: &[&str]) -> Result<Cert> {
pub fn key_userid_add<'a, U>(&self, args: &[&str],
key: Cert, userids: &[U])
-> Result<Cert>
where U: Into<UserIDArg<'a>> + Clone
{
let userids = userids.iter()
.cloned()
.map(|u| u.into())
.collect::<Vec<_>>();
let mut cmd = self.command();
cmd.args(["key", "userid", "add"]);
for arg in args {
@ -1294,6 +1374,11 @@ impl Sq {
let in_filename = self.scratch_file(None);
key.as_tsk().serialize(&mut File::create(&in_filename)?)?;
cmd.arg("--cert-file").arg(&in_filename);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
let out_filename = self.scratch_file(None);
cmd.arg("--output").arg(&out_filename);
@ -1305,12 +1390,15 @@ impl Sq {
}
/// Revokes a user ID.
pub fn key_userid_revoke_maybe<'a, C, O>(&self, args: &[&str], cert: C, userid: &str,
reason: &str, message: &str,
output_file: O)
pub fn key_userid_revoke_maybe<'a, 'b, C, O, U>(&self, args: &[&str],
cert: C, userid: U,
reason: &str,
message: &str,
output_file: O)
-> Result<Cert>
where C: Into<FileOrKeyHandle>,
O: Into<Option<&'a Path>>,
U: Into<UserIDArg<'a>>,
O: Into<Option<&'b Path>>,
{
let cert = cert.into();
let output_file = output_file.into();
@ -1333,7 +1421,7 @@ impl Sq {
cmd.arg("--cert").arg(s);
}
}
cmd.arg("--userid").arg(userid);
userid.into().as_arg(&mut cmd);
if let Some(output_file) = output_file {
cmd.arg("--overwrite").arg("--output").arg(output_file);
@ -1343,12 +1431,15 @@ impl Sq {
self.handle_cert_output(output, cert, output_file, false)
}
pub fn key_userid_revoke<'a, C, O>(&self, args: &[&str], cert: C, userid: &str,
reason: &str, message: &str,
output_file: O)
pub fn key_userid_revoke<'a, 'b, C, O, U>(&self, args: &[&str],
cert: C, userid: U,
reason: &str,
message: &str,
output_file: O)
-> Cert
where C: Into<FileOrKeyHandle>,
O: Into<Option<&'a Path>>,
U: Into<UserIDArg<'a>>,
O: Into<Option<&'b Path>>,
{
self.key_userid_revoke_maybe(args, cert, userid, reason, message, output_file)
.expect("succeeds")
@ -1414,19 +1505,24 @@ impl Sq {
///
/// If `output_file` is `Some`, then the output is written to that
/// file. Otherwise, the default behavior is followed.
pub fn pki_vouch_certify_p<'a, H, C, Q>(&self, extra_args: &[&str],
certifier: H,
cert: C,
userids: &[&str],
output_file: Q,
success: bool)
pub fn pki_vouch_certify_p<'a, 'b, H, C, U, Q>(
&self, extra_args: &[&str],
certifier: H,
cert: C, userids: &[U],
output_file: Q,
success: bool)
-> Result<Cert>
where H: Into<FileOrKeyHandle>,
C: Into<FileOrKeyHandle>,
Q: Into<Option<&'a Path>>,
U: Into<UserIDArg<'a>> + Clone,
Q: Into<Option<&'b Path>>,
{
let certifier = certifier.into();
let cert = cert.into();
let userids = userids.iter()
.cloned()
.map(|u| u.into())
.collect::<Vec<_>>();
let output_file = output_file.into();
let mut cmd = self.command();
@ -1450,8 +1546,8 @@ impl Sq {
cmd.arg("--cert").arg(s);
}
}
for userid in userids {
cmd.arg("--userid").arg(userid);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
if let Some(output_file) = output_file {
@ -1463,15 +1559,16 @@ impl Sq {
}
/// Certify the user ID binding.
pub fn pki_vouch_certify<'a, H, C, Q>(&self, extra_args: &[&str],
certifier: H,
cert: C,
userids: &[&str],
output_file: Q)
pub fn pki_vouch_certify<'a, 'b, H, C, U, Q>(
&self, extra_args: &[&str],
certifier: H,
cert: C, userids: &[U],
output_file: Q)
-> Cert
where H: Into<FileOrKeyHandle>,
C: Into<FileOrKeyHandle>,
Q: Into<Option<&'a Path>>,
U: Into<UserIDArg<'a>> + Clone,
Q: Into<Option<&'b Path>>,
{
self.pki_vouch_certify_p(
extra_args, certifier, cert, userids, output_file, true)
@ -1482,19 +1579,24 @@ impl Sq {
///
/// If `output_file` is `Some`, then the output is written to that
/// file. Otherwise, the default behavior is followed.
pub fn pki_vouch_authorize_p<'a, H, C, Q>(&self, extra_args: &[&str],
certifier: H,
cert: C,
userids: &[&str],
output_file: Q,
success: bool)
pub fn pki_vouch_authorize_p<'a, 'b, H, C, U, Q>(
&self, extra_args: &[&str],
certifier: H,
cert: C, userids: &[U],
output_file: Q,
success: bool)
-> Result<Cert>
where H: Into<FileOrKeyHandle>,
C: Into<FileOrKeyHandle>,
Q: Into<Option<&'a Path>>,
U: Into<UserIDArg<'a>> + Clone,
Q: Into<Option<&'b Path>>,
{
let certifier = certifier.into();
let cert = cert.into();
let userids = userids.iter()
.cloned()
.map(|u| u.into())
.collect::<Vec<_>>();
let output_file = output_file.into();
let mut cmd = self.command();
@ -1518,8 +1620,8 @@ impl Sq {
cmd.arg("--cert").arg(s);
}
}
for userid in userids {
cmd.arg("--userid").arg(userid);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
if let Some(output_file) = output_file {
@ -1531,15 +1633,16 @@ impl Sq {
}
/// Authorize a certificate.
pub fn pki_vouch_authorize<'a, H, C, Q>(&self, extra_args: &[&str],
certifier: H,
cert: C,
userids: &[&str],
output_file: Q)
pub fn pki_vouch_authorize<'a, 'b, H, C, U, Q>(
&self, extra_args: &[&str],
certifier: H,
cert: C, userids: &[U],
output_file: Q)
-> Cert
where H: Into<FileOrKeyHandle>,
C: Into<FileOrKeyHandle>,
Q: Into<Option<&'a Path>>,
U: Into<UserIDArg<'a>> + Clone,
Q: Into<Option<&'b Path>>,
{
self.pki_vouch_authorize_p(
extra_args, certifier, cert, userids, output_file, true)
@ -1547,18 +1650,24 @@ impl Sq {
}
/// Add a link for the binding.
pub fn pki_link_add_maybe(&self, extra_args: &[&str],
cert: KeyHandle, userids: &[&str])
pub fn pki_link_add_maybe<'a, U>(&self, extra_args: &[&str],
cert: KeyHandle, userids: &[U])
-> Result<()>
where U: Into<UserIDArg<'a>> + Clone,
{
let userids = userids.iter()
.cloned()
.map(|u| u.into())
.collect::<Vec<_>>();
let mut cmd = self.command();
cmd.args([ "pki", "link", "add" ]);
for arg in extra_args {
cmd.arg(arg);
}
cmd.arg("--cert").arg(cert.to_string());
for userid in userids {
cmd.arg("--userid").arg(userid);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
let output = self.run(cmd, None);
@ -1572,26 +1681,33 @@ impl Sq {
}
/// Add a link for the binding.
pub fn pki_link_add(&self, args: &[&str],
cert: KeyHandle, userids: &[&str])
pub fn pki_link_add<'a, U>(&self, args: &[&str],
cert: KeyHandle, userids: &[U])
where U: Into<UserIDArg<'a>> + Clone,
{
self.pki_link_add_maybe(args, cert, userids).expect("success")
}
/// Add a link for the binding.
pub fn pki_link_retract_maybe(&self, extra_args: &[&str],
cert: KeyHandle,
userids: &[&str])
pub fn pki_link_retract_maybe<'a, U>(&self, extra_args: &[&str],
cert: KeyHandle,
userids: &[U])
-> Result<()>
where U: Into<UserIDArg<'a>> + Clone,
{
let userids = userids.iter()
.cloned()
.map(|u| u.into())
.collect::<Vec<_>>();
let mut cmd = self.command();
cmd.args([ "pki", "link", "retract" ]);
for arg in extra_args {
cmd.arg(arg);
}
cmd.arg("--cert").arg(cert.to_string());
for userid in userids {
cmd.arg("--userid").arg(userid);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
let output = self.run(cmd, None);
@ -1605,27 +1721,34 @@ impl Sq {
}
/// Add a link for the binding.
pub fn pki_link_retract(&self, args: &[&str],
cert: KeyHandle, userids: &[&str])
pub fn pki_link_retract<'a, U>(&self, args: &[&str],
cert: KeyHandle, userids: &[U])
where U: Into<UserIDArg<'a>> + Clone,
{
self.pki_link_retract_maybe(args, cert, userids)
.expect("success")
}
/// Add a link for the binding.
pub fn pki_link_authorize_maybe(&self, extra_args: &[&str],
cert: KeyHandle,
userids: &[&str])
pub fn pki_link_authorize_maybe<'a, U>(&self, extra_args: &[&str],
cert: KeyHandle,
userids: &[U])
-> Result<()>
where U: Into<UserIDArg<'a>> + Clone,
{
let userids = userids.iter()
.cloned()
.map(|u| u.into())
.collect::<Vec<_>>();
let mut cmd = self.command();
cmd.args([ "pki", "link", "authorize" ]);
for arg in extra_args {
cmd.arg(arg);
}
cmd.arg("--cert").arg(cert.to_string());
for userid in userids {
cmd.arg("--userid").arg(userid);
for userid in userids.iter() {
userid.as_arg(&mut cmd);
}
let output = self.run(cmd, None);
@ -1639,8 +1762,9 @@ impl Sq {
}
/// Add a link for the binding.
pub fn pki_link_authorize(&self, args: &[&str],
cert: KeyHandle, userids: &[&str])
pub fn pki_link_authorize<'a, U>(&self, args: &[&str],
cert: KeyHandle, userids: &[U])
where U: Into<UserIDArg<'a>> + Clone,
{
self.pki_link_authorize_maybe(args, cert, userids)
.expect("success")

View File

@ -10,6 +10,7 @@ use openpgp::types::RevocationStatus;
use super::common::STANDARD_POLICY;
use super::common::Sq;
use super::common::time_as_string;
use super::common::UserIDArg;
#[test]
fn sq_key_expire() -> Result<()> {
@ -135,7 +136,7 @@ fn sq_key_expire_no_direct_key_sig() -> Result<()> {
let mut sq = Sq::new();
let (cert, _cert_path, _rev_path)
= sq.key_generate(&["--email", "alice@example.org"], &[]);
= sq.key_generate(&[], &[UserIDArg::Email("alice@example.org")]);
let fipr = cert.fingerprint().to_string();

View File

@ -4,6 +4,8 @@ use sequoia_openpgp as openpgp;
use openpgp::Result;
use super::common;
use super::common::UserIDArg;
use super::common::NO_USERIDS;
#[test]
fn sq_key_generate_creation_time() -> Result<()>
@ -17,7 +19,7 @@ fn sq_key_generate_creation_time() -> Result<()>
let (result, _, _) = sq.key_generate(&[
"--time", iso8601,
"--expiration", "never",
], &[]);
], NO_USERIDS);
let vc = result.with_policy(common::STANDARD_POLICY, None)?;
assert_eq!(vc.primary_key().creation_time(),
@ -30,11 +32,13 @@ fn sq_key_generate_creation_time() -> Result<()>
#[test]
fn sq_key_generate_name_email() -> Result<()> {
let sq = common::Sq::new();
let (cert, _, _) = sq.key_generate(&[
"--name", "Joan Clarke",
"--name", "Joan Clarke Murray",
"--email", "joan@hut8.bletchley.park",
], &[]);
let (cert, _, _) = sq.key_generate(
&[],
&[
UserIDArg::Name("Joan Clarke"),
UserIDArg::Name("Joan Clarke Murray"),
UserIDArg::Email("joan@hut8.bletchley.park"),
]);
assert_eq!(cert.userids().count(), 3);
assert!(cert.userids().any(|u| u.value() == b"Joan Clarke"));
@ -55,7 +59,7 @@ fn sq_key_generate_with_password() -> Result<()> {
let (cert, _, _) = sq.key_generate(&[
"--new-password-file", &path.display().to_string(),
], &[]);
], NO_USERIDS);
assert!(cert.is_tsk());

View File

@ -10,9 +10,11 @@ use openpgp::types::SignatureType;
use openpgp::Cert;
use openpgp::Result;
use super::common::compare_notations;
use super::common::Sq;
use super::common::NO_USERIDS;
use super::common::STANDARD_POLICY;
use super::common::Sq;
use super::common::UserIDArg;
use super::common::compare_notations;
use super::common::time_as_string;
#[test]
@ -89,7 +91,7 @@ fn sq_key_subkey_add_with_password() -> Result<()> {
"--cannot-authenticate",
"--cannot-encrypt",
"--new-password-file", &path2.display().to_string(),
], &[]);
], NO_USERIDS);
assert!(cert.is_tsk());
assert_eq!(cert.keys().subkeys().count(), 0);
@ -353,7 +355,7 @@ fn sq_key_subkey_revoke_multiple() -> Result<()> {
let sq = Sq::new();
let (cert, cert_path, _rev_path)
= sq.key_generate(&["--email", "alice@example.org"], &[]);
= sq.key_generate(&[], &[UserIDArg::Email("alice@example.org")]);
assert!(cert.keys().subkeys().count() > 0);
sq.key_import(cert_path);

View File

@ -9,9 +9,11 @@ use openpgp::Cert;
use openpgp::Result;
use sequoia_openpgp as openpgp;
use super::common::compare_notations;
use super::common::Sq;
use super::common::NO_USERIDS;
use super::common::STANDARD_POLICY;
use super::common::Sq;
use super::common::UserIDArg;
use super::common::compare_notations;
use super::common::time_as_string;
#[test]
@ -372,14 +374,17 @@ fn sq_key_userid_revoke_thirdparty() -> Result<()> {
#[test]
fn sq_key_userid_add() -> Result<()> {
let sq = Sq::new();
let (key, _, _) = sq.key_generate(&[], &[]);
let (key, _, _) = sq.key_generate(&[], NO_USERIDS);
assert_eq!(key.userids().count(), 0);
let key = sq.key_userid_add(key, &[
"--name", "Joan Clarke",
"--name", "Joan Clarke Murray",
"--email", "joan@hut8.bletchley.park",
])?;
let key = sq.key_userid_add(
&[],
key,
&[
UserIDArg::Name("Joan Clarke"),
UserIDArg::Name("Joan Clarke Murray"),
UserIDArg::Email("joan@hut8.bletchley.park"),
])?;
assert_eq!(key.userids().count(), 3);
assert!(key.userids().any(|u| u.value() == b"Joan Clarke"));
@ -393,11 +398,13 @@ fn sq_key_userid_add() -> Result<()> {
#[test]
fn sq_key_userid_strip() -> Result<()> {
let sq = Sq::new();
let (key, _, _) = sq.key_generate(&[
"--name", "Joan Clarke",
"--name", "Joan Clarke Murray",
"--email", "joan@hut8.bletchley.park",
], &[]);
let (key, _, _) = sq.key_generate(
&[],
&[
UserIDArg::Name("Joan Clarke"),
UserIDArg::Name("Joan Clarke Murray"),
UserIDArg::Email("joan@hut8.bletchley.park"),
]);
assert_eq!(key.userids().count(), 3);
// Whoops, that's a secret.

View File

@ -9,9 +9,10 @@ use openpgp::KeyHandle;
use openpgp::Result;
use openpgp::Cert;
use super::common::artifact;
use super::common::Sq;
use super::common::FileOrKeyHandle;
use super::common::NO_USERIDS;
use super::common::Sq;
use super::common::artifact;
// We are going to replace certifications, and we want to make sure
@ -494,12 +495,12 @@ fn sq_pki_link_update_detection() -> Result<()> {
// Make Alice a CA.
sq.pki_link_authorize(&["--time", &tick(), "--unconstrained"],
alice.key_handle(),
&[]);
NO_USERIDS);
let bytes = compare(bytes, &alice_cert_pgp, false);
sq.pki_link_authorize(&["--time", &tick(), "--unconstrained", "--all"],
alice.key_handle(),
&[]);
NO_USERIDS);
let bytes = compare(bytes, &alice_cert_pgp, true);
// Make her a partially trusted CA.

View File

@ -1,3 +1,4 @@
use super::common::NO_USERIDS;
use super::common::Sq;
#[test]
@ -452,7 +453,7 @@ fn retract_all() {
// Retract all authorizations. It should no longer be considered
// a trusted introducer.
sq.tick(1);
sq.pki_link_retract(&[], ca.key_handle(), &[]);
sq.pki_link_retract(&[], ca.key_handle(), NO_USERIDS);
check(&sq, false);
}
@ -525,7 +526,7 @@ fn sq_pki_link_all_revoked() {
// That means the revoked user ID should be skipped.
sq.tick(1);
sq.pki_link_authorize(&["--unconstrained"],
ca.key_handle(), &[]);
ca.key_handle(), NO_USERIDS);
println!("CA: authorized, and unconstrained");
check(&sq, true);

View File

@ -1,3 +1,4 @@
use super::common::NO_USERIDS;
use super::common::Sq;
#[test]
@ -90,7 +91,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--unconstrained"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -106,7 +107,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--regex", "example"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -122,7 +123,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--domain", "example.org"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -138,7 +139,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--regex", "other"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -154,7 +155,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--regex", "bob"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -170,7 +171,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--regex", "bob", "--regex", "alice"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -188,7 +189,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.pki_vouch_authorize(
&["--domain", "example.org", "--domain", "other.org"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -206,7 +207,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.pki_vouch_authorize(
&["--domain", "other.org", "--regex", "alice"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -223,7 +224,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--regex", "zoo"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -239,7 +240,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
sq.tick(1);
sq.pki_vouch_authorize(&["--domain", "example"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);
@ -327,7 +328,7 @@ fn sq_pki_vouch_authorize_all_revoked() {
sq.tick(1);
sq.pki_vouch_authorize(&["--unconstrained"],
otto.key_handle(), ca.key_handle(),
&[],
NO_USERIDS,
certification.as_path());
sq.cert_import(certification);

View File

@ -211,7 +211,7 @@ fn sq_verify_designated_signers() -> Result<()> {
sq.cert_import(artifact("examples/juliet.pgp"));
sq.pki_link_add(&["--all"],
"7A58B15E3B9459483D9FFA8D40E299AC5F2B0872".parse()?,
&[]);
NO_USERIDS);
assert!(sq.verify_maybe(
&[],
Verify::Message,