tests: Abstract user ID argument passing.
- Add a new type, `UserIDArg`, which represents a user ID argument. - Change functions that take user IDs like `Sq::key_generate` to use it.
This commit is contained in:
parent
82a5f13a96
commit
fbd7f260e7
@ -227,6 +227,71 @@ impl FileOrBytes {
|
||||
}
|
||||
}
|
||||
|
||||
/// An enum for user ID arguments.
|
||||
#[derive(Debug, Clone)]
|
||||
pub enum UserIDArg<'a> {
|
||||
UserID(&'a str),
|
||||
Email(&'a str),
|
||||
Name(&'a str),
|
||||
AddUserID(&'a str),
|
||||
AddEmail(&'a str),
|
||||
}
|
||||
|
||||
impl<'a> From<&'a str> for UserIDArg<'a> {
|
||||
fn from(userid: &'a str) -> Self {
|
||||
UserIDArg::UserID(userid)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a> From<&'a &'a str> for UserIDArg<'a> {
|
||||
fn from(userid: &'a &'a str) -> Self {
|
||||
UserIDArg::UserID(userid)
|
||||
}
|
||||
}
|
||||
|
||||
impl<'a> From<&'a String> for UserIDArg<'a> {
|
||||
fn from(userid: &'a String) -> Self {
|
||||
UserIDArg::UserID(&userid)
|
||||
}
|
||||
}
|
||||
|
||||
impl UserIDArg<'_> {
|
||||
/// Return the raw string.
|
||||
fn raw(&self) -> &str {
|
||||
match self {
|
||||
UserIDArg::UserID(s)
|
||||
| UserIDArg::Email(s)
|
||||
| UserIDArg::Name(s)
|
||||
| UserIDArg::AddUserID(s)
|
||||
| UserIDArg::AddEmail(s) =>
|
||||
{
|
||||
s
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
/// Add the argument to a `Command`.
|
||||
fn as_arg(&self, cmd: &mut Command) {
|
||||
match self {
|
||||
UserIDArg::UserID(userid) =>
|
||||
cmd.arg("--userid").arg(userid),
|
||||
UserIDArg::Email(email) =>
|
||||
cmd.arg("--email").arg(email),
|
||||
UserIDArg::Name(name) =>
|
||||
cmd.arg("--name").arg(name),
|
||||
UserIDArg::AddUserID(userid) =>
|
||||
cmd.arg("--add-userid").arg(userid),
|
||||
UserIDArg::AddEmail(email) =>
|
||||
cmd.arg("--add-email").arg(email),
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
// When calling a function like `Sq::key_generate` that has an `&[U]
|
||||
// where U: Into<UserIDArg` parameter, we can't pass `&[]`, because
|
||||
// rust can't infer a type for `U`. Instead, we can use this.
|
||||
pub const NO_USERIDS: &[UserIDArg] = &[];
|
||||
|
||||
pub struct Sq {
|
||||
base: TempDir,
|
||||
// Whether to preserve the directory on exit. Normally we clean
|
||||
@ -658,11 +723,17 @@ impl Sq {
|
||||
///
|
||||
/// Returns the certificate, the certificate's filename, and the
|
||||
/// revocation certificate's filename.
|
||||
pub fn key_generate(&self,
|
||||
extra_args: &[&str],
|
||||
userids: &[&str])
|
||||
pub fn key_generate<'a, U>(&self,
|
||||
extra_args: &[&str],
|
||||
userids: &[U])
|
||||
-> (Cert, PathBuf, PathBuf)
|
||||
where U: Into<UserIDArg<'a>> + Clone
|
||||
{
|
||||
let userids: Vec<UserIDArg> = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect();
|
||||
|
||||
let mut cmd = self.command();
|
||||
cmd.args([ "key", "generate" ]);
|
||||
|
||||
@ -680,17 +751,17 @@ impl Sq {
|
||||
if ! any_userids {
|
||||
cmd.arg("--no-userids");
|
||||
} else {
|
||||
for userid in userids {
|
||||
cmd.arg("--userid").arg(userid);
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
}
|
||||
|
||||
let cert_filename = self.scratch_file(
|
||||
userids.get(0).map(|u| format!("{}-cert", u)).as_deref());
|
||||
userids.get(0).map(|u| format!("{}-cert", u.raw())).as_deref());
|
||||
cmd.arg("--output").arg(&cert_filename);
|
||||
|
||||
let rev_filename = self.scratch_file(
|
||||
userids.get(0).map(|u| format!("{}-rev", u)).as_deref());
|
||||
userids.get(0).map(|u| format!("{}-rev", u.raw())).as_deref());
|
||||
cmd.arg("--rev-cert").arg(&rev_filename);
|
||||
|
||||
let output = self.run(cmd, Some(true));
|
||||
@ -1284,7 +1355,16 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Adds user IDs to the given key.
|
||||
pub fn key_userid_add(&self, key: Cert, args: &[&str]) -> Result<Cert> {
|
||||
pub fn key_userid_add<'a, U>(&self, args: &[&str],
|
||||
key: Cert, userids: &[U])
|
||||
-> Result<Cert>
|
||||
where U: Into<UserIDArg<'a>> + Clone
|
||||
{
|
||||
let userids = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect::<Vec<_>>();
|
||||
|
||||
let mut cmd = self.command();
|
||||
cmd.args(["key", "userid", "add"]);
|
||||
for arg in args {
|
||||
@ -1294,6 +1374,11 @@ impl Sq {
|
||||
let in_filename = self.scratch_file(None);
|
||||
key.as_tsk().serialize(&mut File::create(&in_filename)?)?;
|
||||
cmd.arg("--cert-file").arg(&in_filename);
|
||||
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
|
||||
let out_filename = self.scratch_file(None);
|
||||
cmd.arg("--output").arg(&out_filename);
|
||||
|
||||
@ -1305,12 +1390,15 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Revokes a user ID.
|
||||
pub fn key_userid_revoke_maybe<'a, C, O>(&self, args: &[&str], cert: C, userid: &str,
|
||||
reason: &str, message: &str,
|
||||
output_file: O)
|
||||
pub fn key_userid_revoke_maybe<'a, 'b, C, O, U>(&self, args: &[&str],
|
||||
cert: C, userid: U,
|
||||
reason: &str,
|
||||
message: &str,
|
||||
output_file: O)
|
||||
-> Result<Cert>
|
||||
where C: Into<FileOrKeyHandle>,
|
||||
O: Into<Option<&'a Path>>,
|
||||
U: Into<UserIDArg<'a>>,
|
||||
O: Into<Option<&'b Path>>,
|
||||
{
|
||||
let cert = cert.into();
|
||||
let output_file = output_file.into();
|
||||
@ -1333,7 +1421,7 @@ impl Sq {
|
||||
cmd.arg("--cert").arg(s);
|
||||
}
|
||||
}
|
||||
cmd.arg("--userid").arg(userid);
|
||||
userid.into().as_arg(&mut cmd);
|
||||
|
||||
if let Some(output_file) = output_file {
|
||||
cmd.arg("--overwrite").arg("--output").arg(output_file);
|
||||
@ -1343,12 +1431,15 @@ impl Sq {
|
||||
self.handle_cert_output(output, cert, output_file, false)
|
||||
}
|
||||
|
||||
pub fn key_userid_revoke<'a, C, O>(&self, args: &[&str], cert: C, userid: &str,
|
||||
reason: &str, message: &str,
|
||||
output_file: O)
|
||||
pub fn key_userid_revoke<'a, 'b, C, O, U>(&self, args: &[&str],
|
||||
cert: C, userid: U,
|
||||
reason: &str,
|
||||
message: &str,
|
||||
output_file: O)
|
||||
-> Cert
|
||||
where C: Into<FileOrKeyHandle>,
|
||||
O: Into<Option<&'a Path>>,
|
||||
U: Into<UserIDArg<'a>>,
|
||||
O: Into<Option<&'b Path>>,
|
||||
{
|
||||
self.key_userid_revoke_maybe(args, cert, userid, reason, message, output_file)
|
||||
.expect("succeeds")
|
||||
@ -1414,19 +1505,24 @@ impl Sq {
|
||||
///
|
||||
/// If `output_file` is `Some`, then the output is written to that
|
||||
/// file. Otherwise, the default behavior is followed.
|
||||
pub fn pki_vouch_certify_p<'a, H, C, Q>(&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C,
|
||||
userids: &[&str],
|
||||
output_file: Q,
|
||||
success: bool)
|
||||
pub fn pki_vouch_certify_p<'a, 'b, H, C, U, Q>(
|
||||
&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C, userids: &[U],
|
||||
output_file: Q,
|
||||
success: bool)
|
||||
-> Result<Cert>
|
||||
where H: Into<FileOrKeyHandle>,
|
||||
C: Into<FileOrKeyHandle>,
|
||||
Q: Into<Option<&'a Path>>,
|
||||
U: Into<UserIDArg<'a>> + Clone,
|
||||
Q: Into<Option<&'b Path>>,
|
||||
{
|
||||
let certifier = certifier.into();
|
||||
let cert = cert.into();
|
||||
let userids = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect::<Vec<_>>();
|
||||
let output_file = output_file.into();
|
||||
|
||||
let mut cmd = self.command();
|
||||
@ -1450,8 +1546,8 @@ impl Sq {
|
||||
cmd.arg("--cert").arg(s);
|
||||
}
|
||||
}
|
||||
for userid in userids {
|
||||
cmd.arg("--userid").arg(userid);
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
|
||||
if let Some(output_file) = output_file {
|
||||
@ -1463,15 +1559,16 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Certify the user ID binding.
|
||||
pub fn pki_vouch_certify<'a, H, C, Q>(&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C,
|
||||
userids: &[&str],
|
||||
output_file: Q)
|
||||
pub fn pki_vouch_certify<'a, 'b, H, C, U, Q>(
|
||||
&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C, userids: &[U],
|
||||
output_file: Q)
|
||||
-> Cert
|
||||
where H: Into<FileOrKeyHandle>,
|
||||
C: Into<FileOrKeyHandle>,
|
||||
Q: Into<Option<&'a Path>>,
|
||||
U: Into<UserIDArg<'a>> + Clone,
|
||||
Q: Into<Option<&'b Path>>,
|
||||
{
|
||||
self.pki_vouch_certify_p(
|
||||
extra_args, certifier, cert, userids, output_file, true)
|
||||
@ -1482,19 +1579,24 @@ impl Sq {
|
||||
///
|
||||
/// If `output_file` is `Some`, then the output is written to that
|
||||
/// file. Otherwise, the default behavior is followed.
|
||||
pub fn pki_vouch_authorize_p<'a, H, C, Q>(&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C,
|
||||
userids: &[&str],
|
||||
output_file: Q,
|
||||
success: bool)
|
||||
pub fn pki_vouch_authorize_p<'a, 'b, H, C, U, Q>(
|
||||
&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C, userids: &[U],
|
||||
output_file: Q,
|
||||
success: bool)
|
||||
-> Result<Cert>
|
||||
where H: Into<FileOrKeyHandle>,
|
||||
C: Into<FileOrKeyHandle>,
|
||||
Q: Into<Option<&'a Path>>,
|
||||
U: Into<UserIDArg<'a>> + Clone,
|
||||
Q: Into<Option<&'b Path>>,
|
||||
{
|
||||
let certifier = certifier.into();
|
||||
let cert = cert.into();
|
||||
let userids = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect::<Vec<_>>();
|
||||
let output_file = output_file.into();
|
||||
|
||||
let mut cmd = self.command();
|
||||
@ -1518,8 +1620,8 @@ impl Sq {
|
||||
cmd.arg("--cert").arg(s);
|
||||
}
|
||||
}
|
||||
for userid in userids {
|
||||
cmd.arg("--userid").arg(userid);
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
|
||||
if let Some(output_file) = output_file {
|
||||
@ -1531,15 +1633,16 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Authorize a certificate.
|
||||
pub fn pki_vouch_authorize<'a, H, C, Q>(&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C,
|
||||
userids: &[&str],
|
||||
output_file: Q)
|
||||
pub fn pki_vouch_authorize<'a, 'b, H, C, U, Q>(
|
||||
&self, extra_args: &[&str],
|
||||
certifier: H,
|
||||
cert: C, userids: &[U],
|
||||
output_file: Q)
|
||||
-> Cert
|
||||
where H: Into<FileOrKeyHandle>,
|
||||
C: Into<FileOrKeyHandle>,
|
||||
Q: Into<Option<&'a Path>>,
|
||||
U: Into<UserIDArg<'a>> + Clone,
|
||||
Q: Into<Option<&'b Path>>,
|
||||
{
|
||||
self.pki_vouch_authorize_p(
|
||||
extra_args, certifier, cert, userids, output_file, true)
|
||||
@ -1547,18 +1650,24 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Add a link for the binding.
|
||||
pub fn pki_link_add_maybe(&self, extra_args: &[&str],
|
||||
cert: KeyHandle, userids: &[&str])
|
||||
pub fn pki_link_add_maybe<'a, U>(&self, extra_args: &[&str],
|
||||
cert: KeyHandle, userids: &[U])
|
||||
-> Result<()>
|
||||
where U: Into<UserIDArg<'a>> + Clone,
|
||||
{
|
||||
let userids = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect::<Vec<_>>();
|
||||
|
||||
let mut cmd = self.command();
|
||||
cmd.args([ "pki", "link", "add" ]);
|
||||
for arg in extra_args {
|
||||
cmd.arg(arg);
|
||||
}
|
||||
cmd.arg("--cert").arg(cert.to_string());
|
||||
for userid in userids {
|
||||
cmd.arg("--userid").arg(userid);
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
|
||||
let output = self.run(cmd, None);
|
||||
@ -1572,26 +1681,33 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Add a link for the binding.
|
||||
pub fn pki_link_add(&self, args: &[&str],
|
||||
cert: KeyHandle, userids: &[&str])
|
||||
pub fn pki_link_add<'a, U>(&self, args: &[&str],
|
||||
cert: KeyHandle, userids: &[U])
|
||||
where U: Into<UserIDArg<'a>> + Clone,
|
||||
{
|
||||
self.pki_link_add_maybe(args, cert, userids).expect("success")
|
||||
}
|
||||
|
||||
/// Add a link for the binding.
|
||||
pub fn pki_link_retract_maybe(&self, extra_args: &[&str],
|
||||
cert: KeyHandle,
|
||||
userids: &[&str])
|
||||
pub fn pki_link_retract_maybe<'a, U>(&self, extra_args: &[&str],
|
||||
cert: KeyHandle,
|
||||
userids: &[U])
|
||||
-> Result<()>
|
||||
where U: Into<UserIDArg<'a>> + Clone,
|
||||
{
|
||||
let userids = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect::<Vec<_>>();
|
||||
|
||||
let mut cmd = self.command();
|
||||
cmd.args([ "pki", "link", "retract" ]);
|
||||
for arg in extra_args {
|
||||
cmd.arg(arg);
|
||||
}
|
||||
cmd.arg("--cert").arg(cert.to_string());
|
||||
for userid in userids {
|
||||
cmd.arg("--userid").arg(userid);
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
|
||||
let output = self.run(cmd, None);
|
||||
@ -1605,27 +1721,34 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Add a link for the binding.
|
||||
pub fn pki_link_retract(&self, args: &[&str],
|
||||
cert: KeyHandle, userids: &[&str])
|
||||
pub fn pki_link_retract<'a, U>(&self, args: &[&str],
|
||||
cert: KeyHandle, userids: &[U])
|
||||
where U: Into<UserIDArg<'a>> + Clone,
|
||||
{
|
||||
self.pki_link_retract_maybe(args, cert, userids)
|
||||
.expect("success")
|
||||
}
|
||||
|
||||
/// Add a link for the binding.
|
||||
pub fn pki_link_authorize_maybe(&self, extra_args: &[&str],
|
||||
cert: KeyHandle,
|
||||
userids: &[&str])
|
||||
pub fn pki_link_authorize_maybe<'a, U>(&self, extra_args: &[&str],
|
||||
cert: KeyHandle,
|
||||
userids: &[U])
|
||||
-> Result<()>
|
||||
where U: Into<UserIDArg<'a>> + Clone,
|
||||
{
|
||||
let userids = userids.iter()
|
||||
.cloned()
|
||||
.map(|u| u.into())
|
||||
.collect::<Vec<_>>();
|
||||
|
||||
let mut cmd = self.command();
|
||||
cmd.args([ "pki", "link", "authorize" ]);
|
||||
for arg in extra_args {
|
||||
cmd.arg(arg);
|
||||
}
|
||||
cmd.arg("--cert").arg(cert.to_string());
|
||||
for userid in userids {
|
||||
cmd.arg("--userid").arg(userid);
|
||||
for userid in userids.iter() {
|
||||
userid.as_arg(&mut cmd);
|
||||
}
|
||||
|
||||
let output = self.run(cmd, None);
|
||||
@ -1639,8 +1762,9 @@ impl Sq {
|
||||
}
|
||||
|
||||
/// Add a link for the binding.
|
||||
pub fn pki_link_authorize(&self, args: &[&str],
|
||||
cert: KeyHandle, userids: &[&str])
|
||||
pub fn pki_link_authorize<'a, U>(&self, args: &[&str],
|
||||
cert: KeyHandle, userids: &[U])
|
||||
where U: Into<UserIDArg<'a>> + Clone,
|
||||
{
|
||||
self.pki_link_authorize_maybe(args, cert, userids)
|
||||
.expect("success")
|
||||
|
@ -10,6 +10,7 @@ use openpgp::types::RevocationStatus;
|
||||
use super::common::STANDARD_POLICY;
|
||||
use super::common::Sq;
|
||||
use super::common::time_as_string;
|
||||
use super::common::UserIDArg;
|
||||
|
||||
#[test]
|
||||
fn sq_key_expire() -> Result<()> {
|
||||
@ -135,7 +136,7 @@ fn sq_key_expire_no_direct_key_sig() -> Result<()> {
|
||||
|
||||
let mut sq = Sq::new();
|
||||
let (cert, _cert_path, _rev_path)
|
||||
= sq.key_generate(&["--email", "alice@example.org"], &[]);
|
||||
= sq.key_generate(&[], &[UserIDArg::Email("alice@example.org")]);
|
||||
let fipr = cert.fingerprint().to_string();
|
||||
|
||||
|
||||
|
@ -4,6 +4,8 @@ use sequoia_openpgp as openpgp;
|
||||
use openpgp::Result;
|
||||
|
||||
use super::common;
|
||||
use super::common::UserIDArg;
|
||||
use super::common::NO_USERIDS;
|
||||
|
||||
#[test]
|
||||
fn sq_key_generate_creation_time() -> Result<()>
|
||||
@ -17,7 +19,7 @@ fn sq_key_generate_creation_time() -> Result<()>
|
||||
let (result, _, _) = sq.key_generate(&[
|
||||
"--time", iso8601,
|
||||
"--expiration", "never",
|
||||
], &[]);
|
||||
], NO_USERIDS);
|
||||
let vc = result.with_policy(common::STANDARD_POLICY, None)?;
|
||||
|
||||
assert_eq!(vc.primary_key().creation_time(),
|
||||
@ -30,11 +32,13 @@ fn sq_key_generate_creation_time() -> Result<()>
|
||||
#[test]
|
||||
fn sq_key_generate_name_email() -> Result<()> {
|
||||
let sq = common::Sq::new();
|
||||
let (cert, _, _) = sq.key_generate(&[
|
||||
"--name", "Joan Clarke",
|
||||
"--name", "Joan Clarke Murray",
|
||||
"--email", "joan@hut8.bletchley.park",
|
||||
], &[]);
|
||||
let (cert, _, _) = sq.key_generate(
|
||||
&[],
|
||||
&[
|
||||
UserIDArg::Name("Joan Clarke"),
|
||||
UserIDArg::Name("Joan Clarke Murray"),
|
||||
UserIDArg::Email("joan@hut8.bletchley.park"),
|
||||
]);
|
||||
|
||||
assert_eq!(cert.userids().count(), 3);
|
||||
assert!(cert.userids().any(|u| u.value() == b"Joan Clarke"));
|
||||
@ -55,7 +59,7 @@ fn sq_key_generate_with_password() -> Result<()> {
|
||||
|
||||
let (cert, _, _) = sq.key_generate(&[
|
||||
"--new-password-file", &path.display().to_string(),
|
||||
], &[]);
|
||||
], NO_USERIDS);
|
||||
|
||||
assert!(cert.is_tsk());
|
||||
|
||||
|
@ -10,9 +10,11 @@ use openpgp::types::SignatureType;
|
||||
use openpgp::Cert;
|
||||
use openpgp::Result;
|
||||
|
||||
use super::common::compare_notations;
|
||||
use super::common::Sq;
|
||||
use super::common::NO_USERIDS;
|
||||
use super::common::STANDARD_POLICY;
|
||||
use super::common::Sq;
|
||||
use super::common::UserIDArg;
|
||||
use super::common::compare_notations;
|
||||
use super::common::time_as_string;
|
||||
|
||||
#[test]
|
||||
@ -89,7 +91,7 @@ fn sq_key_subkey_add_with_password() -> Result<()> {
|
||||
"--cannot-authenticate",
|
||||
"--cannot-encrypt",
|
||||
"--new-password-file", &path2.display().to_string(),
|
||||
], &[]);
|
||||
], NO_USERIDS);
|
||||
|
||||
assert!(cert.is_tsk());
|
||||
assert_eq!(cert.keys().subkeys().count(), 0);
|
||||
@ -353,7 +355,7 @@ fn sq_key_subkey_revoke_multiple() -> Result<()> {
|
||||
let sq = Sq::new();
|
||||
|
||||
let (cert, cert_path, _rev_path)
|
||||
= sq.key_generate(&["--email", "alice@example.org"], &[]);
|
||||
= sq.key_generate(&[], &[UserIDArg::Email("alice@example.org")]);
|
||||
assert!(cert.keys().subkeys().count() > 0);
|
||||
sq.key_import(cert_path);
|
||||
|
||||
|
@ -9,9 +9,11 @@ use openpgp::Cert;
|
||||
use openpgp::Result;
|
||||
use sequoia_openpgp as openpgp;
|
||||
|
||||
use super::common::compare_notations;
|
||||
use super::common::Sq;
|
||||
use super::common::NO_USERIDS;
|
||||
use super::common::STANDARD_POLICY;
|
||||
use super::common::Sq;
|
||||
use super::common::UserIDArg;
|
||||
use super::common::compare_notations;
|
||||
use super::common::time_as_string;
|
||||
|
||||
#[test]
|
||||
@ -372,14 +374,17 @@ fn sq_key_userid_revoke_thirdparty() -> Result<()> {
|
||||
#[test]
|
||||
fn sq_key_userid_add() -> Result<()> {
|
||||
let sq = Sq::new();
|
||||
let (key, _, _) = sq.key_generate(&[], &[]);
|
||||
let (key, _, _) = sq.key_generate(&[], NO_USERIDS);
|
||||
assert_eq!(key.userids().count(), 0);
|
||||
|
||||
let key = sq.key_userid_add(key, &[
|
||||
"--name", "Joan Clarke",
|
||||
"--name", "Joan Clarke Murray",
|
||||
"--email", "joan@hut8.bletchley.park",
|
||||
])?;
|
||||
let key = sq.key_userid_add(
|
||||
&[],
|
||||
key,
|
||||
&[
|
||||
UserIDArg::Name("Joan Clarke"),
|
||||
UserIDArg::Name("Joan Clarke Murray"),
|
||||
UserIDArg::Email("joan@hut8.bletchley.park"),
|
||||
])?;
|
||||
|
||||
assert_eq!(key.userids().count(), 3);
|
||||
assert!(key.userids().any(|u| u.value() == b"Joan Clarke"));
|
||||
@ -393,11 +398,13 @@ fn sq_key_userid_add() -> Result<()> {
|
||||
#[test]
|
||||
fn sq_key_userid_strip() -> Result<()> {
|
||||
let sq = Sq::new();
|
||||
let (key, _, _) = sq.key_generate(&[
|
||||
"--name", "Joan Clarke",
|
||||
"--name", "Joan Clarke Murray",
|
||||
"--email", "joan@hut8.bletchley.park",
|
||||
], &[]);
|
||||
let (key, _, _) = sq.key_generate(
|
||||
&[],
|
||||
&[
|
||||
UserIDArg::Name("Joan Clarke"),
|
||||
UserIDArg::Name("Joan Clarke Murray"),
|
||||
UserIDArg::Email("joan@hut8.bletchley.park"),
|
||||
]);
|
||||
assert_eq!(key.userids().count(), 3);
|
||||
|
||||
// Whoops, that's a secret.
|
||||
|
@ -9,9 +9,10 @@ use openpgp::KeyHandle;
|
||||
use openpgp::Result;
|
||||
use openpgp::Cert;
|
||||
|
||||
use super::common::artifact;
|
||||
use super::common::Sq;
|
||||
use super::common::FileOrKeyHandle;
|
||||
use super::common::NO_USERIDS;
|
||||
use super::common::Sq;
|
||||
use super::common::artifact;
|
||||
|
||||
|
||||
// We are going to replace certifications, and we want to make sure
|
||||
@ -494,12 +495,12 @@ fn sq_pki_link_update_detection() -> Result<()> {
|
||||
// Make Alice a CA.
|
||||
sq.pki_link_authorize(&["--time", &tick(), "--unconstrained"],
|
||||
alice.key_handle(),
|
||||
&[]);
|
||||
NO_USERIDS);
|
||||
let bytes = compare(bytes, &alice_cert_pgp, false);
|
||||
|
||||
sq.pki_link_authorize(&["--time", &tick(), "--unconstrained", "--all"],
|
||||
alice.key_handle(),
|
||||
&[]);
|
||||
NO_USERIDS);
|
||||
let bytes = compare(bytes, &alice_cert_pgp, true);
|
||||
|
||||
// Make her a partially trusted CA.
|
||||
|
@ -1,3 +1,4 @@
|
||||
use super::common::NO_USERIDS;
|
||||
use super::common::Sq;
|
||||
|
||||
#[test]
|
||||
@ -452,7 +453,7 @@ fn retract_all() {
|
||||
// Retract all authorizations. It should no longer be considered
|
||||
// a trusted introducer.
|
||||
sq.tick(1);
|
||||
sq.pki_link_retract(&[], ca.key_handle(), &[]);
|
||||
sq.pki_link_retract(&[], ca.key_handle(), NO_USERIDS);
|
||||
check(&sq, false);
|
||||
}
|
||||
|
||||
@ -525,7 +526,7 @@ fn sq_pki_link_all_revoked() {
|
||||
// That means the revoked user ID should be skipped.
|
||||
sq.tick(1);
|
||||
sq.pki_link_authorize(&["--unconstrained"],
|
||||
ca.key_handle(), &[]);
|
||||
ca.key_handle(), NO_USERIDS);
|
||||
|
||||
println!("CA: authorized, and unconstrained");
|
||||
check(&sq, true);
|
||||
|
@ -1,3 +1,4 @@
|
||||
use super::common::NO_USERIDS;
|
||||
use super::common::Sq;
|
||||
|
||||
#[test]
|
||||
@ -90,7 +91,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--unconstrained"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -106,7 +107,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--regex", "example"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -122,7 +123,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--domain", "example.org"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -138,7 +139,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--regex", "other"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -154,7 +155,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--regex", "bob"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -170,7 +171,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--regex", "bob", "--regex", "alice"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -188,7 +189,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.pki_vouch_authorize(
|
||||
&["--domain", "example.org", "--domain", "other.org"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -206,7 +207,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.pki_vouch_authorize(
|
||||
&["--domain", "other.org", "--regex", "alice"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -223,7 +224,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--regex", "zoo"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -239,7 +240,7 @@ fn sq_pki_vouch_authorize_then_authenticate() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--domain", "example"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
@ -327,7 +328,7 @@ fn sq_pki_vouch_authorize_all_revoked() {
|
||||
sq.tick(1);
|
||||
sq.pki_vouch_authorize(&["--unconstrained"],
|
||||
otto.key_handle(), ca.key_handle(),
|
||||
&[],
|
||||
NO_USERIDS,
|
||||
certification.as_path());
|
||||
sq.cert_import(certification);
|
||||
|
||||
|
@ -211,7 +211,7 @@ fn sq_verify_designated_signers() -> Result<()> {
|
||||
sq.cert_import(artifact("examples/juliet.pgp"));
|
||||
sq.pki_link_add(&["--all"],
|
||||
"7A58B15E3B9459483D9FFA8D40E299AC5F2B0872".parse()?,
|
||||
&[]);
|
||||
NO_USERIDS);
|
||||
assert!(sq.verify_maybe(
|
||||
&[],
|
||||
Verify::Message,
|
||||
|
Loading…
Reference in New Issue
Block a user