Commit Graph

61 Commits

Author SHA1 Message Date
Neal H. Walfield
27093c1709
Add support for using a key store.
- Support using keys managed by `sequoia-keystore`.

  - When decrypting a message, have `sq` automatically ask the
    key store to decrypt the PKESKs.

  - Extend `sq sign` and `sq encrypt` with the `--signer-key`
    parameter to use a key managed by the keystore.

  - Add two top-level options: `--no-key-store`, which disables the
    use of the key store, and `--key-store`, which uses an alternate
    key store instance.

  - Add `sq key list` to list keys on the key store.
2024-02-18 15:24:02 +01:00
Justus Winter
d9f9bf6ea2
Certify certs downloaded from the web.
- Fixes #174.
2024-02-13 14:21:33 +01:00
Justus Winter
b796ce1b8c
Add a progress bar to the network fetch commands. 2024-02-09 18:16:43 +01:00
Neal H. Walfield
0d1da78356
Add a framework to format and test examples.
- The `--help` output for most subcommands includes one or more
    examples.

  - We should test these, like we test everything else.

  - Add a framework to format, and test the examples.

  - Fixes #190.

  - Also, fix some broken examples.
2024-02-09 18:08:09 +01:00
Justus Winter
825f4463de
Wrap human-readable pki output. 2024-02-08 16:23:19 +01:00
Justus Winter
1259f0c237
Drop the compression-bzip2 feature, making compression mandatory.
- Fixes #42.  See #137.
2024-02-07 12:19:06 +01:00
Neal H. Walfield
c45686c4da
Use sequoia-cert-store to manage shadow CAs.
- As of 0.4.1, sequoia-cert-store includes (better versions of)
    shadow CA functionality.

  - Prefer it.
2024-01-29 19:07:14 +01:00
Justus Winter
a8110e1229
Update to sequoia-openpgp 1.18. 2024-01-29 18:52:02 +01:00
Justus Winter
195ef2bf9b
Release 0.33.0. 2024-01-19 14:39:35 +01:00
Justus Winter
83f92ef064
Allow updating textwrap to 0.16.
- Don't actually update, as other dependencies are still on 0.15.
2024-01-19 14:39:29 +01:00
Justus Winter
fd08784e3a
Use std::io::IsTerminal instead of is-terminal.
- Available since Rust 1.70.
2024-01-08 14:18:42 +01:00
Justus Winter
c4a2c5666f
tests: Detach console for child processes.
- Otherwise, rpassword will ask for passwords and hang the tests.
2024-01-08 14:18:42 +01:00
Justus Winter
f81d6f09af
Use our custom manual page generator during build time.
- Previously, there were two ways of generating manual pages.
    We used to use the upstream clap_mangen crate, but decided to
    develop our own custom formatter.  However, we didn't quite switch
    to it, keeping the old mechanism in place and adding our new
    solution to sq, activated by a hidden environment variable.

  - This patch drops the upstream formatter, and uses the custom
    formatter during build time.  First, our custom code can be
    tweaked easily to suit our needs, and switching back to the
    upstream solution is easy enough should it better suit our needs.
    Second, generating manual pages at build time should help
    cross-building environments.
2024-01-05 13:56:32 +01:00
Justus Winter
86f599542c
Remove the Autocrypt feature, making it mandatory.
- We once made the Autocrypt feature optional in order to squeeze a
    sq update into a freeze without requiring new dependencies.
    However, having features has a cost too (see e.g. #137), and we
    generally try to keep the number of exposed features down.  And,
    the sequoia-autocrypt is one of the least demanding crates to
    package.
2024-01-03 17:14:46 +01:00
Justus Winter
ee5da79290
Move OutputVersion to cli::output, and use in the cli definition.
- Fixes #13.
2024-01-03 14:28:51 +01:00
Justus Winter
f04eb709c5
Release 0.32.0. 2023-12-15 22:15:38 +01:00
Justus Winter
5b5f528368
Use crate humantime to format durations. 2023-12-15 13:14:37 +01:00
Justus Winter
4ed3d371e5
Replace once_cell with types from the standard library. 2023-12-06 17:42:48 +01:00
Justus Winter
3a885d8dbf
Remove outdated comments. 2023-12-06 17:37:09 +01:00
Justus Winter
1bad4fff20
Port to sequoia-cert-store 0.4.0. 2023-12-06 17:27:20 +01:00
Justus Winter
2ab3bd5efd
Word-wrap lines in human-readable messages.
- Replace every eprintln by wprintln, which prints to stderr as
    well, but word-wraps the messages.
2023-11-29 16:41:40 +01:00
Justus Winter
14b1a69eb4
Update subplot. 2023-11-29 14:06:20 +01:00
Justus Winter
ab8df96e5b
Update terminal_size. 2023-11-29 14:06:20 +01:00
Justus Winter
a19f4ecd25
Update predicates. 2023-11-29 14:06:20 +01:00
Justus Winter
544075bd86
Set our MSRV to 1.70. 2023-11-29 14:06:20 +01:00
Justus Winter
f8e32f2f16
Update itertools. 2023-11-29 13:33:27 +01:00
Justus Winter
adc2ed4773
Port to sequoia-net 0.28.0. 2023-11-24 17:40:26 +01:00
Justus Winter
041a41c01c
Port to sequoia-openpgp 1.17. 2023-11-24 17:40:26 +01:00
Neal H. Walfield
dcea72208a
Fix license
- On October 18, 2021, Sequoia PGP's license was changed from the
    GPL to the LGPL.  Unfortunately, we forgot to update sq's license.

  - See 884639bf1b

  - Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
    later as unanimously decided on October 18, 2021 by:

      - Christof Wahl <cw@pep.security> (pEp security CEO)
      - Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
        employee, Sequoia developer)
      - Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
        employee, Sequoia Founder)
      - Neal H. Walfield <neal@pep.foundation> (pEp Foundation
        employee, Sequoia Founder)
      - Patrick Meier <pm@pep.security> (pEp security Chief Product
        and Service Officer)
      - Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
        Board)
      - Volker Birk <vb@pep.security> (pEp security Founder, pEp
        Foundation Council)
2023-11-24 16:37:14 +01:00
Justus Winter
7de29e7351
Make the dot-writer dependency optional.
- The dot-writer crate is unmaintained, and prevents upgrading sq in
    Fedora.  As a short-term workaround, we make this dependency
    optional so that it can be easily patched out by packagers.  The
    same has been done for the sq-wot tool.

    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/51
    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/47

  - If the situation improves, either because the crate is maintained
    again, or we port to a different crate, we can easily undo this
    change.

  - Also, remove all the examples that use the dot output format.  Not
    only is it awkward to make these examples optional, the existing
    examples are also very repetetive, as they duplicate an existing
    example, and only change the output format.

  - Fixes #146.
2023-11-24 15:29:05 +01:00
Justus Winter
55eca2c87e
Use sequoia-policy-config to configure the StandardPolicy.
- This allows users to tweak the StandardPolicy used by Sequoia to
    evaluate cryptographic artifacts.  For example, on Fedora it will
    adhere to the system-wide cryptographic policy for Sequoia.

  - Fixes #128.
2023-11-20 18:31:11 +01:00
Neal H. Walfield
0dd20af066
Release 0.31.0.
* New functionality
  - `sq key subkey add` allows to create and add a new subkey to an
    existing certificate.
  - The functionality of `sq-keyring-linter` is now available as
    `sq keyring lint`.
  - The new subcommands `sq key revoke`, `sq key subkey revoke` and
    `sq key userid revoke`, allow writing to a file using the
    `--output` option.
 * Notable changes
  - The `--keyring` option is now global and can be specified anywhere
    when calling `sq`.
 * Deprecated functionality
  - The `--expires` and `--expires-in` options used in various
    subcommands are deprecated in favor of the unifying `--expiry`.
  - `sq key generate --export FILE` is deprecated in favor of the more
    generic `sq key generate --output FILE`.
  - The `sq revoke certificate` command has been renamed to `sq key
    revoke`.
  - The `sq revoke subkey` command has been renamed to `sq key subkey
    revoke`.
  - The `sq revoke userid` command has been renamed to `sq key userid
    revoke`.
2023-07-05 14:07:56 +02:00
Neal H. Walfield
8bc9c3e578
Upgrade rpassword.
- Upgrade to the latest version of rpassword.
2023-07-05 14:07:44 +02:00
Neal H. Walfield
494e46b06c
Widen the itertools' version requirements.
- `sq` works with 0.11, but other depenedencies pull in 0.10.

  - We prefer fewer dependencies so keep the version in `Cargo.lock`
    at 0.10.
2023-07-05 14:00:02 +02:00
Jan Christian Grünhage
74fd9dd8fe
Move keyring-linter into sq keyring as a subcommand
This commit is mostly a copy over from the keyring-linter repository,
with a few changes included to make it work in the sq codebase. These
changes are:
 - replaced calls to atty with calls to is-terminal. This was done due
   to is-terminal already being in the dependency tree of sq, and atty
   being unmaintained.
 - replace ansi_term with termcolor, because ansi_term is unmaintained
 - removed a few things from the keyring linter, that were also present
   in sq itself, to avoid duplication. This included the reference time
   parameter, key decryption and IO handling
 - added output file and binary parameters to the linter, so that I
   could handle output the same as the other commands do
2023-06-22 11:19:27 +02:00
Jan Christian Grünhage
f3cfb1b602
Only prompt for passwords when trying to decrypt a key if stdin is a terminal 2023-06-21 10:36:58 +02:00
David Runge
ed6069623b
Replace CLI I/O argument duplication with common facilities
- Replace `sq_cli::types::IoArgs` with the more granular
  `sq_cli::types::FileOrStdin`, `sq_cli::types::FileOrCertStore` and
  `sq_cli::types::FileOrStdout`.
- Replace all generic `input` (describing single files) and `output`
  arguments with the respective new facilities to share code and not
  repeat ourselves.
- Replace the `open_or_stdin()` function with `FileOrStdin::open()`.
- Replace the `create_or_stdout()` function with the private
  `FileOrStdout::create()`, so that it can not be called directly.
- Replace the `emit_unstable_cli_warning()`
  and `create_or_stdout_unsafe()` functions with
  `FileOrStdout::create_unsafe()`.
- Replace the `create_or_stdout_safe()` function with
  `FileOrStdout::create_safe()`.
- Replace the `create_or_stdout_pgp()` function with
  `FileOrStdout::create_pgp_safe()`.
- Remove the field `unstable_cli_warning_emitted` from `Config`, as
  it is replaced by the static `UNSTABLE_CLI_WARNING`, which allows for
  tracking whether a warning has been emitted across several instances
  of `FileOrStdout`.
2023-06-17 15:39:14 +02:00
Neal H. Walfield
3433e6e806
Release 0.30.1.
* Changes in 0.30.1
 * Notable changes
   - The `crypto-botan` feature now selects Botan's v3 interface.  Use
     the new `crypto-botan2` feature to continue using Botan's v2
     interface.
 * Notable fixes
   - Several parser bugs were fixed in sequoia-openpgp 1.16.0 and
     buffered-reader 1.2.0.  These are all low-severity as Rust
     correctly detects the out of bounds access and panics.  Update
     Cargo.lock to make sure we use these versions.
2023-05-31 10:33:31 +02:00
Neal H. Walfield
60ba1d11cc
Add a feature to build sq using Botan's version 2 interface.
- sequoia-openpgp 1.16 changed `sequoia-openpgp/crypto-botan` to
    build against Botan's v3 interface, and exposed
    `sequoia-openpgp/crypto-botan2` to build against the v2 interface.

  - Do the same.  Add a `crypto-botan2` feature to allow the user to
    build against Botan's v2 interface.
2023-05-31 09:36:15 +02:00
David Runge
f6aa19294a
Replace the unmaintained term_size with terminal_size
As term_size is no longer maintained, switch to terminal_size.
2023-05-30 10:52:54 +02:00
Neal H. Walfield
be99608961
Release 0.30.0 2023-05-08 11:04:41 +02:00
Neal H. Walfield
f5a5d0d8dd
Fix spelling 2023-05-08 11:04:41 +02:00
Neal H. Walfield
7db05f8d18
Upgrade dirs to version 5 2023-05-08 11:04:41 +02:00
Gabriel de Perthuis
75b5360a38
Update subplot to fix tera issue
- See https://gitlab.com/subplot/subplot/-/merge_requests/317 .

  - Fixes #2
2023-04-19 10:55:09 +02:00
Gabriel de Perthuis
2c57cd77d7
Move subplot tests to a feature so subplot doesn't affect most builds
Installing sq from crates.io (cargo install sequoia-sq) was broken by a
semver-compatible change in Tera.  Running cargo test uses the lockfile
and isn't affected.

This has the side benefit of reducing dependency bloat, the baseline
depends on check/build/build --release but in the case of a non-release
build the dependency count goes from 403 to 315.

Fixes #2.

The subplot/tera issue was likely triggered by this change in tera
1.18: <https://github.com/Keats/tera/pull/799>.
2023-04-19 10:54:05 +02:00
Neal H. Walfield
689ed7428b
Add support for using pEp certificate stores
- Add the top-level option `--pep-cert-store` and the environment
    variable `PEP_CERT_STORE`, which allow users to use pEp
    certificate stores.

  - By default, no pEp certificate store is used.  Users can however
    put `export PEP_CERT_STORE=$HOME/.pEp` in their `.bashrc` file, for
    instance, to turn it on.
2023-04-19 10:31:33 +02:00
Neal H. Walfield
e01ec617eb
Update to sequoia-net 0.27
- Change the Windows CI job from `windows-msvc` to `windows-gnu` as
    `sq` now depends on OpenSSL, which is easier to install under
    `windows-gnu`.
2023-04-19 10:31:33 +02:00
Neal H. Walfield
0b33c9c603
Generate man pages using clap_mangen
- `clap_mangen` generates the man pages directly from `Clap`, and is
    the successor to `manpage-maker`.

  - Use it, and delete the checked-in (and stale) man pages.
2023-04-08 19:36:50 +02:00
Neal H. Walfield
1ab79eb1d4
Release 0.29.0 2023-04-07 21:47:55 +02:00
Neal H. Walfield
cbcaa73e09
Add crypto-botan feature 2023-03-31 09:17:37 +02:00