slipenkomk/sequoia-sq
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,357 Commits 1 Branch 2 Tags 47 MiB
29329e5dec
Commit Graph

1357 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Neal H. Walfield
29329e5dec
tests: Improve sq key approvals update help functions. 
- Adjust the API for `Sq::key_approvals_update` and add
    `Sq::try_key_approvals_update`.
 2024-12-12 10:47:04 +01:00
Neal H. Walfield
e227aecbc2
Add tests for sq key approvals list. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:04 +01:00
Neal H. Walfield
52fdea48e2
Add tests for sq key userid revoke. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:04 +01:00
Neal H. Walfield
9564c5cf99
Add tests for sq pki lookup. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:04 +01:00
Neal H. Walfield
551084b560
Add tests for sq pki authenticate. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:04 +01:00
Neal H. Walfield
4e5dcba9b1
Add tests for sq pki vouch {add,authorize}. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:04 +01:00
Neal H. Walfield
aa031eaf7c
tests: Rename Sq::pki_vouch_authorize_p. 
- Rename `Sq::pki_vouch_authorize_p` to
    `Sq::try_pki_vouch_authorize`.
 2024-12-12 10:47:03 +01:00
Neal H. Walfield
5c11414386
tests: Simplify Sq::try_pki_vouch_add and Sq::pki_vouch_authorize_p. 
- Remove the `success` parameter from `Sq::try_pki_vouch_add` and
    `Sq::pki_vouch_authorize_p` and just propagate any error to the
    caller.  This is more consistent with the rest of the functions.
 2024-12-12 10:47:03 +01:00
Neal H. Walfield
a979d343a2
Add tests for sq pki link retract. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:03 +01:00
Neal H. Walfield
2dac8e6253
Add tests for sq pki link authorize. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:03 +01:00
Neal H. Walfield
69d85bf3d4
Add tests for sq pki link add. 
- Test that the user ID designators behave correctly.
 2024-12-12 10:47:03 +01:00
Neal H. Walfield
448f83811a
Simplify comments. 2024-12-12 10:19:33 +01:00
Justus Winter
9b00fa43da
Lint CLI help texts. 2024-12-11 17:56:28 +01:00
Justus Winter
edc803eb21
Align CLI help texts with our UI guidelines. 
- See #488.
 2024-12-11 17:56:28 +01:00
Justus Winter
379248aa64
Make long help texts configurable for cert designators. 2024-12-11 17:56:28 +01:00
Justus Winter
3f81e65ecb
Deduplicate and rework the signature notation argument handling. 2024-12-11 17:56:28 +01:00
Justus Winter
830c49def0
Require explicit opt-out for encrypting without signing. 
- Fixes #459.
 2024-12-11 17:29:36 +01:00
Justus Winter
ebef0cf9ee
Use cert designators for sq cert list. 
- This aligns it with `sq key list` and `sq pki link list`.

  - Fixes #446.
 2024-12-11 16:24:43 +01:00
franzi
3d4554a5a4
Add examples for sq cert list 
- List all bindings for User IDs containing a specific email address
- List all paths to a specific certificate
- See: #451
 2024-12-11 14:12:33 +01:00
franzi
03578878fe
Refactor files in /cli/cert to new example framework 
- no content changes
- see: #451
 2024-12-11 14:12:24 +01:00
Malte Meiboom
898ccc753f
Modify examples 
- Don't encourage unprotected keys
- sq key generate: Don't show '--without-password'
- sq key subkey add: Don't show '--without-password'
- See: #451
 2024-12-11 14:03:48 +01:00
Malte Meiboom
4158d4045b
Refactor files under .../cli/key to use example framework 
- Just refactoring, no changes to content
 2024-12-11 14:03:48 +01:00
Justus Winter
02f0dc44fa
Fix generation of user ID-less keys. 
- Fixes #491.
 2024-12-11 13:29:32 +01:00
Justus Winter
44d97fc920
Upgrade hickory-proto to avoid vulnerable idna 0.4.0. 
- See https://rustsec.org/advisories/RUSTSEC-2024-0421
 2024-12-11 12:44:49 +01:00
Justus Winter
01aa4dc06a
Gracefully handle missing ui section in config file. 
- Fixes `sq config get` without the [ui] section in the config file,
    while making sure that `sq config get` reflects whether hints are
    displayed.

  - Fixes #495.
 2024-12-09 15:21:35 +01:00
Justus Winter
3ab852aba2
Add sq encrypt --profile in preparation for RFC9580. 
- Fixes #463.
 2024-12-04 16:18:43 +01:00
Justus Winter
6cf2acc893
Add sq key generate --profile in preparation for RFC9580. 
- See #463.
 2024-12-04 16:17:28 +01:00
Justus Winter
ab01bd9557
Parse key.generate.cipher-suite case sensitively. 
- This matches the parsing of the command line parameter.  Let's
    reduce variance.
 2024-12-04 15:31:07 +01:00
Justus Winter
9e2af6a92f
Mention the configuration key in the augmented help texts. 2024-12-04 15:15:24 +01:00
Justus Winter
98203e6cd0
Make sq network dane generate require cert designators or --all. 
- Fixes #476.
 2024-12-04 14:39:20 +01:00
Justus Winter
7397a8a440
Make sq pki link list fail if a designated cert has no link. 
- Fixes #484.
 2024-12-04 14:04:22 +01:00
Justus Winter
5c2829fa7a
Refactor user ID matching when resolving certificates. 2024-12-04 14:04:22 +01:00
Justus Winter
148b647715
Generalize the filter for `Sq::resolve_certs_filter. 2024-12-04 13:40:01 +01:00
Justus Winter
660d1eb39d
Align sq sign --detached-file with sq verify --detached-file. 
- `sq sign --signature-file` now takes a value specifying where the
    signature should be written to.  It conflicts with `--output`.
    This aligns `sq sign` with `sq verify`.

  - Fixes #444.
 2024-12-04 12:22:47 +01:00
Justus Winter
cc50bd36ac
Make the default third-party certification expiration configurable. 
- Fixes #336.
 2024-12-04 11:55:18 +01:00
Justus Winter
2d17692dda
Introduce a specialization for third-party certifications. 2024-12-04 11:55:18 +01:00
Justus Winter
74edd46721
Make ExpirationArg configurable. 2024-12-04 11:55:18 +01:00
Justus Winter
c6eb28eb1b
Manually implement clap::Args for ExpirationArg. 2024-12-04 11:55:18 +01:00
Neal H. Walfield
f0e73deb7f
Add tests for sq pki link list. 
- Add tests that check that `sq pki link list` returns an
    appropriate error code.

  - See #484.
 2024-12-04 11:22:23 +01:00
Neal H. Walfield
0cc2aba0be
Add tests for sq key list. 
- Add tests that check that `sq key list` returns an appropriate
    error code.
 2024-12-04 11:22:20 +01:00
Neal H. Walfield
fde96e5790
Listing an empty certificate store should not be an error. 
- `sq cert list` on an empty certificate store should not be an
    error.
 2024-12-04 11:15:13 +01:00
Neal H. Walfield
500447b804
Fix hint. 2024-12-04 11:15:13 +01:00
Malte Meiboom
a7cbf56067
Hide --without-password from the sq key generate examples. 
- The `sq key generate` examples shouldn't include
    `--without-password`, but it is needed for the automated tests.

  - Hide it.
 2024-12-04 11:15:12 +01:00
Malte Meiboom
ae0609006c
Make it possible to hide parts of an example. 
- Sometimes an example needs an argument to run in an automated way,
    but which the user shouldn't actually use, like
    `--without-password`.

  - Add a mechanism to hide specific arguments.
 2024-12-04 11:15:12 +01:00
Justus Winter
f6b4b31976
Change the default third-party certification expiration to 10y. 
- Fixes #225.
 2024-12-03 20:44:50 +01:00
Justus Winter
1fcdd57d93
Implement sq pki vouch {add,authorize} --certifier-self. 
- This selects the default certification key controlled by the
    `pki.vouch.certifier-self` setting.

  - See #336.
 2024-12-03 20:32:09 +01:00
Justus Winter
0d37335aad
Improve the --self-signer help texts and add to the template. 
- Fixes 25e99e5afb.
 2024-12-03 20:05:40 +01:00
Justus Winter
84a57d45d1
Add a pattern argument to sq pki link list. 
- This harmonizes the interface with `sq cert list` and `sq key
    list`.

  - Fixes #210.
 2024-12-03 19:21:19 +01:00
Justus Winter
888c82e4ec
Add missing conflict for sq key list. 2024-12-03 19:12:15 +01:00
Neal H. Walfield
0b11ee4ef9
Change sq config inspect network to use stdout. 
- Change `sq config inspect network ` to use `stdout`, not `stderr`,
    for its main output.

  - See #342.
 2024-12-03 19:03:11 +01:00