Commit Graph

1352 Commits

Author SHA1 Message Date
Justus Winter
62dbde6b03
Silence compiler warning.
- This import is not necessary if the dot-writer feature is enabled,
    but necessary if it is not.
2023-11-24 17:40:26 +01:00
Justus Winter
041a41c01c
Port to sequoia-openpgp 1.17. 2023-11-24 17:40:26 +01:00
Justus Winter
de42ad66c9
ci: Use Debian Trixie, Rust 1.67. 2023-11-24 17:40:26 +01:00
Justus Winter
1837674639
Fix typos. 2023-11-24 17:17:18 +01:00
Neal H. Walfield
dcea72208a
Fix license
- On October 18, 2021, Sequoia PGP's license was changed from the
    GPL to the LGPL.  Unfortunately, we forgot to update sq's license.

  - See 884639bf1b

  - Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
    later as unanimously decided on October 18, 2021 by:

      - Christof Wahl <cw@pep.security> (pEp security CEO)
      - Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
        employee, Sequoia developer)
      - Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
        employee, Sequoia Founder)
      - Neal H. Walfield <neal@pep.foundation> (pEp Foundation
        employee, Sequoia Founder)
      - Patrick Meier <pm@pep.security> (pEp security Chief Product
        and Service Officer)
      - Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
        Board)
      - Volker Birk <vb@pep.security> (pEp security Founder, pEp
        Foundation Council)
2023-11-24 16:37:14 +01:00
Justus Winter
7de29e7351
Make the dot-writer dependency optional.
- The dot-writer crate is unmaintained, and prevents upgrading sq in
    Fedora.  As a short-term workaround, we make this dependency
    optional so that it can be easily patched out by packagers.  The
    same has been done for the sq-wot tool.

    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/51
    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/47

  - If the situation improves, either because the crate is maintained
    again, or we port to a different crate, we can easily undo this
    change.

  - Also, remove all the examples that use the dot output format.  Not
    only is it awkward to make these examples optional, the existing
    examples are also very repetetive, as they duplicate an existing
    example, and only change the output format.

  - Fixes #146.
2023-11-24 15:29:05 +01:00
Justus Winter
c5f01fbf65
Simplify expressions. 2023-11-24 15:29:05 +01:00
Justus Winter
239002b06e
Fix error message.
- Fixes #150.
2023-11-24 15:29:05 +01:00
Justus Winter
993a719a74
Disable notarizing of messages.
- Currently, sequoia-openpgp miscomputes notarization
    signatures (see
    https://gitlab.com/sequoia-pgp/sequoia/-/issues/1041) and fixing
    that has proven to be difficult.  Disable this functionality until
    we sorted out the underlying implementation.
2023-11-24 15:29:05 +01:00
Justus Winter
0499e25675
Disable padding support.
- Our method of padding messages is not universally supported by
    consuming implementations:

      https://tests.sequoia-pgp.org/#Packet_excess_consumption

  - Disable it for now.  Once we support generating v6 OpenPGP
    messages, we can enable it again with the new padding packet.
2023-11-24 12:31:20 +01:00
Neal H. Walfield
3983d42953
Remove inaccurate comment 2023-11-22 14:21:45 +01:00
Neal H. Walfield
227750dd0d
Use PathBuf instead of String for arguments taking a path
- `sq verify --detached <SIG>` and `sq wkd generate <WEB-ROOT>` take
    paths, but the argument type is a String. We should use a PathBuf
    instead, as paths, unlike strings, do not have to be valid UTF-8
    strings.

  - Fixes #154.

  - See #13.
2023-11-22 14:20:19 +01:00
Neal H. Walfield
dccae02148
Change sq packet split's prefix argument from a String to a PathBuf
- `sq packet split`'s `--prefix` argument is used to build a
    filename.  Make it a `PathBuf` instead of a `String`.

  - See #13.
2023-11-22 13:53:00 +01:00
Neal H. Walfield
f9362886f4
Use cli::Time instead of a String argument
- Have clap do the conversion from a string to `cli::Time` for the
    `--time` argument to `sq`.

  - Implement `cli::Time::now` to return the current time, and
    `cli::Time::openpgp` to convert the time to a time that is
    representable as an OpenPGP timestamp, if possible.

  - See #13.
2023-11-22 13:52:59 +01:00
Neal H. Walfield
f13b7d1320
Change Time to wrap an OpenPGP timestamp.
- `cli::types::Time` wraps a `chrono::DateTime`, which has more
    resolution, and a larger range than an OpenPGP timestamp.

  - Change it to hold an `openpgp::types::Timestamp` instead.

  - This will catch out of range errors at parsing time rather than
    time of use, and prevents us forgetting to do the conversion.

  - Fixes #153.
2023-11-22 13:52:59 +01:00
Neal H. Walfield
186de775ae
Improve help text
- Improve the description of the types accepted by `sq certify`'s
    `--certificate` argument.
2023-11-22 13:52:58 +01:00
Neal H. Walfield
c554202a84
Have clap convert strings to KeyHandles
- Instead of doing the conversion from a string to a `KeyHandle`,
    have clap do it.

  - Fixes #98.

  - See #13.
2023-11-22 13:52:52 +01:00
Justus Winter
65050be557
Appease cargo deny.
- Update ahash and deunicode.
2023-11-22 11:26:44 +01:00
Justus Winter
55eca2c87e
Use sequoia-policy-config to configure the StandardPolicy.
- This allows users to tweak the StandardPolicy used by Sequoia to
    evaluate cryptographic artifacts.  For example, on Fedora it will
    adhere to the system-wide cryptographic policy for Sequoia.

  - Fixes #128.
2023-11-20 18:31:11 +01:00
Justus Winter
e9aa4a624e
Fix typo. 2023-11-15 17:11:51 +01:00
Neal H. Walfield
2e04ac39a3
Rename foo/mod.rs to foo.rs.
- A module `foo` used to have to be called `foo/mod.rs` if `foo` had
    submodules.

  - Since Rust 2018, it is possible to have `foo.rs` and the
    submodules under `foo`.

  - Using `foo.rs` is nicer than `foo/mod.rs` in many editors.  Rename
    modules called `mod.rs`.

  - Note: we can't rename `src/cli/mod.rs` as it is `include!`ed from
    `build.rs`, and then it doesn't find the submodules.
2023-10-23 16:05:58 +02:00
Neal H. Walfield
0a09fa6d75
Move sq_cli to cli
- Rename the `sq_cli` module to `cli`.
2023-10-23 16:05:51 +02:00
David Runge
9088265d7a
Use error message, when password for encrypted material is incorrect
Adapt `get_keys()` to return a more specific error, if the password for
a given encrypted key material is not correct.
Adapt the subkey and userid subcommands to return the error from
`get_keys()` instead of providing a less descriptive one themselves.

Fixes https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/139

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-23 11:49:46 +02:00
David Runge
0e0df4168a
Allow adding metadata when encrypting files.
- Add the optional `--set-metadata-filename` option for `sq encrypt`,
  which when provided, adds the filename of the file as metadata to the
  literal data packet.
- Add the optional `--set-metadata-time` option for `sq encrypt`,
  which when provided, adds a time as metadata to the literal
  data packet.
  The value can either be provided as ISO 8601 formatted string or by
  using one of the keywords ("none", "filecreation", "filemodification",
  or "packetcreation").

Fixes https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/135

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-23 11:39:19 +02:00
David Runge
4411f9d806
Add Display impl for Time
Add a `Display` `impl` for `Time`, so that format strings directly make
use of the `Display` `impl` of the underlying `DateTime`.

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-23 11:38:15 +02:00
David Runge
d7c7f8b56b
Use common facility to provide password when setting password for key
Use the common `prompt_for_password()` function to generically ask for a
new password, when setting a new password for a key.

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-19 09:55:56 +02:00
David Runge
4d2eb9aaf9
Use common facility to provide password when generating new key
Use the common `prompt_for_password()` function to generically ask for a
new password.

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-19 09:55:55 +02:00
David Runge
6789a408d8
Use common facility to provide password for new subkey
Use the common `prompt_for_password()` function to generically ask for a
new password (twice!), using a common facility.
This allows to provide no password, by providing no input twice.

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-19 09:55:54 +02:00
David Runge
8c317d4be5
Prompt twice for password when encrypting symmetrically
Previously, the user was only prompted once for a symmetric password,
which is potentially error-prone.
The `encrypt()` function now errors, instead of allowing to provide an
empty password.

Fixes https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/142

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-19 09:55:27 +02:00
David Runge
63f5c03e42
Add common method prompt_for_password() to create robust prompts
The `prompt_for_password()` function allows to asks for password input
twice and only returns `Some(Password)` if inputs match and are not
empty. If both inputs are empty, returns `None`.
The function takes a prompt string to provide to the user and an
optional prompt string for the repetition prompt.

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-19 09:25:05 +02:00
David Runge
963d225cb0
Improve documentation for sq encrypt --symmetric
Make clear, that the user is asked to provide a password when using this
option and that it can be provided more than once to support more than
one password.

Fixes https://gitlab.com/sequoia-pgp/sequoia-sq/-/issues/143

Signed-off-by: David Runge <dave@sleepmap.de>
2023-10-19 09:25:00 +02:00
Neal H. Walfield
61d7ad6e74
Regularize inspect's dispatch
- Adjust how `sq inspect` is dispatched to be more similar to how
    other subcommands are dispatched.
2023-10-17 14:52:23 +02:00
Neal H. Walfield
2f0fc12130
Move the deamor subcommand's dispatcher and impl to its own module 2023-10-17 14:52:23 +02:00
Neal H. Walfield
ddb3d8ffb1
Move the dump subsubcommand's impl under packet.
- The `sq packet dump` implementation lives in `commands::dump`.

  - Move the module to `commands::packet::dump` to better reflect its
    name.
2023-10-17 14:52:22 +02:00
Neal H. Walfield
51eed4ef2c
Move Convert to the root of the crate.
- `Convert` is used outside of the dump subsubcommand.

  - Move it to the root.
2023-10-17 14:52:22 +02:00
Neal H. Walfield
57b11b85f3
Move the packet subcommand's dispatcher and impl to its own module 2023-10-17 14:52:21 +02:00
Neal H. Walfield
5a2817afe5
Move the armor subcommand's dispatcher and impl to its own module 2023-10-17 14:52:21 +02:00
Neal H. Walfield
602266845e
Move the verify subcommand's dispatcher and impl to its own module 2023-10-17 14:52:20 +02:00
Neal H. Walfield
d0b583f9c0
Simplify function call
- Change `sign` from taking a single struct that bundles the
    parameters to taking each parameter as a separate argument.
2023-10-17 14:52:20 +02:00
Neal H. Walfield
58be795c25
Move the merge_signatures module under the sign module
- `merge_signatures` is only used by the `sign` subcommand.  Move
    the code under the `sign` module.
2023-10-17 14:52:19 +02:00
Neal H. Walfield
65a3b9da98
Move the sign subcommand's dispatcher to its own module 2023-10-17 14:52:18 +02:00
Neal H. Walfield
ea2feac6b1
Simplify function call
- Change `encrypt` from taking a single struct that bundles the
    parameters to taking each parameter as a separate argument.
2023-10-17 14:52:18 +02:00
Neal H. Walfield
38e16e1818
Move the encrypt subcommand's implementation to its own module 2023-10-17 14:52:17 +02:00
Neal H. Walfield
330a588377
Move the decrypt subcommand's dispatching to its own module 2023-10-17 14:52:17 +02:00
Neal H. Walfield
33e900e1f7
ci: Allow fehler
- RUSTSEC-2023-0067 was published to encourage projects to move from
    `fehler` to culpa.  `fehler` is an indirect dependency.  Allow it
    for now.
2023-10-17 14:52:16 +02:00
David Runge
66ee42f337
Allow providing a password when adding a new subkey
When providing `--with-password` to `sq key subkey add`, prompt the user
for a password, which will be added to encrypt the new subkey.
If the option is not provided and the key material is encrypted, the
password of the primary key is used.
2023-09-04 18:23:22 +02:00
David Runge
ccbbd64828
Attempt to use previously submitted password for decrypting keys.
When decrypting encrypted key material in `get_keys()` first attempt to
use passwords previously provided and only afterwards prompt the user
for a password.
2023-09-04 15:42:12 +02:00
David Runge
4e891fe36f
Allow adding new subkeys to certificates with encrypted secret keys
Without providing a password to the `KeyBuilder` and setting a primary
key signer for the `SubKeyBuilder`, it is not possible to add a new
subkey to a certificate with encrypted secret key material.

Adapt the helper function `get_primary_keys()` to return the optional
`Password` as provided by the user input, so that it may be used when
attaching a new subkey.
2023-09-04 15:42:07 +02:00
Neal H. Walfield
0dd20af066
Release 0.31.0.
* New functionality
  - `sq key subkey add` allows to create and add a new subkey to an
    existing certificate.
  - The functionality of `sq-keyring-linter` is now available as
    `sq keyring lint`.
  - The new subcommands `sq key revoke`, `sq key subkey revoke` and
    `sq key userid revoke`, allow writing to a file using the
    `--output` option.
 * Notable changes
  - The `--keyring` option is now global and can be specified anywhere
    when calling `sq`.
 * Deprecated functionality
  - The `--expires` and `--expires-in` options used in various
    subcommands are deprecated in favor of the unifying `--expiry`.
  - `sq key generate --export FILE` is deprecated in favor of the more
    generic `sq key generate --output FILE`.
  - The `sq revoke certificate` command has been renamed to `sq key
    revoke`.
  - The `sq revoke subkey` command has been renamed to `sq key subkey
    revoke`.
  - The `sq revoke userid` command has been renamed to `sq key userid
    revoke`.
2023-07-05 14:07:56 +02:00
Neal H. Walfield
8bc9c3e578
Upgrade rpassword.
- Upgrade to the latest version of rpassword.
2023-07-05 14:07:44 +02:00