Commit Graph

1373 Commits

Author SHA1 Message Date
Neal H. Walfield
ae057eba88
Support authenticating signatures using the web of trust
- When verifying a signature using `sq verify`, and a signer is not
    specified using `--signer-cert`, try and authenticate them using the
    web of trust using the configured certificate store.

  - If we can fully authenticate a signer, consider the signature to
    have been authenticated by that signer.
2023-03-28 14:51:18 +02:00
Neal H. Walfield
6c7b0de5c0
Support addressing recipients by email address and User ID
- Extend `sq encrypt` with the `--recipient-email` and
    `--recipient-userid` arguments to allow the caller to designate a
    certificate by email address or User ID, respectively.  An email
    address or User ID is considered to designate a certificate, if
    the binding between the email address or User ID and the
    certificate can be authenticated using the web of trust.

  - Add support for the web of trust using the `sequoia-wot` crate.

  - Add a top-level option, `--trust-root`, to allow the user to
    specify trust roots.
2023-03-28 14:50:24 +02:00
Neal H. Walfield
62e6b4cb8b
Change sq verify to respect the reference time.
- Change `sq verify` to respect the user-supplied reference time.
2023-03-28 12:26:15 +02:00
Neal H. Walfield
92f49b3ac1
Make sq encrypt better respect the reference time
- Change `sq encrypt` to select recipients that are valid at the
  reference time rather than the current time.
2023-03-28 12:12:12 +02:00
Neal H. Walfield
7b4ed970af
Set the policy's reference time to the configured reference time
- If the user specifies `--time`, then use it, not the current time,
    as the reference time for the policy object.
2023-03-28 12:12:12 +02:00
Neal H. Walfield
16fd67a10c
Add a top-level, global option --time to set the reference time
- Add a top-level, global option `--time` to set the reference time.

  - Remove subcommand's `--time` argument and use this instead.
    Remove `sq key generate`'s `--creation-time` argument `sq key user
    id`'s `--creation-time` argument and use this argument instead.
2023-03-28 12:12:11 +02:00
Neal H. Walfield
5daff2f939
Support setting --cert-store via an environment variable
- Set `--cert-store` using the environment variable `SQ_CERT_STORE`.
2023-03-28 12:12:11 +02:00
Neal H. Walfield
81dd7e0e00
Update to the latest version of subplot 2023-03-17 10:07:17 +01:00
Neal H. Walfield
1f2f28a809
Enable debug symbols for release builds 2023-03-17 09:55:29 +01:00
Neal H. Walfield
df5ae7e18c
Update to clap 4
- Enable the `env` feature for the clap build dependency, not just
    the normal dependency.

  - Disable more rustdoc lints.

  - Explicitly convert a `StyledStr` to a `String`.

  - `ArgEnum` and `arg_enum` are now called `ValueEnum` and
    `value_enum`, respectively.

  - Clap 4 is stricter about how arguments are designated: in argument
    groups and conflicts, they have to be designated using the field
    name, not the long option name.

  - `clap::AppSettings::DeriveDisplayOrder` has been removed and is
    now the default.

  - `parse(from_occurrences)` is deprecated in favor of `action =
    Count`, which takes a `u8`, not a `usize`.

  - `Command` no longer takes a lifetime.
2023-03-17 09:55:19 +01:00
Neal H. Walfield
0742ef8647
Correctly specify the option's name
- When specifying a log-option's name, don't include a leading
    `--`.
2023-03-17 09:22:47 +01:00
Neal H. Walfield
b9c53e19a5
Don't specify multiple_occurences, it's redundant
- Setting `multiple_occurences` for an argument whose type is
    `Vec<_>` is redundant; clap infers it from the type.
2023-03-17 09:10:02 +01:00
Neal H. Walfield
f91c21da12
Simplify the types used for the CLI arguments
- An `Option<Vec<_>>` is redundant, and slightly more complex to
    handle, than just using a `Vec<_>` and checking if it is empty.
2023-03-17 08:58:33 +01:00
Neal H. Walfield
9eb1e0fa7d
Implement Clone for Time
- Clap 4 wants to clone values.
2023-03-16 15:46:32 +01:00
Neal H. Walfield
936ae250e1
Add support for a persistant certificate store
- Add support for a persistant certificate store using
    `sequoia-cert-store`.

  - Add `sq --no-cert-store` to disable the use of the certificate
    store.  Add `sq --cert-store PATH` to use an alternate certificate
    store.

  - Add `sq import` to import a certificate into the certificate
    store.  Add `sq export` to export certificates.

  - Modify `sq certify`, `sq encrypt`, and `sq verify` to lookup
    certificates in the certificate store, if it is configured.
2023-03-16 13:46:50 +01:00
Neal H. Walfield
b354a0afce
Bump MSRV to 1.63
- sequoia-cert-store, a future dependency, requires version 1.63 of
    rustc.

  - Debian testing has version 1.63 of rustc.
2023-03-14 19:22:48 +01:00
Justus Winter
47e6dc920e
ci: Fix all-commits job. 2023-03-13 15:49:57 +01:00
Justus Winter
810f7cde64
Build and push Docker image to Gitlab's registry. 2023-03-13 12:54:00 +01:00
Justus Winter
c1c1198897
Improve generated documentation. 2023-03-06 18:05:21 +01:00
Justus Winter
de868c20bc
ci: Add test jobs. 2023-02-23 12:38:21 +01:00
Justus Winter
2c8ae1ef1b
Add git configuration. 2023-02-23 11:22:01 +01:00
Justus Winter
2ef356aa1c
Make it build as a standalone crate.
- Also remove the Makefile.  Having a Makefile raised wrong
    expectations.
2023-02-23 11:22:01 +01:00
Justus Winter
b89c172c1d
Reincarnation commit.
- This implementation has been moved from the Sequoia repository to
    its own repository.  To inspect the history, either look at the
    Sequoia repository, or graft it onto this repository like this:

      $ git remote add sequoia https://gitlab.com/sequoia-pgp/sequoia
      $ git fetch sequoia 82eb0d7b240d137141fc0aaaa3dff1685bb11864
      $ git replace --graft <THIS-COMMIT> 82eb0d7b240d137141fc0aaaa3dff1685bb11864
2023-02-21 12:43:43 +01:00