Commit Graph

246 Commits

Author SHA1 Message Date
Neal H. Walfield
f95db6fc9e
Lint user IDs that would be added and are not self signed.
- When a user ID designator designates a user ID that is not
    self-signed, and the command would add it to the certificate, check
    that it is in canonical form.

  - The relevant commands are: `sq key userid revoke`, `sq pki link
    add`, `sq pki link authorize`, `sq pki vouch certify`, and `sq pki
    vouch authorize`

  - Allow the user to disable the check with a new flag,
    `--allow-non-canonical-userids`.

  - Fixes #437.
2024-11-16 17:31:33 +01:00
Neal H. Walfield
d46844ca35
Move sq toolbox packet to sq packet.
- Make `sq packet` a top-level subcommand.

  - See #326.
2024-11-16 10:07:07 +01:00
Neal H. Walfield
e1a4fa656c
Move sq toolbox keyring to sq keyring.
- Make `sq keyring` a top-level subcommand.

  - See #326.
2024-11-16 10:06:59 +01:00
Neal H. Walfield
8e41fb7cd4
tests: Fix check.
- When checking if there are any user ID arguments, also check for
    `--userid`.
2024-11-16 07:12:13 +01:00
Neal H. Walfield
b76cec64b6
Port sq toolbox userid-strip to the user ID designator framework.
- Fixes #434.
2024-11-15 20:43:50 +01:00
Neal H. Walfield
4dbeebc045
Port sq cert list and two more to the user ID designator framework.
- Port `sq cert list`, `sq pki authenticate` and `sq pki lookup` to
    the user ID designator framework.  See #434.

  - This changes the user ID parameter from a positional parameter
    to a named parameter, and drops the `--email` flag.  See #318.
2024-11-15 17:47:05 +01:00
Neal H. Walfield
2e17dec9ad
Port sq pki {authenticate,identify} to the cert designator framework.
- Port `sq pki authenticate` and `sq pki identify` to the cert
    designator framework.  See #207.

  - This changes the certificate parameter from a positional parameter
    to a named parameter.  See #318.
2024-11-15 11:04:38 +01:00
Neal H. Walfield
0e36a20d97
Make sq pki path's user ID argument a named argument.
- See #318.
2024-11-14 16:48:49 +01:00
Neal H. Walfield
435b127e5f
Port sq key userid revoke to the user ID designator framework.
- Port `sq key userid revoke` to the user ID designator framework.
    See #434.

  - This replaces the `--add-userid` flag with the `--add-userid`,
    `--add-email` and `--add-name` arguments.  See #318.

  - This change also makes a user ID mandatory, which fixes #428.
2024-11-14 11:30:29 +01:00
Neal H. Walfield
6645fdee6c
Change --email and --add-email to only match user IDs unambiguously.
- Commands like `sq pki vouch certify` allow designating a user ID
    by email address.  Currently, if multiple self-signed user IDs
    include the specified email address, all are used.  Change the
    semantics of `--email` and --add-email` to only match
    unambiguously.

  - Fixes #309.
2024-11-13 14:29:32 +01:00
Justus Winter
78d8538707
Add sq sign --mode to create binary or text signatures.
- Fixes #390.
2024-11-13 14:08:57 +01:00
Neal H. Walfield
9eb0f0754e
Change --add-userid from a flag to two arguments.
- `sq pki link add`, `sq pki link authorize`, `sq pki vouch
    certify`, and `sq pki vouch authorize` have a `--add-userid` flag.

  - Replace the `--add-userid` flag with an `--add-userid` argument,
    and an `--add-email` argument.

  - This change means that a flag does not change how an argument is
    interpreted.  It also makes it more explicit whether a user ID
    should be added, because `--userid` and `--email` could be given
    multiple times.

  - See #309 and #318.
2024-11-13 13:51:35 +01:00
Neal H. Walfield
267a3d3481
tests: When calling sq pki authenticate include --show-paths.
- When `sq pki authenticate` fails, it is helpful to see as much
    details as possible.  As such, include `--show-paths` when calling
    `sq pki authenticate`.  `--show-paths` shows more information, but
    doesn't change the command's behavior.
2024-11-13 13:19:41 +01:00
Neal H. Walfield
fbd7f260e7
tests: Abstract user ID argument passing.
- Add a new type, `UserIDArg`, which represents a user ID argument.

  - Change functions that take user IDs like `Sq::key_generate` to use
    it.
2024-11-13 13:19:40 +01:00
Justus Winter
82a5f13a96
Drop debugging remnant. 2024-11-13 12:38:05 +01:00
Justus Winter
ee737472da
Require explicit mode, and align sq sign and sq verify.
- The flag `sq sign --detached` is now called `sq sign
     --signature-file`.

   - The flag `sq sign --clearsign` is now called `sq sign
     --cleartext`.

   - Both `sq sign` and `sq verify` now require an explicit mode,
     one of `--signature-file`, `--message`, or `--cleartext`.

   - Fixes #430.
2024-11-13 11:18:25 +01:00
Justus Winter
3e3a9e5096
Make tests less expensive.
- Only write out 30 megabytes, not 100.
2024-11-13 11:18:12 +01:00
Justus Winter
0b562c476e
Remove sq cert lint --list-keys.
- Fixes #316.
2024-11-11 18:30:03 +01:00
Justus Winter
16941dea66
Use only designated signers to verify signatures.
- Previously, the signers cert designators added to the set of certs
    in the store, and marked them as trusted.

  - Change this so that only the designated certs are used to verify
    the signatures, and they are marked as trusted.  This allows
    useful semantics like requiring a signature from a set of
    explicitly provided signers.

  - If no signers are designated, the cert store is consulted.

  - Fixes #248.
2024-11-11 18:27:25 +01:00
Neal H. Walfield
7ecc843dee
Add new command sq download.
- Add a new command, `sq download`, which downloads a file and a
    signature file, and then authenticates the file.

  - Fixes #84.
2024-11-09 13:28:17 +01:00
Neal H. Walfield
ee1c6f3fcf
Add new argument, --cli-version, to require a CLI version.
- Add a new argument, `--cli-version`, which the user can use to
    request a particular semver-compatible version of the CLI.

  - This enables breaking changes to the CLI, and enables `sq` to
    support multiple CLI versions.

  - Fixes #75.
2024-11-08 11:42:18 +01:00
Neal H. Walfield
2ae1885971
Finish renaming attestation to approval.
- See 49b7f25cc4.

  - Fixes #417.
2024-11-07 08:41:44 +01:00
Neal H. Walfield
f139b50f24
Change sq key subkey export to require the certificate to export.
- `sq key subkey export` currently takes a list of keys to export.
    This is ambiguous if a key is associated with multiple certificates.

  - Add a new required parameter, `--cert`, which specifies what
    certificate to export.  The specified keys must be attached to that
    certificate under the NULL policy.

  - This change means that `sq key subkey export` can only export a
    single certificate at a time.

  - As the implementations of `sq key export` and `sq key subkey
    export` have diverged, don't try to consolidate them any more.

  - Fixes #386.
2024-11-06 16:08:02 +01:00
Neal H. Walfield
26c70cad32
Don't extend the expiration of invalid components.
- If a component is not valid according to the policy, don't extend
    the expiration time.  Suggest using `sq cert lint`, and then error
    out.

  - Fixes #363.
2024-11-04 11:26:02 +01:00
Neal H. Walfield
70e4935e8d
Extend Time to support relative timestamps.
- Move the duration parsing code from `Expiration` to `Time`, which
    `Expiration` already uses for absolute timestamps.

  - Support negative durations, and to be more precise rename the
    `Duration` variant to `Offset`.

  - Fixes #268.
2024-11-03 09:09:21 +01:00
Jens Reimann
4f73627020
Add a global option, --policy-as-of, to select a crypto policy.
- When working with older messages, it may be necessary to use a
    different cryptographic policy.  Add an option, `--policy-as-of`, to
    select the cryptographic policy that was in effect at the specified
    time.

  - Fixes #123.

Co-authored-by: Neal H. Walfield <neal@sequoia-pgp.org>
2024-10-31 15:08:55 +01:00
Neal H. Walfield
0889d18da7
If decryption fails, delete the output file.
- Change `sq decrypt` to delete the output file if decryption fails.

  - Fixes #59.
2024-10-31 12:34:09 +01:00
Neal H. Walfield
fae8f689a2
tests: Generalize Sq::encrypt and Sq::decrypt to work with files.
- `Sq::encrypt` and `Sq::decrypt` only work with in-memory buffers.

  - Introduce `FileOrBytes`, which represents a path or bytes.  Change
    `Sq::encrypt` and `Sq::decrypt` to use them, and thus support
    messages stored in files in addition to inline messages.
2024-10-31 12:30:30 +01:00
Neal H. Walfield
e4c40da649
If signature verification fails, delete the output file.
- Change `sq verify` to delete the output file if it can't
    authenticate the signature.

  - See #59.
2024-10-31 12:30:28 +01:00
Neal H. Walfield
cedd9687d1
Add support for merging bare revocation certificates.
- Extend `sq toolbox keyring merge` to merge bare revocation
    certificates.

  - Fixes #50.
2024-10-31 10:01:45 +01:00
Neal H. Walfield
11140ae5c1
Add support for importing bare revocation certificates.
- Extend `sq cert import` to import bare revocation certificates.

  - See #50.
2024-10-30 15:36:12 +01:00
Neal H. Walfield
973b249f88
Rework signature verification output.
- Signature verification output is confusing.  The main problem is
    the terminology.  It talks about "good signatures", "good
    checksums", and "bad checksums," but it is unclear what good or
    bad means, and what a checksum is.  Instead, talk about
    "authenticated signatures," "unauthenticated signatures," and
    completely drop the term "checksum" and just say that the
    certificate for the alleged signer is missing.

  - Fixes #4.
2024-10-30 14:17:09 +01:00
Neal H. Walfield
89cb9d6743
Make sq key userid revoke's positional arguments named arguments.
- `sq key userid revoke`'s reason and message arguments are
    positional arguments.  Change them to be named arguments.

  - See #318.
2024-10-29 10:57:43 +01:00
Neal H. Walfield
ef785cbd12
Make sq key subkey revoke's positional arguments named arguments.
- `sq key subkey revoke`'s reason and message arguments are
    positional arguments.  Change them to be named arguments.

  - See #318.
2024-10-29 10:51:49 +01:00
Neal H. Walfield
b25bbee713
Make sq key revoke's positional arguments named arguments.
- `sq key revoke`'s reason and message arguments are positional
    arguments.  Change them to be named arguments.

  - See #318.
2024-10-29 10:48:51 +01:00
Neal H. Walfield
8fc655d5ad
Make sq key expire's expiration argument a named argument.
- `sq key expire`'s expiration argument is a positional argument.
    Change it to a named argument.

  - See #318.
2024-10-29 08:57:47 +01:00
Neal H. Walfield
b0a414a9c3
Make sq key subkey expire's expiration argument a named argument.
- `sq key subkey expire`'s expiration argument is a positional
    argument.  Change it to a named argument.

  - See #318.
2024-10-28 18:58:07 +01:00
Neal H. Walfield
7401c26ff5
Rework gossip.
- Currently, when the user requests gossip, we show all the found
    paths as being untrusted, even though some can be authenticated.
    This is confusing.

  - When getting gossip paths, specify the trust roots.  As of
    `sequoia-wot` 0.13.0, this will also authenticate any returned
    paths.

  - Fixes #338.
2024-10-26 09:30:07 +02:00
Neal H. Walfield
c9bdd6e002
tests: Dry out certificate handling.
- Many commands output a certificate.  Add a helper function to
    parse the output (wherever it may be).
2024-10-25 16:37:25 +02:00
Justus Winter
f3555c5a14
Use cert designators for sq key approvals update.
- See #207.
2024-10-24 14:41:21 +02:00
Justus Winter
a30799e093
Use cert designators for sq key subkey bind.
- See #207.
2024-10-24 14:41:21 +02:00
Justus Winter
33053757dc
Use cert designators for sq key subkey revoke.
- See #207.
2024-10-24 14:41:21 +02:00
Justus Winter
cb1bb1f944
Use cert designators for sq key subkey expire.
- See #207.
2024-10-24 14:40:39 +02:00
Justus Winter
7a0a844512
Use cert designators for sq key subkey password.
- See #207.
2024-10-24 14:40:27 +02:00
Justus Winter
625f1e8a17
Use cert designators for sq key subkey delete.
- See #207.
2024-10-24 14:40:27 +02:00
Justus Winter
74e7f4dd33
Use cert designators for sq key subkey add.
- See #207.
2024-10-23 18:04:13 +02:00
Justus Winter
37e2b65c6f
Use cert designators for sq key revoke.
- See #207.
2024-10-23 17:02:42 +02:00
Justus Winter
5c392b7d0a
Use cert designators for sq key expire.
- See #207.
2024-10-23 16:15:24 +02:00
Justus Winter
eb784ff84c
Use cert designators for sq key password.
- See #207.
2024-10-23 16:08:42 +02:00
Justus Winter
e15852d2f7
Use cert designators for sq cert lint.
- See #207.
2024-10-23 15:28:26 +02:00