Commit Graph

35 Commits

Author SHA1 Message Date
Justus Winter
adc2ed4773
Port to sequoia-net 0.28.0. 2023-11-24 17:40:26 +01:00
Justus Winter
041a41c01c
Port to sequoia-openpgp 1.17. 2023-11-24 17:40:26 +01:00
Neal H. Walfield
dcea72208a
Fix license
- On October 18, 2021, Sequoia PGP's license was changed from the
    GPL to the LGPL.  Unfortunately, we forgot to update sq's license.

  - See 884639bf1b

  - Change Sequoia's license from GPL 2.0 or later to LGPL 2.0 or
    later as unanimously decided on October 18, 2021 by:

      - Christof Wahl <cw@pep.security> (pEp security CEO)
      - Heiko Schaefer <heiko.schaefer@posteo.de> (pEp Foundation
        employee, Sequoia developer)
      - Justus Winter <justus@sequoia-pgp.org> (pEp Foundation
        employee, Sequoia Founder)
      - Neal H. Walfield <neal@pep.foundation> (pEp Foundation
        employee, Sequoia Founder)
      - Patrick Meier <pm@pep.security> (pEp security Chief Product
        and Service Officer)
      - Rudolf Bohli <rb@pep.security> (pEp security Chairman of the
        Board)
      - Volker Birk <vb@pep.security> (pEp security Founder, pEp
        Foundation Council)
2023-11-24 16:37:14 +01:00
Justus Winter
7de29e7351
Make the dot-writer dependency optional.
- The dot-writer crate is unmaintained, and prevents upgrading sq in
    Fedora.  As a short-term workaround, we make this dependency
    optional so that it can be easily patched out by packagers.  The
    same has been done for the sq-wot tool.

    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/51
    - https://gitlab.com/sequoia-pgp/sequoia-wot/-/issues/47

  - If the situation improves, either because the crate is maintained
    again, or we port to a different crate, we can easily undo this
    change.

  - Also, remove all the examples that use the dot output format.  Not
    only is it awkward to make these examples optional, the existing
    examples are also very repetetive, as they duplicate an existing
    example, and only change the output format.

  - Fixes #146.
2023-11-24 15:29:05 +01:00
Justus Winter
55eca2c87e
Use sequoia-policy-config to configure the StandardPolicy.
- This allows users to tweak the StandardPolicy used by Sequoia to
    evaluate cryptographic artifacts.  For example, on Fedora it will
    adhere to the system-wide cryptographic policy for Sequoia.

  - Fixes #128.
2023-11-20 18:31:11 +01:00
Neal H. Walfield
0dd20af066
Release 0.31.0.
* New functionality
  - `sq key subkey add` allows to create and add a new subkey to an
    existing certificate.
  - The functionality of `sq-keyring-linter` is now available as
    `sq keyring lint`.
  - The new subcommands `sq key revoke`, `sq key subkey revoke` and
    `sq key userid revoke`, allow writing to a file using the
    `--output` option.
 * Notable changes
  - The `--keyring` option is now global and can be specified anywhere
    when calling `sq`.
 * Deprecated functionality
  - The `--expires` and `--expires-in` options used in various
    subcommands are deprecated in favor of the unifying `--expiry`.
  - `sq key generate --export FILE` is deprecated in favor of the more
    generic `sq key generate --output FILE`.
  - The `sq revoke certificate` command has been renamed to `sq key
    revoke`.
  - The `sq revoke subkey` command has been renamed to `sq key subkey
    revoke`.
  - The `sq revoke userid` command has been renamed to `sq key userid
    revoke`.
2023-07-05 14:07:56 +02:00
Neal H. Walfield
8bc9c3e578
Upgrade rpassword.
- Upgrade to the latest version of rpassword.
2023-07-05 14:07:44 +02:00
Neal H. Walfield
494e46b06c
Widen the itertools' version requirements.
- `sq` works with 0.11, but other depenedencies pull in 0.10.

  - We prefer fewer dependencies so keep the version in `Cargo.lock`
    at 0.10.
2023-07-05 14:00:02 +02:00
Jan Christian Grünhage
74fd9dd8fe
Move keyring-linter into sq keyring as a subcommand
This commit is mostly a copy over from the keyring-linter repository,
with a few changes included to make it work in the sq codebase. These
changes are:
 - replaced calls to atty with calls to is-terminal. This was done due
   to is-terminal already being in the dependency tree of sq, and atty
   being unmaintained.
 - replace ansi_term with termcolor, because ansi_term is unmaintained
 - removed a few things from the keyring linter, that were also present
   in sq itself, to avoid duplication. This included the reference time
   parameter, key decryption and IO handling
 - added output file and binary parameters to the linter, so that I
   could handle output the same as the other commands do
2023-06-22 11:19:27 +02:00
Jan Christian Grünhage
f3cfb1b602
Only prompt for passwords when trying to decrypt a key if stdin is a terminal 2023-06-21 10:36:58 +02:00
David Runge
ed6069623b
Replace CLI I/O argument duplication with common facilities
- Replace `sq_cli::types::IoArgs` with the more granular
  `sq_cli::types::FileOrStdin`, `sq_cli::types::FileOrCertStore` and
  `sq_cli::types::FileOrStdout`.
- Replace all generic `input` (describing single files) and `output`
  arguments with the respective new facilities to share code and not
  repeat ourselves.
- Replace the `open_or_stdin()` function with `FileOrStdin::open()`.
- Replace the `create_or_stdout()` function with the private
  `FileOrStdout::create()`, so that it can not be called directly.
- Replace the `emit_unstable_cli_warning()`
  and `create_or_stdout_unsafe()` functions with
  `FileOrStdout::create_unsafe()`.
- Replace the `create_or_stdout_safe()` function with
  `FileOrStdout::create_safe()`.
- Replace the `create_or_stdout_pgp()` function with
  `FileOrStdout::create_pgp_safe()`.
- Remove the field `unstable_cli_warning_emitted` from `Config`, as
  it is replaced by the static `UNSTABLE_CLI_WARNING`, which allows for
  tracking whether a warning has been emitted across several instances
  of `FileOrStdout`.
2023-06-17 15:39:14 +02:00
Neal H. Walfield
3433e6e806
Release 0.30.1.
* Changes in 0.30.1
 * Notable changes
   - The `crypto-botan` feature now selects Botan's v3 interface.  Use
     the new `crypto-botan2` feature to continue using Botan's v2
     interface.
 * Notable fixes
   - Several parser bugs were fixed in sequoia-openpgp 1.16.0 and
     buffered-reader 1.2.0.  These are all low-severity as Rust
     correctly detects the out of bounds access and panics.  Update
     Cargo.lock to make sure we use these versions.
2023-05-31 10:33:31 +02:00
Neal H. Walfield
60ba1d11cc
Add a feature to build sq using Botan's version 2 interface.
- sequoia-openpgp 1.16 changed `sequoia-openpgp/crypto-botan` to
    build against Botan's v3 interface, and exposed
    `sequoia-openpgp/crypto-botan2` to build against the v2 interface.

  - Do the same.  Add a `crypto-botan2` feature to allow the user to
    build against Botan's v2 interface.
2023-05-31 09:36:15 +02:00
David Runge
f6aa19294a
Replace the unmaintained term_size with terminal_size
As term_size is no longer maintained, switch to terminal_size.
2023-05-30 10:52:54 +02:00
Neal H. Walfield
be99608961
Release 0.30.0 2023-05-08 11:04:41 +02:00
Neal H. Walfield
f5a5d0d8dd
Fix spelling 2023-05-08 11:04:41 +02:00
Neal H. Walfield
7db05f8d18
Upgrade dirs to version 5 2023-05-08 11:04:41 +02:00
Gabriel de Perthuis
75b5360a38
Update subplot to fix tera issue
- See https://gitlab.com/subplot/subplot/-/merge_requests/317 .

  - Fixes #2
2023-04-19 10:55:09 +02:00
Gabriel de Perthuis
2c57cd77d7
Move subplot tests to a feature so subplot doesn't affect most builds
Installing sq from crates.io (cargo install sequoia-sq) was broken by a
semver-compatible change in Tera.  Running cargo test uses the lockfile
and isn't affected.

This has the side benefit of reducing dependency bloat, the baseline
depends on check/build/build --release but in the case of a non-release
build the dependency count goes from 403 to 315.

Fixes #2.

The subplot/tera issue was likely triggered by this change in tera
1.18: <https://github.com/Keats/tera/pull/799>.
2023-04-19 10:54:05 +02:00
Neal H. Walfield
689ed7428b
Add support for using pEp certificate stores
- Add the top-level option `--pep-cert-store` and the environment
    variable `PEP_CERT_STORE`, which allow users to use pEp
    certificate stores.

  - By default, no pEp certificate store is used.  Users can however
    put `export PEP_CERT_STORE=$HOME/.pEp` in their `.bashrc` file, for
    instance, to turn it on.
2023-04-19 10:31:33 +02:00
Neal H. Walfield
e01ec617eb
Update to sequoia-net 0.27
- Change the Windows CI job from `windows-msvc` to `windows-gnu` as
    `sq` now depends on OpenSSL, which is easier to install under
    `windows-gnu`.
2023-04-19 10:31:33 +02:00
Neal H. Walfield
0b33c9c603
Generate man pages using clap_mangen
- `clap_mangen` generates the man pages directly from `Clap`, and is
    the successor to `manpage-maker`.

  - Use it, and delete the checked-in (and stale) man pages.
2023-04-08 19:36:50 +02:00
Neal H. Walfield
1ab79eb1d4
Release 0.29.0 2023-04-07 21:47:55 +02:00
Neal H. Walfield
cbcaa73e09
Add crypto-botan feature 2023-03-31 09:17:37 +02:00
Neal H. Walfield
893e4cd2e3
Update project metadata
- `repository` still pointed to the old repository.
2023-03-31 09:17:37 +02:00
Neal H. Walfield
0dc63db72d
Update Cargo.lock 2023-03-31 09:17:36 +02:00
Neal H. Walfield
47447cd7d0
Add sq wot
- Add the `sq wot` subcommand, to expose web of trust functionality.

  - This is just an import of the `sq-wot` CLI as `sq wot`.  The
    support for using the `gpg` keyring and gpg's ownertrust, however,
    is removed.
2023-03-30 16:03:48 +02:00
Neal H. Walfield
6c7b0de5c0
Support addressing recipients by email address and User ID
- Extend `sq encrypt` with the `--recipient-email` and
    `--recipient-userid` arguments to allow the caller to designate a
    certificate by email address or User ID, respectively.  An email
    address or User ID is considered to designate a certificate, if
    the binding between the email address or User ID and the
    certificate can be authenticated using the web of trust.

  - Add support for the web of trust using the `sequoia-wot` crate.

  - Add a top-level option, `--trust-root`, to allow the user to
    specify trust roots.
2023-03-28 14:50:24 +02:00
Neal H. Walfield
81dd7e0e00
Update to the latest version of subplot 2023-03-17 10:07:17 +01:00
Neal H. Walfield
1f2f28a809
Enable debug symbols for release builds 2023-03-17 09:55:29 +01:00
Neal H. Walfield
df5ae7e18c
Update to clap 4
- Enable the `env` feature for the clap build dependency, not just
    the normal dependency.

  - Disable more rustdoc lints.

  - Explicitly convert a `StyledStr` to a `String`.

  - `ArgEnum` and `arg_enum` are now called `ValueEnum` and
    `value_enum`, respectively.

  - Clap 4 is stricter about how arguments are designated: in argument
    groups and conflicts, they have to be designated using the field
    name, not the long option name.

  - `clap::AppSettings::DeriveDisplayOrder` has been removed and is
    now the default.

  - `parse(from_occurrences)` is deprecated in favor of `action =
    Count`, which takes a `u8`, not a `usize`.

  - `Command` no longer takes a lifetime.
2023-03-17 09:55:19 +01:00
Neal H. Walfield
936ae250e1
Add support for a persistant certificate store
- Add support for a persistant certificate store using
    `sequoia-cert-store`.

  - Add `sq --no-cert-store` to disable the use of the certificate
    store.  Add `sq --cert-store PATH` to use an alternate certificate
    store.

  - Add `sq import` to import a certificate into the certificate
    store.  Add `sq export` to export certificates.

  - Modify `sq certify`, `sq encrypt`, and `sq verify` to lookup
    certificates in the certificate store, if it is configured.
2023-03-16 13:46:50 +01:00
Neal H. Walfield
b354a0afce
Bump MSRV to 1.63
- sequoia-cert-store, a future dependency, requires version 1.63 of
    rustc.

  - Debian testing has version 1.63 of rustc.
2023-03-14 19:22:48 +01:00
Justus Winter
2ef356aa1c
Make it build as a standalone crate.
- Also remove the Makefile.  Having a Makefile raised wrong
    expectations.
2023-02-23 11:22:01 +01:00
Justus Winter
b89c172c1d
Reincarnation commit.
- This implementation has been moved from the Sequoia repository to
    its own repository.  To inspect the history, either look at the
    Sequoia repository, or graft it onto this repository like this:

      $ git remote add sequoia https://gitlab.com/sequoia-pgp/sequoia
      $ git fetch sequoia 82eb0d7b240d137141fc0aaaa3dff1685bb11864
      $ git replace --graft <THIS-COMMIT> 82eb0d7b240d137141fc0aaaa3dff1685bb11864
2023-02-21 12:43:43 +01:00