Neal H. Walfield
6f452d51c6
Rename UseridRevocationReason to UserIDReasonForRevocation.
...
- Rename `UseridRevocationReason` to `UserIDReasonForRevocation`,
which is more consistent with other identifiers.
2024-06-12 16:47:50 +02:00
Neal H. Walfield
8ae03f1945
Rename RevocationReason to KeyReasonForRevocation.
...
- Rename `RevocationReason` to `KeyReasonForRevocation`.
`RevocationReason` sounds generic, but there is also
`UseridRevocationReason`.
- This name aligns better with the type from `sequoia-openpgp` that
it wraps, `ReasonForRevocation`.
2024-06-12 16:46:55 +02:00
Neal H. Walfield
bc5c0cf9f1
Rename the --expiry argument to --expiration.
...
- Rename the `--expiry` argument to `--expiration`, and adjust the
name of the corresponding fields, and data structures.
- Expiration and expiry have about the same meaning. According to
my research, "expiration" is used in American English whereas
both are used in British English.
- This change aligns the usage with RFC 4880's terminology, which
uses the word "expiration" many times, but never uses "expiry".
2024-06-11 22:51:40 +02:00
Neal H. Walfield
fa773b0e78
Improve Expiry's Debug implementation.
...
- Improve `Expiry`'s Debug implementation: use a bigger unit when
possible.
2024-06-11 12:15:41 +02:00
Neal H. Walfield
8463e8c5e5
Improve sq key generate's --help output.
2024-06-11 12:15:35 +02:00
Neal H. Walfield
c3582bea01
Port sq key generate's examples to the example framework.
...
- Port `sq key generate`'s examples to the example framework, and
improve the examples.
2024-06-11 10:27:47 +02:00
Neal H. Walfield
d76e1ae4db
Change sq key attest-certifications to support the key store and cert store.
...
- Change `sq key attest-certifications` to use the key store and the
cert store.
- See #205 .
2024-06-10 23:24:33 +02:00
Neal H. Walfield
353c21554a
Don't have sq key attest-certifications' --all be the default.
...
- In `sq key attest-certifications`, don't make `--all` the
default, but require the user to specify it explicitly.
- This makes it easier to introduce more fine-grained selectors in
the future.
- See #262 .
2024-06-10 23:24:33 +02:00
Neal H. Walfield
6dcfb270ad
Make sq key attest-certifications' positional parameter a named parameter.
...
- In `sq key attest-certifications`, change the certificate file
parameter from a positional parameter to a named parameter,
`--cert-file`.
2024-06-10 23:24:33 +02:00
Neal H. Walfield
90bad2927a
Add test for sq key attest-certifications.
2024-06-10 23:24:33 +02:00
Neal H. Walfield
f1a99b10d9
Change sq key adopt to support the cert store.
...
- Change `sq key adopt` to use the cert store.
- See #205 .
2024-06-10 23:24:33 +02:00
Neal H. Walfield
a08b536225
Add a convenience function to import a certificate.
...
- Add `Sq::import_cert`, which is a convenience function that
imports a certificate into the cert store.
2024-06-10 23:24:32 +02:00
Neal H. Walfield
f3037392f6
Change sq key adopt to support the key store.
...
- Change `sq key adopt` to use the key store.
- See #205 .
2024-06-10 23:24:32 +02:00
Neal H. Walfield
54ae8eda30
Add functions to lookup a certificate with an alternate policy.
...
- Add `Sq::lookup_with_policy` and `Sq::lookup_one_with_policy` to
lookup a certificate using an alternate policy.
2024-06-10 23:24:32 +02:00
Neal H. Walfield
47e076d890
If secret key material is passed via --keyring, use it.
...
- If the user supplies a keyring using `--keyring`, and it contains
the secret key material that we are looking for, use it.
2024-06-10 23:24:32 +02:00
Neal H. Walfield
cb13f883be
Make sq key adopt's positional parameter a named parameter.
...
- In `sq key adopt`, change the certifier file parameter from a
positional parameter to a named parameter, `--cert-file`.
2024-06-10 23:24:32 +02:00
Neal H. Walfield
d76d0fcd52
Change the sq key adopt's tests to use the common test framework.
2024-06-10 23:24:19 +02:00
Neal H. Walfield
a82d9908f9
Change sq pki certify to support the cert store and key store.
...
- Change `sq pki certify` to support the cert store and key store.
- See #205 .
2024-06-10 23:10:44 +02:00
Neal H. Walfield
028983d40f
Change the sq pki certify tests to use the common test framework.
2024-06-10 23:10:23 +02:00
Neal H. Walfield
c8c7e24fe9
Drop unnecessary requirement on certificates being certified.
...
- The certificate being certified doesn't need to be certification
capable.
- Drop the check.
2024-06-07 18:11:09 +02:00
Neal H. Walfield
b5a680e4f9
Show a lint when secret key material is missing, but required.
...
- Extend `Sq::get_keys` lints to also check if the secret key
material is missing.
2024-06-05 12:40:13 +02:00
Neal H. Walfield
b55d1f3239
Make sq pki certify's positional parameter a named parameter.
...
- In `sq pki certify`, change the certifier file parameter from a
positional parameter to a named parameter, `--certifier-file`.
2024-06-05 12:33:07 +02:00
Neal H. Walfield
bb0aa2f555
Change sq pki certify to use Sq::lookup_one.
...
- Change `sq pki certify` to use `Sq::lookup_one` when looking up
the certifier. This ensures that the certificate is certification
capable.
2024-06-05 10:07:48 +02:00
Neal H. Walfield
4b3e459cea
Change sq pki certify's certifier parameter to understand -.
...
- Change `sq pki certify`'s certifier parameter from a `PathBuf` to
a `FileOrStdin` so that it interprets `-` as meaning it should
read the certificate from stdin.
2024-06-05 09:57:53 +02:00
Neal H. Walfield
a8eb598cd0
Add sq key delete.
...
- Add `sq key delete`, to delete secret key material.
2024-06-05 09:35:13 +02:00
Neal H. Walfield
6eef5e9ffc
Change sq key password to support the cert store and key store.
...
- Change `sq key password` to support the cert store and key store.
- See #205 .
2024-06-05 09:35:11 +02:00
Neal H. Walfield
4a97011452
Add a test for sq key password.
...
- Add a test for `sq key password`.
2024-06-05 09:32:30 +02:00
Neal H. Walfield
721d680627
Make sq key password's positional parameter a named parameter.
...
- In `sq key password`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
2024-06-05 00:50:36 +02:00
Neal H. Walfield
178679e838
Add the --password-file
argument to sq sign
.
...
- Add the `--password-file` argument to the `sq sign` command to
allow the user to prefill the password cache with a password from a
file.
2024-06-05 00:50:36 +02:00
Neal H. Walfield
3f86cdbf93
Dry out sq sign.
...
- Dry out `sq sign` by using `Sq::get_signing_keys`.
- This means that `sq sign` also uses the password cache.
2024-06-05 00:50:36 +02:00
Neal H. Walfield
256679bce3
Use the password cache when unlocking keys managed by the key store.
...
- Change `Sq::get_signer` to also consider the password cache when
unlocking a key managed by the key store.
2024-06-05 00:50:27 +02:00
Neal H. Walfield
a2c482e4f3
Add a password cache to Sq.
...
- `sq cert line` manually manages a password cache.
- Move the password cache to `Sq` so the functionality can be used
elsewhere.
2024-06-05 00:16:49 +02:00
Neal H. Walfield
1a33500c26
Change sq key expire etc. to support the cert store and key store.
...
- Change `sq key expire` and `sq key subkey expire` to support the
cert store and key store.
- See #205 .
2024-06-05 00:13:50 +02:00
Neal H. Walfield
8006f7cc2f
Add a new convenience type, FileStdinOrKeyHandle.
...
- Add a new convenience type, `FileStdinOrKeyHandle`, which is
either a path, stdin, or a key handle.
- Extend `sq:lookup` and `sq::lookup_one` to take a
`FileStdinOrKeyHandle` instead of just a `KeyHandle`.
2024-06-05 00:06:26 +02:00
Neal H. Walfield
bb3215adfe
Move subkey functionality from sq key expire into its own command.
...
- Split the subkey functionality out of `sq key expire` into its own
command, `sq key subkey expire`.
2024-06-05 00:06:24 +02:00
Neal H. Walfield
52d88e615e
Add a test for sq key expire.
2024-06-05 00:04:31 +02:00
Neal H. Walfield
0b012bfe48
Fix sq key expire to respect the reference time.
...
- Fix `sq key expire` to set the new signature's creation time to
the reference time as set by the `--time` parameter.
- When getting a valid certificate, use the reference time, not the
current time.
2024-06-05 00:04:31 +02:00
Neal H. Walfield
d3d809a6fe
Make sq key expire's positional parameter a named parameter.
...
- In `sq key expire`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
2024-06-05 00:01:38 +02:00
Neal H. Walfield
bd235e7f67
Move the key expiration functionality to common::expire.
...
- Move the expiration logic from `commands:🔑 :expire` to
`commands:common::expire`.
- Change `commands:🔑 :expire` to use it.
2024-06-04 23:24:21 +02:00
Neal H. Walfield
fb5227f8e3
Update NEWS.
2024-05-30 20:26:33 +02:00
Neal H. Walfield
779eaecabd
Fix sq key subkey add to save the new subkey to the key store.
...
- When saving the new subkey, `sq key subkey add` accidentally only
saved the public key.
- Also save the secret key.
2024-05-30 20:26:32 +02:00
Neal H. Walfield
7866b2f5bb
Change sq key subkey add to support the cert store and key store.
...
- See #205 .
2024-05-29 16:03:06 +02:00
Neal H. Walfield
fb16a29f00
Make sq key subkey add's positional parameter a named parameter.
...
- In `sq key subkey add`, change the certificate file parameter from a
positional parameter to a named parameter, `--cert-file`.
2024-05-29 14:00:30 +02:00
Neal H. Walfield
42cca6b172
When reading from a file, default to writing to stdout.
...
- Change `sq key revoke`, `sq key userid revoke`, and `sq key subkey
revoke` to default to writing to stdout when reading from a file.
2024-05-29 09:41:58 +02:00
Neal H. Walfield
3debf8b584
Modify the sq key revoke tests to test the cert store integration.
...
- Modify the `sq key revoke` tests to also test the cert store and
key store integration.
- Somehow this wasn't added to
cca564356c
.
2024-05-28 15:04:48 +02:00
Neal H. Walfield
ab0e2a446c
Change sq cert lint to support the cert store and key store.
...
- See #205 .
2024-05-28 14:33:27 +02:00
Neal H. Walfield
5c1cf92f9b
Make sq cert lint's position parameter a named parameter.
...
- In `sq cert lint`, change the certificate file parameter from a
position parameter to a named parameter, `--cert-file`.
2024-05-28 14:24:58 +02:00
Neal H. Walfield
54bf3e977b
Add Sq::get_signer.
...
- Add a convenience function to `Sq`, `get_signer`, to get a signer
for a given key.
- Change `Sq::get_keys` to use it.
2024-05-28 14:03:52 +02:00
Neal H. Walfield
f4fe306093
Use the configured home directory to find the keystore.
...
- Respect `--home` when locating the keystore.
- Fixes e75ad72c65
.
2024-05-28 13:46:22 +02:00
Neal H. Walfield
22cc90e11f
Change sq cert lint to not read from stdin by default.
...
- Reading from stdin by default has caused confusion. If the user
wants to read from stdin, then they should explicitly opt-in.
2024-05-28 09:22:19 +02:00