Commit Graph

9 Commits

Author SHA1 Message Date
Neal H. Walfield
fa835e234f
Port the sq key revoke tests to the common test framework.
- Add `Sq::key_revoke`, and change the `sq key revoke` integration
    tests to use it.
2024-06-12 16:50:56 +02:00
Neal H. Walfield
1817c305ae
Make helper function more generic.
- Change `compare_notations` from taking a slice containing two
    elements to taking a slice taking any number of elements.
2024-06-12 16:49:26 +02:00
Neal H. Walfield
3debf8b584
Modify the sq key revoke tests to test the cert store integration.
- Modify the `sq key revoke` tests to also test the cert store and
    key store integration.

  - Somehow this wasn't added to
    cca564356c.
2024-05-28 15:04:48 +02:00
Neal H. Walfield
e24c9ff92e
Rename --certificate-file and --revocation-file.
- `sq key revoked`, `sq key userid revoke`, and `sq key subkey
    revoke` have two arguments for naming a certificate:
    `--certificate-file` and `--cert-file`.  The latter is an alias.
    Drop `--certificate-file` and promote `--cert-file`.  This
    harmonizes these subcommands with other subcommands, which only
    use `--cert-file`.

  - Rename `--revocation-file` to `--revoker-file`, as the file
    contains a "revoker" not a "revocation."
2024-05-27 19:12:46 +02:00
Neal H. Walfield
a549cabf8d
Require canonical user IDs by default.
- Change `sq key generate` and `sq key userid add` to require
    canonical user IDs by default.

  - If a user ID is not in canonical form, explain the problem, and
    suggest a solution, if possible.

  - Allow the user to disable this check by passing the
    `--allow-non-canonical-userids` flag.

  - Fixes #209.
2024-04-09 12:07:42 +02:00
Neal H. Walfield
27093c1709
Add support for using a key store.
- Support using keys managed by `sequoia-keystore`.

  - When decrypting a message, have `sq` automatically ask the
    key store to decrypt the PKESKs.

  - Extend `sq sign` and `sq encrypt` with the `--signer-key`
    parameter to use a key managed by the keystore.

  - Add two top-level options: `--no-key-store`, which disables the
    use of the key store, and `--key-store`, which uses an alternate
    key store instance.

  - Add `sq key list` to list keys on the key store.
2024-02-18 15:24:02 +01:00
Justus Winter
dc24306af1
Emit partial TPKs as revocation certificates.
- When emitting revocation certificates, emit the revocation
    signature with enough context so that it is a well-formed TPK,
    i.e. include the primary key, the component to be revoked (if
    revoking a user ID or subkey), and the revocation signature.

  - Having a partial TPK instead of a bare revocation makes handling
    it much easier, as it can be stored and transported like any
    cert.  It also gives the recipient of the certificate more
    context, and simplifies merging it into a database of certs.

  - Previously, there was a bug in sq where we would emit secret key
    material when emitting revocation certificates.  The reason for
    that was that the certificate was first converted to a packet
    stream, and then each packet serialized.  In contrast, if a
    Cert is serialized, no secrets are emitted unless the
    programmer opts in.  In a way, this is the more comprehensive fix
    for the problem, as it leverages sequoia-openpgp's mechanisms to
    protect secret key material.

  - See #160.
2023-12-11 15:48:06 +01:00
Justus Winter
8216857de2
Strip secret key material from emitted revocation certificates.
- When doing a userid, subkey, or third-party certificate
    revocation, with the cert given to --certificate-file containing
    secret key material, we previously emitted a revocation
    certificate containing secret key material.

  - This patch changes that in a straight-forward way that is easy to
    backport to prior versions.  A more comprehensive fix will follow.

  - Fixes #160.
2023-12-11 15:40:31 +01:00
David Runge
82a866c18d
Consolidate sq revoke commands as sq key subcommands
- Move the `sq revoke certificate`, `sq revoke subkey` and `sq revoke
  userid` subcommands below the `sq key` namespace as `sq key revoke`,
  `sq key subkey revoke` and `sq key userid revoke` (respectively). This
  consolidates commands relevant to key management below `sq key`, which
  is in line with already existing subcommands (e.g. `sq key generate`,
  `sq key subkey add` or `sq key userid add`).
- Replace the use of a common `revoke()` with `CertificateRevocation`,
  `SubkeyRevocation` and `UserIDRevocation` to reduce complexity and
  allow for easier per target (i.e., certificate, subkey or userid)
  command modification.
- Allow specifying an output file using `--output`/ `-o` for all
  revocation subcommands (i.e., `sq key revoke`, `sq key subkey revoke`,
  `sq key userid revoke`). If unspecified, output goes to stdout as
  before.
- Add common test facilities to create a default certificate in a
  temporary directory.
- Add common test function to compare a set of notations with those in
  a `Signature`.
- Replace the integration tests which used to test a combined `sq
  revoke` subcommand with integration tests for `sq key subkey revoke`,
  `sq key userid revoke` and `sq key revoke` using direct and third
  party revocation.

Fixes #93
2023-07-03 16:04:51 +02:00