diff options
author | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2020-03-18 12:55:16 +0100 |
---|---|---|
committer | Wiktor Kwapisiewicz <wiktor@metacode.biz> | 2020-03-18 15:40:54 +0100 |
commit | 153db43f8f4eae71a906beacaea149492d75a1ac (patch) | |
tree | 5fecc6e09a21613e6da0365d34bc56c0b3247dc9 | |
parent | e5b01bed4383e061cd79d3446c7710e53ad41d9a (diff) |
tool: Add `--known-notation` option to `sq`
This option marks the given notation name as good and known. This
affects the verification procedure as unknown critical notations would
otherwise cause the signature verification failure.
Fixes #77.
-rw-r--r-- | tool/src/sq-usage.rs | 9 | ||||
-rw-r--r-- | tool/src/sq.rs | 7 | ||||
-rw-r--r-- | tool/src/sq_cli.rs | 10 |
3 files changed, 22 insertions, 4 deletions
diff --git a/tool/src/sq-usage.rs b/tool/src/sq-usage.rs index 420bcee2..0312d07f 100644 --- a/tool/src/sq-usage.rs +++ b/tool/src/sq-usage.rs @@ -14,9 +14,12 @@ //! -V, --version Prints version information //! //! OPTIONS: -//! --home <DIRECTORY> Sets the home directory to use -//! -m, --mapping <MAPPING> Sets the realm and mapping to use [default: org.sequoia-pgp.contacts/default] -//! -p, --policy <NETWORK-POLICY> Sets the network policy to use +//! --home <DIRECTORY> Sets the home directory to use +//! --known-notation <NOTATION>... The notation name is considered known. This is used when validating +//! sigantures. Signatures that have unknown notations with the critical bit set +//! are considered invalid. +//! -m, --mapping <MAPPING> Sets the realm and mapping to use [default: org.sequoia-pgp.contacts/default] +//! -p, --policy <NETWORK-POLICY> Sets the network policy to use //! //! SUBCOMMANDS: //! decrypt Decrypts an OpenPGP message diff --git a/tool/src/sq.rs b/tool/src/sq.rs index 421dadae..cdb309dd 100644 --- a/tool/src/sq.rs +++ b/tool/src/sq.rs @@ -212,10 +212,15 @@ fn help_warning(arg: &str) { } fn main() -> Result<()> { - let policy = &P::new(); + let policy = &mut P::new(); let matches = sq_cli::build().get_matches(); + let known_notations: Vec<&str> = matches.values_of("known-notation") + .unwrap_or_default() + .collect(); + policy.good_critical_notations(&known_notations); + let network_policy = match matches.value_of("policy") { None => NetworkPolicy::Encrypted, Some("offline") => NetworkPolicy::Offline, diff --git a/tool/src/sq_cli.rs b/tool/src/sq_cli.rs index 52e43c98..fb98cd65 100644 --- a/tool/src/sq_cli.rs +++ b/tool/src/sq_cli.rs @@ -27,6 +27,16 @@ pub fn build() -> App<'static, 'static> { .long("force") .short("f") .help("Overwrite existing files")) + .arg(Arg::with_name("known-notation") + .long("known-notation") + .multiple(true) + .takes_value(true) + .value_name("NOTATION") + .number_of_values(1) + .help("The notation name is considered known. \ + This is used when validating sigantures. \ + Signatures that have unknown notations with the \ + critical bit set are considered invalid.")) .subcommand(SubCommand::with_name("decrypt") .display_order(10) .about("Decrypts an OpenPGP message") |