diff options
| author | Nora Widdecke <nora@sequoia-pgp.org> | 2022-05-02 14:27:13 +0200 |
|---|---|---|
| committer | Nora Widdecke <nora@sequoia-pgp.org> | 2022-05-06 16:30:13 +0200 |
| commit | bf04f358838196b6dfa40b9a7467760560ed9729 (patch) | |
| tree | 471e377510c31895b8423e6e969fe7e19a18bf4c | |
| parent | a5fdf077bed778401b98c6d72955d5c453360ef5 (diff) | |
sq: Add option to generate an auth-capable subkey.
- Generate an authentication-capable subkey by default.
- Add the flags `--can-authenticate` and `--cannot-authenticate` to sq
key generate, analogous to `--can{not}-sign`.
- Closes #844.
| -rw-r--r-- | sq/src/commands/key.rs | 13 | ||||
| -rw-r--r-- | sq/src/sq-usage.rs | 6 | ||||
| -rw-r--r-- | sq/src/sq_cli.rs | 9 |
3 files changed, 28 insertions, 0 deletions
diff --git a/sq/src/commands/key.rs b/sq/src/commands/key.rs index f597d6ac..aa03f2e1 100644 --- a/sq/src/commands/key.rs +++ b/sq/src/commands/key.rs @@ -111,6 +111,19 @@ fn generate(config: Config, m: &ArgMatches) -> Result<()> { } } + // Authentication Capability + match (m.is_present("can-authenticate"), m.is_present("cannot-authenticate")) { + (false, false) | (true, false) => { + builder = builder.add_authentication_subkey() + } + (false, true) => { /* no authentication subkey */ } + (true, true) => { + return Err( + anyhow::anyhow!("Conflicting arguments --can-authenticate and\ + --cannot-authenticate")); + } + } + // Encryption Capability match (m.value_of("can-encrypt"), m.is_present("cannot-encrypt")) { (Some("universal"), false) | (None, false) => { diff --git a/sq/src/sq-usage.rs b/sq/src/sq-usage.rs index a7ff5fea..c588c213 100644 --- a/sq/src/sq-usage.rs +++ b/sq/src/sq-usage.rs @@ -388,9 +388,15 @@ //! sq key generate [FLAGS] [OPTIONS] --export <OUTFILE> //! //! FLAGS: +//! --can-authenticate +//! Adds an authentication-capable subkey (default) +//! //! --can-sign //! Adds a signing-capable subkey (default) //! +//! --cannot-authenticate +//! Adds no authentication-capable subkey +//! //! --cannot-encrypt //! Adds no encryption-capable subkey //! diff --git a/sq/src/sq_cli.rs b/sq/src/sq_cli.rs index 7260fb71..d154ac5c 100644 --- a/sq/src/sq_cli.rs +++ b/sq/src/sq_cli.rs @@ -582,6 +582,15 @@ $ sq key generate --creation-time 20110609T1938+0200 --export noam.pgp .long("cannot-sign") .help("Adds no signing-capable subkey")) + .group(ArgGroup::with_name("cap-authenticate") + .args(&["can-authenticate", "cannot-authenticate"])) + .arg(Arg::with_name("can-authenticate") + .long("can-authenticate") + .help("Adds an authentication-capable subkey (default)")) + .arg(Arg::with_name("cannot-authenticate") + .long("cannot-authenticate") + .help("Adds no authentication-capable subkey")) + .group(ArgGroup::with_name("cap-encrypt") .args(&["can-encrypt", "cannot-encrypt"])) .arg(Arg::with_name("can-encrypt") |