diff options
| author | Neal H. Walfield <neal@pep.foundation> | 2022-10-01 08:05:38 +0200 |
|---|---|---|
| committer | Neal H. Walfield <neal@pep.foundation> | 2022-10-30 07:22:53 +0100 |
| commit | db90178d5b61e3310f979fdaefc66610adf0d33e (patch) | |
| tree | ff4b1a3de85e230a84fee7f8cba36cd44c3e4d9e | |
| parent | a20dddf79e660eff44b32679dbc65c7db697dcf5 (diff) | |
sq: Rename --signer-key, etc. to --signer-file
- Rename `--recipient-key` to `--recipient-file`, `--signer-key` to
`--signer-file`, and `--revocation-key` to `--revocation-file`.
- This rename makes it clearer that the argument is a file.
- This paves the way for other ways to address keys.
- See #933.
| -rw-r--r-- | sq/sq-subplot.md | 48 | ||||
| -rw-r--r-- | sq/sq-usage.md | 44 | ||||
| -rw-r--r-- | sq/src/commands/revoke.rs | 8 | ||||
| -rw-r--r-- | sq/src/sq_cli/decrypt.rs | 6 | ||||
| -rw-r--r-- | sq/src/sq_cli/encrypt.rs | 4 | ||||
| -rw-r--r-- | sq/src/sq_cli/packet.rs | 4 | ||||
| -rw-r--r-- | sq/src/sq_cli/revoke.rs | 35 | ||||
| -rw-r--r-- | sq/src/sq_cli/sign.rs | 6 | ||||
| -rw-r--r-- | sq/tests/sq-revoke.rs | 8 | ||||
| -rw-r--r-- | sq/tests/sq-sign.rs | 30 |
10 files changed, 96 insertions, 97 deletions
diff --git a/sq/sq-subplot.md b/sq/sq-subplot.md index e5abf228..c6dedb1e 100644 --- a/sq/sq-subplot.md +++ b/sq/sq-subplot.md @@ -1038,7 +1038,7 @@ given file hello.txt when I run sq key generate --export key.pgp when I run sq key extract-cert -o cert.pgp key.pgp when I run sq encrypt -o x.pgp --recipient-cert cert.pgp hello.txt -when I run sq decrypt -o output.txt --recipient-key key.pgp x.pgp +when I run sq decrypt -o output.txt --recipient-file key.pgp x.pgp then files hello.txt and output.txt match ~~~ @@ -1058,10 +1058,10 @@ when I run sq key extract-cert -o bob-cert.pgp bob.pgp when I run sq encrypt --recipient-cert alice-cert.pgp --recipient-cert bob-cert.pgp hello.txt -o x.pgp -when I run sq decrypt --recipient-key alice.pgp -o alice.txt x.pgp +when I run sq decrypt --recipient-file alice.pgp -o alice.txt x.pgp then files hello.txt and alice.txt match -when I run sq decrypt --recipient-key bob.pgp -o bob.txt x.pgp +when I run sq decrypt --recipient-file bob.pgp -o bob.txt x.pgp then files hello.txt and bob.txt match ~~~ @@ -1077,9 +1077,9 @@ given file hello.txt when I run sq key generate --export alice.pgp when I run sq key extract-cert -o alice-cert.pgp alice.pgp -when I run sq encrypt --recipient-cert alice-cert.pgp --signer-key alice.pgp hello.txt -o x.pgp +when I run sq encrypt --recipient-cert alice-cert.pgp --signer-file alice.pgp hello.txt -o x.pgp -when I run sq decrypt --recipient-key alice.pgp -o alice.txt x.pgp --signer-cert alice-cert.pgp +when I run sq decrypt --recipient-file alice.pgp -o alice.txt x.pgp --signer-cert alice-cert.pgp then files hello.txt and alice.txt match ~~~ @@ -1098,9 +1098,9 @@ when I run sq key extract-cert -o alice-cert.pgp alice.pgp when I run sq key generate --export bob.pgp when I run sq key extract-cert -o bob-cert.pgp bob.pgp -when I run sq encrypt --recipient-cert alice-cert.pgp --signer-key alice.pgp hello.txt -o x.pgp +when I run sq encrypt --recipient-cert alice-cert.pgp --signer-file alice.pgp hello.txt -o x.pgp -when I try to run sq decrypt --recipient-key alice.pgp -o alice.txt x.pgp --signer-cert bob-cert.pgp +when I try to run sq decrypt --recipient-file alice.pgp -o alice.txt x.pgp --signer-cert bob-cert.pgp then exit code is 1 then files alice.txt and empty match ~~~ @@ -1174,7 +1174,7 @@ stdout in ASCII armor form._ given an installed sq given file hello.txt when I run sq key generate --export key.pgp -when I run sq sign --signer-key key.pgp hello.txt +when I run sq sign --signer-file key.pgp hello.txt then stdout contains "-----BEGIN PGP MESSAGE-----" then stdout contains "-----END PGP MESSAGE-----" ~~~ @@ -1188,7 +1188,7 @@ stdout in binary form._ given an installed sq given file hello.txt when I run sq key generate --export key.pgp -when I run sq sign --signer-key key.pgp hello.txt --binary +when I run sq sign --signer-file key.pgp hello.txt --binary then stdout doesn't contain "-----BEGIN PGP MESSAGE-----" then stdout doesn't contain "-----END PGP MESSAGE-----" ~~~ @@ -1202,7 +1202,7 @@ file._ given an installed sq given file hello.txt when I run sq key generate --export key.pgp -when I run sq sign --signer-key key.pgp hello.txt -o signed.txt +when I run sq sign --signer-file key.pgp hello.txt -o signed.txt then file signed.txt contains "-----BEGIN PGP MESSAGE-----" then file signed.txt contains "-----END PGP MESSAGE-----" ~~~ @@ -1216,7 +1216,7 @@ given an installed sq given file hello.txt when I run sq key generate --export key.pgp when I run sq key extract-cert key.pgp -o cert.pgp -when I run sq sign --signer-key key.pgp hello.txt -o signed.txt +when I run sq sign --signer-file key.pgp hello.txt -o signed.txt when I run sq verify --signer-cert cert.pgp signed.txt then stdout contains "hello, world" ~~~ @@ -1238,11 +1238,11 @@ when I run sq key extract-cert alice.pgp -o alice-cert.pgp when I run sq key generate --userid Bob --export bob.pgp when I run sq key extract-cert bob.pgp -o bob-cert.pgp -when I run sq sign --signer-key alice.pgp hello.txt -o signed1.txt +when I run sq sign --signer-file alice.pgp hello.txt -o signed1.txt when I try to run sq verify --signer-cert alice-cert.pgp --signer-cert bob-cert.pgp --signatures=2 signed1.txt then exit code is 1 -when I run sq sign --append --signer-key bob.pgp signed1.txt -o signed2.txt +when I run sq sign --append --signer-file bob.pgp signed1.txt -o signed2.txt when I run sq verify --signer-cert alice-cert.pgp --signer-cert bob-cert.pgp --signatures=1 signed2.txt then stdout contains "hello, world" when I run sq verify --signer-cert alice-cert.pgp --signer-cert bob-cert.pgp --signatures=2 signed2.txt @@ -1265,7 +1265,7 @@ given file hello.txt given file sed-in-place when I run sq key generate --export key.pgp when I run sq key extract-cert key.pgp -o cert.pgp -when I run sq sign --signer-key key.pgp hello.txt -o signed.txt +when I run sq sign --signer-file key.pgp hello.txt -o signed.txt when I run bash sed-in-place 3d signed.txt when I try to run sq verify --signer-cert cert.pgp signed.txt then command fails @@ -1292,7 +1292,7 @@ given file hello.txt when I run sq key generate --export key.pgp when I run sq key extract-cert key.pgp -o cert.pgp -when I run sq sign --cleartext-signature --signer-key key.pgp hello.txt -o signed.txt +when I run sq sign --cleartext-signature --signer-file key.pgp hello.txt -o signed.txt then file signed.txt contains "-----BEGIN PGP SIGNED MESSAGE-----" then file signed.txt contains "hello, world" then file signed.txt contains "-----END PGP SIGNATURE-----" @@ -1313,7 +1313,7 @@ given file sed-in-place when I run sq key generate --export key.pgp when I run sq key extract-cert key.pgp -o cert.pgp -when I run sq sign --cleartext-signature --signer-key key.pgp hello.txt -o signed.txt +when I run sq sign --cleartext-signature --signer-file key.pgp hello.txt -o signed.txt when I run bash sed-in-place s/hello/HELLO/ signed.txt when I try to run sq verify --signer-cert cert.pgp signed.txt then exit code is 1 @@ -1330,7 +1330,7 @@ given file hello.txt when I run sq key generate --export key.pgp when I run sq key extract-cert key.pgp -o cert.pgp -when I run sq sign --detached --signer-key key.pgp hello.txt -o sig.txt +when I run sq sign --detached --signer-file key.pgp hello.txt -o sig.txt then file sig.txt contains "-----BEGIN PGP SIGNATURE-----" then file sig.txt contains "-----END PGP SIGNATURE-----" when I run sq verify --detached=sig.txt --signer-cert=cert.pgp hello.txt @@ -1351,7 +1351,7 @@ given file sed-in-place when I run sq key generate --export key.pgp when I run sq key extract-cert key.pgp -o cert.pgp -when I run sq sign --detached --signer-key key.pgp hello.txt -o sig.txt +when I run sq sign --detached --signer-file key.pgp hello.txt -o sig.txt when I run bash sed-in-place s/hello/HELLO/ hello.txt when I try to run sq verify --detached=sig.txt --signer-cert=cert.pgp hello.txt then exit code is 1 @@ -1371,8 +1371,8 @@ when I run sq key extract-cert alice.pgp -o alice-cert.pgp when I run sq key generate --userid Bob --export bob.pgp when I run sq key extract-cert bob.pgp -o bob-cert.pgp -when I run sq sign --signer-key alice.pgp hello.txt -o signed1.txt -when I run sq sign --signer-key bob.pgp --append signed1.txt -o signed2.txt +when I run sq sign --signer-file alice.pgp hello.txt -o signed1.txt +when I run sq sign --signer-file bob.pgp --append signed1.txt -o signed2.txt when I run sq verify signed2.txt --signer-cert alice-cert.pgp --signer-cert bob-cert.pgp then stdout contains "hello, world" then stderr contains "2 good signatures" @@ -1391,8 +1391,8 @@ when I run sq key extract-cert alice.pgp -o alice-cert.pgp when I run sq key generate --userid Bob --export bob.pgp when I run sq key extract-cert bob.pgp -o bob-cert.pgp -when I run sq sign --signer-key alice.pgp hello.txt -o signed1.txt -when I run sq sign --signer-key bob.pgp hello.txt -o signed2.txt +when I run sq sign --signer-file alice.pgp hello.txt -o signed1.txt +when I run sq sign --signer-file bob.pgp hello.txt -o signed2.txt when I run sq sign --merge=signed2.txt signed1.txt -o merged.txt when I run sq verify merged.txt --signer-cert alice-cert.pgp --signer-cert bob-cert.pgp then stdout contains "hello, world" @@ -1412,8 +1412,8 @@ when I run sq key extract-cert alice.pgp -o alice-cert.pgp when I run sq key generate --userid Bob --export bob.pgp when I run sq key extract-cert bob.pgp -o bob-cert.pgp -when I run sq sign --signer-key alice.pgp hello.txt -o signed.txt -when I run sq sign --signer-key bob.pgp --notarize signed.txt -o notarized.txt +when I run sq sign --signer-file alice.pgp hello.txt -o signed.txt +when I run sq sign --signer-file bob.pgp --notarize signed.txt -o notarized.txt when I run sq verify notarized.txt --signer-cert alice-cert.pgp --signer-cert bob-cert.pgp then stdout contains "hello, world" then stderr contains "Good level 1 notarization from" diff --git a/sq/sq-usage.md b/sq/sq-usage.md index 6a732e93..9b83cf5a 100644 --- a/sq/sq-usage.md +++ b/sq/sq-usage.md @@ -141,7 +141,7 @@ OPTIONS: Adds a password to encrypt with. The message can be decrypted with either one of the recipient's keys, or any password. - --signer-key <KEY_FILE> + --signer-file <KEY_FILE> Signs the message using the key in KEY_FILE -t, --time <TIME> @@ -158,7 +158,7 @@ EXAMPLES: $ sq encrypt --recipient-cert romeo.pgp message.txt # Encrypt a file creating a signature in the process -$ sq encrypt --recipient-cert romeo.pgp --signer-key juliet.pgp message.txt +$ sq encrypt --recipient-cert romeo.pgp --signer-file juliet.pgp message.txt # Encrypt a file using a password $ sq encrypt --symmetric message.txt @@ -215,7 +215,7 @@ OPTIONS: --private-key-store <KEY_STORE> Provides parameters for private key store - --recipient-key <KEY_FILE> + --recipient-file <KEY_FILE> Decrypts the message using the key in KEY_FILE --session-key <SESSION-KEY> @@ -230,10 +230,10 @@ OPTIONS: EXAMPLES: # Decrypt a file using a secret key -$ sq decrypt --recipient-key juliet.pgp ciphertext.pgp +$ sq decrypt --recipient-file juliet.pgp ciphertext.pgp # Decrypt a file verifying signatures -$ sq decrypt --recipient-key juliet.pgp --signer-cert romeo.pgp ciphertext.pgp +$ sq decrypt --recipient-file juliet.pgp --signer-cert romeo.pgp ciphertext.pgp # Decrypt a file using a password $ sq decrypt ciphertext.pgp @@ -292,7 +292,7 @@ OPTIONS: --private-key-store <KEY_STORE> Provides parameters for private key store - --signer-key <KEY_FILE> + --signer-file <KEY_FILE> Signs the message using the key in KEY_FILE -t, --time <TIME> @@ -302,10 +302,10 @@ OPTIONS: EXAMPLES: # Create a signed message -$ sq sign --signer-key juliet.pgp message.txt +$ sq sign --signer-file juliet.pgp message.txt # Create a detached signature -$ sq sign --detached --signer-key juliet.pgp message.txt +$ sq sign --detached --signer-file juliet.pgp message.txt ``` ## Subcommand sq verify @@ -1777,7 +1777,7 @@ OPTIONS: --private-key-store <KEY_STORE> Provides parameters for private key store - --recipient-key <KEY_FILE> + --recipient-file <KEY_FILE> Decrypts the message using the key in KEY_FILE --session-key <SESSION-KEY> @@ -1786,7 +1786,7 @@ OPTIONS: EXAMPLES: # Unwraps the encryption revealing the signed message -$ sq packet decrypt --recipient-key juliet.pgp ciphertext.pgp +$ sq packet decrypt --recipient-file juliet.pgp ciphertext.pgp ``` ### Subcommand sq packet split @@ -1924,13 +1924,13 @@ Revokes a certificate Creates a revocation certificate for the certificate. -If "--revocation-key" is provided, then that key is used to create +If "--revocation-file" is provided, then that key is used to create the signature. If that key is different from the certificate being revoked, this creates a third-party revocation. This is normally only useful if the owner of the certificate designated the key to be a designated revoker. -If "--revocation-key" is not provided, then the certificate must +If "--revocation-file" is not provided, then the certificate must include a certification-capable key. USAGE: @@ -2002,7 +2002,7 @@ OPTIONS: --private-key-store <KEY_STORE> Provides parameters for private key store - --revocation-key <KEY_FILE> + --revocation-file <KEY_FILE> Signs the revocation certificate using the key in KEY_FILE. If the key is different from the certificate, this creates a third-party revocation. If this option is not provided, and the certificate @@ -2021,12 +2021,12 @@ Revokes a subkey Creates a revocation certificate for a subkey. -If "--revocation-key" is provided, then that key is used to create the +If "--revocation-file" is provided, then that key is used to create the signature. If that key is different from the certificate being revoked, this creates a third-party revocation. This is normally only useful if the owner of the certificate designated the key to be a designated revoker. -If "--revocation-key" is not provided, then the certificate must include a +If "--revocation-file" is not provided, then the certificate must include a certification-capable key. USAGE: @@ -2100,7 +2100,7 @@ OPTIONS: --private-key-store <KEY_STORE> Provides parameters for private key store - --revocation-key <KEY_FILE> + --revocation-file <KEY_FILE> Signs the revocation certificate using the key in KEY_FILE. If the key is different from the certificate, this creates a third-party revocation. If this option is not provided, and the certificate @@ -2186,12 +2186,12 @@ OPTIONS: --private-key-store <KEY_STORE> Provides parameters for private key store - --revocation-key <KEY_FILE> - Signs the revocation certificate using the key specified in - KEY_FILE. If the key is different from the certificate, this - creates a third-party revocation. If this option is not provided, - and the certificate includes secret key material, then that key is - used to sign the revocation certificate. + --revocation-file <KEY_FILE> + Signs the revocation certificate using the key in KEY_FILE. If the + key is different from the certificate, this creates a third-party + revocation. If this option is not provided, and the certificate + includes secret key material, then that key is used to sign the + revocation certificate. -t, --time <TIME> Chooses keys valid at the specified time and sets the revocation diff --git a/sq/src/commands/revoke.rs b/sq/src/commands/revoke.rs index a4f3bbf3..c07b3497 100644 --- a/sq/src/commands/revoke.rs +++ b/sq/src/commands/revoke.rs @@ -192,14 +192,14 @@ fn revoke(config: Config, } else { if let Some(time) = time { return Err(anyhow::anyhow!("\ -No certification key found: the key specified with --revocation-key \ +No certification key found: the key specified with --revocation-file \ does not contain a certification key with secret key material. \ Perhaps this is because no certification keys are valid at the time \ you specified ({})", chrono::DateTime::<chrono::offset::Utc>::from(time))); } else { return Err(anyhow::anyhow!("\ -No certification key found: the key specified with --revocation-key \ +No certification key found: the key specified with --revocation-file \ does not contain a certification key with secret key material")); } } @@ -212,14 +212,14 @@ does not contain a certification key with secret key material")); } else { if let Some(time) = time { return Err(anyhow::anyhow!("\ -No certification key found: --revocation-key not provided and the +No certification key found: --revocation-file not provided and the certificate to revoke does not contain a certification key with secret key material. Perhaps this is because no certification keys are valid at the time you specified ({})", chrono::DateTime::<chrono::offset::Utc>::from(time))); } else { return Err(anyhow::anyhow!("\ -No certification key found: --revocation-key not provided and the +No certification key found: --revocation-file not provided and the certificate to revoke does not contain a certification key with secret key material")); } diff --git a/sq/src/sq_cli/decrypt.rs b/sq/src/sq_cli/decrypt.rs index ebdd6d67..30d5b697 100644 --- a/sq/src/sq_cli/decrypt.rs +++ b/sq/src/sq_cli/decrypt.rs @@ -31,10 +31,10 @@ The converse operation is \"sq encrypt\". "EXAMPLES: # Decrypt a file using a secret key -$ sq decrypt --recipient-key juliet.pgp ciphertext.pgp +$ sq decrypt --recipient-file juliet.pgp ciphertext.pgp # Decrypt a file verifying signatures -$ sq decrypt --recipient-key juliet.pgp --signer-cert romeo.pgp ciphertext.pgp +$ sq decrypt --recipient-file juliet.pgp --signer-cert romeo.pgp ciphertext.pgp # Decrypt a file using a password $ sq decrypt ciphertext.pgp @@ -64,7 +64,7 @@ pub struct Command { )] pub sender_cert_file: Vec<String>, #[clap( - long = "recipient-key", + long = "recipient-file", value_name = "KEY_FILE", help = "Decrypts the message using the key in KEY_FILE", )] diff --git a/sq/src/sq_cli/encrypt.rs b/sq/src/sq_cli/encrypt.rs index 8b95193b..867d90ac 100644 --- a/sq/src/sq_cli/encrypt.rs +++ b/sq/src/sq_cli/encrypt.rs @@ -21,7 +21,7 @@ The converse operation is \"sq decrypt\". $ sq encrypt --recipient-cert romeo.pgp message.txt # Encrypt a file creating a signature in the process -$ sq encrypt --recipient-cert romeo.pgp --signer-key juliet.pgp message.txt +$ sq encrypt --recipient-cert romeo.pgp --signer-file juliet.pgp message.txt # Encrypt a file using a password $ sq encrypt --symmetric message.txt @@ -44,7 +44,7 @@ pub struct Command { )] pub recipients_cert_file: Vec<String>, #[clap( - long = "signer-key", + long = "signer-file", value_name = "KEY_FILE", help = "Signs the message using the key in KEY_FILE", )] diff --git a/sq/src/sq_cli/packet.rs b/sq/src/sq_cli/packet.rs index fe1f1904..1c4596bc 100644 --- a/sq/src/sq_cli/packet.rs +++ b/sq/src/sq_cli/packet.rs @@ -97,7 +97,7 @@ that can, among other things, be inspected using \"sq packet dump\". "EXAMPLES: # Unwraps the encryption revealing the signed message -$ sq packet decrypt --recipient-key juliet.pgp ciphertext.pgp +$ sq packet decrypt --recipient-file juliet.pgp ciphertext.pgp ", )] pub struct DecryptCommand { @@ -110,7 +110,7 @@ pub struct DecryptCommand { )] pub binary: bool, #[clap( - long = "recipient-key", + long = "recipient-file", value_name = "KEY_FILE", help = "Decrypts the message using the key in KEY_FILE", )] diff --git a/sq/src/sq_cli/revoke.rs b/sq/src/sq_cli/revoke.rs index f10352f0..2e1a6528 100644 --- a/sq/src/sq_cli/revoke.rs +++ b/sq/src/sq_cli/revoke.rs @@ -66,13 +66,13 @@ pub enum Subcommands { Creates a revocation certificate for the certificate. -If \"--revocation-key\" is provided, then that key is used to create +If \"--revocation-file\" is provided, then that key is used to create the signature. If that key is different from the certificate being revoked, this creates a third-party revocation. This is normally only useful if the owner of the certificate designated the key to be a designated revoker. -If \"--revocation-key\" is not provided, then the certificate must +If \"--revocation-file\" is not provided, then the certificate must include a certification-capable key. ", )] @@ -88,7 +88,7 @@ an error for the file to contain more than one certificate.", )] pub input: Option<String>, #[clap( - long = "revocation-key", + long = "revocation-file", value_name = "KEY_FILE", help = "Signs the revocation certificate using the key in KEY_FILE", long_help = @@ -213,14 +213,14 @@ impl From<RevocationReason> for OpenPGPRevocationReason { Creates a revocation certificate for a subkey. -If \"--revocation-key\" is provided, then that key is used to create \ -the signature. If that key is different from the certificate being \ -revoked, this creates a third-party revocation. This is normally only \ -useful if the owner of the certificate designated the key to be a \ -designated revoker. +If \"--revocation-file\" is provided, then that key is used to \ +create the signature. If that key is different from the certificate \ +being revoked, this creates a third-party revocation. This is \ +normally only useful if the owner of the certificate designated the \ +key to be a designated revoker. -If \"--revocation-key\" is not provided, then the certificate must \ -include a certification-capable key.", +If \"--revocation-file\" is not provided, then the certificate \ +must include a certification-capable key.", )] pub struct SubkeyCommand { #[clap( @@ -235,7 +235,7 @@ certificate." )] pub input: Option<String>, #[clap( - long = "revocation-key", + long = "revocation-file", value_name = "KEY_FILE", help = "Signs the revocation certificate using the key in KEY_FILE", long_help = @@ -369,15 +369,14 @@ certificate." )] pub input: Option<String>, #[clap( - long = "revocation-key", + long = "revocation-file", value_name = "KEY_FILE", - help = "Signs the revocation certificate using the specified key", + help = "Signs the revocation certificate using the key in KEY_FILE", long_help = -"Signs the revocation certificate using the key specified in KEY_FILE. If \ -the key is different from the certificate, this creates a third-party \ -revocation. If this option is not provided, and the certificate includes \ -secret key material, then that key is used to sign the revocation \ -certificate.", +"Signs the revocation certificate using the key in KEY_FILE. If the key is \ +different from the certificate, this creates a third-party revocation. If \ +this option is not provided, and the certificate includes secret key material, \ +then that key is used to sign the revocation certificate.", )] pub secret_key_file: Option<String>, #[clap( diff --git a/sq/src/sq_cli/sign.rs b/sq/src/sq_cli/sign.rs index 5dce2adf..74435121 100644 --- a/sq/src/sq_cli/sign.rs +++ b/sq/src/sq_cli/sign.rs @@ -18,10 +18,10 @@ The converse operation is \"sq verify\". "EXAMPLES: # Create a signed message -$ sq sign --signer-key juliet.pgp message.txt +$ sq sign --signer-file juliet.pgp message.txt # Create a detached signature -$ sq sign --detached --signer-key juliet.pgp message.txt +$ sq sign --detached --signer-file juliet.pgp message.txt ", )] pub struct Command { @@ -85,7 +85,7 @@ pub struct Command { )] pub merge: Option<String>, #[clap( - long = "signer-key", + long = "signer-file", value_name = "KEY_FILE", help = "Signs the message using the key in KEY_FILE", )] diff --git a/sq/tests/sq-revoke.rs b/sq/tests/sq-revoke.rs index d0e233ad..7ea5c7c4 100644 --- a/sq/tests/sq-revoke.rs +++ b/sq/tests/sq-revoke.rs @@ -145,7 +145,7 @@ mod integration { let _tmp_dir = match (third_party, stdin) { (true, true) => { - // cat cert | sq revoke --revocation-key third-party + // cat cert | sq revoke --revocation-file third-party let dir = TempDir::new()?; cmd.write_stdin(cert); @@ -155,14 +155,14 @@ mod integration { file.write_all(&revoker)?; cmd.args([ - "--revocation-key", + "--revocation-file", &*revoker_pgp.to_string_lossy() ]); Some(dir) }, (true, false) => { // third_party && ! stdin - // sq revoke --certificate cert --revocation-key third-party + // sq revoke --certificate cert --revocation-file third-party let dir = TempDir::new()?; let cert_pgp = dir.path().join("cert.pgp"); @@ -179,7 +179,7 @@ mod integration { file.write_all(&revoker)?; cmd.args([ - "--revocation-key", + "--revocation-file", &*revoker_pgp.to_string_lossy() ]); diff --git a/sq/tests/sq-sign.rs b/sq/tests/sq-sign.rs index b9208c8a..0d61e341 100644 --- a/sq/tests/sq-sign.rs +++ b/sq/tests/sq-sign.rs @@ -35,7 +35,7 @@ fn sq_sign() { Command::cargo_bin("sq") .unwrap() .arg("sign") - .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--signer-file", &artifact("keys/dennis-simon-anton-private.pgp")]) .args(["--output", &sig.to_string_lossy()]) .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) .assert() @@ -84,7 +84,7 @@ fn sq_sign_with_notations() { Command::cargo_bin("sq") .unwrap() .arg("sign") - .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--signer-file", &artifact("keys/dennis-simon-anton-private.pgp")]) .args(["--output", &sig.to_string_lossy()]) .args(["--notation", "foo", "bar"]) .args(["--notation", "!foo", "xyzzy"]) @@ -162,7 +162,7 @@ fn sq_sign_append() { Command::cargo_bin("sq") .unwrap() .arg("sign") - .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--signer-file", &artifact("keys/dennis-simon-anton-private.pgp")]) .args(["--output", &sig0.to_string_lossy()]) .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) .assert() @@ -207,7 +207,7 @@ fn sq_sign_append() { .unwrap() .arg("sign") .arg("--append") - .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--signer-file", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) .arg("--output") .arg(&*sig1.to_string_lossy()) .arg(&*sig0.to_string_lossy()) @@ -334,7 +334,7 @@ fn sq_sign_append_on_compress_then_sign() { .unwrap() .arg("sign") .arg("--append") - .args(["--signer-key", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) + .args(["--signer-file", &artifact("keys/erika-corinna-daniela-simone-antonia-nistp256-private.pgp")]) .arg("--output") .arg(&*sig1.to_string_lossy()) .arg(&*sig0.to_string_lossy()) @@ -409,7 +409,7 @@ fn sq_sign_detached() { .unwrap() .arg("sign") .arg("--detached") - .args(["--signer-key", &artifact("keys/dennis-simon-anton-private.pgp")]) + .args(["--signer-file", &artifact("keys/dennis-simon-anton-private.pgp")]) .args(["--output", &sig.to_string_lossy()]) .arg(&artifact("messages/a-cypherpunks-manifesto.txt")) |