diff options
author | Nora Widdecke <nora@sequoia-pgp.org> | 2022-07-02 15:46:47 +0200 |
---|---|---|
committer | Nora Widdecke <nora@sequoia-pgp.org> | 2022-07-05 13:57:05 +0200 |
commit | cd724f9bee486d77d978e59eb9c35d6614f79ea9 (patch) | |
tree | 63121795141adc521525397fc220746b3b3f8819 | |
parent | 1fc284d0219b5923d7bfee6689f0716fb979c28b (diff) |
sq: Adapt sq certify to clap3's derive API.
-rw-r--r-- | sq/src/commands/certify.rs | 55 | ||||
-rw-r--r-- | sq/src/sq-usage.rs | 9 | ||||
-rw-r--r-- | sq/src/sq.rs | 4 | ||||
-rw-r--r-- | sq/src/sq_cli.rs | 12 |
4 files changed, 44 insertions, 36 deletions
diff --git a/sq/src/commands/certify.rs b/sq/src/commands/certify.rs index 7ca6bac0..7f612f67 100644 --- a/sq/src/commands/certify.rs +++ b/sq/src/commands/certify.rs @@ -17,43 +17,42 @@ use crate::SECONDS_IN_YEAR; use crate::commands::get_certification_keys; use crate::commands::GetKeysOptions; -pub fn certify(config: Config, m: &clap::ArgMatches) +use crate::sq_cli::CertifyCommand; + +pub fn certify(config: Config, c: CertifyCommand) -> Result<()> { - let certifier = m.value_of("certifier").unwrap(); - let cert = m.value_of("certificate").unwrap(); - let userid = m.value_of("userid").unwrap(); + let certifier = c.certifier; + let cert = c.certificate; + let userid = c.userid; let certifier = Cert::from_file(certifier)?; - let private_key_store = m.value_of("private-key-store"); + let private_key_store = c.private_key_store; let cert = Cert::from_file(cert)?; - let trust_depth: u8 = m.value_of("depth") - .map(|s| s.parse()).unwrap_or(Ok(0))?; - let trust_amount: u8 = m.value_of("amount") - .map(|s| s.parse()).unwrap_or(Ok(120))?; - let regex = m.values_of("regex").map(|v| v.collect::<Vec<_>>()) - .unwrap_or_default(); + let trust_depth: u8 = c.depth; + let trust_amount: u8 = c.amount; + let regex = c.regex; if trust_depth == 0 && !regex.is_empty() { return Err( anyhow::format_err!("A regex only makes sense \ if the trust depth is greater than 0")); } - let local = m.is_present("local"); - let non_revocable = m.is_present("non-revocable"); + let local = c.local; + let non_revocable = c.non_revocable; - let time = if let Some(t) = m.value_of("time") { + let time = if let Some(t) = c.time { let time = SystemTime::from( - crate::parse_iso8601(t, chrono::NaiveTime::from_hms(0, 0, 0)) + crate::parse_iso8601(&t, chrono::NaiveTime::from_hms(0, 0, 0)) .context(format!("Parsing --time {}", t))?); Some(time) } else { None }; - let expires = m.value_of("expires"); - let expires_in = m.value_of("expires-in"); + let expires = c.expires; + let expires_in = c.expires_in; let vc = cert.with_policy(&config.policy, time)?; @@ -122,7 +121,7 @@ pub fn certify(config: Config, m: &clap::ArgMatches) let now = builder.signature_creation_time() .unwrap_or_else(std::time::SystemTime::now); let expiration = SystemTime::from( - crate::parse_iso8601(t, chrono::NaiveTime::from_hms(0, 0, 0))?); + crate::parse_iso8601(&t, chrono::NaiveTime::from_hms(0, 0, 0))?); let validity = expiration.duration_since(now)?; builder = builder.set_signature_creation_time(now)? .set_signature_validity_period(validity)?; @@ -131,15 +130,17 @@ pub fn certify(config: Config, m: &clap::ArgMatches) // The default is no expiration; there is nothing to do. (), (None, Some(d)) => { - let d = parse_duration(d)?; + let d = parse_duration(&d)?; builder = builder.set_signature_validity_period(d)?; }, (Some(_), Some(_)) => unreachable!("conflicting args"), } + // TODO Extract this function, it is used in sign and some revoke commands, too. // Each --notation takes two values. The iterator returns them // one at a time, however. - if let Some(mut n) = m.values_of("notation") { + if let Some(n) = c.notation { + let mut n = n.iter(); while let Some(name) = n.next() { let value = n.next().unwrap(); @@ -147,7 +148,7 @@ pub fn certify(config: Config, m: &clap::ArgMatches) if let Some(name) = name.strip_prefix('!') { (true, name) } else { - (false, name) + (false, name.as_str()) }; builder = builder.add_notation( @@ -159,17 +160,17 @@ pub fn certify(config: Config, m: &clap::ArgMatches) } let mut options = Vec::new(); - if m.is_present("allow-not-alive-certifier") { + if c.allow_not_alive_certifier { options.push(GetKeysOptions::AllowNotAlive); } - if m.is_present("allow-revoked-certifier") { + if c.allow_revoked_certifier { options.push(GetKeysOptions::AllowRevoked); } // Sign it. let signers = get_certification_keys( &[certifier], &config.policy, - private_key_store, + private_key_store.as_deref(), time, Some(&options))?; assert_eq!(signers.len(), 1); @@ -191,8 +192,10 @@ pub fn certify(config: Config, m: &clap::ArgMatches) // And export it. let mut message = config.create_or_stdout_pgp( - m.value_of("output"), - m.is_present("binary"), sequoia_openpgp::armor::Kind::PublicKey)?; + c.output.as_deref(), + c.binary, + sequoia_openpgp::armor::Kind::PublicKey, + )?; cert.serialize(&mut message)?; message.finalize()?; diff --git a/sq/src/sq-usage.rs b/sq/src/sq-usage.rs index 36e08175..e9d9cd4a 100644 --- a/sq/src/sq-usage.rs +++ b/sq/src/sq-usage.rs @@ -948,8 +948,9 @@ //! -a, --amount <TRUST_AMOUNT> //! Sets the amount of trust. Values between 1 and 120 are meaningful. //! 120 means fully trusted. Values less than 120 indicate the degree -//! of trust. 60 is usually used for partially trusted. The default is -//! 120. +//! of trust. 60 is usually used for partially trusted. +//! +//! [default: 120] //! //! --allow-not-alive-certifier //! Allows the key to make a certification even if the current time is @@ -966,7 +967,9 @@ //! Sets the trust depth (sometimes referred to as the trust level). 0 //! means a normal certification of <CERTIFICATE, USERID>. 1 means //! CERTIFICATE is also a trusted introducer, 2 means CERTIFICATE is a -//! meta-trusted introducer, etc. The default is 0. +//! meta-trusted introducer, etc. +//! +//! [default: 0] //! //! --expires <TIME> //! Makes the certification expire at TIME (as ISO 8601). Use "never" to diff --git a/sq/src/sq.rs b/sq/src/sq.rs index 66d2245b..071a1150 100644 --- a/sq/src/sq.rs +++ b/sq/src/sq.rs @@ -737,7 +737,9 @@ fn main() -> Result<()> { }, Some(("certify", m)) => { - commands::certify::certify(config, m)?; + use clap::FromArgMatches; + let command = sq_cli::CertifyCommand::from_arg_matches(m)?; + commands::certify::certify(config, command)? }, _ => unreachable!(), diff --git a/sq/src/sq_cli.rs b/sq/src/sq_cli.rs index c5588a9e..0df5226a 100644 --- a/sq/src/sq_cli.rs +++ b/sq/src/sq_cli.rs @@ -1143,28 +1143,28 @@ $ sq certify --time 20130721T0550+0200 neal.pgp ada.pgp ada short = 'd', long = "depth", value_name = "TRUST_DEPTH", + default_value = "0", help = "Sets the trust depth", long_help = "Sets the trust depth (sometimes referred to as the trust level). \ 0 means a normal certification of <CERTIFICATE, USERID>. \ 1 means CERTIFICATE is also a trusted introducer, 2 means \ - CERTIFICATE is a meta-trusted introducer, etc. The default is 0.", + CERTIFICATE is a meta-trusted introducer, etc.", )] - //TODO: use usize, not String - pub depth: Option<String>, + pub depth: u8, #[clap( short = 'a', long = "amount", value_name = "TRUST_AMOUNT", + default_value = "120", help = "Sets the amount of trust", long_help = "Sets the amount of trust. Values between 1 and 120 are meaningful. \ 120 means fully trusted. Values less than 120 indicate the degree \ - of trust. 60 is usually used for partially \ - trusted. The default is 120.", + of trust. 60 is usually used for partially trusted.", )] //TODO: use usize, not String - pub amount: Option<String>, + pub amount: u8, #[clap( short = 'r', long = "regex", |