diff options
| author | Nora Widdecke <nora@sequoia-pgp.org> | 2022-06-02 10:28:03 +0200 |
|---|---|---|
| committer | Nora Widdecke <nora@sequoia-pgp.org> | 2022-06-08 14:49:43 +0200 |
| commit | 0fb10b9fb5297a2c941a70bbd899b2dbc8c926df (patch) | |
| tree | c18cc786331fd6609a069bd82ade13eec463266c /sq | |
| parent | 0ba72d67d162baa838cadad18be49751decff969 (diff) | |
sq: Derive sign subcommand.
- This is part of the effort of moving to clap3's derive API and
profit from the added type safety.
Diffstat (limited to 'sq')
| -rw-r--r-- | sq/src/sq_cli.rs | 217 |
1 files changed, 125 insertions, 92 deletions
diff --git a/sq/src/sq_cli.rs b/sq/src/sq_cli.rs index 6375378c..8395c947 100644 --- a/sq/src/sq_cli.rs +++ b/sq/src/sq_cli.rs @@ -220,98 +220,6 @@ $ sq encrypt --symmetric message.txt to using the one that expired last")) ) - .subcommand(Command::new("sign") - .display_order(200) - .about("Signs messages or data files") - .long_about( -"Signs messages or data files - -Creates signed messages or detached signatures. Detached signatures -are often used to sign software packages. - -The converse operation is \"sq verify\". -") - .after_help( -"EXAMPLES: - -# Create a signed message -$ sq sign --signer-key juliet.pgp message.txt - -# Create a detached signature -$ sq sign --detached --signer-key juliet.pgp message.txt -") - .arg(Arg::new("input") - .value_name("FILE") - .help("Reads from FILE or stdin if omitted")) - .arg(Arg::new("output") - .short('o').long("output").value_name("FILE") - .help("Writes to FILE or stdout if omitted")) - .arg(Arg::new("binary") - .short('B').long("binary") - .help("Emits binary data")) - .arg(Arg::new("private-key-store") - .long("private-key-store").value_name("KEY_STORE") - .help("Provides parameters for private key store")) - .arg(Arg::new("detached") - .long("detached") - .help("Creates a detached signature")) - .arg(Arg::new("clearsign") - .long("cleartext-signature") - .conflicts_with_all(&[ - "detached", - "append", - "notarize", - "binary", - ]) - .help("Creates a cleartext signature")) - .arg(Arg::new("append") - .short('a').long("append") - .conflicts_with("notarize") - .help("Appends a signature to existing signature")) - .arg(Arg::new("notarize") - .short('n').long("notarize") - .conflicts_with("append") - .help("Signs a message and all existing signatures")) - .arg(Arg::new("merge") - .long("merge").value_name("SIGNED-MESSAGE") - .conflicts_with_all(&[ - "append", - "detached", - "clearsign", - "notarize", - "secret-key-file", - "time", - ]) - .help("Merges signatures from the input and \ - SIGNED-MESSAGE")) - .arg(Arg::new("secret-key-file") - .long("signer-key").value_name("KEY") - .multiple_occurrences(true) - .help("Signs using KEY")) - .arg(Arg::new("time") - .short('t').long("time").value_name("TIME") - .help("Chooses keys valid at the specified time and \ - sets the signature's creation time")) - .arg(Arg::new("notation") - .value_names(&["NAME", "VALUE"]) - .long("notation") - .multiple_occurrences(true).number_of_values(2) - .help("Adds a notation to the certification.") - .long_help( - "Adds a notation to the certification. \ - A user-defined notation's name must be of \ - the form \"name@a.domain.you.control.org\". \ - If the notation's name starts with a !, \ - then the notation is marked as being \ - critical. If a consumer of a signature \ - doesn't understand a critical notation, \ - then it will ignore the signature. The \ - notation is marked as being human readable.") - .conflicts_with("merge")) - ) - - - .subcommand(Command::new("inspect") .display_order(600) .about("Inspects data, like file(1)") @@ -1802,6 +1710,7 @@ $ sq autocrypt encode-sender --prefer-encrypt mutual juliet.pgp } .subcommand(ArmorCommand::command()) .subcommand(DearmorCommand::command()) + .subcommand(SignCommand::command()) .subcommand(VerifyCommand::command()); app @@ -1997,3 +1906,127 @@ pub struct VerifyCommand { // TODO: And adapt load_certs in sq.rs pub sender_cert_file: Vec<String>, } + +#[derive(Parser, Debug)] +#[clap( + name = "sign", + display_order(200), + about = "Signs messages or data files", + long_about = +"Signs messages or data files + +Creates signed messages or detached signatures. Detached signatures +are often used to sign software packages. + +The converse operation is \"sq verify\". +", + after_help = +"EXAMPLES: + +# Create a signed message +$ sq sign --signer-key juliet.pgp message.txt + +# Create a detached signature +$ sq sign --detached --signer-key juliet.pgp message.txt +", + )] +pub struct SignCommand { + #[clap(value_name = "FILE", help = "Reads from FILE or stdin if omitted")] + pub input: Option<String>, + #[clap( + short, + long, + value_name = "FILE", + help = "Writes to FILE or stdout if omitted" + )] + pub output: Option<String>, + // TODO: Why capital B? + #[clap( + short = 'B', + long, + help = "Emits binary data", + )] + pub binary: bool, + #[clap( + long = "private-key-store", + value_name = "KEY_STORE", + help = "Provides parameters for private key store", + )] + pub private_key_store: Option<String>, + #[clap( + long, + help = "Creates a detached signature", + )] + pub detached: bool, + #[clap( + long = "cleartext-signature", + help = "Creates a cleartext signature", + conflicts_with_all = &[ + "detached", + "append", + "notarize", + "binary", + ], + )] + pub clearsign: bool, + #[clap( + short, + long, + conflicts_with = "notarize", + help = "Appends a signature to existing signature", + )] + pub append: bool, + #[clap( + short, + long, + conflicts_with = "append", + help = "Signs a message and all existing signatures", + )] + pub notarize: bool, + #[clap( + long, + value_name = "SIGNED-MESSAGE", + conflicts_with_all = &[ + "append", + "detached", + "clearsign", + "notarize", + "secret-key-file", + "time", + ], + help = "Merges signatures from the input and SIGNED-MESSAGE", + )] + pub merge: Option<String>, + #[clap( + long = "signer-key", + value_name = "KEY", + help = "Signs using KEY", + )] + pub secret_key_file: Vec<String>, + #[clap( + short, + long, + value_name = "TIME", + help = "Chooses keys valid at the specified time and sets the \ + signature's creation time", + )] + //TODO: Fix type & parsing + pub time: Option<String>, + #[clap( + long, + value_names = &["NAME", "VALUE"], + number_of_values = 2, + help = "Adds a notation to the certification.", + conflicts_with = "merge", + long_help = "Adds a notation to the certification. \ + A user-defined notation's name must be of the form \ + \"name@a.domain.you.control.org\". If the notation's name starts \ + with a !, then the notation is marked as being critical. If a \ + consumer of a signature doesn't understand a critical notation, \ + then it will ignore the signature. The notation is marked as \ + being human readable." + )] + // TODO: Is there a better way to express that one notation consists of two arguments, and + // there may be multiple notations? Like something like Vec<(String, String)>. + pub notation: Vec<String>, +} |