diff options
author | Justus Winter <justus@sequoia-pgp.org> | 2019-11-28 15:27:33 +0100 |
---|---|---|
committer | Justus Winter <justus@sequoia-pgp.org> | 2019-11-28 16:26:43 +0100 |
commit | bbbc6da375d6584c7b2bcc74e838fff943f489d4 (patch) | |
tree | 0a965698c96dbc0fc8541c6adc2224935b68bc07 /sqv | |
parent | f53c77752ff04c3713c175a76a06723042e681ae (diff) |
Call TPKs Certificates, update identifiers, documentation.
- Fixes #387.
Diffstat (limited to 'sqv')
-rw-r--r-- | sqv/src/sqv.rs | 54 | ||||
-rw-r--r-- | sqv/tests/multiple-signatures.rs | 4 | ||||
-rw-r--r-- | sqv/tests/revoked-key.rs | 6 | ||||
-rw-r--r-- | sqv/tests/wrong-key-flags.rs | 8 |
4 files changed, 36 insertions, 36 deletions
diff --git a/sqv/src/sqv.rs b/sqv/src/sqv.rs index 71ffd912..912c236a 100644 --- a/sqv/src/sqv.rs +++ b/sqv/src/sqv.rs @@ -13,11 +13,11 @@ use std::process::exit; use std::fs::File; use std::collections::{HashMap, HashSet}; -use crate::openpgp::{TPK, Packet, packet::Signature, KeyID, RevocationStatus}; +use crate::openpgp::{Cert, Packet, packet::Signature, KeyID, RevocationStatus}; use crate::openpgp::types::HashAlgorithm; use crate::openpgp::crypto::hash::Hash; use crate::openpgp::parse::{Parse, PacketParserResult, PacketParser}; -use crate::openpgp::tpk::TPKParser; +use crate::openpgp::cert::CertParser; mod sqv_cli; @@ -68,7 +68,7 @@ fn real_main() -> Result<(), failure::Error> { // First, we collect the signatures and the alleged issuers. // Then, we scan the keyrings exactly once to find the associated - // TPKs. + // Certs. // .unwrap() is safe, because "sig-file" is required. let sig_file = matches.value_of_os("sig-file").unwrap(); @@ -76,7 +76,7 @@ fn real_main() -> Result<(), failure::Error> { let mut ppr = PacketParser::from_file(sig_file)?; let mut sigs_seen = HashSet::new(); - let mut sigs : Vec<(Signature, KeyID, Option<TPK>)> = Vec::new(); + let mut sigs : Vec<(Signature, KeyID, Option<Cert>)> = Vec::new(); // sig_i is count of all Signature packets that we've seen. This // may be more than sigs.len() if we can't handle some of the @@ -150,10 +150,10 @@ fn real_main() -> Result<(), failure::Error> { openpgp::crypto::hash_file(File::open(file)?, &hash_algos[..])? .into_iter().collect(); - fn tpk_has_key(tpk: &TPK, keyid: &KeyID) -> bool { + fn cert_has_key(cert: &Cert, keyid: &KeyID) -> bool { // Even if a key is revoked or expired, we can still use it to // verify a message. - tpk.keys_all().any(|(_, _, k)| *keyid == k.keyid()) + cert.keys_all().any(|(_, _, k)| *keyid == k.keyid()) } // Find the keys. @@ -161,18 +161,18 @@ fn real_main() -> Result<(), failure::Error> { .expect("No keyring specified.") { // Load the keyring. - let tpks : Vec<TPK> = TPKParser::from_file(filename)? - .unvalidated_tpk_filter(|tpk, _| { + let certs : Vec<Cert> = CertParser::from_file(filename)? + .unvalidated_cert_filter(|cert, _| { for &(_, ref issuer, _) in &sigs { - if tpk_has_key(tpk, issuer) { + if cert_has_key(cert, issuer) { return true; } } false }) - .map(|tpkr| { - match tpkr { - Ok(tpk) => tpk, + .map(|certr| { + match certr { + Ok(cert) => cert, Err(err) => { eprintln!("Error reading keyring {:?}: {}", filename, err); @@ -182,23 +182,23 @@ fn real_main() -> Result<(), failure::Error> { }) .collect(); - for tpk in tpks { - for &mut (_, ref issuer, ref mut issuer_tpko) in sigs.iter_mut() { - if tpk_has_key(&tpk, issuer) { - if let Some(issuer_tpk) = issuer_tpko.take() { + for cert in certs { + for &mut (_, ref issuer, ref mut issuer_certo) in sigs.iter_mut() { + if cert_has_key(&cert, issuer) { + if let Some(issuer_cert) = issuer_certo.take() { if trace { eprintln!("Found key {} again. Merging.", issuer); } - *issuer_tpko - = issuer_tpk.merge(tpk.clone()).ok(); + *issuer_certo + = issuer_cert.merge(cert.clone()).ok(); } else { if trace { eprintln!("Found key {}.", issuer); } - *issuer_tpko = Some(tpk.clone()); + *issuer_certo = Some(cert.clone()); } } } @@ -206,16 +206,16 @@ fn real_main() -> Result<(), failure::Error> { } // Verify the signatures. - let mut sigs_seen_from_tpk = HashSet::new(); + let mut sigs_seen_from_cert = HashSet::new(); let mut good = 0; - 'sig_loop: for (mut sig, issuer, tpko) in sigs.into_iter() { + 'sig_loop: for (mut sig, issuer, certo) in sigs.into_iter() { if trace { eprintln!("Checking signature allegedly issued by {}.", issuer); } - if let Some(ref tpk) = tpko { + if let Some(ref cert) = certo { // Find the right key. - for (maybe_binding, _, key) in tpk.keys_all() { + for (maybe_binding, _, key) in cert.keys_all() { let binding = match maybe_binding { Some(b) => b, None => continue, @@ -265,7 +265,7 @@ fn real_main() -> Result<(), failure::Error> { } // check key was valid at sig creation time - let binding = tpk + let binding = cert .subkeys() .find(|s| { s.key().fingerprint() == key.fingerprint() @@ -279,7 +279,7 @@ fn real_main() -> Result<(), failure::Error> { } } - if tpk.revoked(t) + if cert.revoked(t) != RevocationStatus::NotAsFarAsWeKnow { eprintln!( @@ -299,7 +299,7 @@ fn real_main() -> Result<(), failure::Error> { eprintln!("Signature by {} is good.", issuer); } - if sigs_seen_from_tpk.replace(tpk.fingerprint()) + if sigs_seen_from_cert.replace(cert.fingerprint()) .is_some() { eprintln!( @@ -308,7 +308,7 @@ fn real_main() -> Result<(), failure::Error> { continue; } - println!("{}", tpk.primary().fingerprint()); + println!("{}", cert.primary().fingerprint()); good += 1; }, Ok(false) => { diff --git a/sqv/tests/multiple-signatures.rs b/sqv/tests/multiple-signatures.rs index 3c0aa81c..69d5a982 100644 --- a/sqv/tests/multiple-signatures.rs +++ b/sqv/tests/multiple-signatures.rs @@ -6,11 +6,11 @@ fn p(filename: &str) -> String { format!("../openpgp/tests/data/{}", filename) } -/// Asserts that multiple signatures from the same TPK are properly +/// Asserts that multiple signatures from the same Cert are properly /// ignored. #[test] fn ignore_multiple_signatures() { - // Multiple signatures from the same TPK are ignored, and fails to + // Multiple signatures from the same Cert are ignored, and fails to // meet the threshold. Assert::cargo_binary("sqv") .with_args( diff --git a/sqv/tests/revoked-key.rs b/sqv/tests/revoked-key.rs index 7667a003..b3646b33 100644 --- a/sqv/tests/revoked-key.rs +++ b/sqv/tests/revoked-key.rs @@ -55,7 +55,7 @@ mod integration { // fn create_key() { // use std::fs::File; // use sequoia_openpgp::{ -// TPK, +// Cert, // PacketPile, // packet::{ // signature, @@ -156,7 +156,7 @@ mod integration { // // (bind1, rev, bind2, sig1, sig2, sig3) // }; -// let tpk = TPK::from_packet_pile(PacketPile::from(vec![ +// let cert = Cert::from_packet_pile(PacketPile::from(vec![ // key.into_packet(Tag::PublicKey).unwrap(), // bind1.into(), // bind2.into(), @@ -165,7 +165,7 @@ mod integration { // // { // let mut fd = File::create("key").unwrap(); -// tpk.serialize(&mut fd).unwrap(); +// cert.serialize(&mut fd).unwrap(); // } // // { diff --git a/sqv/tests/wrong-key-flags.rs b/sqv/tests/wrong-key-flags.rs index dafbc6f9..4fb1e1e8 100644 --- a/sqv/tests/wrong-key-flags.rs +++ b/sqv/tests/wrong-key-flags.rs @@ -26,7 +26,7 @@ mod integration { // fn create_key() { // use std::fs::File; // use sequoia_openpgp::{ -// tpk::TPKBuilder, +// cert::CertBuilder, // packet::{ // signature, // key::SecretKey, @@ -39,11 +39,11 @@ mod integration { // } // }; // -// let (tpk, _) = TPKBuilder::default() +// let (cert, _) = CertBuilder::default() // .add_userid("Testy Mc Test") // .add_encryption_subkey() // .generate().unwrap(); -// let subkey = tpk.subkeys().next().unwrap(); +// let subkey = cert.subkeys().next().unwrap(); // let key = subkey.subkey(); // let sig = { // let mpis = match key.secret() { @@ -61,7 +61,7 @@ mod integration { // // { // let mut fd = File::create("key").unwrap(); -// tpk.serialize(&mut fd).unwrap(); +// cert.serialize(&mut fd).unwrap(); // } // // { |