Age | Commit message (Collapse) | Author |
|
|
|
- `str::starts_with` already checks that the string is not empty.
Don't first check that the string is not empty.
|
|
- There may be a valid key, but not at the specified time. When no
key is found and a time stamp is given, add a diagnostic that
this might be the problem.
|
|
- Generalize the existing code to handle revoking both certificates
and User IDs.
|
|
|
|
- Generate `cert_stub` to optionally take a User ID. If a User ID
is specified emit that instead of the primary User ID.
|
|
|
|
Also, tidy up some older stuff a bit.
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
|
|
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Closes #799
|
|
|
|
|
|
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
- Show the revocation certificate's human-readable revocation
message, if any.
- If the revocation certificate is a third-party revocation, then
also show the first issuer.
|
|
- Use `get_certification_keys` to get the certification key. This
also unlocks the key, if needed.
Fixes #776.
- Add `--private-key-store` as an option to also work with keys
stored on a PKS.
|
|
Verify more aspects of how sq generates keys. The scenarios now cover
all ways of running "sq key generate".
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
Sponsored-by: NLnet Foundation; NGI Assure; European Commission
|
|
- Add support for revoking certificates to sq.
|
|
- Generalize get_signing_keys to lookup other types of keys.
- Rename it to get_keys, take a `KeyFlags` parameter, and implement
get_signing_keys in terms of get_keys.
|
|
- Change `get_signing_keys` to also take a `&Cert`, not just a `Cert`,
by making it polymorphic over the element type. Specifically,
change it to take a `Borrow<Cert>` instead of a `Cert`.
|
|
- clippy::collapsible-else-if:
Warns about:
if x {
if y {
} else {
}
} else {
if y {
} else {
}
}
But, this can express the intent of the code better than the
version that clippy prefers:
if x {
if y {
} else {
}
} else if y {
} else {
}
- clippy::needless-question-mark, clippy::try-err: While clippy is
right that the ? could sometimes be replaced with a return, using
a ? also does a conversion (`From`). So to allow global
consistency, permit this construct.
- clippy::redundant-clone: Clippy warns that the last use of a
variable doesn't have to be cloned. This is true, but can make
use of a variable in a function inconsistent. Also, if an
additional case that uses the variable is added later, a
`.clone()` may have to be added anyway.
|
|
- Move common functionality in before_script and after_script code
to separate stanzas.
|
|
- Setting complication flags in .gitlab-ci.yml means that they will
only be used by the CI.
- Instead, set flags in .cargo/config.toml so that compiling locally
will use the same set of lints.
|
|
- Detected by the rustdoc::bare-urls lint.
|
|
|
|
- Currently Signer has default implementations for Box and Box + Send
+ Sync.
- Add similar default implementations for Decryptor.
|
|
|
|
- The decryptor only decrypts, the encryptor only encrypts. No need
to have that parameter (in fact, having the parameter presents the
opportunity to get it wrong, see the previous commit).
|
|
- This only went unnoticed because we only hash and write the
digest, and don't invoke the encrypt method (which would have
panic'ed). No functional change.
|
|
|
|
- Previous refactoring inadvertently broke capability URL
construction.
- Fix the bug by moving `append_pair` after `join`.
- Add test cases to capability URL construction code.
|
|
|
|
|
|
|
|
- Use exhaustive match.
|
|
- The documentation link seems to be hardcoded to the 0.25.0
version, that doesn't exist on the server. Replaced it with a
working link.
|
|
- Previously, the tests for sq sign used test vectors from the
openpgp crate. But, those are not bundled with the sq crate,
breaking the test when using the crate's source tarball.
- Fixes #787.
|
|
- The sq frontend is still licensed under the GPL2+. Replace the
symlink to the top-level LICENSE.txt with a copy of the GPL2.
|
|
|
|
|
|
|