From d6818ddd1031d98d3762a20db8303f3d6eb5d5b7 Mon Sep 17 00:00:00 2001 From: Justus Winter Date: Tue, 15 Jan 2019 14:51:17 +0100 Subject: tool: Introduce key manipulation subcommand. - And move the key generation subcommand there, calling it `generate`. - Fixes #163. --- tool/src/sq-usage.rs | 29 ++++++++++++---- tool/src/sq.rs | 7 ++-- tool/src/sq_cli.rs | 98 +++++++++++++++++++++++++++++----------------------- 3 files changed, 82 insertions(+), 52 deletions(-) (limited to 'tool') diff --git a/tool/src/sq-usage.rs b/tool/src/sq-usage.rs index e6f261d0..7c06615b 100644 --- a/tool/src/sq-usage.rs +++ b/tool/src/sq-usage.rs @@ -31,7 +31,7 @@ //! dump Lists OpenPGP packets //! enarmor Applies ASCII Armor to a file //! help Prints this message or the help of the given subcommand(s) -//! keygen Generate a new key +//! key Manipulates keys //! list Lists key stores and known keys //! split Splits a message into OpenPGP packets //! ``` @@ -421,16 +421,33 @@ //! Sets the input file to use //! ``` //! -//! ## Subcommand keygen +//! ## Subcommand key //! //! ```text -//! Generate a new key +//! Manipulates keys //! //! USAGE: -//! sq keygen [FLAGS] [OPTIONS] --export +//! sq key [SUBCOMMAND] //! //! FLAGS: -//! --can-sign The key has a signing-capable subkey (Default) +//! -h, --help Prints help information +//! -V, --version Prints version information +//! +//! SUBCOMMANDS: +//! generate Generates a new key +//! help Prints this message or the help of the given subcommand(s) +//! ``` +//! +//! ### Subcommand key generate +//! +//! ```text +//! Generates a new key +//! +//! USAGE: +//! sq key generate [FLAGS] [OPTIONS] --export +//! +//! FLAGS: +//! --can-sign The key has a signing-capable subkey (default) //! --cannot-encrypt The key will not be able to encrypt data //! --cannot-sign The key will not be able to sign data //! -h, --help Prints help information @@ -438,7 +455,7 @@ //! --with-password Prompt for a password to protect the generated key with. //! //! OPTIONS: -//! --can-encrypt The key has an encryption-capable subkey (Default) [default: all] [possible +//! --can-encrypt The key has an encryption-capable subkey (default) [default: all] [possible //! values: transport, rest, all] //! -c, --cipher-suite Cryptographic algorithms used for the key. [default: rsa3k] [possible values: //! rsa3k, cv25519] diff --git a/tool/src/sq.rs b/tool/src/sq.rs index 162e8288..2242d6e6 100644 --- a/tool/src/sq.rs +++ b/tool/src/sq.rs @@ -412,9 +412,10 @@ fn real_main() -> Result<(), failure::Error> { }, } }, - ("keygen", Some(m)) => { - commands::key::generate(m, force)?; - } + ("key", Some(m)) => match m.subcommand() { + ("generate", Some(m)) => commands::key::generate(m, force)?, + _ => unreachable!(), + }, _ => { eprintln!("No subcommand given."); exit(1); diff --git a/tool/src/sq_cli.rs b/tool/src/sq_cli.rs index eb98fd17..d3489e6e 100644 --- a/tool/src/sq_cli.rs +++ b/tool/src/sq_cli.rs @@ -318,49 +318,61 @@ pub fn build() -> App<'static, 'static> { .about("Lists all keys in the common key pool")) .subcommand(SubCommand::with_name("log") .about("Lists the server log"))) - .subcommand(SubCommand::with_name("keygen") - .about("Generate a new key") - .arg(Arg::with_name("userid").value_name("EMAIL") - .long("userid") - .short("u") - .help("Primary user ID")) - .arg(Arg::with_name("cipher-suite").value_name("CIPHER-SUITE") - .long("cipher-suite") - .short("c") - .possible_values(&["rsa3k", "cv25519"]) - .default_value("rsa3k") - .help("Cryptographic algorithms used for the key.")) - .arg(Arg::with_name("with-password") - .long("with-password") - .help("Prompt for a password to protect the generated \ - key with.")) + .subcommand( + SubCommand::with_name("key") + .about("Manipulates keys") + .setting(AppSettings::ArgRequiredElseHelp) + .subcommand( + SubCommand::with_name("generate") + .about("Generates a new key") + .arg(Arg::with_name("userid") + .value_name("EMAIL") + .long("userid") + .short("u") + .help("Primary user ID")) + .arg(Arg::with_name("cipher-suite") + .value_name("CIPHER-SUITE") + .long("cipher-suite") + .short("c") + .possible_values(&["rsa3k", "cv25519"]) + .default_value("rsa3k") + .help("Cryptographic algorithms used for the key.")) + .arg(Arg::with_name("with-password") + .long("with-password") + .help("Prompt for a password to protect the \ + generated key with.")) - .group(ArgGroup::with_name("cap-sign") - .args(&["can-sign", "cannot-sign"])) - .arg(Arg::with_name("can-sign") - .long("can-sign") - .help("The key has a signing-capable subkey (Default)")) - .arg(Arg::with_name("cannot-sign") - .long("cannot-sign") - .help("The key will not be able to sign data")) + .group(ArgGroup::with_name("cap-sign") + .args(&["can-sign", "cannot-sign"])) + .arg(Arg::with_name("can-sign") + .long("can-sign") + .help("The key has a signing-capable subkey \ + (default)")) + .arg(Arg::with_name("cannot-sign") + .long("cannot-sign") + .help("The key will not be able to sign data")) - .group(ArgGroup::with_name("cap-encrypt") - .args(&["can-encrypt", "cannot-encrypt"])) - .arg(Arg::with_name("can-encrypt").value_name("PURPOSE") - .long("can-encrypt") - .possible_values(&["transport", "rest", "all"]) - .default_value("all") - .help("The key has an encryption-capable subkey (Default)")) - .arg(Arg::with_name("cannot-encrypt") - .long("cannot-encrypt") - .help("The key will not be able to encrypt data")) - .arg(Arg::with_name("export").value_name("OUTFILE") - .long("export") - .short("e") - .help("Exports the key instead of saving it in the store") - .required(true)) - .arg(Arg::with_name("rev-cert").value_name("FILE or -") - .long("rev-cert") - .required_if("export", "-") - .help("Sets the output file for the revocation certificate. Default is .rev, mandatory if OUTFILE is '-'."))) + .group(ArgGroup::with_name("cap-encrypt") + .args(&["can-encrypt", "cannot-encrypt"])) + .arg(Arg::with_name("can-encrypt").value_name("PURPOSE") + .long("can-encrypt") + .possible_values(&["transport", "rest", "all"]) + .default_value("all") + .help("The key has an encryption-capable subkey \ + (default)")) + .arg(Arg::with_name("cannot-encrypt") + .long("cannot-encrypt") + .help("The key will not be able to encrypt data")) + .arg(Arg::with_name("export").value_name("OUTFILE") + .long("export") + .short("e") + .help("Exports the key instead of saving it in \ + the store") + .required(true)) + .arg(Arg::with_name("rev-cert").value_name("FILE or -") + .long("rev-cert") + .required_if("export", "-") + .help("Sets the output file for the revocation \ + certificate. Default is .rev, \ + mandatory if OUTFILE is '-'.")))) } -- cgit v1.2.3