Merge branch 'use-pysequoia' into 'master'

Draft: Convert sequoia backend to use PySequoia

See merge request archlinux/archlinux-keyring!225
This commit is contained in:
Wiktor Kwapisiewicz 2023-07-05 16:43:30 +00:00
commit 9e857097f0
2 changed files with 14 additions and 9 deletions

View File

@ -24,7 +24,7 @@ test:
stage: test
needs: []
before_script:
- pacman -Syu --needed --noconfirm make python sequoia-sq python-coverage python-pytest python-tomli
- pacman -Syu --needed --noconfirm make python sequoia-sq python-coverage python-pysequoia python-pytest python-tomli
script:
- make test
only:

View File

@ -5,6 +5,7 @@ from datetime import datetime
from functools import reduce
from pathlib import Path
from platform import python_version_tuple
from pysequoia import Cert
from re import sub
from tempfile import mkdtemp
from typing import Dict
@ -316,11 +317,12 @@ def key_generate(uids: List[Uid], outfile: Path) -> str:
The result of the key generate call
"""
cmd = ["sq", "key", "generate"]
for uid in uids:
cmd.extend(["--userid", str(uid)])
cmd.extend(["--export", str(outfile)])
return system(cmd)
# Current limitation of pysequoia: only one User ID allowed
assert len(uids) == 1
cert = str(Cert.generate(user_id = uids[0]))
with open(outfile, "wb") as f:
f.write(cert.encode("utf8"))
return cert
def key_extract_certificate(key: Path, output: Optional[Path]) -> str:
@ -336,10 +338,13 @@ def key_extract_certificate(key: Path, output: Optional[Path]) -> str:
The result of the extract in case output is None
"""
cmd = ["sq", "key", "extract-cert", str(key)]
cert = Cert.from_file(str(key))
# Conversion to string exports only public parts
public = str(cert)
if output:
cmd.extend(["--output", str(output)])
return system(cmd)
with open(output, "wb") as f:
f.write(public.encode("utf8"))
return public
def certify(key: Path, certificate: Path, uid: Uid, output: Optional[Path]) -> str: