diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 109316e..70d1ef4 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -24,7 +24,7 @@ test: stage: test needs: [] before_script: - - pacman -Syu --needed --noconfirm make python sequoia-sq python-coverage python-pytest python-tomli + - pacman -Syu --needed --noconfirm make python sequoia-sq python-coverage python-pysequoia python-pytest python-tomli script: - make test only: diff --git a/libkeyringctl/sequoia.py b/libkeyringctl/sequoia.py index 941f5e0..5289c89 100644 --- a/libkeyringctl/sequoia.py +++ b/libkeyringctl/sequoia.py @@ -5,6 +5,7 @@ from datetime import datetime from functools import reduce from pathlib import Path from platform import python_version_tuple +from pysequoia import Cert from re import sub from tempfile import mkdtemp from typing import Dict @@ -316,11 +317,12 @@ def key_generate(uids: List[Uid], outfile: Path) -> str: The result of the key generate call """ - cmd = ["sq", "key", "generate"] - for uid in uids: - cmd.extend(["--userid", str(uid)]) - cmd.extend(["--export", str(outfile)]) - return system(cmd) + # Current limitation of pysequoia: only one User ID allowed + assert len(uids) == 1 + cert = str(Cert.generate(user_id = uids[0])) + with open(outfile, "wb") as f: + f.write(cert.encode("utf8")) + return cert def key_extract_certificate(key: Path, output: Optional[Path]) -> str: @@ -336,10 +338,13 @@ def key_extract_certificate(key: Path, output: Optional[Path]) -> str: The result of the extract in case output is None """ - cmd = ["sq", "key", "extract-cert", str(key)] + cert = Cert.from_file(str(key)) + # Conversion to string exports only public parts + public = str(cert) if output: - cmd.extend(["--output", str(output)]) - return system(cmd) + with open(output, "wb") as f: + f.write(public.encode("utf8")) + return public def certify(key: Path, certificate: Path, uid: Uid, output: Optional[Path]) -> str: