Add sq cert export --local to export non-exportable sigs.

- Fixes #185.
This commit is contained in:
Justus Winter 2024-10-15 16:04:58 +02:00
parent 8fc420ddac
commit 0a55f6cdc4
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
2 changed files with 29 additions and 3 deletions

View File

@ -90,6 +90,23 @@ pub struct Command {
)]
pub binary: bool,
#[clap(
long = "local",
help = "Export local (non-exportable) signatures",
long_help = "\
Export local (non-exportable) signatures
By default, non-exportable signatures are not emitted when exporting \
certificates, certificate components that are only bound by \
non-exportable signatures are not emitted, and certificates consisting \
of only non-exportable components are not emitted.
This flag enables exporting of non-exportable signatures, components, \
and certs. This is useful for synchronization between ones devices, \
for example.",
)]
pub local: bool,
#[clap(
long,
conflicts_with_all = [

View File

@ -42,7 +42,8 @@ pub fn dispatch(sq: Sq, mut cmd: export::Command) -> Result<()> {
if cmd.all {
// Export everything.
for cert in cert_store.certs()
.filter(|c| c.to_cert().map(cert_exportable).unwrap_or(false))
.filter(|c| cmd.local
|| c.to_cert().map(cert_exportable).unwrap_or(false))
{
// Turn parse errors into warnings: we want users to be
// able to recover as much of their data as possible.
@ -52,7 +53,11 @@ pub fn dispatch(sq: Sq, mut cmd: export::Command) -> Result<()> {
cert.fingerprint())
});
match result {
Ok(cert) => cert.export(&mut sink)?,
Ok(cert) => if cmd.local {
cert.serialize(&mut sink)?;
} else {
cert.export(&mut sink)?;
},
Err(err) => {
print_error_chain(&err);
continue;
@ -86,7 +91,11 @@ pub fn dispatch(sq: Sq, mut cmd: export::Command) -> Result<()> {
}
for cert in certs.into_iter() {
cert.export(&mut sink)?;
if cmd.local {
cert.serialize(&mut sink)?;
} else {
cert.export(&mut sink)?;
}
exported_something = true;
}
}