diff --git a/NEWS b/NEWS index b0022210..4f32b2b6 100644 --- a/NEWS +++ b/NEWS @@ -75,6 +75,9 @@ - `sq pki link add`'s positional argument for specifying the certificate to link must now be specified using a named argument, `--cert`. + - `sq pki link retract`'s positional argument for specifying the + certificate to unlink must now be specified using a named + argument, `--cert`. * Changes in 0.38.0 ** Notable changes diff --git a/src/cli/pki/link.rs b/src/cli/pki/link.rs index d5c4ffd3..4b533b1f 100644 --- a/src/cli/pki/link.rs +++ b/src/cli/pki/link.rs @@ -2,9 +2,6 @@ use clap::{ArgGroup, Parser, Subcommand}; -use sequoia_openpgp as openpgp; -use openpgp::KeyHandle; - use crate::cli::examples::*; use crate::cli::types::CertDesignators; use crate::cli::types::cert_designator; @@ -115,7 +112,7 @@ Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \ and any associated user IDs. This effectively invalidates all links.", command: &[ "sq", "pki", "link", "retract", - "EB28F26E2739A4870ECC47726F0073F60FD0CBF0", + "--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0", ], }), ], @@ -483,13 +480,11 @@ to force the signature to be re-created anyway.", )] pub recreate: bool, - #[clap( - value_name = "FINGERPRINT|KEYID", - required = true, - help = "The certificate whose acceptance is being retracted.", - )] - pub certificate: KeyHandle, - + #[command(flatten)] + pub cert: CertDesignators< + cert_designator::CertArg, + cert_designator::CertPrefix, + cert_designator::OneValue>, #[clap( long = "userid", @@ -544,7 +539,7 @@ Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \ and the email address alice@example.org.", command: &[ "sq", "pki", "link", "retract", - "EB28F26E2739A4870ECC47726F0073F60FD0CBF0", + "--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0", "--email=alice@example.org", ], }), @@ -555,7 +550,7 @@ Retract the acceptance of certificate EB28F26E2739A4870ECC47726F0073F60FD0CBF0 \ and any associated user IDs. This effectively invalidates all links.", command: &[ "sq", "pki", "link", "retract", - "EB28F26E2739A4870ECC47726F0073F60FD0CBF0", + "--cert", "EB28F26E2739A4870ECC47726F0073F60FD0CBF0", ], }), ], diff --git a/src/commands/pki/link.rs b/src/commands/pki/link.rs index 38569be2..5bfee7a3 100644 --- a/src/commands/pki/link.rs +++ b/src/commands/pki/link.rs @@ -326,7 +326,8 @@ pub fn retract(sq: Sq, c: link::RetractCommand) let trust_root = sq.local_trust_root()?; let trust_root = trust_root.to_cert()?; - let cert = sq.lookup_one(&c.certificate, None, true)?; + let (cert, _from_file) + = sq.resolve_cert(&c.cert, sequoia_wot::FULLY_TRUSTED)?; let mut userids = check_userids(&sq, &cert, false, &c.userid, &c.email, &c.pattern) diff --git a/tests/integration/sq_pki_link.rs b/tests/integration/sq_pki_link.rs index fe4f310b..3e629c3c 100644 --- a/tests/integration/sq_pki_link.rs +++ b/tests/integration/sq_pki_link.rs @@ -121,7 +121,7 @@ fn sq_retract(sq: &Sq, cert: &str, userids: &[&str]) -> (ExitStatus, String, String) { let mut cmd = sq.command(); - cmd.args(&["pki", "link", "retract", "--time", &tick(), cert]); + cmd.args(&["pki", "link", "retract", "--time", &tick(), "--cert", cert]); cmd.args(userids); eprintln!("{:?}", cmd); let output = sq.run(cmd, true);