Switch sq encrypt to the certificate designator abstraction.

- Use `CertDesignators` to expose `sq encrypt`'s certificate designator arguments.
2024-09-25 12:53:16 +02:00 · 2024-09-25 12:53:16 +02:00 · 437ae24917
commit 437ae24917
parent d8ad8dcd42
2 changed files with 16 additions and 42 deletions
--- a/src/cli/encrypt.rs
+++ b/src/cli/encrypt.rs
@ -14,6 +14,10 @@ use super::types::MetadataTime;
 use super::types::FileOrStdin;
 use super::types::FileOrStdout;

+use crate::cli::types::CertDesignators;
+use crate::cli::types::cert_designator::CertUserIDEmailFileArgs;
+use crate::cli::types::cert_designator::RecipientPrefix;
+
 use crate::cli::examples;
 use examples::*;

@ -93,32 +97,8 @@ pub struct Command {
    )]
    pub binary: bool,

-    #[clap(
-        long = "recipient-email",
-        value_name = "EMAIL",
-        help = "Encrypt to all certificates that can be authenticated \
-                for the specified email address",
-    )]
-    pub recipients_email: Vec<String>,
-    #[clap(
-        long = "recipient-userid",
-        value_name = "USERID",
-        help = "Encrypt to all certificates that can be authenticated \
-                for the specified User ID",
-    )]
-    pub recipients_userid: Vec<String>,
-    #[clap(
-        long = "recipient-cert",
-        value_name = "FINGERPRINT|KEYID",
-        help = "Encrypt to the named certificates",
-    )]
-    pub recipients_cert: Vec<KeyHandle>,
-    #[clap(
-        long = "recipient-file",
-        value_name = "CERT_RING_FILE",
-        help = "Encrypt to all certificates in CERT_RING_FILE",
-    )]
-    pub recipients_file: Vec<PathBuf>,
+    #[command(flatten)]
+    pub recipients: CertDesignators<CertUserIDEmailFileArgs, RecipientPrefix>,

    #[clap(
        help = "Set the filename of the encrypted file as metadata",
--- a/src/commands/encrypt.rs
+++ b/src/commands/encrypt.rs
@ -35,28 +35,22 @@ use crate::Sq;
 use crate::Result;
 use crate::common::password;
 use crate::load_certs;
+use crate::print_error_chain;

 use crate::commands::CompressionMode;

 pub fn dispatch(sq: Sq, command: cli::encrypt::Command) -> Result<()> {
    tracer!(TRACE, "decrypt::dispatch");

-    let mut recipients = load_certs(
-        command.recipients_file.iter().map(|s| s.as_ref()))?;
-    recipients.extend(
-        sq.lookup(command.recipients_cert,
-                  Some(KeyFlags::empty()
-                       .set_storage_encryption()
-                       .set_transport_encryption()),
-                  true,
-                  false)
-            .context("--recipient-cert")?);
-    recipients.extend(
-        sq.lookup_by_userid(&command.recipients_email, true)
-            .context("--recipient-email")?);
-    recipients.extend(
-        sq.lookup_by_userid(&command.recipients_userid, false)
-            .context("--recipient-userid")?);
+    let (recipients, errors) = sq.resolve_certs(
+        &command.recipients,
+        sequoia_wot::FULLY_TRUSTED)?;
+    for error in errors.iter() {
+        print_error_chain(error);
+    }
+    if ! errors.is_empty() {
+        return Err(anyhow::anyhow!("Failed to resolve certificates"));
+    }

    let output = command.output.create_pgp_safe(
        sq.force,