Remove argument sq cert lint --export-secret-keys.

- If a secret key is provided as file input, it will be emitted.
    This makes it consistent with what other commands do.

  - Fixes #448.
This commit is contained in:
Justus Winter 2024-11-25 15:12:55 +01:00
parent be5b1f7103
commit a47da3ac33
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
3 changed files with 8 additions and 13 deletions

3
NEWS
View File

@ -117,6 +117,9 @@
be given. The former marks the key's user IDs as authenticated
and makes it a trusted introducer. The latter marks the key's
user IDs as authenticated, and marks the key as a group key.
- The argument `sq cert lint --export-secret-keys` has been
removed: if a secret key is provided as file input, it will be
emitted.
* Changes in 0.39.0
** Notable changes

View File

@ -47,12 +47,6 @@ pub struct Command {
#[arg(long)]
pub fix: bool,
/// When fixing a certificate, the fixed certificate is exported
/// without any secret key material. Using this switch causes any
/// secret key material to also be exported.
#[arg(long)]
pub export_secret_keys: bool,
#[command(flatten)]
pub certs: CertDesignators<FileCertUserIDEmailDomainGrepArgs,
CertPrefix,

View File

@ -235,6 +235,8 @@ pub fn lint(sq: Sq, mut args: Command) -> Result<()> {
args.certs.designators.push(CertDesignator::Stdin);
}
let certs = sq.resolve_certs_or_fail(&args.certs, 0)?;
let mut out = if args.output.is_some()
|| args.certs.iter().any(|d| d.from_file() || d.from_stdin())
{
@ -246,7 +248,7 @@ pub fn lint(sq: Sq, mut args: Command) -> Result<()> {
Some(output.create_pgp_safe(
&sq, false,
if args.export_secret_keys {
if certs.iter().any(|c| c.is_tsk()) {
armor::Kind::SecretKey
} else {
armor::Kind::PublicKey
@ -256,7 +258,7 @@ pub fn lint(sq: Sq, mut args: Command) -> Result<()> {
};
{
'next_cert: for cert in sq.resolve_certs_or_fail(&args.certs, 0)? {
'next_cert: for cert in certs {
// Whether we found at least one issue.
let mut found_issue = false;
@ -285,11 +287,7 @@ pub fn lint(sq: Sq, mut args: Command) -> Result<()> {
if updates.len() > 0 {
let cert = cert.insert_packets(updates)?;
if let Some(mut out) = out.as_mut() {
if args.export_secret_keys {
cert.as_tsk().serialize(&mut out)?;
} else {
cert.serialize(&mut out)?;
}
cert.as_tsk().serialize(&mut out)?;
} else {
let fpr = cert.fingerprint();
let cert_store = sq.cert_store_or_else()?;