Use cert designators for sq key password.

- See #207.
This commit is contained in:
Justus Winter 2024-10-23 15:55:43 +02:00
parent d49949971c
commit eb784ff84c
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
4 changed files with 35 additions and 32 deletions

3
NEWS
View File

@ -115,6 +115,9 @@
- The argument `sq key delete --file` now requires `--output`.
- The argument `sq cert lint --cert-file` has been renamed to
`--file`.
- The argument `sq key password --cert-file` has been renamed to
`--file`.
- The argument `sq key password --file` now requires `--output`.
* Changes in 0.38.0
** Notable changes

View File

@ -2,13 +2,11 @@
use std::path::PathBuf;
use clap::{ArgGroup, Args};
use sequoia_openpgp as openpgp;
use openpgp::KeyHandle;
use clap::Args;
use crate::cli::types::*;
use crate::cli::examples::*;
use crate::cli::types::cert_designator::*;
#[derive(Debug, Args)]
#[clap(
@ -30,25 +28,12 @@ provided, the user is prompted.
",
after_help = EXAMPLES,
)]
#[clap(group(ArgGroup::new("cert_input").args(&["cert_file", "cert"]).required(true)))]
pub struct Command {
#[clap(
long,
help = "Change the password of the specified certificate's keys",
value_name = FileOrStdin::VALUE_NAME,
)]
pub cert: Option<KeyHandle>,
#[clap(
long,
value_name = "CERT_FILE",
help = "Change the password of the specified certificate's keys",
long_help = "\
Change the password of the specified certificate's keys.
Read the certificate from FILE or stdin, if `-`. It is an error \
for the file to contain more than one certificate.",
)]
pub cert_file: Option<FileOrStdin>,
#[command(flatten)]
pub cert: CertDesignators<CertUserIDEmailFileArgs,
NoPrefix,
OneValueAndFileRequiresOutput,
KeyPasswordDoc>,
#[clap(
long,
@ -72,9 +57,9 @@ any surrounding whitespace like a trailing newline."
help = FileOrStdout::HELP_OPTIONAL,
long,
value_name = FileOrStdout::VALUE_NAME,
conflicts_with = "cert",
)]
pub output: Option<FileOrStdout>,
#[clap(
long,
requires = "output",
@ -113,3 +98,23 @@ Clear the password protection for all of Alice's keys.",
]
};
test_examples!(sq_key_password, EXAMPLES);
/// Documentation for the cert designators for the key password.
pub struct KeyPasswordDoc {}
impl AdditionalDocs for KeyPasswordDoc {
fn help(arg: &'static str, help: &'static str) -> String {
match arg {
"file" =>
"Change the password for the secret key material from the key \
read from PATH"
.into(),
_ => {
debug_assert!(help.starts_with("Use certificates"));
help.replace("Use certificates",
"Change the password for the secret key material \
from the key")
},
}
}
}

View File

@ -8,14 +8,8 @@ use crate::Result;
pub fn dispatch(sq: Sq, command: cli::key::password::Command)
-> Result<()>
{
let handle = if let Some(file) = command.cert_file {
assert!(command.cert.is_none());
file.into()
} else if let Some(kh) = command.cert {
kh.into()
} else {
panic!("clap enforces --cert or --cert-file is set");
};
let handle =
sq.resolve_cert(&command.cert, sequoia_wot::FULLY_TRUSTED)?.1;
password::password(sq, handle, vec![],
command.clear_password,

View File

@ -693,7 +693,8 @@ impl Sq {
cmd.arg("key").arg("password");
if cert_handle.is_file() {
cmd.arg("--cert-file").arg(&cert_handle);
cmd.arg("--file").arg(&cert_handle);
assert!(output_file.is_some());
} else {
cmd.arg("--cert").arg(&cert_handle);
};