Make sq key delete --file require --output.

- Previously, the certificate was imported.
This commit is contained in:
Justus Winter 2024-10-22 18:13:31 +02:00
parent 14cef16528
commit fd8466564c
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
6 changed files with 29 additions and 14 deletions

1
NEWS
View File

@ -112,6 +112,7 @@
- `--cert` now only looks up by primary key fingerprint.
- The argument `sq key delete --cert-file` has been renamed to
`--file`.
- The argument `sq key delete --file` now requires `--output`.
* Changes in 0.38.0
** Notable changes

View File

@ -1,5 +1,7 @@
//! Command-line parser for `sq key delete`.
use std::ops::BitOr;
use clap::Args;
use crate::cli::types::*;
@ -16,7 +18,7 @@ pub struct Command {
#[command(flatten)]
pub cert: CertDesignators<FileCertUserIDEmailDomainGrepArgs,
NoPrefix,
OneValue,
<OneValue as BitOr<FileRequiresOutput>>::Output,
DeleteKeyDoc>,
#[clap(

View File

@ -147,6 +147,10 @@ pub type OneValue = typenum::U1;
/// completely optional.
pub type OptionalValue = typenum::U2;
/// Normally it is possible to designate multiple certificates. This
/// errors out if there is more than one value.
pub type FileRequiresOutput = typenum::U4;
// Additional documentation.
/// The prefix for the designators.
@ -378,6 +382,8 @@ where
let options = Options::to_usize();
let one_value = (options & OneValue::to_usize()) > 0;
let optional_value = (options & OptionalValue::to_usize()) > 0;
let file_requires_output =
(options & FileRequiresOutput::to_usize()) > 0;
let group = format!("cert-designator-{}-{:X}-{:X}",
Prefix::name(),
@ -534,15 +540,20 @@ where
// Add all of the variants that are enabled.
if file_arg {
let full_name = full_name("file");
cmd = cmd.arg(
clap::Arg::new(&full_name)
.long(&full_name)
.value_name("PATH")
.value_parser(clap::value_parser!(PathBuf))
.action(action.clone())
.help(Doc::help(
"file",
"Read certificates from PATH")));
let mut arg = clap::Arg::new(&full_name)
.long(&full_name)
.value_name("PATH")
.value_parser(clap::value_parser!(PathBuf))
.action(action.clone())
.help(Doc::help(
"file",
"Read certificates from PATH"));
if file_requires_output {
arg = arg.requires("output");
}
cmd = cmd.arg(arg);
arg_group = arg_group.arg(full_name);
}

View File

@ -47,7 +47,6 @@ use keystore::Protection;
use crate::cli::types::CertDesignators;
use crate::cli::types::cert_designator::ArgumentPrefix;
use crate::cli::types::cert_designator::CertDesignator;
use crate::cli::types::cert_designator::OneValue;
use crate::cli::types::FileStdinOrKeyHandle;
use crate::common::password;
use crate::output::hint::Hint;
@ -2127,9 +2126,9 @@ impl<'store: 'rstore, 'rstore> Sq<'store, 'rstore> {
/// certificates.
///
/// Returns whether the certificate was read from a file.
pub fn resolve_cert<Arguments, Prefix, Doc>(
pub fn resolve_cert<Arguments, Prefix, Options, Doc>(
&self,
designators: &CertDesignators<Arguments, Prefix, OneValue, Doc>,
designators: &CertDesignators<Arguments, Prefix, Options, Doc>,
trust_amount: usize,
)
-> Result<(Cert, FileStdinOrKeyHandle)>

View File

@ -541,6 +541,7 @@ impl Sq {
match &cert_handle {
FileOrKeyHandle::FileOrStdin(path) => {
cmd.arg("--file").arg(path);
assert!(output_file.is_some());
}
FileOrKeyHandle::KeyHandle((_kh, s)) => {
cmd.arg("--cert").arg(&s);

View File

@ -12,7 +12,8 @@ fn sq_key_delete() -> Result<()> {
// Delete all the secret key material from a certificate stored in
// a file. Make sure the result contains no secret key material.
let updated = sq.key_delete(&cert_file, None);
let updated = sq.key_delete(&cert_file,
std::path::PathBuf::from("-").as_path());
assert!(! updated.is_tsk());
// Do the same for a certificate whose secret key material is