Make sq key delete --file require --output.

- Previously, the certificate was imported.
This commit is contained in:
Justus Winter 2024-10-22 18:13:31 +02:00
parent 14cef16528
commit fd8466564c
No known key found for this signature in database
GPG Key ID: 686F55B4AB2B3386
6 changed files with 29 additions and 14 deletions

1
NEWS
View File

@ -112,6 +112,7 @@
- `--cert` now only looks up by primary key fingerprint. - `--cert` now only looks up by primary key fingerprint.
- The argument `sq key delete --cert-file` has been renamed to - The argument `sq key delete --cert-file` has been renamed to
`--file`. `--file`.
- The argument `sq key delete --file` now requires `--output`.
* Changes in 0.38.0 * Changes in 0.38.0
** Notable changes ** Notable changes

View File

@ -1,5 +1,7 @@
//! Command-line parser for `sq key delete`. //! Command-line parser for `sq key delete`.
use std::ops::BitOr;
use clap::Args; use clap::Args;
use crate::cli::types::*; use crate::cli::types::*;
@ -16,7 +18,7 @@ pub struct Command {
#[command(flatten)] #[command(flatten)]
pub cert: CertDesignators<FileCertUserIDEmailDomainGrepArgs, pub cert: CertDesignators<FileCertUserIDEmailDomainGrepArgs,
NoPrefix, NoPrefix,
OneValue, <OneValue as BitOr<FileRequiresOutput>>::Output,
DeleteKeyDoc>, DeleteKeyDoc>,
#[clap( #[clap(

View File

@ -147,6 +147,10 @@ pub type OneValue = typenum::U1;
/// completely optional. /// completely optional.
pub type OptionalValue = typenum::U2; pub type OptionalValue = typenum::U2;
/// Normally it is possible to designate multiple certificates. This
/// errors out if there is more than one value.
pub type FileRequiresOutput = typenum::U4;
// Additional documentation. // Additional documentation.
/// The prefix for the designators. /// The prefix for the designators.
@ -378,6 +382,8 @@ where
let options = Options::to_usize(); let options = Options::to_usize();
let one_value = (options & OneValue::to_usize()) > 0; let one_value = (options & OneValue::to_usize()) > 0;
let optional_value = (options & OptionalValue::to_usize()) > 0; let optional_value = (options & OptionalValue::to_usize()) > 0;
let file_requires_output =
(options & FileRequiresOutput::to_usize()) > 0;
let group = format!("cert-designator-{}-{:X}-{:X}", let group = format!("cert-designator-{}-{:X}-{:X}",
Prefix::name(), Prefix::name(),
@ -534,15 +540,20 @@ where
// Add all of the variants that are enabled. // Add all of the variants that are enabled.
if file_arg { if file_arg {
let full_name = full_name("file"); let full_name = full_name("file");
cmd = cmd.arg( let mut arg = clap::Arg::new(&full_name)
clap::Arg::new(&full_name) .long(&full_name)
.long(&full_name) .value_name("PATH")
.value_name("PATH") .value_parser(clap::value_parser!(PathBuf))
.value_parser(clap::value_parser!(PathBuf)) .action(action.clone())
.action(action.clone()) .help(Doc::help(
.help(Doc::help( "file",
"file", "Read certificates from PATH"));
"Read certificates from PATH")));
if file_requires_output {
arg = arg.requires("output");
}
cmd = cmd.arg(arg);
arg_group = arg_group.arg(full_name); arg_group = arg_group.arg(full_name);
} }

View File

@ -47,7 +47,6 @@ use keystore::Protection;
use crate::cli::types::CertDesignators; use crate::cli::types::CertDesignators;
use crate::cli::types::cert_designator::ArgumentPrefix; use crate::cli::types::cert_designator::ArgumentPrefix;
use crate::cli::types::cert_designator::CertDesignator; use crate::cli::types::cert_designator::CertDesignator;
use crate::cli::types::cert_designator::OneValue;
use crate::cli::types::FileStdinOrKeyHandle; use crate::cli::types::FileStdinOrKeyHandle;
use crate::common::password; use crate::common::password;
use crate::output::hint::Hint; use crate::output::hint::Hint;
@ -2127,9 +2126,9 @@ impl<'store: 'rstore, 'rstore> Sq<'store, 'rstore> {
/// certificates. /// certificates.
/// ///
/// Returns whether the certificate was read from a file. /// Returns whether the certificate was read from a file.
pub fn resolve_cert<Arguments, Prefix, Doc>( pub fn resolve_cert<Arguments, Prefix, Options, Doc>(
&self, &self,
designators: &CertDesignators<Arguments, Prefix, OneValue, Doc>, designators: &CertDesignators<Arguments, Prefix, Options, Doc>,
trust_amount: usize, trust_amount: usize,
) )
-> Result<(Cert, FileStdinOrKeyHandle)> -> Result<(Cert, FileStdinOrKeyHandle)>

View File

@ -541,6 +541,7 @@ impl Sq {
match &cert_handle { match &cert_handle {
FileOrKeyHandle::FileOrStdin(path) => { FileOrKeyHandle::FileOrStdin(path) => {
cmd.arg("--file").arg(path); cmd.arg("--file").arg(path);
assert!(output_file.is_some());
} }
FileOrKeyHandle::KeyHandle((_kh, s)) => { FileOrKeyHandle::KeyHandle((_kh, s)) => {
cmd.arg("--cert").arg(&s); cmd.arg("--cert").arg(&s);

View File

@ -12,7 +12,8 @@ fn sq_key_delete() -> Result<()> {
// Delete all the secret key material from a certificate stored in // Delete all the secret key material from a certificate stored in
// a file. Make sure the result contains no secret key material. // a file. Make sure the result contains no secret key material.
let updated = sq.key_delete(&cert_file, None); let updated = sq.key_delete(&cert_file,
std::path::PathBuf::from("-").as_path());
assert!(! updated.is_tsk()); assert!(! updated.is_tsk());
// Do the same for a certificate whose secret key material is // Do the same for a certificate whose secret key material is