@@ -3285,7 +3285,7 @@ def __init__(self):
32853285 group_encrypt_me .add_argument ("--encrypt-with-master-password" , dest = "encrypt_with_master" , action = "store_true" ,
32863286 help = "Encrypt this key with the master password" )
32873287 group_encrypt_me .add_argument ("--encrypt-with-key" , dest = "encrypt_with_key" , metavar = "<keyid>" ,
3288- help = "Encrypt this key with another key" )
3288+ help = "Encrypt this key with another key" , type = ( int ) )
32893289
32903290 group .add_argument ("--kmip-operations" , dest = "kmip_ops" , choices = ["get" , "encrypt-decrypt" ],
32913291 help = "What operations to use with the KMIP server" )
@@ -3359,20 +3359,13 @@ def _add_edit_parse_opts(self, opts):
33593359 if not opts .name :
33603360 _exit_if_errors (["--name must be specified" ])
33613361
3362- encrypt_with_key = 0
3363- try :
3364- if opts .encrypt_with_key :
3365- encrypt_with_key = int (opts .encrypt_with_key )
3366- except ValueError :
3367- _exit_if_errors (["--encrypt-with-key's argument must be a number" ])
3368-
33693362 usages = []
33703363 if opts .config_usage :
33713364 usages .append ("config-encryption" )
33723365 if opts .log_usage :
33733366 usages .append ("log-encryption" )
33743367 if opts .audit_usage :
3375- usages .append ("audit-usage " )
3368+ usages .append ("audit-encryption " )
33763369 if opts .kek_usage :
33773370 usages .append ("KEK-encryption" )
33783371 if opts .all_bucket_usage :
@@ -3410,14 +3403,14 @@ def _add_edit_parse_opts(self, opts):
34103403 _exit_if_errors (["--kmip-operations, --kmip-key, --kmip-host --kmip-port, --kmip-key-path, "
34113404 "--kmip-cert-path must be specified" ])
34123405
3413- if not ( opts .encrypt_with_master or opts .encrypt_with_key ) :
3406+ if not opts .encrypt_with_master and opts .encrypt_with_key is None :
34143407 _exit_if_errors (["one of --encrypt-with-master-password, --encrypt-with-key must be specified" ])
34153408
34163409 if opts .encrypt_with_master :
34173410 data ["encryptWith" ] = "nodeSecretManager"
34183411 else :
34193412 data ["encryptWith" ] = "encryptionKey"
3420- data ["encryptWithKeyId" ] = encrypt_with_key
3413+ data ["encryptWithKeyId" ] = opts . encrypt_with_key
34213414
34223415 data ["activeKey" ] = {"kmipId" : opts .kmip_key }
34233416 data ["host" ] = opts .kmip_host
@@ -3438,14 +3431,14 @@ def _add_edit_parse_opts(self, opts):
34383431 elif opts .key_type == "auto-generated" :
34393432 typ = "auto-generated-aes-key-256"
34403433
3441- if not ( opts .encrypt_with_master or opts .encrypt_with_key ) :
3434+ if not opts .encrypt_with_master and opts .encrypt_with_key is None :
34423435 _exit_if_errors (["one of --encrypt-with-master-password, --encrypt-with-key must be specified" ])
34433436
34443437 if opts .encrypt_with_master :
34453438 data ["encryptWith" ] = "nodeSecretManager"
34463439 else :
34473440 data ["encryptWith" ] = "encryptionKey"
3448- data ["encryptWithKeyId" ] = encrypt_with_key
3441+ data ["encryptWithKeyId" ] = opts . encrypt_with_key
34493442
34503443 if (opts .auto_rotate_every and not opts .auto_rotate_start ) or \
34513444 (opts .auto_rotate_start and not opts .auto_rotate_every ):
0 commit comments