From 70ca139edef0c316e4fb686f9b87627ec56b8bd0 Mon Sep 17 00:00:00 2001
From: chaosinthecrd <tom@tmlabs.co.uk>
Date: Wed, 27 Mar 2024 12:36:18 +0000
Subject: [PATCH] still need to finish off flags

Signed-off-by: chaosinthecrd <tom@tmlabs.co.uk>
---
 cmd/verify.go     |  4 ----
 options/sign.go   |  1 -
 options/verify.go | 14 ++++++++++++++
 3 files changed, 14 insertions(+), 5 deletions(-)

diff --git a/cmd/verify.go b/cmd/verify.go
index 3b07ed79..9873cfe0 100644
--- a/cmd/verify.go
+++ b/cmd/verify.go
@@ -64,10 +64,6 @@ const (
 // todo: this logic should be broken out and moved to pkg/
 // we need to abstract where keys are coming from, etc
 func runVerify(ctx context.Context, vo options.VerifyOptions, verifiers ...cryptoutil.Verifier) error {
-	if vo.KeyPath == "" && len(vo.CAPaths) == 0 && len(verifiers) == 0 {
-		return fmt.Errorf("must supply either a public key, CA certificates or a verifier")
-	}
-
 	if vo.KeyPath != "" {
 		keyFile, err := os.Open(vo.KeyPath)
 		if err != nil {
diff --git a/options/sign.go b/options/sign.go
index 655f2053..fdc70789 100644
--- a/options/sign.go
+++ b/options/sign.go
@@ -28,7 +28,6 @@ type SignOptions struct {
 var RequiredSignFlags = []string{
 	"infile",
 	"outfile",
-	"datatype",
 }
 
 func (so *SignOptions) AddFlags(cmd *cobra.Command) {
diff --git a/options/verify.go b/options/verify.go
index 7fb4c062..9cbb873e 100644
--- a/options/verify.go
+++ b/options/verify.go
@@ -34,6 +34,17 @@ var RequiredVerifyFlags = []string{
 	"policy",
 }
 
+var OneRequiredPKFlags = []string{
+	"publickey",
+	"policy-ca",
+	"verifier-kms-ref",
+}
+
+var OneRequiredSubjectFlags = []string{
+	"artifactfile",
+	"subjects",
+}
+
 func (vo *VerifyOptions) AddFlags(cmd *cobra.Command) {
 	vo.VerifierOptions.AddFlags(cmd)
 	vo.ArchivistaOptions.AddFlags(cmd)
@@ -44,4 +55,7 @@ func (vo *VerifyOptions) AddFlags(cmd *cobra.Command) {
 	cmd.Flags().StringVarP(&vo.ArtifactFilePath, "artifactfile", "f", "", "Path to the artifact to verify")
 	cmd.Flags().StringSliceVarP(&vo.AdditionalSubjects, "subjects", "s", []string{}, "Additional subjects to lookup attestations")
 	cmd.Flags().StringSliceVarP(&vo.CAPaths, "policy-ca", "", []string{}, "Paths to CA certificates to use for verifying the policy")
+
+	cmd.MarkFlagsRequiredTogether(RequiredVerifyFlags...)
+	cmd.MarkFlagsOneRequired(OneRequiredPKFlags...)
 }