ukify: Require both key and cert be set in generate_keys

If either is None the write in this branch of the code will fail.

diff --git a/src/ukify/ukify.py b/src/ukify/ukify.py
index 8d122aaa42560e8d917a076339d4ec8692baba3e..80d4bfd7e7cad0af88aff31d5929a08fd750a8ff 100755 (executable)
--- a/src/ukify/ukify.py
+++ b/src/ukify/ukify.py
@@ -1176,7 +1176,7 @@ def generate_keys(opts: argparse.Namespace) -> None:
 
     # This will generate keys and certificates and write them to the paths that
     # are specified as input paths.
-    if opts.sb_key or opts.sb_cert:
+    if opts.sb_key and opts.sb_cert:
         fqdn = socket.getfqdn()
         cn = f'SecureBoot signing key on host {fqdn}'
         key_pem, cert_pem = generate_key_cert_pair(