chore(cli): Disables ec-wrapped (#451)

- Disables configuring the encapsulation and rewrap algorithm selection command line option
- This feature is still experimental, and currently failing integration tests
- Intension: tag this branch as 0.2.x, then add this feature back in 0.3.x

Author: dmihalcik-virtru

cli/src/cli.ts

@@ -16,7 +16,6 @@ import {
   tdfSpecVersion,
   OpenTDF,
   DecoratedStream,
-  isPublicKeyAlgorithm,
 } from '@opentdf/sdk';
 import { CLIError, Level, log } from './logger.js';
 import { webcrypto } from 'crypto';
@@ -175,12 +174,6 @@ async function parseReadOptions(argv: Partial<mainArgs>): Promise<ReadOptions> {
       argv.assertionVerificationKeys
     );
   }
-  if (argv.rewrapKeyType?.length) {
-    if (!isPublicKeyAlgorithm(argv.rewrapKeyType)) {
-      throw new CLIError('CRITICAL', `Unsupported rewrap key algorithm: [${argv.rewrapKeyType}]`);
-    }
-    r.wrappingKeyAlgorithm = argv.rewrapKeyType;
-  }
   if (argv.concurrencyLimit) {
     r.concurrencyLimit = argv.concurrencyLimit;
   } else {
@@ -279,12 +272,6 @@ async function parseCreateZTDFOptions(argv: Partial<mainArgs>): Promise<CreateZT
   if (argv.assertions?.length) {
     c.assertionConfigs = await parseAssertionConfig(argv.assertions);
   }
-  if (argv.encapKeyType?.length) {
-    if (!isPublicKeyAlgorithm(argv.encapKeyType)) {
-      throw new CLIError('CRITICAL', `Unsupported rewrap key algorithm: [${argv.encapKeyType}]`);
-    }
-    c.wrappingKeyAlgorithm = argv.encapKeyType;
-  }
   if (argv.mimeType?.length) {
     if (argv.mimeType && /^[a-z]+\/[a-z0-9-+.]+$/.test(argv.mimeType)) {
       c.mimeType = argv.mimeType as `${string}/${string}`;
@@ -467,13 +454,6 @@ export const handleArgs = (args: string[]) => {
           description: 'Container format',
           default: 'nano',
         },
-        encapKeyType: {
-          alias: 'encapsulation-algorithm',
-          group: 'Encrypt Options:',
-          desc: 'Key type for wrapping keys',
-          type: 'string',
-          default: 'rsa:2048',
-        },
         policyBinding: {
           group: 'Encrypt Options:',
           choices: bindingTypes,
@@ -486,13 +466,6 @@ export const handleArgs = (args: string[]) => {
           type: 'string',
           default: '',
         },
-        rewrapKeyType: {
-          alias: 'rewrap-encapsulation-algorithm',
-          group: 'Decrypt Options:',
-          desc: 'Key type for rewrap',
-          type: 'string',
-          default: 'rsa:2048',
-        },
         userId: {
           group: 'Encrypt Options:',
           type: 'string',