Changing expiration date for subkeys fails for password-protected TSKs

Hey 👋

Changing the expiry for password-protected TSKs results in an error instead of a password prompt:

$ sq key generate --userid "Jane Doe <jane@doe.com>" --output private_key.tsk --with-password
Please enter the password to protect the key:
                  Please repeat the password:
$ SUBKEY_FINGERPRINTS=( $(sq inspect private_key.tsk 2>&1 | sed -ne 's/.*Subkey: \(.*\)/\1/p') )
$ sq key expire --force --output private_key.tsk --subkey "${SUBKEY_FINGERPRINTS[1]}" never private_key.tsk
Error: Primary key has no secrets

Caused by:
    Invalid argument: secret key material is encrypted

For TSKs without password, it works as expected:

$ sq key generate --userid "Jane Doe <jane@doe.com>" --output private_key_no_pass.tsk
$ SUBKEY_FINGERPRINTS=( $(sq inspect private_key_no_pass.tsk 2>&1 | sed -ne 's/.*Subkey: \(.*\)/\1/p') )
$ sq key expire --force --output private_key_no_pass.tsk --subkey "${SUBKEY_FINGERPRINTS[1]}" never private_key_no_pass.tsk
Hint: Updated key written to private_key_no_pass.tsk.  To make the update effective, it has to be published so that others can find it,
      for example using:

  sq network keyserver publish private_key_no_pass.tsk

I couldn't find any way of providing the password to sq key expire which forced me to unprotect the TSK, change the expiry and then password-protect it again.

Tested on Arch Linux with the following version:

$ sq version
sq 0.34.0
using sequoia-openpgp 1.19.0
with cryptographic backend Nettle 3.9 (Cv448: true, OCB: true)