mirrors/rage
1
0
Fork 0
mirror of https://github.com/str4d/rage.git synced 2025-04-06 12:27:40 +03:00
Code Issues Projects Releases Packages Wiki Activity

Migrate to new CLI design

Browse source 
- The input file is now an optional positional argument
- Recipients are specified with -r/--recipient
- Decryption keys are specified with -i/--identity
This commit is contained in:
Jack Grigg 2019-11-29 14:14:09 +00:00
parent 8275a3a9bc
commit c549360778
No known key found for this signature in database
GPG key ID: 9E8255172BBF9898
3 changed files with 91 additions and 37 deletions
Download patch file Download diff file Expand all files Collapse all files

43
examples/generate-docs.rs
View file

@ -31,10 +31,16 @@ fn rage_page() {
.help("Create ASCII armored output (default is age binary format)"),
)
.option(
Opt::new("input")
Opt::new("recipient")
.short("-r")
.long("--recipient")
.help("A recipient to encrypt to (can be repeated)"),
)
.option(
Opt::new("identity")
.short("-i")
.long("--input")
.help("The file path to read input from (defaults to stdin)"),
.long("--identity")
.help("An identity to decrypt with (can be repeated)"),
)
.option(
Opt::new("output")
@ -47,35 +53,35 @@ fn rage_page() {
.long("--aliases")
.help("The list of aliases to load (defaults to ~/.config/age/aliases.txt)"),
)
.arg(Arg::new("[arguments...]"))
.arg(Arg::new("[INPUT_FILE (defaults to stdin)]"))
.example(Example::new().text("Encryption to a public key").command(
"echo \"_o/\" | rage -o hello.age pubkey:98W5ph53zfPGOzEOH-fMojQ4jUY7VLEmtmozREqnw4I",
"echo \"_o/\" | rage -o hello.age -r pubkey:98W5ph53zfPGOzEOH-fMojQ4jUY7VLEmtmozREqnw4I",
))
.example(
Example::new()
.text("Encryption to multiple public keys (with default output to stdout)")
.command(
"echo \"_o/\" | rage pubkey:98W5ph53zfPGOzEOH-fMojQ4jUY7VLEmtmozREqnw4I \
pubkey:jqmfMHBjlb7HoIjjTsCQ9NHIk_q53Uy_ZxmXBhdIpx4 > hello.age",
"echo \"_o/\" | rage -r pubkey:98W5ph53zfPGOzEOH-fMojQ4jUY7VLEmtmozREqnw4I \
-r pubkey:jqmfMHBjlb7HoIjjTsCQ9NHIk_q53Uy_ZxmXBhdIpx4 > hello.age",
),
)
.example(
Example::new()
.text("Encryption with a password (interactive only, use public keys for batch!)")
.command("rage -i hello.txt -o hello.txt.age -p")
.command("rage -p -o hello.txt.age hello.txt")
.output("Type passphrase:"),
)
.example(
Example::new()
.text("Encryption to a list of recipients in a file")
.command("tar cv ~/xxx | rage recipients.txt > xxx.tar.age"),
.command("tar cv ~/xxx | rage -r recipients.txt > xxx.tar.age"),
)
.example(
Example::new()
.text("Encryption to a list of age recipients at a URL")
.text("Encryption to a list of recipients at an HTTPS URL")
.command(
"echo \"_o/\" | rage -o hello.age \
https://filippo.io/.well-known/age.keys > hello.age",
-r https://filippo.io/.well-known/age.keys > hello.age",
),
)
.example(
@ -84,23 +90,23 @@ fn rage_page() {
"Encryption to a GitHub user \
(equivalent to https://github.com/str4d.keys)",
)
.command("echo \"_o/\" | rage github:str4d | nc 192.0.2.0 1234"),
.command("echo \"_o/\" | rage -r github:str4d | nc 192.0.2.0 1234"),
)
.example(
Example::new()
.text("Encryption to an alias")
.command("tar cv ~/xxx | rage alias:str4d > xxx.tar.age"),
.command("tar cv ~/xxx | rage -r alias:str4d > xxx.tar.age"),
)
.example(
Example::new()
.text("Decryption with keys at ~/.config/age/keys.txt")
.command("rage --decrypt -i hello.age")
.command("rage --decrypt hello.age")
.output("_o/"),
)
.example(
Example::new()
.text("Decryption with custom keys")
.command("rage -d -o hello -i hello.age keyA.txt keyB.txt"),
.command("rage -d -o hello -i keyA.txt -i keyB.txt hello.age"),
)
.render();
@ -166,9 +172,14 @@ fn rage_mount_page() {
.long("--passphrase")
.help("Use a passphrase instead of public keys"),
)
.option(
Opt::new("identity")
.short("-i")
.long("--identity")
.help("An identity to decrypt with (can be repeated)"),
)
.arg(Arg::new("filename"))
.arg(Arg::new("mountpoint"))
.arg(Arg::new("[keys...]"))
.example(
Example::new()
.text("Mounting an archive with keys at ~/.config/age/keys.txt")

24
src/bin/rage-mount/main.rs
View file

@ -17,9 +17,6 @@ struct AgeMountOptions {
#[options(free, help = "The directory to mount the filesystem at")]
mountpoint: String,
#[options(free, help = "key files for decryption")]
keys: Vec<String>,
#[options(help = "print help message")]
help: bool,
@ -28,6 +25,9 @@ struct AgeMountOptions {
#[options(help = "use a passphrase instead of public keys")]
passphrase: bool,
#[options(help = "identity to decrypt with (may be repeated)")]
identity: Vec<String>,
}
fn mount_fs<T: FilesystemMT + Send + Sync + 'static, F>(open: F, mountpoint: String)
@ -55,21 +55,21 @@ fn main() {
let opts = AgeMountOptions::parse_args_default_or_exit();
if opts.filename.is_empty() {
error!("Missing filename");
error!("Error: Missing filename");
return;
}
if opts.mountpoint.is_empty() {
error!("Missing mountpoint");
error!("Error: Missing mountpoint");
return;
}
if opts.types.is_empty() {
error!("Missing filesystem type");
error!("Error: Missing -t/--types");
return;
}
let decryptor = if opts.passphrase {
if !opts.keys.is_empty() {
error!("Keys are not accepted when using a passphrase");
if !opts.identity.is_empty() {
eprintln!("Error: -i/--identity can't be used with -p/--passphrase");
return;
}
@ -78,7 +78,13 @@ fn main() {
Err(_) => return,
}
} else {
match read_keys(opts.keys) {
if opts.identity.is_empty() {
eprintln!("Error: missing identities.");
eprintln!("Did you forget to specify -i/--identity?");
return;
}
match read_keys(opts.identity) {
Ok(keys) => {
// Check for unsupported keys and alert the user
for key in &keys {

61
src/bin/rage/main.rs
View file

@ -149,8 +149,8 @@ fn read_recipients(
#[derive(Debug, Options)]
struct AgeOptions {
#[options(free, help = "recipients for encryption, or key files for decryption")]
arguments: Vec<String>,
#[options(free, help = "file to read input from (default stdin)")]
input: Option<String>,
#[options(help = "print help message")]
help: bool,
@ -164,8 +164,11 @@ struct AgeOptions {
#[options(help = "create ASCII armored output (default is age binary format)")]
armor: bool,
#[options(help = "read from INPUT (default stdin)")]
input: Option<String>,
#[options(help = "recipient to encrypt to (may be repeated)")]
recipient: Vec<String>,
#[options(help = "identity to decrypt with (may be repeated)")]
identity: Vec<String>,
#[options(help = "output to OUTPUT (default stdout)")]
output: Option<String>,
@ -175,14 +178,22 @@ struct AgeOptions {
}
fn encrypt(opts: AgeOptions) {
if !opts.identity.is_empty() {
eprintln!("Error: -i/--identity can't be used in encryption mode.");
eprintln!("Did you forget to specify -d/--decrypt?");
return;
}
let encryptor = if opts.passphrase {
if !opts.arguments.is_empty() {
eprintln!("Positional arguments are not accepted when using a passphrase");
if !opts.recipient.is_empty() {
eprintln!("Error: -r/--recipient can't be used with -p/--passphrase");
return;
}
if opts.input.is_none() {
eprintln!("File to encrypt must be passed in with --input when using a passphrase");
eprintln!(
"Error: file to encrypt must be passed as an argument when using -p/--passphrase"
);
return;
}
@ -191,7 +202,13 @@ fn encrypt(opts: AgeOptions) {
Err(_) => return,
}
} else {
match read_recipients(opts.arguments, opts.aliases) {
if opts.recipient.is_empty() {
eprintln!("Error: missing recipients.");
eprintln!("Did you forget to specify -r/--recipient?");
return;
}
match read_recipients(opts.recipient, opts.aliases) {
Ok(recipients) => age::Encryptor::Keys(recipients),
Err(e) => {
eprintln!("Error while reading recipients: {}", e);
@ -234,14 +251,28 @@ fn encrypt(opts: AgeOptions) {
}
fn decrypt(opts: AgeOptions) {
if opts.armor {
eprintln!("Error: -a/--armor can't be used with -d/--decrypt.");
eprintln!("Note that armored files are detected automatically.");
return;
}
if !opts.recipient.is_empty() {
eprintln!("Error: -r/--recipient can't be used with -d/--decrypt.");
eprintln!("Did you mean to use -i/--identity to specify a private key?");
return;
}
let decryptor = if opts.passphrase {
if !opts.arguments.is_empty() {
eprintln!("Positional arguments are not accepted when using a passphrase");
if !opts.identity.is_empty() {
eprintln!("Error: -i/--identity can't be used with -p/--passphrase");
return;
}
if opts.input.is_none() {
eprintln!("File to decrypt must be passed in with --input when using a passphrase");
eprintln!(
"Error: file to decrypt must be passed as an argument when using -p/--passphrase"
);
return;
}
@ -250,7 +281,13 @@ fn decrypt(opts: AgeOptions) {
Err(_) => return,
}
} else {
match read_keys(opts.arguments) {
if opts.identity.is_empty() {
eprintln!("Error: missing identities.");
eprintln!("Did you forget to specify -i/--identity?");
return;
}
match read_keys(opts.identity) {
Ok(keys) => {
// Check for unsupported keys and alert the user
for key in &keys {