plugins: Add request-public command to bi-directional phase

This enables plugins to request a non-secret value, which won't trigger any passphrase-specific user prompt (that e.g. hides the user's input).
2025-04-04 11:27:43 +03:00 · 2021-02-05 22:50:42 +00:00 · 2021-02-05 22:50:42 +00:00 · cb443e55e0
commit cb443e55e0
parent 933dfe1157
4 changed files with 68 additions and 2 deletions
--- a/age-plugin/src/identity.rs
+++ b/age-plugin/src/identity.rs
@ -65,6 +65,19 @@ impl<'a, 'b, R: io::Read, W: io::Write> Callbacks<Error> for BidirCallbacks<'a,
            .map(|res| res.map(|_| ()))
    }

+    fn request_public(&mut self, message: &str) -> plugin::Result<String, ()> {
+        self.0
+            .send("request-public", &[], message.as_bytes())
+            .and_then(|res| match res {
+                Ok(s) => String::from_utf8(s.body)
+                    .map_err(|_| {
+                        io::Error::new(io::ErrorKind::InvalidData, "response is not UTF-8")
+                    })
+                    .map(Ok),
+                Err(()) => Ok(Err(())),
+            })
+    }
+
    /// Requests a secret value from the user, such as a passphrase.
    ///
    /// `message` will be displayed to the user, providing context for the request.
--- a/age-plugin/src/lib.rs
+++ b/age-plugin/src/lib.rs
@ -227,6 +227,13 @@ pub trait Callbacks<E> {
    /// inserting a hardware key.
    fn message(&mut self, message: &str) -> age_core::plugin::Result<(), ()>;

+    /// Requests a non-secret value from the user.
+    ///
+    /// `message` will be displayed to the user, providing context for the request.
+    ///
+    /// To request secrets, use [`Callbacks::request_secret`].
+    fn request_public(&mut self, message: &str) -> age_core::plugin::Result<String, ()>;
+
    /// Requests a secret value from the user, such as a passphrase.
    ///
    /// `message` will be displayed to the user, providing context for the request.
--- a/age-plugin/src/recipient.rs
+++ b/age-plugin/src/recipient.rs
@ -68,6 +68,19 @@ impl<'a, 'b, R: io::Read, W: io::Write> Callbacks<Error> for BidirCallbacks<'a,
            .map(|res| res.map(|_| ()))
    }

+    fn request_public(&mut self, message: &str) -> plugin::Result<String, ()> {
+        self.0
+            .send("request-public", &[], message.as_bytes())
+            .and_then(|res| match res {
+                Ok(s) => String::from_utf8(s.body)
+                    .map_err(|_| {
+                        io::Error::new(io::ErrorKind::InvalidData, "response is not UTF-8")
+                    })
+                    .map(Ok),
+                Err(()) => Ok(Err(())),
+            })
+    }
+
    /// Requests a secret value from the user, such as a passphrase.
    ///
    /// `message` will be displayed to the user, providing context for the request.
--- a/age/src/plugin.rs
+++ b/age/src/plugin.rs
@ -25,6 +25,7 @@ const PLUGIN_IDENTITY_PREFIX: &str = "age-plugin-";
 const CMD_ERROR: &str = "error";
 const CMD_RECIPIENT_STANZA: &str = "recipient-stanza";
 const CMD_MSG: &str = "msg";
+const CMD_REQUEST_PUBLIC: &str = "request-public";
 const CMD_REQUEST_SECRET: &str = "request-secret";
 const CMD_FILE_KEY: &str = "file-key";

@ -216,13 +217,29 @@ impl<C: Callbacks> crate::Recipient for RecipientPluginV1<C> {
        let mut stanzas = vec![];
        let mut errors = vec![];
        if let Err(e) = conn.bidir_receive(
-            &[CMD_MSG, CMD_REQUEST_SECRET, CMD_RECIPIENT_STANZA, CMD_ERROR],
+            &[
+                CMD_MSG,
+                CMD_REQUEST_PUBLIC,
+                CMD_REQUEST_SECRET,
+                CMD_RECIPIENT_STANZA,
+                CMD_ERROR,
+            ],
            |mut command, reply| match command.tag.as_str() {
                CMD_MSG => {
                    self.callbacks
                        .prompt(&String::from_utf8_lossy(&command.body));
                    reply.ok(None)
                }
+                CMD_REQUEST_PUBLIC => {
+                    if let Some(value) = self
+                        .callbacks
+                        .request_public_string(&String::from_utf8_lossy(&command.body))
+                    {
+                        reply.ok(Some(value.as_bytes()))
+                    } else {
+                        reply.fail()
+                    }
+                }
                CMD_REQUEST_SECRET => {
                    if let Some(secret) = self
                        .callbacks
@ -365,13 +382,29 @@ impl<C: Callbacks> IdentityPluginV1<C> {
        let mut file_key = None;
        let mut errors = vec![];
        if let Err(e) = conn.bidir_receive(
-            &[CMD_MSG, CMD_REQUEST_SECRET, CMD_FILE_KEY, CMD_ERROR],
+            &[
+                CMD_MSG,
+                CMD_REQUEST_PUBLIC,
+                CMD_REQUEST_SECRET,
+                CMD_FILE_KEY,
+                CMD_ERROR,
+            ],
            |command, reply| match command.tag.as_str() {
                CMD_MSG => {
                    self.callbacks
                        .prompt(&String::from_utf8_lossy(&command.body));
                    reply.ok(None)
                }
+                CMD_REQUEST_PUBLIC => {
+                    if let Some(value) = self
+                        .callbacks
+                        .request_public_string(&String::from_utf8_lossy(&command.body))
+                    {
+                        reply.ok(Some(value.as_bytes()))
+                    } else {
+                        reply.fail()
+                    }
+                }
                CMD_REQUEST_SECRET => {
                    if let Some(secret) = self
                        .callbacks