diff options
| author | Justus Winter <justus@sequoia-pgp.org> | 2018-12-20 17:41:36 +0100 |
|---|---|---|
| committer | Justus Winter <justus@sequoia-pgp.org> | 2019-01-10 15:35:15 +0100 |
| commit | ed7d023d5a6a2587ba218910bc1849d0d34adca7 (patch) | |
| tree | 02b574cc9ddf7622dd58d6319c75b9a6fa90d38b /tool | |
| parent | 24f0c26f95cd7505db2563c4db54f680de91313c (diff) | |
tool: Generate keys protected with a password.
Diffstat (limited to 'tool')
| -rw-r--r-- | tool/src/sq-usage.rs | 1 | ||||
| -rw-r--r-- | tool/src/sq.rs | 13 | ||||
| -rw-r--r-- | tool/src/sq_cli.rs | 4 |
3 files changed, 18 insertions, 0 deletions
diff --git a/tool/src/sq-usage.rs b/tool/src/sq-usage.rs index 5a4783bf..e6f261d0 100644 --- a/tool/src/sq-usage.rs +++ b/tool/src/sq-usage.rs @@ -435,6 +435,7 @@ //! --cannot-sign The key will not be able to sign data //! -h, --help Prints help information //! -V, --version Prints version information +//! --with-password Prompt for a password to protect the generated key with. //! //! OPTIONS: //! --can-encrypt <PURPOSE> The key has an encryption-capable subkey (Default) [default: all] [possible diff --git a/tool/src/sq.rs b/tool/src/sq.rs index d70d9d10..9add3251 100644 --- a/tool/src/sq.rs +++ b/tool/src/sq.rs @@ -477,6 +477,19 @@ fn real_main() -> Result<(), failure::Error> { } } + if m.is_present("with-password") { + let p0 = rpassword::prompt_password_stderr( + "Enter password to protect the key: ")?.into(); + let p1 = rpassword::prompt_password_stderr( + "Repeat the password once more: ")?.into(); + + if p0 == p1 { + builder = builder.set_password(Some(p0)); + } else { + return Err(failure::err_msg("Passwords do not match.")); + } + } + // Generate the key let (tpk, rev) = builder.generate()?; let tsk = tpk.into_tsk(); diff --git a/tool/src/sq_cli.rs b/tool/src/sq_cli.rs index b44403fc..eb98fd17 100644 --- a/tool/src/sq_cli.rs +++ b/tool/src/sq_cli.rs @@ -330,6 +330,10 @@ pub fn build() -> App<'static, 'static> { .possible_values(&["rsa3k", "cv25519"]) .default_value("rsa3k") .help("Cryptographic algorithms used for the key.")) + .arg(Arg::with_name("with-password") + .long("with-password") + .help("Prompt for a password to protect the generated \ + key with.")) .group(ArgGroup::with_name("cap-sign") .args(&["can-sign", "cannot-sign"])) |