1 use anyhow
::{bail, Error}
;
21 TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA
,
26 config
::tape_encryption_keys
::complete_key_fingerprint
,
29 pub fn encryption_key_commands() -> CommandLineInterface
{
31 let cmd_def
= CliCommandMap
::new()
32 .insert("list", CliCommand
::new(&API_METHOD_LIST_KEYS
))
35 CliCommand
::new(&API_METHOD_CREATE_KEY
)
39 CliCommand
::new(&API_METHOD_CHANGE_PASSPHRASE
)
40 .arg_param(&["fingerprint"])
41 .completion_cb("fingerprint", complete_key_fingerprint
)
45 CliCommand
::new(&API_METHOD_SHOW_KEY
)
46 .arg_param(&["fingerprint"])
47 .completion_cb("fingerprint", complete_key_fingerprint
)
51 CliCommand
::new(&API_METHOD_RESTORE_KEY
)
55 CliCommand
::new(&api2
::config
::tape_encryption_keys
::API_METHOD_DELETE_KEY
)
56 .arg_param(&["fingerprint"])
57 .completion_cb("fingerprint", complete_key_fingerprint
)
68 schema
: TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA
,
71 schema
: OUTPUT_FORMAT
,
77 /// Print tthe encryption key's metadata.
80 rpcenv
: &mut dyn RpcEnvironment
,
81 ) -> Result
<(), Error
> {
83 let output_format
= get_output_format(¶m
);
85 let info
= &api2
::config
::tape_encryption_keys
::API_METHOD_READ_KEY
;
86 let mut data
= match info
.handler
{
87 ApiHandler
::Sync(handler
) => (handler
)(param
, info
, rpcenv
)?
,
91 let options
= proxmox
::api
::cli
::default_table_format_options()
92 .column(ColumnConfig
::new("kdf"))
93 .column(ColumnConfig
::new("created").renderer(tools
::format
::render_epoch
))
94 .column(ColumnConfig
::new("modified").renderer(tools
::format
::render_epoch
))
95 .column(ColumnConfig
::new("fingerprint"))
96 .column(ColumnConfig
::new("hint"));
98 format_and_print_result_full(&mut data
, &info
.returns
, &output_format
, &options
);
111 schema
: TAPE_ENCRYPTION_KEY_FINGERPRINT_SCHEMA
,
114 schema
: PASSWORD_HINT_SCHEMA
,
120 /// Change the encryption key's password.
121 fn change_passphrase(
123 rpcenv
: &mut dyn RpcEnvironment
,
124 ) -> Result
<(), Error
> {
126 if !tty
::stdin_isatty() {
127 bail
!("unable to change passphrase - no tty");
130 let password
= tty
::read_password("Current Tape Encryption Key Password: ")?
;
132 let new_password
= tty
::read_and_verify_password("New Tape Encryption Key Password: ")?
;
134 param
["password"] = String
::from_utf8(password
)?
.into();
135 param
["new-password"] = String
::from_utf8(new_password
)?
.into();
137 let info
= &api2
::config
::tape_encryption_keys
::API_METHOD_CHANGE_PASSPHRASE
;
139 ApiHandler
::Sync(handler
) => (handler
)(param
, info
, rpcenv
)?
,
150 schema
: DRIVE_NAME_SCHEMA
,
156 /// Restore encryption key from tape (read password from stdin)
157 async
fn restore_key(
159 rpcenv
: &mut dyn RpcEnvironment
,
160 ) -> Result
<(), Error
> {
162 let (config
, _digest
) = config
::drive
::config()?
;
163 param
["drive"] = crate::lookup_drive_name(¶m
, &config
)?
.into();
165 if !tty
::stdin_isatty() {
166 bail
!("no password input mechanism available");
169 let password
= tty
::read_password("Tepe Encryption Key Password: ")?
;
170 param
["password"] = String
::from_utf8(password
)?
.into();
172 let info
= &api2
::tape
::drive
::API_METHOD_RESTORE_KEY
;
174 ApiHandler
::Async(handler
) => (handler
)(param
, info
, rpcenv
).await?
,
189 description
: "Password restore hint.",
197 /// Create key (read password from stdin)
200 rpcenv
: &mut dyn RpcEnvironment
,
201 ) -> Result
<(), Error
> {
203 if !tty
::stdin_isatty() {
204 bail
!("no password input mechanism available");
207 let password
= tty
::read_and_verify_password("Tape Encryption Key Password: ")?
;
209 param
["password"] = String
::from_utf8(password
)?
.into();
211 let info
= &api2
::config
::tape_encryption_keys
::API_METHOD_CREATE_KEY
;
212 let fingerprint
= match info
.handler
{
213 ApiHandler
::Sync(handler
) => (handler
)(param
, info
, rpcenv
)?
,
217 println
!("{}", fingerprint
);
227 schema
: OUTPUT_FORMAT
,
236 rpcenv
: &mut dyn RpcEnvironment
,
237 ) -> Result
<(), Error
> {
239 let output_format
= get_output_format(¶m
);
240 let info
= &api2
::config
::tape_encryption_keys
::API_METHOD_LIST_KEYS
;
241 let mut data
= match info
.handler
{
242 ApiHandler
::Sync(handler
) => (handler
)(param
, info
, rpcenv
)?
,
246 let options
= default_table_format_options()
247 .column(ColumnConfig
::new("fingerprint"))
248 .column(ColumnConfig
::new("hint"))
251 format_and_print_result_full(&mut data
, &info
.returns
, &output_format
, &options
);