feat: v1.0.8, direct init secure read password

2025-03-16 17:31:32 +08:00
parent 26daa10c23
commit ffdecf0703
3 changed files with 21 additions and 4 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4

 [[package]]
 name = "addr2line"
@@ -1007,7 +1007,7 @@ checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89"

 [[package]]
 name = "local-mini-kms"
-version = "1.0.7"
+version = "1.0.8"
 dependencies = [
 "aes-gcm-stream",
 "aes-kw",
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "local-mini-kms"
-version = "1.0.7"
+version = "1.0.8"
 edition = "2021"

 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -76,7 +76,24 @@ async fn do_direct_init(_arg_matches: &ArgMatches<'_>, sub_arg_matches: &ArgMatc
    } else if let Some(value_base64) = value_base64 {
        body_map.insert("clear_master_key_base64".to_string(), value_base64.into());
    } else {
-        return simple_error!("Requires value hex or value base64");
+        let pin = match pinentry_util::read_pin(
+            Some("Input your clear master key, starts with hex: or base64:"),
+            Some("Clear master key: ")) {
+            Ok(pin) => pin,
+            Err(e) => return simple_error!("Read clear master key failed: {}", e),
+        };
+        let pin_str = pin.get_pin();
+        let clear_master_key = if pin_str.starts_with("hex:") {
+            let hex: String = pin_str.chars().skip(4).collect();
+            hex::decode(&hex)?
+        } else if pin_str.starts_with("base64:") {
+            let base64: String = pin_str.chars().skip(7).collect();
+            STANDARD.decode(&base64)?
+        } else {
+            return simple_error!("Clear master key must starts with hex: or base64:");
+        };
+
+        body_map.insert("clear_master_key_hex".to_string(), hex::encode(&clear_master_key).into());
    }
    if let Some(yubikey_challenge) = yubikey_challenge {
        body_map.insert("yubikey_challenge".to_string(), yubikey_challenge.into());