From ffdecf0703ab3936b8d81eb36bf1a0c2825e22b3 Mon Sep 17 00:00:00 2001
From: Hatter Jiang <jht5945@gmail.com>
Date: Sun, 16 Mar 2025 17:31:32 +0800
Subject: [PATCH] feat: v1.0.8, direct init secure read password

---
 Cargo.lock |  4 ++--
 Cargo.toml |  2 +-
 src/cli.rs | 19 ++++++++++++++++++-
 3 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/Cargo.lock b/Cargo.lock
index f34e140..bd6835e 100644
--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1,6 +1,6 @@
 # This file is automatically @generated by Cargo.
 # It is not intended for manual editing.
-version = 3
+version = 4
 
 [[package]]
 name = "addr2line"
@@ -1007,7 +1007,7 @@ checksum = "78b3ae25bc7c8c38cec158d1f2757ee79e9b3740fbc7ccf0e59e4b08d793fa89"
 
 [[package]]
 name = "local-mini-kms"
-version = "1.0.7"
+version = "1.0.8"
 dependencies = [
  "aes-gcm-stream",
  "aes-kw",
diff --git a/Cargo.toml b/Cargo.toml
index 6923507..dbe8f42 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -1,6 +1,6 @@
 [package]
 name = "local-mini-kms"
-version = "1.0.7"
+version = "1.0.8"
 edition = "2021"
 
 # See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
diff --git a/src/cli.rs b/src/cli.rs
index e6845d1..1837202 100644
--- a/src/cli.rs
+++ b/src/cli.rs
@@ -76,7 +76,24 @@ async fn do_direct_init(_arg_matches: &ArgMatches<'_>, sub_arg_matches: &ArgMatc
     } else if let Some(value_base64) = value_base64 {
         body_map.insert("clear_master_key_base64".to_string(), value_base64.into());
     } else {
-        return simple_error!("Requires value hex or value base64");
+        let pin = match pinentry_util::read_pin(
+            Some("Input your clear master key, starts with hex: or base64:"),
+            Some("Clear master key: ")) {
+            Ok(pin) => pin,
+            Err(e) => return simple_error!("Read clear master key failed: {}", e),
+        };
+        let pin_str = pin.get_pin();
+        let clear_master_key = if pin_str.starts_with("hex:") {
+            let hex: String = pin_str.chars().skip(4).collect();
+            hex::decode(&hex)?
+        } else if pin_str.starts_with("base64:") {
+            let base64: String = pin_str.chars().skip(7).collect();
+            STANDARD.decode(&base64)?
+        } else {
+            return simple_error!("Clear master key must starts with hex: or base64:");
+        };
+
+        body_map.insert("clear_master_key_hex".to_string(), hex::encode(&clear_master_key).into());
     }
     if let Some(yubikey_challenge) = yubikey_challenge {
         body_map.insert("yubikey_challenge".to_string(), yubikey_challenge.into());