feat: v1.9.14, enhance temporary keys

2025-09-14 17:17:18 +08:00
parent 75ed193d86
commit 403eaf1669
6 changed files with 42 additions and 15 deletions
--- a/src/cmd_config.rs
+++ b/src/cmd_config.rs
@@ -76,7 +76,13 @@ pub fn config(cmd_config: CmdConfig) -> XResult<()> {
    }

    if cmd_config.temporary_key {
-        for envelop in &config.envelops {
+        let envelops;
+        if cmd_config.profile.is_some() || cmd_config.key_filter.is_some() {
+            envelops = config.find_envelops(&cmd_config.profile, &cmd_config.key_filter)?;
+        } else {
+            envelops = config.find_envelops(&Some("ALL".to_string()), &None)?
+        }
+        for envelop in envelops {
            let k = serialize_config_envelop(envelop);
            println!("{}", k);
        }
--- a/src/cmd_encrypt.rs
+++ b/src/cmd_encrypt.rs
@@ -29,6 +29,7 @@ use crate::util_progress::Progress;
 use crate::util_rsa;
 use crate::wrap_key::{WrapKey, WrapKeyHeader};
 use crate::{crypto_cryptor, crypto_simple, util, util_enc_file, util_env, util_gpg};
+use crate::temporary_key::parse_temporary_keys;

 #[derive(Debug, Args)]
 pub struct CmdEncrypt {
@@ -48,6 +49,10 @@ pub struct CmdEncrypt {
    #[arg(long, short = 'k')]
    pub key_filter: Option<String>,

+    /// Temporary key
+    #[arg(long)]
+    pub temporary_key: Option<Vec<String>>,
+
    /// Compress before encrypt
    #[arg(long, short = 'x')]
    pub compress: bool,
@@ -83,9 +88,18 @@ pub struct CmdEncrypt {
 pub fn encrypt(cmd_encrypt: CmdEncrypt) -> XResult<()> {
    let config = TinyEncryptConfig::load_default()?;
    debugging!("Found tiny encrypt config: {:?}", config);
-    let envelops = config.find_envelops(&cmd_encrypt.profile, &cmd_encrypt.key_filter)?;
-    if envelops.is_empty() { return simple_error!("Cannot find any valid envelops"); }
+    let mut envelops = config.find_envelops(&cmd_encrypt.profile, &cmd_encrypt.key_filter)?;
    debugging!("Found envelops: {:?}", envelops);
+
+    let temporary_envelops = parse_temporary_keys(&cmd_encrypt.temporary_key)?;
+    if !temporary_envelops.is_empty() {
+        for t_envelop in &temporary_envelops {
+            envelops.push(t_envelop)
+        }
+        debugging!("Final envelops: {:?}", envelops);
+    }
+    if envelops.is_empty() { return simple_error!("Cannot find any valid envelops"); }
+
    let envelop_tkids: Vec<_> = envelops.iter()
        .map(|e| format!("{}:{}", e.r#type.get_name(), e.kid))
        .collect();
--- a/src/cmd_simple_encrypt_decrypt.rs
+++ b/src/cmd_simple_encrypt_decrypt.rs
@@ -9,7 +9,7 @@ use serde::Serialize;
 use std::io;
 use std::io::Write;
 use std::process::exit;
-use crate::temporary_key::deserialize_config_envelop;
+use crate::temporary_key::parse_temporary_keys;
 use crate::util_simple_pbe::SimplePbkdfEncryptionV1;

 // Reference: https://git.hatter.ink/hatter/tiny-encrypt-rs/issues/3
@@ -201,14 +201,9 @@ pub fn inner_simple_encrypt(cmd_simple_encrypt: CmdSimpleEncrypt) -> XResult<()>
        &cmd_simple_encrypt.key_filter)?;
    debugging!("Found envelops: {:?}", envelops);

-    let mut temporary_envelops = vec![];
-    if let Some(temporary_key) = &cmd_simple_encrypt.temporary_key {
-        for t_key in temporary_key {
-            let envelop = opt_result!(deserialize_config_envelop(t_key), "Parse temporary key: {} failed: {}", t_key);
-            temporary_envelops.push(envelop);
-        }
-        // FIXME should check kid not exists
-        for t_envelop in &mut temporary_envelops {
+    let temporary_envelops = parse_temporary_keys(&cmd_simple_encrypt.temporary_key)?;
+    if !temporary_envelops.is_empty() {
+        for t_envelop in &temporary_envelops {
            envelops.push(t_envelop)
        }
        debugging!("Final envelops: {:?}", envelops);
--- a/src/temporary_key.rs
+++ b/src/temporary_key.rs
@@ -5,7 +5,7 @@

 use crate::config::TinyEncryptConfigEnvelop;
 use crate::spec::TinyEncryptEnvelopType;
-use rust_util::{iff, opt_result, opt_value_result, simple_error, XResult};
+use rust_util::{debugging, iff, opt_result, opt_value_result, simple_error, XResult};

 const TINY_ENCRYPT_KEY_PREFIX: &str = "tiny-encrypt-key:";

@@ -22,6 +22,18 @@ pub fn serialize_config_envelop(config_envelop: &TinyEncryptConfigEnvelop) -> St
    s
 }

+pub fn parse_temporary_keys(temporary_keys: &Option<Vec<String>>) -> XResult<Vec<TinyEncryptConfigEnvelop>> {
+    let mut temporary_envelops = vec![];
+    if let Some(temporary_key) = temporary_keys {
+        for t_key in temporary_key {
+            let envelop = opt_result!(deserialize_config_envelop(t_key), "Parse temporary key: {} failed: {}", t_key);
+            temporary_envelops.push(envelop);
+        }
+        debugging!("Temporary envelops: {:?}", temporary_envelops);
+    }
+    Ok(temporary_envelops)
+}
+
 pub fn deserialize_config_envelop(k: &str) -> XResult<TinyEncryptConfigEnvelop> {
    if !k.starts_with(TINY_ENCRYPT_KEY_PREFIX) {
        return simple_error!("invalid temporary key");