feat: v0.3.4, encrypt supports --key-filter
This commit is contained in:
@@ -11,7 +11,7 @@ use rust_util::{debugging, failure, iff, information, opt_result, simple_error,
|
||||
use rust_util::util_time::UnixEpochTime;
|
||||
use zeroize::Zeroize;
|
||||
|
||||
use crate::{util_enc_file, util, util_ecdh, util_p384, util_x25519};
|
||||
use crate::{util, util_ecdh, util_enc_file, util_p384, util_x25519};
|
||||
use crate::compress::GzStreamEncoder;
|
||||
use crate::config::{TinyEncryptConfig, TinyEncryptConfigEnvelop};
|
||||
use crate::consts::{ENC_AES256_GCM_P256, ENC_AES256_GCM_P384, ENC_AES256_GCM_X25519, SALT_COMMENT, TINY_ENC_CONFIG_FILE, TINY_ENC_FILE_EXT};
|
||||
@@ -24,22 +24,25 @@ use crate::wrap_key::{WrapKey, WrapKeyHeader};
|
||||
pub struct CmdEncrypt {
|
||||
/// Files need to be decrypted
|
||||
pub paths: Vec<PathBuf>,
|
||||
/// Comment
|
||||
/// Plaintext comment
|
||||
#[arg(long, short = 'c')]
|
||||
pub comment: Option<String>,
|
||||
/// Encrypted comment
|
||||
#[arg(long, short = 'C')]
|
||||
pub encrypted_comment: Option<String>,
|
||||
/// Encryption profile
|
||||
/// Encryption profile (use default when --key-filter is assigned)
|
||||
#[arg(long, short = 'p')]
|
||||
pub profile: Option<String>,
|
||||
/// Encryption key filter (key_id or type:TYPE(e.g. ecdh, pgp, ecdh-p384, pgp-ed25519), multiple joined by ',')
|
||||
#[arg(long, short = 'k')]
|
||||
pub key_filter: Option<String>,
|
||||
/// Compress before encrypt
|
||||
#[arg(long, short = 'x')]
|
||||
pub compress: bool,
|
||||
/// Compress level (from 0[none], 1[fast] .. 6[default] .. to 9[best])
|
||||
#[arg(long, short = 'L')]
|
||||
pub compress_level: Option<u32>,
|
||||
/// Compatible with 1.0
|
||||
/// Compatible with 1.0 (requires assign --disable-compress-meta)
|
||||
#[arg(long, short = '1')]
|
||||
pub compatible_with_1_0: bool,
|
||||
/// Remove source file
|
||||
@@ -53,7 +56,7 @@ pub struct CmdEncrypt {
|
||||
pub fn encrypt(cmd_encrypt: CmdEncrypt) -> XResult<()> {
|
||||
let config = TinyEncryptConfig::load(TINY_ENC_CONFIG_FILE)?;
|
||||
debugging!("Found tiny encrypt config: {:?}", config);
|
||||
let envelops = config.find_envelops(&cmd_encrypt.profile)?;
|
||||
let envelops = config.find_envelops(&cmd_encrypt.profile, &cmd_encrypt.key_filter)?;
|
||||
if envelops.is_empty() { return simple_error!("Cannot find any valid envelops"); }
|
||||
debugging!("Found envelops: {:?}", envelops);
|
||||
let envelop_tkids: Vec<_> = envelops.iter()
|
||||
@@ -306,7 +309,7 @@ fn encrypt_envelop_shared_secret(key: &[u8],
|
||||
Ok(TinyEncryptEnvelop {
|
||||
r#type: envelop.r#type,
|
||||
kid: envelop.kid.clone(),
|
||||
desc: envelop.desc.clone(),
|
||||
desc: None, // envelop.desc.clone(),
|
||||
encrypted_key: encoded_wrap_key,
|
||||
})
|
||||
}
|
||||
@@ -318,7 +321,7 @@ fn encrypt_envelop_pgp(key: &[u8], envelop: &TinyEncryptConfigEnvelop) -> XResul
|
||||
Ok(TinyEncryptEnvelop {
|
||||
r#type: envelop.r#type,
|
||||
kid: envelop.kid.clone(),
|
||||
desc: envelop.desc.clone(),
|
||||
desc: None, // envelop.desc.clone(),
|
||||
encrypted_key: util::encode_base64(&encrypted_key),
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user