From: "Fabian Grünbichler" <f.gruenbichler@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH proxmox-backup 04/13] client: add 'key show' command
Date: Fri, 20 Nov 2020 17:38:34 +0100 [thread overview]
Message-ID: <20201120163845.1225080-5-f.gruenbichler@proxmox.com> (raw)
In-Reply-To: <20201120163845.1225080-1-f.gruenbichler@proxmox.com>
for (pretty-)printing a keyfile.
Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
---
Notes:
v2: display fp directly as well, add output-format support
src/bin/proxmox_backup_client/key.rs | 68 +++++++++++++++++++++++++++-
1 file changed, 67 insertions(+), 1 deletion(-)
diff --git a/src/bin/proxmox_backup_client/key.rs b/src/bin/proxmox_backup_client/key.rs
index 915ee970..ea7e8c82 100644
--- a/src/bin/proxmox_backup_client/key.rs
+++ b/src/bin/proxmox_backup_client/key.rs
@@ -4,9 +4,16 @@ use std::process::{Stdio, Command};
use anyhow::{bail, format_err, Error};
use serde::{Deserialize, Serialize};
+use serde_json::Value;
use proxmox::api::api;
-use proxmox::api::cli::{CliCommand, CliCommandMap};
+use proxmox::api::cli::{
+ CliCommand,
+ CliCommandMap,
+ format_and_print_result,
+ get_output_format,
+ OUTPUT_FORMAT,
+};
use proxmox::sys::linux::tty;
use proxmox::tools::fs::{file_get_contents, replace_file, CreateOptions};
@@ -16,6 +23,7 @@ use proxmox_backup::backup::{
store_key_config,
CryptConfig,
KeyConfig,
+ KeyDerivationConfig,
};
use proxmox_backup::tools;
@@ -229,6 +237,59 @@ fn change_passphrase(kdf: Option<Kdf>, path: Option<String>) -> Result<(), Error
Ok(())
}
+#[api(
+ input: {
+ properties: {
+ path: {
+ description: "Key file. Without this the default key's metadata will be shown.",
+ optional: true,
+ },
+ "output-format": {
+ schema: OUTPUT_FORMAT,
+ optional: true,
+ },
+ },
+ },
+)]
+/// Print the encryption key's metadata.
+fn show_key(
+ path: Option<String>,
+ param: Value,
+) -> Result<(), Error> {
+ let path = match path {
+ Some(path) => PathBuf::from(path),
+ None => {
+ let path = find_default_encryption_key()?
+ .ok_or_else(|| {
+ format_err!("no encryption file provided and no default file found")
+ })?;
+ path
+ }
+ };
+
+ let output_format = get_output_format(¶m);
+ let config: KeyConfig = serde_json::from_slice(&file_get_contents(path.clone())?)?;
+
+ if output_format == "text" {
+ println!("Path: {:?}", path);
+ match config.kdf {
+ Some(KeyDerivationConfig::PBKDF2 { .. }) => println!("KDF: pbkdf2"),
+ Some(KeyDerivationConfig::Scrypt { .. }) => println!("KDF: scrypt"),
+ None => println!("KDF: none (plaintext key)"),
+ };
+ println!("Created: {}", proxmox::tools::time::epoch_to_rfc3339_utc(config.created)?);
+ println!("Modified: {}", proxmox::tools::time::epoch_to_rfc3339_utc(config.modified)?);
+ match config.fingerprint {
+ Some(fp) => println!("Fingerprint: {}", fp),
+ None => println!("Fingerprint: none (legacy key)"),
+ };
+ } else {
+ format_and_print_result(&serde_json::to_value(config)?, &output_format);
+ }
+
+ Ok(())
+}
+
#[api(
input: {
properties: {
@@ -348,6 +409,10 @@ pub fn cli() -> CliCommandMap {
.arg_param(&["path"])
.completion_cb("path", tools::complete_file_name);
+ let key_show_cmd_def = CliCommand::new(&API_METHOD_SHOW_KEY)
+ .arg_param(&["path"])
+ .completion_cb("path", tools::complete_file_name);
+
let paper_key_cmd_def = CliCommand::new(&API_METHOD_PAPER_KEY)
.arg_param(&["path"])
.completion_cb("path", tools::complete_file_name);
@@ -357,6 +422,7 @@ pub fn cli() -> CliCommandMap {
.insert("create-master-key", key_create_master_key_cmd_def)
.insert("import-master-pubkey", key_import_master_pubkey_cmd_def)
.insert("change-passphrase", key_change_passphrase_cmd_def)
+ .insert("show", key_show_cmd_def)
.insert("paperkey", paper_key_cmd_def)
}
--
2.20.1
next prev parent reply other threads:[~2020-11-20 16:39 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-20 16:38 [pbs-devel] [PATCH v2 proxmox-backup(-qemu) 00/15] add, persist and check fingerprint Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 01/13] crypt config: add fingerprint mechanism Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 02/13] key: add fingerprint to key config Fabian Grünbichler
2020-11-23 8:07 ` Wolfgang Bumiller
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 03/13] client: print key fingerprint and master key Fabian Grünbichler
2020-11-20 16:38 ` Fabian Grünbichler [this message]
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 05/13] fix #3139: add key fingerprint to manifest Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 06/13] manifest: check fingerprint when loading with key Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 07/13] client: check fingerprint after downloading manifest Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 08/13] paperkey: refactor common code Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 09/13] paperkey: add short key ID to subject Fabian Grünbichler
2020-11-23 7:07 ` Dietmar Maurer
2020-11-23 8:16 ` Fabian Grünbichler
2020-11-23 8:30 ` Dietmar Maurer
2020-11-23 8:47 ` Fabian Grünbichler
2020-11-23 8:41 ` Dietmar Maurer
2020-11-23 8:55 ` Dietmar Maurer
2020-11-23 9:44 ` Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [RFC proxmox-backup 10/13] expose previous backup time in backup env Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 11/13] refactor BackupInfo -> SnapshotListItem helper Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 12/13] list_snapshots: return manifest fingerprint Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup 13/13] gui: add snapshot/file fingerprint tooltip Fabian Grünbichler
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup-qemu 1/2] adapt to proxmox-backup fingerprint changes Fabian Grünbichler
2020-11-24 8:07 ` [pbs-devel] applied: " Dietmar Maurer
2020-11-20 16:38 ` [pbs-devel] [PATCH proxmox-backup-qemu 2/2] restore: improve error if key is missing Fabian Grünbichler
2020-11-24 7:47 ` [pbs-devel] [PATCH v2 proxmox-backup(-qemu) 00/15] add, persist and check fingerprint Dietmar Maurer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201120163845.1225080-5-f.gruenbichler@proxmox.com \
--to=f.gruenbichler@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox