Add 'clear' command

We currently unconditionally use gpg-agent to enter the PIN to use when
opening the encrypted volume. The agent has the advantage of caching the
password for us so that subsequent invocations against the same cache
entry can be served without user interaction.
For various reasons, however, it can be desirable to have the ability to
remove this entry from the cache. This change introduces a new command
'clear' that achieves precisely this task.

2 files changed, 8 insertions, 1 deletions

diff --git a/nitrocli/README.md b/nitrocli/README.md
index 69f9b8c..2817691 100644
--- a/nitrocli/README.md
+++ b/nitrocli/README.md
@@ -8,6 +8,7 @@ The following commands are currently supported:
 - open: Open the encrypted volume. The user PIN needs to be entered.
 - close: Close the encrypted volume.
 - status: Report status information about the Nitrokey.
+- clear: Remove the user PIN from gpg-agent's cache.
 
 
 Usage
diff --git a/nitrocli/src/main.rs b/nitrocli/src/main.rs
index d75fe77..2408188 100644
--- a/nitrocli/src/main.rs
+++ b/nitrocli/src/main.rs
@@ -277,6 +277,12 @@ fn close() -> Result<()> {
 }
 
 
+/// Clear the PIN stored when opening the nitrokey's encrypted volume.
+fn clear() -> Result<()> {
+  return pinentry::clear_passphrase();
+}
+
+
 // A macro for generating a match of the different supported commands.
 // Each supplied command is converted into a string and matched against.
 macro_rules! commands {
@@ -307,7 +313,7 @@ fn run() -> i32 {
     return 1;
   }
 
-  commands!(&argv[1], [open, close, status]);
+  commands!(&argv[1], [status, open, close, clear]);
 }
 
 fn main() {