From 1e4a359f42e081851b98a12511ffe24968bfc6da Mon Sep 17 00:00:00 2001 From: Daniel Mueller Date: Sun, 9 Apr 2017 20:32:31 -0700 Subject: Add 'clear' command We currently unconditionally use gpg-agent to enter the PIN to use when opening the encrypted volume. The agent has the advantage of caching the password for us so that subsequent invocations against the same cache entry can be served without user interaction. For various reasons, however, it can be desirable to have the ability to remove this entry from the cache. This change introduces a new command 'clear' that achieves precisely this task. --- nitrocli/README.md | 1 + nitrocli/src/main.rs | 8 +++++++- 2 files changed, 8 insertions(+), 1 deletion(-) diff --git a/nitrocli/README.md b/nitrocli/README.md index 69f9b8c..2817691 100644 --- a/nitrocli/README.md +++ b/nitrocli/README.md @@ -8,6 +8,7 @@ The following commands are currently supported: - open: Open the encrypted volume. The user PIN needs to be entered. - close: Close the encrypted volume. - status: Report status information about the Nitrokey. +- clear: Remove the user PIN from gpg-agent's cache. Usage diff --git a/nitrocli/src/main.rs b/nitrocli/src/main.rs index d75fe77..2408188 100644 --- a/nitrocli/src/main.rs +++ b/nitrocli/src/main.rs @@ -277,6 +277,12 @@ fn close() -> Result<()> { } +/// Clear the PIN stored when opening the nitrokey's encrypted volume. +fn clear() -> Result<()> { + return pinentry::clear_passphrase(); +} + + // A macro for generating a match of the different supported commands. // Each supplied command is converted into a string and matched against. macro_rules! commands { @@ -307,7 +313,7 @@ fn run() -> i32 { return 1; } - commands!(&argv[1], [open, close, status]); + commands!(&argv[1], [status, open, close, clear]); } fn main() { -- cgit v1.2.3