diff options
author | Robin Krahl <robin.krahl@ireas.org> | 2019-01-06 00:10:44 +0100 |
---|---|---|
committer | Daniel Mueller <deso@posteo.net> | 2019-01-13 18:36:58 -0800 |
commit | 53a2893ee725e4ad678b2060fd71729ff55e6cee (patch) | |
tree | 0d17667568b8f6fcb19fa111cc5efd8a7c16df13 /nitrocli/src | |
parent | 091e01ba40e488dfd68b43db56fc0693a350510a (diff) | |
download | nitrocli-53a2893ee725e4ad678b2060fd71729ff55e6cee.tar.gz nitrocli-53a2893ee725e4ad678b2060fd71729ff55e6cee.tar.bz2 |
Add the --format option to otp set to select the secret format
This patch introduces the -f/--format options for the otp set
subcommand to specify the format of the OTP secret. Previously, the
default format was hexadecimal and ASCII format could be selected using
the --ascii option. The new --format option takes the argument hex or
ascii, defaulting to hex, and replaces the --ascii option.
This patch does not remove the --ascii option but marks it as
deprecated. It may not be set together with --format, and a warning is
printed if it is set. It should be deleted with the next minor release.
This patch prepares the addition of a new format, base32.
Diffstat (limited to 'nitrocli/src')
-rw-r--r-- | nitrocli/src/args.rs | 53 | ||||
-rw-r--r-- | nitrocli/src/commands.rs | 11 |
2 files changed, 56 insertions, 8 deletions
diff --git a/nitrocli/src/args.rs b/nitrocli/src/args.rs index ad296c2..b109944 100644 --- a/nitrocli/src/args.rs +++ b/nitrocli/src/args.rs @@ -324,6 +324,37 @@ impl From<OtpMode> for nitrokey::OtpMode { } } +#[derive(Clone, Copy, Debug, PartialEq)] +pub enum OtpSecretFormat { + Ascii, + Hex, +} + +impl fmt::Display for OtpSecretFormat { + fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result { + write!( + f, + "{}", + match *self { + OtpSecretFormat::Ascii => "ascii", + OtpSecretFormat::Hex => "hex", + } + ) + } +} + +impl str::FromStr for OtpSecretFormat { + type Err = (); + + fn from_str(s: &str) -> result::Result<Self, Self::Err> { + match s { + "ascii" => Ok(OtpSecretFormat::Ascii), + "hex" => Ok(OtpSecretFormat::Hex), + _ => Err(()), + } + } +} + #[derive(Debug)] enum PinCommand { Clear, @@ -700,6 +731,7 @@ pub fn otp_set(ctx: &ExecCtx, args: Vec<String>) -> Result<()> { let mut counter: u64 = 0; let mut time_window: u16 = 30; let mut ascii = false; + let mut secret_format: Option<OtpSecretFormat> = None; let mut parser = argparse::ArgumentParser::new(); parser.set_description("Configures a one-time password slot"); let _ = @@ -740,11 +772,28 @@ pub fn otp_set(ctx: &ExecCtx, args: Vec<String>) -> Result<()> { let _ = parser.refer(&mut ascii).add_option( &["--ascii"], argparse::StoreTrue, - "Interpret the given secret as an ASCII string of the secret", + "Interpret the given secret as an ASCII string of the secret (deprecated, use --format instead)" + ); + let _ = parser.refer(&mut secret_format).add_option( + &["-f", "--format"], + argparse::StoreOption, + "The format of the secret (ascii|hex)", ); parse(&parser, args)?; drop(parser); + if ascii { + if secret_format.is_some() { + return Err(Error::Error( + "The --format and the --ascii option cannot be used at the same time".to_string(), + )); + } + + println!("Warning: The --ascii option is deprecated. Please use --format ascii instead."); + secret_format = Some(OtpSecretFormat::Ascii); + } + let secret_format = secret_format.unwrap_or(OtpSecretFormat::Hex); + let data = nitrokey::OtpSlotData { number: slot, name, @@ -753,7 +802,7 @@ pub fn otp_set(ctx: &ExecCtx, args: Vec<String>) -> Result<()> { use_enter: false, token_id: None, }; - commands::otp_set(ctx, data, algorithm, counter, time_window, ascii) + commands::otp_set(ctx, data, algorithm, counter, time_window, secret_format) } /// Clear an OTP slot. diff --git a/nitrocli/src/commands.rs b/nitrocli/src/commands.rs index ac2bbf1..c1942e8 100644 --- a/nitrocli/src/commands.rs +++ b/nitrocli/src/commands.rs @@ -450,7 +450,7 @@ fn prepare_secret(secret: &str) -> Result<String> { ) } else { Err(Error::Error( - "The given secret is not an ASCII string despite --ascii being set".to_string(), + "The given secret is not an ASCII string despite --format ascii being set".to_string(), )) } } @@ -462,12 +462,11 @@ pub fn otp_set( algorithm: args::OtpAlgorithm, counter: u64, time_window: u16, - ascii: bool, + secret_format: args::OtpSecretFormat, ) -> Result<()> { - let secret = if ascii { - prepare_secret(&data.secret)? - } else { - data.secret + let secret = match secret_format { + args::OtpSecretFormat::Ascii => prepare_secret(&data.secret)?, + args::OtpSecretFormat::Hex => data.secret, }; let data = nitrokey::OtpSlotData { secret, ..data }; let device = authenticate_admin(get_device(ctx)?)?; |