Ty/aspm
1
0
Fork 0
mirror of https://codeberg.org/tyy/aspm synced 2024-12-22 15:59:29 -07:00
Code Issues Projects Releases Packages Wiki Activity

Add warning about ed25519 keys and default to NIST P-256 generation

Browse source
This commit is contained in:
Tyler Beckman 2024-02-28 21:17:54 -07:00
parent 86ffe01c4d
commit 25cc99e033
Signed by: Ty
GPG key ID: 2813440C772555A4
1 changed files with 13 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
src/commands/keys/generate.rs
View file

@ -7,7 +7,7 @@ use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
use asp::keys::{AspKey, AspKeyType};
use clap::{Parser, ValueEnum};
use data_encoding::BASE64_NOPAD;
use dialoguer::{theme::ColorfulTheme, Input, Password};
use dialoguer::{theme::ColorfulTheme, Confirm, Input, Password};
use indoc::printdoc;
use sea_orm::{ActiveValue, EntityTrait};
@ -24,8 +24,8 @@ pub enum KeyGenerationType {
#[derive(Parser, Debug)]
pub struct KeysGenerateCommand {
/// The type of key to generate. This must either be Ed25519, or ES256. This argument is case-insensitive.
/// It doesn't really matter that much which one is used, as they both work fine, but Ed25519 is used as a safe default.
#[clap(value_enum, default_value_t = KeyGenerationType::Ed25519, long_about, ignore_case = true)]
/// Because of a lack of Ed25519 support in browsers, ES256 is used as a default. By choosing an Ed25519 key, profiles may not work appropriately in browser settings.
#[clap(value_enum, default_value_t = KeyGenerationType::ES256, long_about, ignore_case = true)]
key_type: KeyGenerationType,
/// The alias of the key to generate. This can be anything, and it can also be omitted to prompt interactively. This has no purpose other than providing a way to nicely name keys, rather than having to remember a fingerprint.
#[arg(short = 'n', long)]
@ -35,6 +35,16 @@ pub struct KeysGenerateCommand {
#[async_trait::async_trait]
impl AspmSubcommand for KeysGenerateCommand {
async fn execute(&self, state: crate::AspmState) -> Result<(), anyhow::Error> {
if self.key_type == KeyGenerationType::Ed25519 {
let confirmation = Confirm::with_theme(&ColorfulTheme::default())
.with_prompt("You are creating an Ed25519 key. Before confirming, please make sure you are aware that this may not be supported in browser environments, such as being viewed on https://keyoxide.org. Are you sure you want to create an Ed25519 key?")
.default(false)
.interact()
.context("Unable to prompt on stderr")?;
if !confirmation { return Ok(()) }
}
let alias = if let Some(alias) = &self.key_alias {
alias.clone()
} else {