mirror of
https://codeberg.org/tyy/aspm
synced 2025-01-08 17:09:28 -07:00
Add warning about ed25519 keys and default to NIST P-256 generation
This commit is contained in:
parent
86ffe01c4d
commit
25cc99e033
1 changed files with 13 additions and 3 deletions
|
@ -7,7 +7,7 @@ use argon2::{password_hash::SaltString, Argon2, PasswordHasher};
|
|||
use asp::keys::{AspKey, AspKeyType};
|
||||
use clap::{Parser, ValueEnum};
|
||||
use data_encoding::BASE64_NOPAD;
|
||||
use dialoguer::{theme::ColorfulTheme, Input, Password};
|
||||
use dialoguer::{theme::ColorfulTheme, Confirm, Input, Password};
|
||||
use indoc::printdoc;
|
||||
use sea_orm::{ActiveValue, EntityTrait};
|
||||
|
||||
|
@ -24,8 +24,8 @@ pub enum KeyGenerationType {
|
|||
#[derive(Parser, Debug)]
|
||||
pub struct KeysGenerateCommand {
|
||||
/// The type of key to generate. This must either be Ed25519, or ES256. This argument is case-insensitive.
|
||||
/// It doesn't really matter that much which one is used, as they both work fine, but Ed25519 is used as a safe default.
|
||||
#[clap(value_enum, default_value_t = KeyGenerationType::Ed25519, long_about, ignore_case = true)]
|
||||
/// Because of a lack of Ed25519 support in browsers, ES256 is used as a default. By choosing an Ed25519 key, profiles may not work appropriately in browser settings.
|
||||
#[clap(value_enum, default_value_t = KeyGenerationType::ES256, long_about, ignore_case = true)]
|
||||
key_type: KeyGenerationType,
|
||||
/// The alias of the key to generate. This can be anything, and it can also be omitted to prompt interactively. This has no purpose other than providing a way to nicely name keys, rather than having to remember a fingerprint.
|
||||
#[arg(short = 'n', long)]
|
||||
|
@ -35,6 +35,16 @@ pub struct KeysGenerateCommand {
|
|||
#[async_trait::async_trait]
|
||||
impl AspmSubcommand for KeysGenerateCommand {
|
||||
async fn execute(&self, state: crate::AspmState) -> Result<(), anyhow::Error> {
|
||||
if self.key_type == KeyGenerationType::Ed25519 {
|
||||
let confirmation = Confirm::with_theme(&ColorfulTheme::default())
|
||||
.with_prompt("You are creating an Ed25519 key. Before confirming, please make sure you are aware that this may not be supported in browser environments, such as being viewed on https://keyoxide.org. Are you sure you want to create an Ed25519 key?")
|
||||
.default(false)
|
||||
.interact()
|
||||
.context("Unable to prompt on stderr")?;
|
||||
|
||||
if !confirmation { return Ok(()) }
|
||||
}
|
||||
|
||||
let alias = if let Some(alias) = &self.key_alias {
|
||||
alias.clone()
|
||||
} else {
|
||||
|
|
Loading…
Reference in a new issue