[pbs-devel] [PATCH proxmox-backup 4/7] client: add 'key show' command

Fabian Grünbichler f.gruenbichler at proxmox.com
Tue Nov 17 18:57:22 CET 2020


for (pretty-)printing a keyfile.

Signed-off-by: Fabian Grünbichler <f.gruenbichler at proxmox.com>
---
 src/bin/proxmox_backup_client/key.rs | 46 ++++++++++++++++++++++++++++
 1 file changed, 46 insertions(+)

diff --git a/src/bin/proxmox_backup_client/key.rs b/src/bin/proxmox_backup_client/key.rs
index 915ee970..9d0951e6 100644
--- a/src/bin/proxmox_backup_client/key.rs
+++ b/src/bin/proxmox_backup_client/key.rs
@@ -16,6 +16,7 @@ use proxmox_backup::backup::{
     store_key_config,
     CryptConfig,
     KeyConfig,
+    KeyDerivationConfig,
 };
 use proxmox_backup::tools;
 
@@ -229,6 +230,46 @@ fn change_passphrase(kdf: Option<Kdf>, path: Option<String>) -> Result<(), Error
     Ok(())
 }
 
+#[api(
+    input: {
+        properties: {
+            path: {
+                description: "Key file. Without this the default key's metadata will be shown.",
+                optional: true,
+            }
+        },
+    },
+)]
+/// Print the encryption key's metadata.
+fn show_key(path: Option<String>) -> Result<(), Error> {
+    let path = match path {
+        Some(path) => PathBuf::from(path),
+        None => {
+            let path = find_default_encryption_key()?
+                .ok_or_else(|| {
+                    format_err!("no encryption file provided and no default file found")
+                })?;
+            path
+        }
+    };
+
+    println!("Path: {:?}", path);
+    let config: KeyConfig = serde_json::from_slice(&file_get_contents(path)?)?;
+    match config.kdf {
+        Some(KeyDerivationConfig::PBKDF2 { .. }) => println!("KDF: pbkdf2"),
+        Some(KeyDerivationConfig::Scrypt { .. }) => println!("KDF: scrypt"),
+        None => println!("KDF: none (plaintext key)"),
+    };
+    println!("Created: {}", proxmox::tools::time::epoch_to_rfc3339_utc(config.created)?);
+    println!("Modified: {}", proxmox::tools::time::epoch_to_rfc3339_utc(config.modified)?);
+    match config.fingerprint {
+        Some(fp) => println!("Fingerprint: {}", crate::tools::format::as_fingerprint(&fp)),
+        None => println!("Fingerprint: none (legacy key)"),
+    };
+
+    Ok(())
+}
+
 #[api(
     input: {
         properties: {
@@ -348,6 +389,10 @@ pub fn cli() -> CliCommandMap {
         .arg_param(&["path"])
         .completion_cb("path", tools::complete_file_name);
 
+    let key_show_cmd_def = CliCommand::new(&API_METHOD_SHOW_KEY)
+        .arg_param(&["path"])
+        .completion_cb("path", tools::complete_file_name);
+
     let paper_key_cmd_def = CliCommand::new(&API_METHOD_PAPER_KEY)
         .arg_param(&["path"])
         .completion_cb("path", tools::complete_file_name);
@@ -357,6 +402,7 @@ pub fn cli() -> CliCommandMap {
         .insert("create-master-key", key_create_master_key_cmd_def)
         .insert("import-master-pubkey", key_import_master_pubkey_cmd_def)
         .insert("change-passphrase", key_change_passphrase_cmd_def)
+        .insert("show", key_show_cmd_def)
         .insert("paperkey", paper_key_cmd_def)
 }
 
-- 
2.20.1






More information about the pbs-devel mailing list