diff options
author | Joey Hess <joeyh@joeyh.name> | 2016-08-12 01:04:06 -0400 |
---|---|---|
committer | Joey Hess <joeyh@joeyh.name> | 2016-08-12 01:04:06 -0400 |
commit | f74151ead49895f86257c9abfbe90c027d91d456 (patch) | |
tree | b3be9d579348c953d3348de3715eef95b8680d50 | |
parent | ad93e84990f4205182a2ae68ec2ad485af4b4da4 (diff) | |
download | keysafe-f74151ead49895f86257c9abfbe90c027d91d456.tar.gz |
option parsing
-rw-r--r-- | CmdLine.hs | 57 | ||||
-rw-r--r-- | keysafe.cabal | 1 | ||||
-rw-r--r-- | keysafe.hs | 29 |
3 files changed, 76 insertions, 11 deletions
diff --git a/CmdLine.hs b/CmdLine.hs new file mode 100644 index 0000000..3d45d5a --- /dev/null +++ b/CmdLine.hs @@ -0,0 +1,57 @@ +{- Copyright 2016 Joey Hess <id@joeyh.name> + - + - Licensed under the GNU AGPL version 3 or higher. + -} + +module CmdLine (CmdLine(..), Mode(..), get, parse) where + +import Types +import Options.Applicative +import qualified Data.ByteString.UTF8 as BU8 + +data CmdLine = CmdLine + { mode :: Mode + , name :: Name + , keytype :: KeyType + , testMode :: Bool + } + deriving (Show) + +data Mode = Backup | Restore + deriving (Show) + +parse :: Parser CmdLine +parse = CmdLine + <$> (backup <|> restore) + <*> nameopt + <*> keytypeopt + <*> testmodeswitch + where + backup = flag' Backup + ( long "backup" + <> help "Store a secret key in keysafe." + ) + restore = flag' Restore + ( long "restore" + <> help "Retrieve a secret key from keysafe." + ) + nameopt = Name . BU8.fromString <$> strOption + ( long "name" + <> help "Some name that is associated with the key. Should be something you can remember when restoring it." + ) + keytypeopt = KeyType . BU8.fromString <$> strOption + ( long "type" + <> help "Type of key (eg, \"gpg\")." + ) + testmodeswitch = switch + ( long "testmode" + <> help "Avoid using expensive cryptographic operation to secure key. Use for testing only, not with real secret keys." + ) + +get :: IO CmdLine +get = execParser opts + where + opts = info (helper <*> parse) + ( fullDesc + <> header "keysafe - securely back up secret keys" + ) diff --git a/keysafe.cabal b/keysafe.cabal index 54fa4e1..a91b3b9 100644 --- a/keysafe.cabal +++ b/keysafe.cabal @@ -33,6 +33,7 @@ Executable keysafe , unix == 2.7.* , filepath == 1.4.* , directory == 1.2.* + , optparse-applicative == 0.12.* -- secret-sharing == 1.0.* , dice-entropy-conduit >= 1.0.0.0 @@ -9,6 +9,7 @@ module Main where import Types import Tunables +import qualified CmdLine import Encryption import Cost import Shard @@ -17,11 +18,21 @@ import Storage.LocalFiles main :: IO () main = do - storedemo - retrievedemo + cmdline <- CmdLine.get + let name = CmdLine.name cmdline + let keytype = CmdLine.keytype cmdline + -- TODO determine gpg key id by examining secret key, + -- or retrieving public key from keyserver and examining it. + let keyid = KeyId keytype "dummy key id" + case CmdLine.mode cmdline of + CmdLine.Backup -> storedemo name keyid $ + if CmdLine.testMode cmdline + then testModeTunables + else defaultTunables + CmdLine.Restore -> retrievedemo name keyid -storedemo :: IO () -storedemo = do +storedemo :: Name -> KeyId -> Tunables -> IO () +storedemo name keyid tunables = do kek <- genKeyEncryptionKey tunables name password putStrLn "Very rough estimate of cost to brute-force the password:" print $ estimateAttack spotAWS $ estimateBruteforceOf kek @@ -33,13 +44,10 @@ storedemo = do print =<< obscureShards localFiles where password = Password "correct horse battery staple" - name = Name "bar" - tunables = testModeTunables -- defaultTunables - keyid = KeyId gpgKey "foobar" secretkey = SecretKey "this is a gpg private key" -retrievedemo :: IO () -retrievedemo = do +retrievedemo :: Name -> KeyId -> IO () +retrievedemo name keyid = do let sis = shardIdents tunables name keyid -- we drop 1 to simulate not getting all shards from the servers let l = drop 1 $ zip [1..] (getIdents sis) @@ -56,6 +64,5 @@ retrievedemo = do Nothing -> go esk rest password = Password "correct horse battery staple" - name = Name "bar" + -- TODO: derive by probing to find objects tunables = testModeTunables -- defaultTunables - keyid = KeyId gpgKey "foobar" |