aboutsummaryrefslogtreecommitdiff
path: root/cmd/fscrypt/keys.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/fscrypt/keys.go')
-rw-r--r--cmd/fscrypt/keys.go46
1 files changed, 29 insertions, 17 deletions
diff --git a/cmd/fscrypt/keys.go b/cmd/fscrypt/keys.go
index cb86404..b57c01d 100644
--- a/cmd/fscrypt/keys.go
+++ b/cmd/fscrypt/keys.go
@@ -22,6 +22,7 @@
package main
import (
+ "bufio"
"fmt"
"io"
"log"
@@ -106,6 +107,33 @@ func getPassphraseKey(prompt string) (*crypto.Key, error) {
return crypto.NewKeyFromReader(passphraseReader{})
}
+func makeRawKey(info actions.ProtectorInfo) (*crypto.Key, error) {
+ // When running non-interactively and no key was provided,
+ // try to read it from stdin
+ if keyFileFlag.Value == "" && !term.IsTerminal(stdinFd) {
+ return crypto.NewFixedLengthKeyFromReader(bufio.NewReader(os.Stdin),
+ metadata.InternalKeyLen)
+ }
+
+ prompt := fmt.Sprintf("Enter key file for protector %q: ", info.Name())
+ // Raw keys use a file containing the key data.
+ file, err := promptForKeyFile(prompt)
+ if err != nil {
+ return nil, err
+ }
+ defer file.Close()
+
+ fileInfo, err := file.Stat()
+ if err != nil {
+ return nil, err
+ }
+
+ if fileInfo.Size() != metadata.InternalKeyLen {
+ return nil, errors.Wrap(ErrKeyFileLength, file.Name())
+ }
+ return crypto.NewFixedLengthKeyFromReader(file, metadata.InternalKeyLen)
+}
+
// makeKeyFunc creates an actions.KeyFunc. This function customizes the KeyFunc
// to whether or not it supports retrying, whether it confirms the passphrase,
// and custom prefix for printing (if any).
@@ -179,23 +207,7 @@ func makeKeyFunc(supportRetry, shouldConfirm bool, prefix string) actions.KeyFun
if prefix != "" {
return nil, ErrNotPassphrase
}
- prompt := fmt.Sprintf("Enter key file for protector %q: ", info.Name())
- // Raw keys use a file containing the key data.
- file, err := promptForKeyFile(prompt)
- if err != nil {
- return nil, err
- }
- defer file.Close()
-
- fileInfo, err := file.Stat()
- if err != nil {
- return nil, err
- }
-
- if fileInfo.Size() != metadata.InternalKeyLen {
- return nil, errors.Wrap(ErrKeyFileLength, file.Name())
- }
- return crypto.NewFixedLengthKeyFromReader(file, metadata.InternalKeyLen)
+ return makeRawKey(info)
default:
return nil, ErrInvalidSource
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 15:57:29 +0000