algae_cli/cli/
encrypt.rs

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
use std::{fmt::Debug, path::PathBuf};

use clap::Parser;
use miette::{IntoDiagnostic, Result, WrapErr};
use tokio::fs::remove_file;

use crate::{
	files::{append_age_ext, encrypt_file},
	keys::KeyArgs,
};

/// Encrypt a file using a public key or an identity.
///
/// Either of `--key-path` or `--key` must be provided.
///
/// For symmetric cryptography (using a passphrase), see `protect`/`reveal`.
#[derive(Debug, Clone, Parser)]
pub struct EncryptArgs {
	/// File to be encrypted.
	pub input: PathBuf,

	/// Path or filename to write the encrypted file to.
	///
	/// By default this is the input file, with `.age` appended.
	#[arg(short, long)]
	pub output: Option<PathBuf>,

	/// Delete input file after encrypting.
	#[arg(long = "rm")]
	pub remove: bool,

	#[command(flatten)]
	#[allow(missing_docs, reason = "don't interfere with clap")]
	pub key: KeyArgs,
}

/// CLI command for the `encrypt` operation (public key encryption).
pub async fn run(
	EncryptArgs {
		ref input,
		output,
		key,
		remove,
	}: EncryptArgs,
) -> Result<()> {
	let public_key = key.require_public_key().await?;
	let output = output.unwrap_or_else(|| append_age_ext(input));

	encrypt_file(input, output, public_key).await?;

	if remove {
		remove_file(input)
			.await
			.into_diagnostic()
			.wrap_err("deleting input file")?;
	}

	Ok(())
}