1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113
// MIT License
//
// Copyright (c) 2023,2024 Robin Doer
//
// Permission is hereby granted, free of charge, to any person obtaining a copy
// of this software and associated documentation files (the "Software"), to
// deal in the Software without restriction, including without limitation the
// rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
// sell copies of the Software, and to permit persons to whom the Software is
// furnished to do so, subject to the following conditions:
//
// The above copyright notice and this permission notice shall be included in
// all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
// FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
// IN THE SOFTWARE.
use anyhow::{ensure, Result};
use clap::{value_parser, ArgAction, Args};
use log::debug;
use nuts_container::{Cipher, Container, CreateOptionsBuilder, Kdf};
use nuts_tool_api::tool::Plugin;
use crate::backend::{PluginBackend, PluginBackendCreateBuilder};
use crate::cli::ask_for_password;
use crate::cli::container::{CliCipher, AES256_GCM};
use crate::config::{ContainerConfig, PluginConfig};
#[derive(Args, Debug)]
pub struct ContainerCreateArgs {
/// The name of the new container
name: String,
/// Specifies the plugin used by the new container
#[clap(short, long)]
plugin: String,
/// Sets the cipher to CIPHER.
#[clap(short, long, value_parser = value_parser!(CliCipher), default_value = AES256_GCM)]
cipher: CliCipher,
/// Specifies the key derivation function.
///
/// There are two ways to specify the KDF. The short form
/// only specifies the algorithm name. The long form can
/// customize the algorithm; it starts with the algorithm
/// name followed by sections separated by a colon. A section
/// can empty. In this case a default value is taken. The
/// number of sections and its meaning depends on the
/// algorithm.
///
/// For PBKDF2: pbkdf2[:[<DIGEST>]:[<ITERATIONS>]:[<SALT_LENGTH>]]
///
/// Selects PBKDF2 with the given digest (default: sha256),
/// the given number of iterations (default: 65536) and salt
/// length (default: 16).
#[clap(short, long, value_parser)]
kdf: Option<Kdf>,
/// If set, overwrites an existing container
#[clap(short, long, action = ArgAction::SetTrue)]
overwrite: bool,
/// Arguments passed to the plugin
#[clap(value_name = "PLUGIN ARGS")]
plugin_args: Vec<String>,
#[clap(from_global)]
verbose: u8,
}
impl ContainerCreateArgs {
pub fn run(&self) -> Result<()> {
debug!("args: {:?}", self);
let plugin_config = PluginConfig::load()?;
let mut container_config = ContainerConfig::load()?;
let exe = plugin_config.path(&self.plugin)?;
let plugin = Plugin::new(&exe);
let ok = container_config.add_plugin(&self.name, &self.plugin, self.overwrite);
ensure!(
ok,
"you already have a container with the name {}",
self.name
);
let backend_options = PluginBackendCreateBuilder::new(plugin, &self.name, self.verbose)?;
let mut builder = CreateOptionsBuilder::new(*self.cipher)
.with_password_callback(ask_for_password)
.with_overwrite(self.overwrite);
if self.cipher != Cipher::None {
if let Some(kdf) = self.kdf.clone() {
debug!("kdf: {:?}", kdf);
builder = builder.with_kdf(kdf);
}
}
let options = builder.build::<PluginBackend>()?;
Container::<PluginBackend>::create(backend_options, options)?;
container_config.save()?;
Ok(())
}
}