sctl add: check for valid key URI before accepting user input

vapor-ware / sctl

SCTL is not End2End encryption, instead SCTL is more of an envelope, in which you store secrets until they are needed, and those secrets should only remain available in plain text while the operation that needs them is active.

GNU General Public License v3.0

8 stars 2 forks source link

sctl add: check for valid key URI before accepting user input #57

Open edaniszewski opened 4 years ago

edaniszewski commented 4 years ago

When running sctl add for a new key, I was prompted to input the secret in interactive prompt. After the secret was added, I got the warning and error for missing key. I think it makes sense to do this check before input is accepted so the user knows upfront that a required arg is missing before they attempt to input any secret.

$ sctl add FOO_BAR
Enter the data you want to encrypt.. END with Enter and Ctrl+D
foob4r
WARN[0021] No KeyURI found in envelope. Required usage of flag/env config. 
FATA[0021] missing configuration for key

edaniszewski commented 4 years ago

also related to this, when a key is not in envelope (e.g. no scuttle file yet) and something is being added with key passed as flag (and probably also via ENV), the warning shows up even if the key is passed in. this feels wrong, since I don't think we should be warning the user about needing to pass in the key when the key is already being passed in?

sctl add --key=project-key FOO_BAR
Enter the data you want to encrypt.. END with Enter and Ctrl+D
foob4r
WARN[0012] No KeyURI found in envelope. Required usage of flag/env config.