client: print key fingerprint and master key

for operations where it makes sense.

Signed-off-by: Fabian Grünbichler <f.gruenbichler@proxmox.com>
This commit is contained in:
Fabian Grünbichler 2020-11-20 17:38:33 +01:00 committed by Dietmar Maurer
parent 37e60ddcde
commit 6f2626ae19
2 changed files with 9 additions and 3 deletions

View File

@ -1069,7 +1069,8 @@ async fn create_backup(
let (crypt_config, rsa_encrypted_key) = match keydata { let (crypt_config, rsa_encrypted_key) = match keydata {
None => (None, None), None => (None, None),
Some(key) => { Some(key) => {
let (key, created, _fingerprint) = decrypt_key(&key, &key::get_encryption_key_password)?; let (key, created, fingerprint) = decrypt_key(&key, &key::get_encryption_key_password)?;
println!("Encryption key fingerprint: {}", fingerprint);
let crypt_config = CryptConfig::new(key)?; let crypt_config = CryptConfig::new(key)?;
@ -1078,6 +1079,8 @@ async fn create_backup(
let pem_data = file_get_contents(path)?; let pem_data = file_get_contents(path)?;
let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?; let rsa = openssl::rsa::Rsa::public_key_from_pem(&pem_data)?;
let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?; let enc_key = crypt_config.generate_rsa_encoded_key(rsa, created)?;
println!("Master key '{:?}'", path);
(Some(Arc::new(crypt_config)), Some(enc_key)) (Some(Arc::new(crypt_config)), Some(enc_key))
} }
_ => (Some(Arc::new(crypt_config)), None), _ => (Some(Arc::new(crypt_config)), None),
@ -1380,7 +1383,8 @@ async fn restore(param: Value) -> Result<Value, Error> {
let crypt_config = match keydata { let crypt_config = match keydata {
None => None, None => None,
Some(key) => { Some(key) => {
let (key, _, _) = decrypt_key(&key, &key::get_encryption_key_password)?; let (key, _, fingerprint) = decrypt_key(&key, &key::get_encryption_key_password)?;
println!("Encryption key fingerprint: '{}'", fingerprint);
Some(Arc::new(CryptConfig::new(key)?)) Some(Arc::new(CryptConfig::new(key)?))
} }
}; };

View File

@ -182,7 +182,9 @@ async fn mount_do(param: Value, pipe: Option<RawFd>) -> Result<Value, Error> {
let crypt_config = match keyfile { let crypt_config = match keyfile {
None => None, None => None,
Some(path) => { Some(path) => {
let (key, _, _) = load_and_decrypt_key(&path, &crate::key::get_encryption_key_password)?; println!("Encryption key file: '{:?}'", path);
let (key, _, fingerprint) = load_and_decrypt_key(&path, &crate::key::get_encryption_key_password)?;
println!("Encryption key fingerprint: '{}'", fingerprint);
Some(Arc::new(CryptConfig::new(key)?)) Some(Arc::new(CryptConfig::new(key)?))
} }
}; };