implement password getter

get password via hidden user input or raw piped stdin
2025-02-26 18:22:06 +00:00 · 2025-02-26 18:22:06 +00:00 · 6c40441f70
commit 6c40441f70
parent 8e5fcfb1be
1 changed files with 22 additions and 7 deletions
--- a/cmd/age-gen-passphrase/main.go
+++ b/cmd/age-gen-passphrase/main.go
@ -1,10 +1,14 @@
 package main

 import (
+	"errors"
 	"fmt"
+	"io"
+	"os"
 	"time"
 	"unsafe"
-    "errors"
+
+	"golang.org/x/term"

 	"crypto/sha256"
 	"golang.org/x/crypto/curve25519"
@ -17,15 +21,15 @@ type X25519Identity struct {
 }

 func main() {
-	var passphrase string
+	passbytes, err := getPasswordBytes()
+	if err != nil {
+		fmt.Printf("Failed to get password, error: %s\n", err)
+	}

-	fmt.Print("Enter password: ")
-	fmt.Scanln(&passphrase)
-
-	sum := sha256.Sum256([]byte(passphrase))
+	sum := sha256.Sum256(passbytes)
 	fmt.Printf("Password hash: %x\n", sum)

-    k, err := newX25519IdentityFromScalar(sum[:])
+	k, err := newX25519IdentityFromScalar(sum[:])
 	if err != nil {
 		fmt.Printf("internal error: %v", err)
 	}
@ -37,6 +41,17 @@ func main() {
 	fmt.Printf("%s\n", k)
 }

+func getPasswordBytes() ([]byte, error) {
+	if term.IsTerminal(int(os.Stdin.Fd())) {
+		fmt.Print("Enter password: ")
+		passbytes, err := term.ReadPassword(int(os.Stdin.Fd()))
+		fmt.Println()
+		return passbytes, err
+	} else {
+		return io.ReadAll(os.Stdin)
+	}
+}
+
 // almost a copy of private function in age/x25519.go
 func newX25519IdentityFromScalar(secretKey []byte) (*age.X25519Identity, error) {
 	if len(secretKey) != curve25519.ScalarSize {