src/zlevis: restructured argument path structure
This commit is contained in:
parent
d42a13b560
commit
17eb015918
1 changed files with 53 additions and 20 deletions
41
src/zlevis
41
src/zlevis
|
|
@ -12,14 +12,29 @@ if [ "$1" = "--summary" ]; then
|
||||||
exit 0
|
exit 0
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Function to display usage information when called
|
# Function to display usage information of zlevis
|
||||||
info() {
|
info() {
|
||||||
exec >&2
|
exec >&2
|
||||||
echo "Usage: \"zlevis {decrypt|encrypt} {pool|key} [options]\""
|
echo "Usage: \"zlevis {decrypt|encrypt} {pool|key}\""
|
||||||
exit 2
|
exit 2
|
||||||
}
|
}
|
||||||
|
|
||||||
# Case statement to handle the argument path
|
# Function to display usage information of zlevis encrypt pool
|
||||||
|
encrypt_pool_info() {
|
||||||
|
exec >&2
|
||||||
|
echo "Usage: \"zlevis encrypt pool <pool> '{\"property\":\"value\"}' < file.key\""
|
||||||
|
echo
|
||||||
|
echo "This command uses the following configuration properties:"
|
||||||
|
echo " hash: <string> -> Hash algorithm used in the computation of the object name (default: sha256)."
|
||||||
|
echo " key: <string> -> Algorithm type for the generated key (default: ecc)."
|
||||||
|
echo " pcr_bank: <string> -> PCR algorithm bank to use for policy (default: first supported by TPM)."
|
||||||
|
echo " pcr_ids: <string> -> PCR list used for policy. If not present, no policy is used."
|
||||||
|
echo " pcr_digest: <string> -> Binary PCR hashes encoded in base64. If not present, the hash values are looked up."
|
||||||
|
exit 2
|
||||||
|
}
|
||||||
|
|
||||||
|
# Determine the argument path and execute the relevant script or function
|
||||||
|
if [ -t 0]; then
|
||||||
case "$1" in
|
case "$1" in
|
||||||
"decrypt")
|
"decrypt")
|
||||||
case "$2" in
|
case "$2" in
|
||||||
|
|
@ -30,13 +45,31 @@ case "$1" in
|
||||||
;;
|
;;
|
||||||
"encrypt")
|
"encrypt")
|
||||||
case "$2" in
|
case "$2" in
|
||||||
"pool") read -r -d . key && zfs set tpm:jwe=$(printf "%s" "$key" | zlevis-encrypt "$4") "$3";;
|
"pool") encrypt_pool_info;;
|
||||||
|
"key") zlevis-encrypt;;
|
||||||
|
*) info;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
*) info;;
|
||||||
|
esac
|
||||||
|
else
|
||||||
|
case "$1" in
|
||||||
|
"decrypt")
|
||||||
|
case "$2" in
|
||||||
|
"key") zlevis-decrypt;;
|
||||||
|
*) info;;
|
||||||
|
esac
|
||||||
|
;;
|
||||||
|
"encrypt")
|
||||||
|
case "$2" in
|
||||||
|
"pool") read -r -d . key || zfs set tpm:jwe=$(printf "%s" "$key" | zlevis-encrypt "$4") "$3";;
|
||||||
"key") zlevis-encrypt "$3";;
|
"key") zlevis-encrypt "$3";;
|
||||||
*) info;;
|
*) info;;
|
||||||
esac
|
esac
|
||||||
;;
|
;;
|
||||||
*) info;;
|
*) info;;
|
||||||
esac
|
esac
|
||||||
|
fi
|
||||||
|
|
||||||
# Exit with the status of the last command
|
# Exit with the status of the last command
|
||||||
exit $?
|
exit $?
|
||||||
Loading…
Reference in a new issue