https://git.schokokeks.org/derivepassphrase.git/tree/09e86bfa6549230d20c41600a57c3a7c37bb9397 2024-06-22T21:19:30+02:00 tag:gitlist.org,2012:commit/09e86bfa6549230d20c41600a57c3a7c37bb9397 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>Currently, we use a one-to-one correspondence between command-line argument name and function argument, via catch-all keyword arguments. This is very unwieldy to use with type checking, it exposes us to name clashes with Python keywords, and it doesn't even save that much typing effort because the arguments still ought to be documented in the documentation anyway. Therefore, introduce an explicit target parameter name for the `click` interface and corresponding explicit function arguments. (The implicit list of (function) arguments that `click` passes to the function is already readily available in the context object.) As a related problem, the code for checking whether incompatible options were specified also relies (excessively cleverly) on command-line argument names and function argument names being equal, and sometimes conflates short and long option names, leading to it missing some examples of incompatible options. Therefore, instead, explicitly build a map of (short and long) option names to option objects and test whether incompatible option objects were used. &lt;/pre&gt; tag:gitlist.org,2012:commit/1c7c7a74a26be17815a5de3c20375a98400a1d2e 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>In particular, include type guard functions here as well. &lt;/pre&gt; tag:gitlist.org,2012:commit/fc134c9aa5519d8cf5b394a0036af8be2a0ecaff 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>Some level of awareness is necessary to support passphrases stored in (JSON) config files. We reject the passphrase if there are multiple Unicode representations (and thus UTF-8 representations) of the same text but with different normalizations. In such a case, a byte string must be used, and the value cannot currently be stored in the JSON config file. &lt;/pre&gt; tag:gitlist.org,2012:commit/d3bdff5889f148f85d644ecfcb3fc9787b0a1aef 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>In vault(1), the passphrase derived from an SSH key signature is *not* just the (framed, binary) SSH signature of the vault UUID. Instead, the payload part of the signature, in binary, is converted to base64, yielding the passphrase. Rewrite the `Vault.phrase_from_signature` method to match vault's behavior, and rename it to `phrase_from_key` to better match the *actual* interface (which takes an SSH key, not a signature). (This design – emitting an SSH signature as payload only, in base64 – is hard-coded into the SSH agent client library used by vault, and likely not a conscious design by vault's primary author.) &lt;/pre&gt; tag:gitlist.org,2012:commit/81f902f6a37fc585684b6fc375ffcb5f2ae964c6 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>Expose some functionality from `derivepassphrase.Vault` as interal methods, to facilitate testing and to avoid reimplementing the same functionality again in the command-line interface. This includes hash length estimation and SSH key suitability checking. &lt;/pre&gt; tag:gitlist.org,2012:commit/3d09a07f18a46b597808e3f2030a566d4ef7d1e2 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>The new function `ssh_agent_client.unstring_prefix` does not abort if there is trailing data after the SSH framed byte string. &lt;/pre&gt; tag:gitlist.org,2012:commit/18198578dc3148566fde6e7767a3a1584f338175 2024-06-22T21:19:30+02:00 Marco Ricci m@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/23390bc56a135d2c97a3e54d3b08bf5e117f32f0 2024-06-22T19:54:19+02:00 Marco Ricci m@the13thletter.info <pre>&lt;/pre&gt; tag:gitlist.org,2012:commit/e999bd54e5f32c3bdb1600b86b43740f14e535b3 2024-06-08T19:14:35+02:00 Marco Ricci m@the13thletter.info <pre>For those familiar with SSH protocol messages, make the data more readable by aligning the hex view on the data boundaries according to the protocol. &lt;/pre&gt; tag:gitlist.org,2012:commit/6eab62ca9f46c2caf2172c6558e26f7cef8f02d5 2024-06-08T19:07:53+02:00 Marco Ricci m@the13thletter.info <pre>Apparently, this is a `hatch` convention/tradeoff, but one that doesn't appear sensible to a project like this. On that note, since we're starting with a clear target API in mind, start directly at release 0.1.0 instead of the `hatch` default 0.0.1. &lt;/pre&gt;