diff --git a/cmd/sgard/add.go b/cmd/sgard/add.go index 5992f70..5312f07 100644 --- a/cmd/sgard/add.go +++ b/cmd/sgard/add.go @@ -1,13 +1,12 @@ package main import ( - "bufio" "fmt" "os" - "strings" "github.com/kisom/sgard/garden" "github.com/spf13/cobra" + "golang.org/x/term" ) var ( @@ -60,11 +59,16 @@ var addCmd = &cobra.Command{ func promptPassphrase() (string, error) { fmt.Fprint(os.Stderr, "Passphrase: ") - scanner := bufio.NewScanner(os.Stdin) - if scanner.Scan() { - return strings.TrimSpace(scanner.Text()), nil + fd := int(os.Stdin.Fd()) + passphrase, err := term.ReadPassword(fd) + fmt.Fprintln(os.Stderr) + if err != nil { + return "", fmt.Errorf("reading passphrase: %w", err) } - return "", fmt.Errorf("no passphrase provided") + if len(passphrase) == 0 { + return "", fmt.Errorf("no passphrase provided") + } + return string(passphrase), nil } func init() { diff --git a/flake.nix b/flake.nix index 90e75ec..440a8bb 100644 --- a/flake.nix +++ b/flake.nix @@ -19,7 +19,7 @@ src = pkgs.lib.cleanSource ./.; subPackages = [ "cmd/sgard" "cmd/sgardd" ]; - vendorHash = "sha256-LSz15iFsP4N3Cif1PFHEKg3udeqH/9WQQbZ50sxtWTk="; + vendorHash = "sha256-Z/Ja4j7YesNYefQQcWWRG2v8WuIL+UNqPGwYD5AipZY="; ldflags = [ "-s" "-w" ]; @@ -35,7 +35,7 @@ src = pkgs.lib.cleanSource ./.; subPackages = [ "cmd/sgard" "cmd/sgardd" ]; - vendorHash = "sha256-LSz15iFsP4N3Cif1PFHEKg3udeqH/9WQQbZ50sxtWTk="; + vendorHash = "sha256-Z/Ja4j7YesNYefQQcWWRG2v8WuIL+UNqPGwYD5AipZY="; buildInputs = [ pkgs.libfido2 ]; nativeBuildInputs = [ pkgs.pkg-config ]; diff --git a/go.mod b/go.mod index 5bf2d7b..ad3d680 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/keys-pub/go-libfido2 v1.5.3 github.com/spf13/cobra v1.10.2 golang.org/x/crypto v0.49.0 + golang.org/x/term v0.41.0 google.golang.org/grpc v1.79.3 google.golang.org/protobuf v1.36.11 gopkg.in/yaml.v3 v3.0.1