Updates to CLI key commands and parameters

Author: mikera

convex-cli/src/main/java/convex/cli/Main.java

@@ -80,10 +80,10 @@ public class Main extends ACommand {
 			description = "Public key to use. Default: ${DEFAULT-VALUE}")
 	private String keySpec;
 
-	@Option(names = { "-p","--password" }, 
+	@Option(names = { "-p","--keypass" }, 
 			defaultValue = "${env:CONVEX_KEY_PASSWORD}", 
 			scope = ScopeType.INHERIT, 
-			description = "Keystore filename. Default: ${DEFAULT-VALUE}")
+			description = "Key password in key store. Can also specify with CONVEX_KEY_PASSWORD environment variable.")
 	private String keyPassword;
 
 	@Option(names = { "-S","--strict-security" }, 
@@ -217,15 +217,16 @@ public int handleExecutionException(Exception ex, CommandLine commandLine, Parse
 			if (ex instanceof CLIError) {
 				CLIError ce = (CLIError) ex;
 				String msg=ce.getMessage();
-				msg=noColour?msg:Coloured.red(msg);
-				err.println(msg);
+				informError(msg);
 				Throwable cause = ce.getCause();
-				if (cause != null) {
+				if ((verbose>=2) && (cause != null)) {
 					err.println("Underlying cause: ");
 					cause.printStackTrace(err);
 				}
 			} else {
-				ex.printStackTrace(err);
+				if (verbose>=1) {
+					ex.printStackTrace(err);
+				}
 			}
 			// Exit with correct code for exception type
 			return ExitCodes.getExitCode(ex);
@@ -519,6 +520,10 @@ public String loadFileAsString(String fname) {
 	public void informSuccess(String message) {
 		inform(1, noColour?message:Coloured.green(message));
 	}
+	
+	public void informError(String message) {
+		inform(1, noColour?message:Coloured.red(message));
+	}
 
 	public void inform(String message) {
 		inform(1, noColour?message:Coloured.yellow(message));

convex-cli/src/main/java/convex/cli/key/Key.java

@@ -27,7 +27,7 @@ public class Key extends ATopCommand {
 	@Override
 	public void run() {
 		// sub command run with no command provided
-		CommandLine.usage(new Key(), System.out);
+		showUsage();
 	}
 
 

convex-cli/src/main/java/convex/cli/key/KeyImport.java

@@ -12,7 +12,6 @@
 import convex.core.data.Blobs;
 import picocli.CommandLine.Command;
 import picocli.CommandLine.Option;
-import picocli.CommandLine.Parameters;
 import picocli.CommandLine.ParentCommand;
 
 
@@ -25,7 +24,7 @@
  *
  */
 @Command(name="import",
-	description="Import key pairs to the keystore.")
+	description="Import key pairs to the keystore. Can specify either a raw key with --text or --import-file")
 public class KeyImport extends AKeyCommand {
 
 	@ParentCommand
@@ -38,13 +37,14 @@ public class KeyImport extends AKeyCommand {
 	@Option(names={"-t", "--text"},
 			description="Text string to import.")
 		private String importText;
-
-	@Option(names={"--import-password"},
-		description="Password for the imported key.")
-    private String importPassword;
 
-	@Parameters(index = "0", arity = "0..1", description = "Type of file imported. Supports: pem, seed, bip39")
-    private String type;
+	@Option(names={"--passphrase"},
+			description="Passphrase for BIP39 or encrypted PEM imported key")
+	private String importPassphrase;
+	
+	@Option(names={"--type"},
+			description="Text string to import. Type of file imported. Supports: pem, seed, bip39. Will attempt to autodetect")
+	private String type;
 
 	@Override
 	public void run() {
@@ -54,22 +54,18 @@ public void run() {
 			importText=cli().loadFileAsString(importFilename);
 		}
 		if (importText == null || importText.length() == 0) {
-			throw new CLIError("You need to provide '--text' or import filename '--import-file' to import a private key");
-		}
-		
-		// Get import password
-		if (importPassword == null) {
-			if (cli().isInteractive()) {
-				importPassword=new String(System.console().readPassword("Enter import password:"));
-			} else {
-				throw new CLIError("--import-password not provided during non-interatice import");
-			}
+			showUsage();
+			return;
 		}
 
 		// Parse input as hex string, will be null if not parsed. For BIP39 is 64 bytes, Ed25519 32
 		ABlob hex=Blobs.parse(importText.trim());
 		if (type==null) {
+			if (cli().isParanoid()) {
+				cli().informError("Not permitted to infer key import type in strict mode");
+			}
 			cli().inform("No import file type specified, attempting to auto-detect");
+			
 			if (hex!=null) {
 				if (hex.count()==AKeyPair.SEED_LENGTH) {
 					type="seed";
@@ -88,14 +84,14 @@ public void run() {
 		} else if ("bip39".equals(type)) {
 			if (hex==null) {
 				try {
-					hex=BIP39.getSeed(importText, importPassword);
+					hex=BIP39.getSeed(importText, importPassphrase);
 				} catch (Exception e) {
 					throw new CLIError("Error interpreting BIP39 seed",e);
 				}
 			}
 			keyPair=BIP39.seedToKeyPair(hex.toFlatBlob());
 		} else if ("pem".equals(type)) {
-			PrivateKey privateKey = PEMTools.decryptPrivateKeyFromPEM(importText, importPassword.toCharArray());
+			PrivateKey privateKey = PEMTools.decryptPrivateKeyFromPEM(importText, importPassphrase.toCharArray());
 			keyPair = AKeyPair.create(privateKey);
 		}
 		if (keyPair==null) throw new CLIError("Unable to import keypair");

convex-cli/src/test/java/convex/cli/key/KeyExportTest.java

@@ -42,7 +42,7 @@ public void testKeyGenerateAndExport() {
 		CLTester tester =  CLTester.run(
 			"key", "generate",
 			"--storepass", new String(KEYSTORE_PASSWORD),
-			"--password", new String(KEY_PASSWORD),
+			"--keypass", new String(KEY_PASSWORD),
 			"--keystore", KEYSTORE_FILENAME
 		);
 		assertEquals(ExitCodes.SUCCESS,tester.getResult());
@@ -63,7 +63,7 @@ public void testKeyGenerateAndExport() {
 			"key",
 			"export",
 			"--storepass", new String(KEYSTORE_PASSWORD),
-			"--password", new String(KEY_PASSWORD),
+			"--keypass", new String(KEY_PASSWORD),
 			"--keystore", KEYSTORE_FILENAME,
 			"--public-key", publicKey,
 			"--export-password", new String(EXPORT_PASSWORD)
@@ -80,7 +80,7 @@ public void testKeyGenerateAndExport() {
 			"export",
 			"seed",
 			"--storepass", new String(KEYSTORE_PASSWORD),
-			"--password", new String(KEY_PASSWORD),
+			"--keypass", new String(KEY_PASSWORD),
 			"--keystore", KEYSTORE_FILENAME,
 			"--public-key", publicKey
 		);

convex-cli/src/test/java/convex/cli/key/KeyImportTest.java

@@ -18,7 +18,7 @@
 public class KeyImportTest {
 
 	private static final char[] KEYSTORE_PASSWORD = "testPassword".toCharArray();
-	private static final char[] IMPORT_PASSWORD = "testImportPassword".toCharArray();
+	private static final char[] IMPORT_PASSPHRASE = "testImportPassphrase".toCharArray();
 
 	private static final String KEY_PASSWORD="testPass";
 
@@ -34,17 +34,18 @@ public void testKeyImportPEM() {
 
 		AKeyPair keyPair = SodiumKeyPair.generate();
 		AccountKey accountKey=keyPair.getAccountKey();
-		String pemText = PEMTools.encryptPrivateKeyToPEM(keyPair.getPrivate(), IMPORT_PASSWORD);
+		String pemText = PEMTools.encryptPrivateKeyToPEM(keyPair.getPrivate(), IMPORT_PASSPHRASE);
 
 		CLTester tester =  CLTester.run(
 			"key", 
 			"import",
-			"pem",
+			"--type","pem",
 			"-n",
 			"--storepass", new String(KEYSTORE_PASSWORD), 
 			"--keystore", KEYSTORE_FILENAME, 
 			"--text", pemText, 
-			"--import-password", new String(IMPORT_PASSWORD)
+			"--passphrase",new String(IMPORT_PASSPHRASE),
+			"--keypass", new String(KEY_PASSWORD)
 		);
 		assertEquals(ExitCodes.SUCCESS,tester.getResult());
 
@@ -66,12 +67,12 @@ public void testKeyImportSeed() {
 		CLTester tester =  CLTester.run(
 			"key", 
 			"import",
-			"seed",
+			"--type","seed",
 			"--storepass", new String(KEYSTORE_PASSWORD), 
 			"--keystore", KEYSTORE_FILENAME, 
 			"--text", keyPair.getSeed().toString(), 
-			"--password", KEY_PASSWORD, 
-			"--import-password", new String("") // BIP39 password
+			"--keypass", KEY_PASSWORD, 
+			"--passphrase", new String("") // BIP39 password, ignored
 		);
 		assertEquals(ExitCodes.SUCCESS,tester.getResult());
 
@@ -80,7 +81,6 @@ public void testKeyImportSeed() {
 		CLTester t2=CLTester.run(
 				"key" , 
 				"list",
-				"--password",KEY_PASSWORD,
 				"--storepass", new String(KEYSTORE_PASSWORD), 
 				"--keystore", KEYSTORE_FILENAME);
 
@@ -98,12 +98,12 @@ public void testKeyImportBIP39() {
 		CLTester tester =  CLTester.run(
 			"key", 
 			"import",
-			"bip39",
+			"--type","bip39",
 			"--storepass", new String(KEYSTORE_PASSWORD), 
 			"--keystore", KEYSTORE_FILENAME, 
-			"--password",KEY_PASSWORD,
+			"--keypass",KEY_PASSWORD,
 			"--text", "elder mail trick garage hour enjoy attack fringe problem motion poem security caught false penalty", 
-			"--import-password", new String("")
+			"--passphrase", new String("")
 		);
 		assertEquals(ExitCodes.SUCCESS,tester.getResult());
 
@@ -112,7 +112,6 @@ public void testKeyImportBIP39() {
 		CLTester t2=CLTester.run(
 				"key" , 
 				"list",
-				"--password",KEY_PASSWORD,
 				"--storepass", new String(KEYSTORE_PASSWORD), 
 				"--keystore", KEYSTORE_FILENAME);