Enhancement request: improve scriptablility

[udf2457]

Woul be nice if rsign were given args to enable it to be more scriptable. At the moment it expects key password to be typed in, a scriptable alternative for this (e.g. path to env file) would be very much appreciated.

[jedisct1]

You can use the < shell operator in order to get input data from a file instead of a keyboard.

rsign2 ... < password.txt

Works with anything that expects input from the keyboard :)

[Firaenix]

using < in macos doesnt work for me when passing a password.txt in, I still get prompted for the password.

Is there anyway around this?

[jedisct1]

@Firaenix You can use the original version: https://jedisct1.github.io/minisign/

< works as it should, and there's also a -W command-line flag to not use a password at all.

[jedisct1]

I released a new version of rsign2, that includes the same feature.

[passcod]

rsign2 uses rpassword, which reads /dev/tty instead of /dev/stdin, hence why < file doesn't work.

Though a bit clunky, I've successfully used good ol expect instead. If it helps anyone else:

expect <<EXP
spawn rsign generate -f -p minisign.pub -s minisign.key
expect "Password:"
send -- "$SIGNING_KEY_SECRET\r"
expect "Password (one more time):"
send -- "$SIGNING_KEY_SECRET\r"
expect eof
EXP

expect <<EXP
spawn rsign sign -s minisign.key -x "$file.sig" -t "$comment" "$file"
expect "Password:"
send -- "$SIGNING_KEY_SECRET\r"
expect eof
EXP

[jedisct1]

rsign generate --passwordless creates a key pair that doesn't require a password.

[passcod]

Yes, but in that case I do want a password, just not interactively.