From 4eb2531aab1abae8c34f41ca44ec1caf6469ea83 Mon Sep 17 00:00:00 2001
From: Tom Ryder <tom@sanctum.geek.nz>
Date: Sat, 14 Oct 2017 01:34:05 +1300
Subject: Add sign/encrypt options

Default signing to off; step 1 to mitigating the terrible literal
passphrase passing.
---
 bin/runcrypt | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'bin')

diff --git a/bin/runcrypt b/bin/runcrypt
index df2a59b..a3c8552 100755
--- a/bin/runcrypt
+++ b/bin/runcrypt
@@ -25,6 +25,12 @@ our $SELF = 'runcrypt';
 my ( $opt, $usage ) = describe_options(
     "$SELF %o COMMAND [ARG1...]",
 
+    # Whether to sign the output (default: off)
+    [ 'sign|s', 'Sign output', { default => 0 } ],
+
+    # Whether to encrypt the output (default: on)
+    [ 'encrypt|e', 'Encrypt output', { default => 1 } ],
+
     # Key ID defaults to environment RUNCRYPT_KEYID if set
     [
         'keyid|k=s',
@@ -76,6 +82,8 @@ if ( !@ARGV ) {
 
 # Create an MCC object
 my $mrc = Mail::Run::Crypt->new(
+    sign       => $opt->sign,
+    encrypt    => $opt->encrypt,
     keyid      => $opt->keyid,
     passphrase => $opt->passphrase,
     mailto     => $opt->mailto,
@@ -124,6 +132,15 @@ The arguments beyond the options are used as the command name to run:
 
 =over 4
 
+=item C<--sign>
+
+Whether to sign the output. This defaults to off. A key ID and passphrase will
+need to be provided for signing to work.
+
+=item C<--encrypt>
+
+Whether to encrypt the output to the recipient. This defaults to on.
+
 =item C<--keyid>
 
 The GnuPG key ID that should be used to sign and encrypt the messages. This
-- 
cgit v1.2.3