#![allow(clippy::or_fun_call)]

use std::env;

use std::ffi::OsString;

use std::str::FromStr;

use anyhow::anyhow;

    } else {

        term::passphrase_confirm("Enter a passphrase:", RAD_PASSPHRASE)

    }?;

    let spinner = term::spinner("Creating your Ed25519 keypair...");

    let profile = Profile::init(home, alias, passphrase.clone())?;

    spinner.finish();

            }

        }

    }

    term::success!(

/// Try loading the identity's key into SSH Agent, falling back to verifying `RAD_PASSPHRASE` for

/// use.

pub fn authenticate(options: Options, profile: &Profile) -> anyhow::Result<()> {

    match ssh::agent::Agent::connect() {

        Ok(mut agent) => {

            if agent.request_identities()?.contains(&profile.public_key) {

    // Try RAD_PASSPHRASE fallback.

    if let Some(passphrase) = profile::env::passphrase() {

            .map_err(|_| anyhow!("RAD_PASSPHRASE failed"))?;

        return Ok(());

    };

) -> anyhow::Result<()> {

    let secret = profile

        .keystore

        .map_err(|e| {

            if e.is_crypto_err() {

                anyhow!("could not decrypt secret key: invalid passphrase")

        term::success!("Node is already running");

        return Ok(());

    }

    // Since we checked that the node is not running, it's safe to use `--force`

    // here.

        process::Command::new("radicle-node")

            .args(options)

            .stdin(process::Stdio::null())

            .stdout(process::Stdio::from(log))

            .stderr(process::Stdio::null())

    } else {

        let mut child = process::Command::new("radicle-node")

            .args(options)

            .spawn()?;

        child.wait()?;

        term::success!("Node is {}", term::format::positive("running"));

    } else {

        term::info!("Node is {}", term::format::negative("stopped"));

    }

    let sessions = sessions(node)?;

    }

    let passphrase = passphrase(RAD_PASSPHRASE)?;

    let spinner = spinner("Unsealing key...");

    spinner.finish();

[dependencies]

amplify = { version = "4.0.0" }

multibase = { version = "0.9.1" }

ec25519 = { version = "0.1.0", features = [] }

serde = { version = "1", features = ["derive"] }

    ///

    /// The `comment` is associated with the private key.

    /// The `passphrase` is used to encrypt the private key.

        self.store(keypair::generate(), comment, passphrase)

    }

        &self,

        keypair: KeyPair,

        comment: &str,

    ) -> Result<PublicKey, Error> {

        let ssh_pair = ssh_key::private::Ed25519Keypair::from_bytes(&keypair)?;

        let ssh_pair = ssh_key::private::KeypairData::Ed25519(ssh_pair);

        let secret = ssh_key::PrivateKey::new(ssh_pair, comment)?;

        let public = secret.public_key();

        let path = self.path.join("radicle");

    /// Returns `None` if it wasn't found.

    pub fn secret_key(

        &self,

    ) -> Result<Option<Zeroizing<SecretKey>>, Error> {

        let path = self.path.join("radicle");

        if !path.exists() {

            return Ok(None);

        }

        match secret.key_data() {

            ssh_key::private::KeypairData::Ed25519(pair) => {

                Ok(Some(SecretKey::from(pair.to_bytes()).into()))

            _ => Err(Error::InvalidKeyType),

        }

    }

}

#[derive(Debug, Error)]

impl MemorySigner {

    /// Load this signer from a keystore, given a secret key passphrase.

        let public = keystore

            .public_key()?

            .ok_or_else(|| MemorySignerError::NotFound(keystore.path().to_path_buf()))?;

    use super::*;

    #[test]

        let tmp = tempfile::tempdir().unwrap();

        let store = Keystore::new(&tmp.path());

        assert_eq!(public, store.public_key().unwrap().unwrap());

        let secret = store

            .unwrap()

            .unwrap();

        assert_eq!(PublicKey::from(secret.public_key()), public);

    }

    #[test]

        let tmp = tempfile::tempdir().unwrap();

        let store = Keystore::new(&tmp.path());

        assert_eq!(public, *signer.public_key());

    }

pub const CONTRIBUTOR_COMMENT_1: &str = "92aab76516ae7f60a9b2952043ba578383de7d46";

pub const CONTRIBUTOR_COMMENT_2: &str = "cb360eee0ec70563d5c4c3613fdc076648523248";

/// Create a new profile.

pub fn profile(home: &Path, seed: [u8; 32]) -> radicle::Profile {

    let home = Home::new(home).unwrap();

    let keypair = KeyPair::from_seed(Seed::from(seed));

    radicle::storage::git::transport::local::register(storage.clone());

    radicle::Profile {

        home,

    let home = dir.join("radicle");

    let profile = profile(home.as_path(), seed);

    seed_with_signer(dir, profile, &signer)

}

    let workdir = dir.join("hello-world");

    env::set_var("RAD_COMMIT_TIME", TIMESTAMP.to_string());

    fs::create_dir_all(&workdir).unwrap();

use std::{env, fs, net, process};

use crossbeam_channel as chan;

use cyphernet::addr::PeerAddr;

use localtime::LocalDuration;

use radicle::node;

use radicle::prelude::Signer;

use radicle::profile;

    log::info!(target: "node", "Unlocking node keystore..");

    let keystore = Keystore::new(&home.keys());

    let signer = MemorySigner::load(&keystore, passphrase)?;

    /// is required. Use [`Environment::profile`] otherwise.

    pub fn node(&mut self, config: Config) -> Node<MemorySigner> {

        let profile = self.profile(&config.alias);

        let tracking_db = profile.home.node().join(TRACKING_DB_FILE);

        TrackingStore::Config::open(tracking_db).unwrap();

        let addresses_db = profile.home.node().join(ADDRESS_DB_FILE);

        Book::open(addresses_db).unwrap();

        transport::local::register(storage.clone());

        // Ensures that each user has a unique but deterministic public key.

        self.users += 1;

                .with_display_mode(inquire::PasswordDisplayMode::Masked)

                .with_custom_confirmation_message("Repeat passphrase:")

                .with_custom_confirmation_error_message("The passphrases don't match.")

                .prompt()?,

        ))

    }

            let passphrase = passphrase.trim().to_owned().into();

            let secret = profile

                .keystore

                .ok_or_else(|| anyhow!("Key not found in {:?}", profile.keystore.path()))?;

            agent.register(&secret)?;

    /// Passphrase for the encrypted radicle secret key.

    pub const RAD_PASSPHRASE: &str = "RAD_PASSPHRASE";

    pub fn passphrase() -> Option<super::Passphrase> {

        let Ok(passphrase) = std::env::var(RAD_PASSPHRASE) else {

            return None;

}

impl Profile {

        let storage = Storage::open(home.storage())?;

        let keystore = Keystore::new(&home.keys());

        let public_key = keystore.init("radicle", passphrase)?;

    }

    pub fn signer(&self) -> Result<Box<dyn Signer>, Error> {

        if let Some(passphrase) = env::passphrase() {

            return Ok(signer.boxed());

        }