Add openssl(1)-compatible -pass option

cmd/harmony/main.go

@@ -13,6 +13,7 @@ import (
 	"github.com/ethereum/go-ethereum/ethdb"
 	"github.com/ethereum/go-ethereum/log"
 	"github.com/harmony-one/bls/ffi/go/bls"
+
 	"github.com/harmony-one/harmony/accounts"
 	"github.com/harmony-one/harmony/accounts/keystore"
 	"github.com/harmony-one/harmony/consensus"
@@ -23,7 +24,7 @@ import (
 	"github.com/harmony-one/harmony/internal/ctxerror"
 	"github.com/harmony-one/harmony/internal/genesis"
 	hmykey "github.com/harmony-one/harmony/internal/keystore"
-	memprofiling "github.com/harmony-one/harmony/internal/memprofiling"
+	"github.com/harmony-one/harmony/internal/memprofiling"
 	"github.com/harmony-one/harmony/internal/profiler"
 	"github.com/harmony-one/harmony/internal/shardchain"
 	"github.com/harmony-one/harmony/internal/utils"
@@ -110,6 +111,10 @@ var (
 
 	// -nopass is false by default.  The keyfile must be encrypted.
 	hmyNoPass = flag.Bool("nopass", false, "No passphrase for the key (testing only)")
+	// -pass takes on "pass:password", "env:var", "file:pathname",
+	// "fd:number", or "stdin" form.
+	// See “PASS PHRASE ARGUMENTS” section of openssl(1) for details.
+	hmyPass = flag.String("pass", "", "how to get passphrase for the key")
 
 	stakingAccounts = flag.String("accounts", "", "account addresses of the node")
 
@@ -196,7 +201,14 @@ func initSetup() {
 
 	var myPass string
 	if !*hmyNoPass {
-		myPass = utils.AskForPassphrase("Passphrase: ")
+		if *hmyPass == "" {
+			myPass = utils.AskForPassphrase("Passphrase: ")
+		} else if pass, err := utils.GetPassphraseFromSource(*hmyPass); err != nil {
+			fmt.Printf("Cannot read passphrase: %s\n", err)
+			os.Exit(3)
+		} else {
+			myPass = pass
+		}
 		err := ks.Unlock(myAccount, myPass)
 		if err != nil {
 			fmt.Printf("Wrong Passphrase! Unable to unlock account key!\n")