[#1424] neofs-cli: Fail immediately if a key can't be fetched

If the key can't be fetched, an error is always returned, so it makes sense to fail the whole command inside of a `key.Get*()`. Signed-off-by: Evgenii Stratonikov <evgeniy@nspcc.ru>
2022-05-24 11:22:23 +03:00 · 2022-05-24 11:22:23 +03:00 · 295ec3700a
commit 295ec3700a
parent d9c5ca5e77
19 changed files with 70 additions and 69 deletions
--- a/cmd/neofs-cli/internal/key/key_test.go
+++ b/cmd/neofs-cli/internal/key/key_test.go
@ -1,4 +1,4 @@
-package cmd
+package key

 import (
 	"bytes"
@ -11,13 +11,12 @@ import (
 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
-	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/spf13/viper"
 	"github.com/stretchr/testify/require"
 	"golang.org/x/term"
 )

-func Test_getKey(t *testing.T) {
+func Test_getOrGenerate(t *testing.T) {
 	dir := t.TempDir()

 	wallPath := filepath.Join(dir, "wallet.json")
@ -56,13 +55,13 @@ func Test_getKey(t *testing.T) {
 		Writer: io.Discard,
 	}, "")

-	checkKeyError(t, filepath.Join(dir, "badfile"), key.ErrInvalidKey)
+	checkKeyError(t, filepath.Join(dir, "badfile"), ErrInvalidKey)

 	t.Run("wallet", func(t *testing.T) {
-		checkKeyError(t, wallPath, key.ErrInvalidPassword)
+		checkKeyError(t, wallPath, ErrInvalidPassword)

 		in.WriteString("invalid\r")
-		checkKeyError(t, wallPath, key.ErrInvalidPassword)
+		checkKeyError(t, wallPath, ErrInvalidPassword)

 		in.WriteString("pass\r")
 		checkKey(t, wallPath, acc2.PrivateKey()) // default account
@ -72,12 +71,12 @@ func Test_getKey(t *testing.T) {
 		checkKey(t, wallPath, acc1.PrivateKey())

 		viper.Set(commonflags.Account, "not an address")
-		checkKeyError(t, wallPath, key.ErrInvalidAddress)
+		checkKeyError(t, wallPath, ErrInvalidAddress)

 		acc, err := wallet.NewAccount()
 		require.NoError(t, err)
 		viper.Set(commonflags.Account, acc.Address)
-		checkKeyError(t, wallPath, key.ErrInvalidAddress)
+		checkKeyError(t, wallPath, ErrInvalidAddress)
 	})

 	t.Run("WIF", func(t *testing.T) {
@ -85,10 +84,10 @@ func Test_getKey(t *testing.T) {
 	})

 	t.Run("NEP-2", func(t *testing.T) {
-		checkKeyError(t, nep2, key.ErrInvalidPassword)
+		checkKeyError(t, nep2, ErrInvalidPassword)

 		in.WriteString("invalid\r")
-		checkKeyError(t, nep2, key.ErrInvalidPassword)
+		checkKeyError(t, nep2, ErrInvalidPassword)

 		in.WriteString("pass\r")
 		checkKey(t, nep2, nep2Key)
@ -96,7 +95,7 @@ func Test_getKey(t *testing.T) {
 		t.Run("password from config", func(t *testing.T) {
 			viper.Set("password", "invalid")
 			in.WriteString("pass\r")
-			checkKeyError(t, nep2, key.ErrInvalidPassword)
+			checkKeyError(t, nep2, ErrInvalidPassword)

 			viper.Set("password", "pass")
 			in.WriteString("invalid\r")
@ -110,7 +109,7 @@ func Test_getKey(t *testing.T) {

 	t.Run("generate", func(t *testing.T) {
 		viper.Set(commonflags.GenerateKey, true)
-		actual, err := getKey()
+		actual, err := getOrGenerate()
 		require.NoError(t, err)
 		require.NotNil(t, actual)
 		for _, p := range []*keys.PrivateKey{nep2Key, rawKey, wifKey, acc1.PrivateKey(), acc2.PrivateKey()} {
@ -121,13 +120,13 @@ func Test_getKey(t *testing.T) {

 func checkKeyError(t *testing.T, desc string, err error) {
 	viper.Set(commonflags.WalletPath, desc)
-	_, actualErr := getKey()
+	_, actualErr := getOrGenerate()
 	require.ErrorIs(t, actualErr, err)
 }

 func checkKey(t *testing.T, desc string, expected *keys.PrivateKey) {
 	viper.Set(commonflags.WalletPath, desc)
-	actual, err := getKey()
+	actual, err := getOrGenerate()
 	require.NoError(t, err)
 	require.Equal(t, &expected.PrivateKey, actual)
 }
--- a/cmd/neofs-cli/internal/key/raw.go
+++ b/cmd/neofs-cli/internal/key/raw.go
@ -8,7 +8,9 @@ import (

 	"github.com/nspcc-dev/neo-go/pkg/crypto/keys"
 	"github.com/nspcc-dev/neo-go/pkg/wallet"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/spf13/cobra"
 	"github.com/spf13/viper"
 )

@ -22,7 +24,13 @@ var errCantGenerateKey = errors.New("can't generate new private key")
 // Ideally we want to touch file-system on the last step.
 // However, asking for NEP-2 password seems to be confusing if we provide a wallet.
 // This function assumes that all flags were bind to viper in a `PersistentPreRun`.
-func Get() (*ecdsa.PrivateKey, error) {
+func Get(cmd *cobra.Command) *ecdsa.PrivateKey {
+	pk, err := get()
+	common.ExitOnErr(cmd, "can't fetch private key: %w", err)
+	return pk
+}
+
+func get() (*ecdsa.PrivateKey, error) {
 	keyDesc := viper.GetString(commonflags.WalletPath)
 	priv, err := keys.NewPrivateKeyFromWIF(keyDesc)
 	if err == nil {
@ -47,7 +55,13 @@ func Get() (*ecdsa.PrivateKey, error) {
 }

 // GetOrGenerate is similar to get but generates a new key if commonflags.GenerateKey is set.
-func GetOrGenerate() (*ecdsa.PrivateKey, error) {
+func GetOrGenerate(cmd *cobra.Command) *ecdsa.PrivateKey {
+	pk, err := getOrGenerate()
+	common.ExitOnErr(cmd, "can't fetch private key: %w", err)
+	return pk
+}
+
+func getOrGenerate() (*ecdsa.PrivateKey, error) {
 	if viper.GetBool(commonflags.GenerateKey) {
 		priv, err := keys.NewPrivateKey()
 		if err != nil {
@ -55,7 +69,7 @@ func GetOrGenerate() (*ecdsa.PrivateKey, error) {
 		}
 		return &priv.PrivateKey, nil
 	}
-	return Get()
+	return get()
 }

 func getKeyFromFile(keyPath string) (*ecdsa.PrivateKey, error) {
--- a/cmd/neofs-cli/modules/accounting/balance.go
+++ b/cmd/neofs-cli/modules/accounting/balance.go
@ -26,8 +26,7 @@ var accountingBalanceCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		var oid user.ID

-		pk, err := key.GetOrGenerate()
-		common.ExitOnErr(cmd, "", err)
+		pk := key.GetOrGenerate(cmd)

 		balanceOwner, _ := cmd.Flags().GetString(ownerFlag)
 		if balanceOwner == "" {
--- a/cmd/neofs-cli/modules/container.go
+++ b/cmd/neofs-cli/modules/container.go
@ -15,6 +15,7 @@ import (
 	internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/core/version"
 	"github.com/nspcc-dev/neofs-sdk-go/acl"
 	"github.com/nspcc-dev/neofs-sdk-go/container"
@ -116,8 +117,7 @@ var listContainersCmd = &cobra.Command{
 	Run: func(cmd *cobra.Command, args []string) {
 		var idUser user.ID

-		key, err := getKey()
-		common.ExitOnErr(cmd, "", err)
+		key := key.GetOrGenerate(cmd)

 		if containerOwner == "" {
 			user.IDFromKey(&idUser, key.PublicKey)
@ -164,8 +164,7 @@ It will be stored in sidechain when inner ring will accepts it.`,
 		tok, err := getSessionToken(sessionTokenPath)
 		common.ExitOnErr(cmd, "", err)

-		key, err := getKey()
-		common.ExitOnErr(cmd, "", err)
+		key := key.GetOrGenerate(cmd)

 		var idOwner *user.ID

--- a/cmd/neofs-cli/modules/control/drop_objects.go
+++ b/cmd/neofs-cli/modules/control/drop_objects.go
@ -6,6 +6,7 @@ import (
 	rawclient "github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	addressSDK "github.com/nspcc-dev/neofs-sdk-go/object/address"
 	"github.com/spf13/cobra"
@ -18,7 +19,7 @@ var dropObjectsCmd = &cobra.Command{
 	Short: "Drop objects from the node's local storage",
 	Long:  "Drop objects from the node's local storage",
 	Run: func(cmd *cobra.Command, args []string) {
-		pk := getKey(cmd)
+		pk := key.Get(cmd)

 		dropObjectsList, _ := cmd.Flags().GetStringSlice(dropObjectsFlag)
 		binAddrList := make([][]byte, 0, len(dropObjectsList))
--- a/cmd/neofs-cli/modules/control/healthcheck.go
+++ b/cmd/neofs-cli/modules/control/healthcheck.go
@ -6,6 +6,7 @@ import (
 	rawclient "github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	ircontrol "github.com/nspcc-dev/neofs-node/pkg/services/control/ir"
 	ircontrolsrv "github.com/nspcc-dev/neofs-node/pkg/services/control/ir/server"
@ -34,7 +35,7 @@ func initControlHealthCheckCmd() {
 }

 func healthCheck(cmd *cobra.Command, _ []string) {
-	pk := getKey(cmd)
+	pk := key.Get(cmd)

 	cli := getClient(cmd, pk)

--- a/cmd/neofs-cli/modules/control/set_netmap_status.go
+++ b/cmd/neofs-cli/modules/control/set_netmap_status.go
@ -6,6 +6,7 @@ import (
 	rawclient "github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	"github.com/spf13/cobra"
 )
@ -43,7 +44,7 @@ func initControlSetNetmapStatusCmd() {
 }

 func setNetmapStatus(cmd *cobra.Command, _ []string) {
-	pk := getKey(cmd)
+	pk := key.Get(cmd)

 	var status control.NetmapStatus

--- a/cmd/neofs-cli/modules/control/shards_dump.go
+++ b/cmd/neofs-cli/modules/control/shards_dump.go
@ -4,6 +4,7 @@ import (
 	"github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	"github.com/spf13/cobra"
 )
@ -21,7 +22,7 @@ var dumpShardCmd = &cobra.Command{
 }

 func dumpShard(cmd *cobra.Command, _ []string) {
-	pk := getKey(cmd)
+	pk := key.Get(cmd)

 	body := new(control.DumpShardRequest_Body)
 	body.SetShardID(getShardID(cmd))
--- a/cmd/neofs-cli/modules/control/shards_list.go
+++ b/cmd/neofs-cli/modules/control/shards_list.go
@ -7,6 +7,7 @@ import (
 	rawclient "github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	"github.com/spf13/cobra"
 )
@ -27,7 +28,7 @@ func initControlShardsListCmd() {
 }

 func listShards(cmd *cobra.Command, _ []string) {
-	pk := getKey(cmd)
+	pk := key.Get(cmd)

 	req := new(control.ListShardsRequest)
 	req.SetBody(new(control.ListShardsRequest_Body))
--- a/cmd/neofs-cli/modules/control/shards_restore.go
+++ b/cmd/neofs-cli/modules/control/shards_restore.go
@ -4,6 +4,7 @@ import (
 	"github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	"github.com/spf13/cobra"
 )
@ -21,7 +22,7 @@ var restoreShardCmd = &cobra.Command{
 }

 func restoreShard(cmd *cobra.Command, _ []string) {
-	pk := getKey(cmd)
+	pk := key.Get(cmd)

 	body := new(control.RestoreShardRequest_Body)
 	body.SetShardID(getShardID(cmd))
--- a/cmd/neofs-cli/modules/control/shards_set_mode.go
+++ b/cmd/neofs-cli/modules/control/shards_set_mode.go
@ -7,6 +7,7 @@ import (
 	rawclient "github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	"github.com/spf13/cobra"
 )
@ -46,7 +47,7 @@ func initControlSetShardModeCmd() {
 }

 func setShardMode(cmd *cobra.Command, _ []string) {
-	pk := getKey(cmd)
+	pk := key.Get(cmd)

 	var mode control.ShardMode

--- a/cmd/neofs-cli/modules/control/snapshot.go
+++ b/cmd/neofs-cli/modules/control/snapshot.go
@ -5,6 +5,7 @@ import (
 	rawclient "github.com/nspcc-dev/neofs-api-go/v2/rpc/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/control"
 	"github.com/spf13/cobra"
 )
@ -18,7 +19,7 @@ var snapshotCmd = &cobra.Command{
 	Short: "Get network map snapshot",
 	Long:  "Get network map snapshot",
 	Run: func(cmd *cobra.Command, args []string) {
-		pk := getKey(cmd)
+		pk := key.Get(cmd)

 		req := new(control.NetmapSnapshotRequest)
 		req.SetBody(new(control.NetmapSnapshotRequest_Body))
--- a/cmd/neofs-cli/modules/control/util.go
+++ b/cmd/neofs-cli/modules/control/util.go
@ -7,7 +7,6 @@ import (
 	"github.com/nspcc-dev/neofs-api-go/v2/refs"
 	internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
-	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	controlSvc "github.com/nspcc-dev/neofs-node/pkg/services/control/server"
 	"github.com/nspcc-dev/neofs-sdk-go/client"
 	neofscrypto "github.com/nspcc-dev/neofs-sdk-go/crypto"
@ -54,9 +53,3 @@ func getClient(cmd *cobra.Command, pk *ecdsa.PrivateKey) *client.Client {
 	common.ExitOnErr(cmd, "", err)
 	return cli
 }
-
-func getKey(cmd *cobra.Command) *ecdsa.PrivateKey {
-	pk, err := key.Get()
-	common.ExitOnErr(cmd, "", err)
-	return pk
-}
--- a/cmd/neofs-cli/modules/lock.go
+++ b/cmd/neofs-cli/modules/lock.go
@ -6,6 +6,7 @@ import (
 	internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	objectcore "github.com/nspcc-dev/neofs-node/pkg/core/object"
 	cid "github.com/nspcc-dev/neofs-sdk-go/container/id"
 	"github.com/nspcc-dev/neofs-sdk-go/object"
@ -34,8 +35,7 @@ var cmdObjectLock = &cobra.Command{
 			common.ExitOnErr(cmd, fmt.Sprintf("Incorrect object arg #%d: %%v", i+1), err)
 		}

-		key, err := getKey()
-		common.ExitOnErr(cmd, "can't fetch private key: %w", err)
+		key := key.GetOrGenerate(cmd)

 		idOwner, err := getOwnerID(key)
 		common.ExitOnErr(cmd, "", err)
--- a/cmd/neofs-cli/modules/object.go
+++ b/cmd/neofs-cli/modules/object.go
@ -20,6 +20,7 @@ import (
 	internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	sessionCli "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/modules/session"
 	"github.com/nspcc-dev/neofs-sdk-go/bearer"
 	"github.com/nspcc-dev/neofs-sdk-go/checksum"
@ -318,10 +319,9 @@ type clientKeySession interface {
 }

 func prepareSessionPrm(cmd *cobra.Command, addr *addressSDK.Address, prms ...clientKeySession) {
-	key, err := getKey()
-	common.ExitOnErr(cmd, "get private key: %w", err)
+	pk := key.GetOrGenerate(cmd)

-	prepareSessionPrmWithKey(cmd, addr, key, prms...)
+	prepareSessionPrmWithKey(cmd, addr, pk, prms...)
 }

 func prepareSessionPrmWithKey(cmd *cobra.Command, addr *addressSDK.Address, key *ecdsa.PrivateKey, prms ...clientKeySession) {
@ -421,10 +421,9 @@ func prepareObjectPrmRaw(cmd *cobra.Command, prm interface {
 }

 func putObject(cmd *cobra.Command, _ []string) {
-	key, err := getKey()
-	common.ExitOnErr(cmd, "can't fetch private key: %w", err)
+	pk := key.GetOrGenerate(cmd)

-	ownerID, err := getOwnerID(key)
+	ownerID, err := getOwnerID(pk)
 	common.ExitOnErr(cmd, "", err)
 	cnr, err := getCID(cmd)
 	common.ExitOnErr(cmd, "", err)
@ -475,7 +474,7 @@ func putObject(cmd *cobra.Command, _ []string) {

 	sessionObjectCtxAddress := addressSDK.NewAddress()
 	sessionObjectCtxAddress.SetContainerID(*cnr)
-	prepareSessionPrmWithOwner(cmd, sessionObjectCtxAddress, key, ownerID, &prm)
+	prepareSessionPrmWithOwner(cmd, sessionObjectCtxAddress, pk, ownerID, &prm)
 	prepareObjectPrm(cmd, &prm)
 	prm.SetHeader(obj)

--- a/cmd/neofs-cli/modules/root.go
+++ b/cmd/neofs-cli/modules/root.go
@ -139,19 +139,13 @@ func initConfig() {
 	}
 }

-// getKey returns private key that was provided in global arguments.
-func getKey() (*ecdsa.PrivateKey, error) {
-	return key.GetOrGenerate()
-}
-
 type clientWithKey interface {
 	SetClient(*client.Client)
 }

 // reads private key from command args and call prepareAPIClientWithKey with it.
 func prepareAPIClient(cmd *cobra.Command, dst ...clientWithKey) {
-	p, err := getKey()
-	common.ExitOnErr(cmd, "get private key: %w", err)
+	p := key.GetOrGenerate(cmd)

 	prepareAPIClientWithKey(cmd, p, dst...)
 }
--- a/cmd/neofs-cli/modules/session/create.go
+++ b/cmd/neofs-cli/modules/session/create.go
@ -48,10 +48,7 @@ func init() {
 }

 func createSession(cmd *cobra.Command, _ []string) error {
-	privKey, err := key.Get()
-	if err != nil {
-		return err
-	}
+	privKey := key.Get(cmd)

 	var netAddr network.Address
 	addrStr, _ := cmd.Flags().GetString(commonflags.RPC)
--- a/cmd/neofs-cli/modules/storagegroup.go
+++ b/cmd/neofs-cli/modules/storagegroup.go
@ -9,6 +9,7 @@ import (
 	internalclient "github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/client"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/services/object_manager/storagegroup"
 	"github.com/nspcc-dev/neofs-sdk-go/object"
 	addressSDK "github.com/nspcc-dev/neofs-sdk-go/object/address"
@ -163,10 +164,9 @@ func (c sgHeadReceiver) Head(addr *addressSDK.Address) (interface{}, error) {
 }

 func putSG(cmd *cobra.Command, _ []string) {
-	key, err := getKey()
-	common.ExitOnErr(cmd, "", err)
+	pk := key.GetOrGenerate(cmd)

-	ownerID, err := getOwnerID(key)
+	ownerID, err := getOwnerID(pk)
 	common.ExitOnErr(cmd, "", err)

 	cnr, err := getCID(cmd)
@ -186,14 +186,14 @@ func putSG(cmd *cobra.Command, _ []string) {

 	sessionObjectCtxAddress := addressSDK.NewAddress()
 	sessionObjectCtxAddress.SetContainerID(*cnr)
-	prepareSessionPrmWithOwner(cmd, sessionObjectCtxAddress, key, ownerID, &putPrm)
+	prepareSessionPrmWithOwner(cmd, sessionObjectCtxAddress, pk, ownerID, &putPrm)
 	prepareObjectPrm(cmd, &headPrm, &putPrm)

 	headPrm.SetRawFlag(true)

 	sg, err := storagegroup.CollectMembers(sgHeadReceiver{
 		cmd:     cmd,
-		key:     key,
+		key:     pk,
 		ownerID: ownerID,
 		prm:     headPrm,
 	}, cnr, members)
--- a/cmd/neofs-cli/modules/util.go
+++ b/cmd/neofs-cli/modules/util.go
@ -12,6 +12,7 @@ import (

 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/common"
 	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/commonflags"
+	"github.com/nspcc-dev/neofs-node/cmd/neofs-cli/internal/key"
 	"github.com/nspcc-dev/neofs-node/pkg/util/keyer"
 	locodedb "github.com/nspcc-dev/neofs-node/pkg/util/locode/db"
 	airportsdb "github.com/nspcc-dev/neofs-node/pkg/util/locode/db/airports"
@ -283,10 +284,9 @@ func signBearerToken(cmd *cobra.Command, _ []string) {
 	btok, err := getBearerToken(cmd, "from")
 	common.ExitOnErr(cmd, "", err)

-	key, err := getKey()
-	common.ExitOnErr(cmd, "", err)
+	pk := key.GetOrGenerate(cmd)

-	err = btok.Sign(*key)
+	err = btok.Sign(*pk)
 	common.ExitOnErr(cmd, "", err)

 	to := cmd.Flag("to").Value.String()
@ -321,10 +321,9 @@ func signSessionToken(cmd *cobra.Command, _ []string) {
 		common.ExitOnErr(cmd, "", fmt.Errorf("can't read session token from %s: %w", path, err))
 	}

-	key, err := getKey()
-	common.ExitOnErr(cmd, "can't get private key, make sure it is provided: %w", err)
+	pk := key.GetOrGenerate(cmd)

-	err = stok.Sign(key)
+	err = stok.Sign(pk)
 	common.ExitOnErr(cmd, "can't sign token: %w", err)

 	data, err := stok.MarshalJSON()