version bump - v0.1.0

- add support for editor arguments - add support for encrypting to multiple recipients - add support for trying to decrypt with multiple identites - add cli flag to re-encrypt even if data wasn't changed
update readme
2024-03-23 14:15:48 -07:00 · 2024-03-23 14:13:09 -07:00 · 2024-03-23 14:08:38 -07:00 · 2024-03-23 13:57:15 -07:00 · 2024-03-22 23:46:51 -07:00 · 2024-03-22 23:46:51 -07:00
7 changed files with 300 additions and 105 deletions
--- a/README.md
+++ b/README.md
@ -10,15 +10,23 @@ open an [age](https://github.com/FiloSottile/age) encrypted file in $EDITOR
 ### flags

 ```text
-   --identity value, -i value  age identity file to use
-   --out value, -o value       write to this file instead of the input file
-   --log value, -l value       log level (default: "warn")
-   --editor value, -e value    specify the editor to use
-   --help, -h                  show help
-   --version, -v               print the version
+   --identity identity, -I identity [ --identity identity, -I identity ]        age identity (or identities) to decrypt with
+   --identity-file FILE, -i FILE                                                read identity from FILE
+   --recipient recipient, -R recipient [ --recipient recipient, -R recipient ]  age recipients to encrypt to
+   --recipient-file FILE, -r FILE                                               read recipients from FILE
+   --out FILE, -o FILE                                                          write to FILE instead of the input file
+   --editor EDITOR, -e EDITOR                                                   edit with specified EDITOR instead of $EDITOR
+   --editor-args arg [ --editor-args arg ]                                      arguments to send to the editor
+   --force, -f                                                                  re-encrypt the file even if no changes have been made. (default: false)
+   --log level                                                                  log level (default: "warn")
+   --help, -h                                                                   show help
+   --version, -v                                                                print the version
 ```

 ## library
 `go get git.burning.moe/celediel/agedit@latest`

 See `./cmd/agedit` for example usage.
+
+## TODO
+- support for password encrypted key files
--- a/cmd/agedit/cli.go
+++ b/cmd/agedit/cli.go
@ -2,10 +2,12 @@ package main

 import (
 	"errors"
+	"fmt"
 	"os"
 	"strings"
 	"time"

+	"filippo.io/age"
 	"git.burning.moe/celediel/agedit/internal/config"
 	"git.burning.moe/celediel/agedit/pkg/editor"
 	"git.burning.moe/celediel/agedit/pkg/encrypt"
@ -17,10 +19,10 @@ import (
 )

 const (
-	name          = "agedit"
-	usage         = "Edit age encrypted files with your $EDITOR"
-	version       = "0.0.2"
-	help_template = `NAME:
+	name          string = "agedit"
+	usage         string = "Edit age encrypted files with your $EDITOR"
+	version       string = "0.1.0"
+	help_template string = `NAME:
   {{.Name}} {{if .Version}}v{{.Version}}{{end}} - {{.Usage}}

 USAGE:
@ -45,33 +47,101 @@ var (
 	}}

 	flags = []cli.Flag{
-		&cli.StringFlag{
+		&cli.StringSliceFlag{
 			Name:    "identity",
-			Usage:   "age identity file to use",
+			Usage:   "age `identity` (or identities) to decrypt with",
+			Aliases: []string{"I"},
+			Action: func(ctx *cli.Context, inputs []string) error {
+				for _, input := range inputs {
+					id, err := age.ParseX25519Identity(input)
+					if err != nil {
+						return err
+					}
+
+					identities = append(identities, id)
+				}
+				return nil
+			},
+		},
+		&cli.PathFlag{ // I dunno why PathFlag exists because cli.Path is just string
+			Name:    "identity-file",
+			Usage:   "read identity from `FILE`",
 			Aliases: []string{"i"},
-			Action: func(ctx *cli.Context, s string) error {
-				if identity_file := ctx.String("identity"); identity_file != "" {
+			Action: func(ctx *cli.Context, identity_file cli.Path) error {
+				if identity_file != "" {
 					cfg.IdentityFile = identity_file
 				}
 				return nil
 			},
 		},
+		&cli.StringSliceFlag{
+			Name:    "recipient",
+			Usage:   "age `recipient`s to encrypt to",
+			Aliases: []string{"R"},
+			Action: func(ctx *cli.Context, inputs []string) error {
+				for _, input := range inputs {
+					logger.Debugf("parsing public key from string %s", input)
+					r, err := age.ParseX25519Recipient(input)
+					if err != nil {
+						return err
+					}
+					recipients = append(recipients, r)
+				}
+				return nil
+			},
+		},
+		&cli.PathFlag{
+			Name:    "recipient-file",
+			Usage:   "read recipients from `FILE`",
+			Aliases: []string{"r"},
+			Action: func(ctx *cli.Context, recipient_file cli.Path) error {
+				if recipient_file != "" {
+					cfg.RecipientFile = recipient_file
+				}
+				return nil
+			},
+		},
 		&cli.StringFlag{
 			Name:    "out",
-			Usage:   "write to this file instead of the input file",
+			Usage:   "write to `FILE` instead of the input file",
 			Aliases: []string{"o"},
-			Action: func(ctx *cli.Context, s string) error {
-				output_file = ctx.String("out")
+			Action: func(ctx *cli.Context, out string) error {
+				output_file = out
 				return nil
 			},
 		},
 		&cli.StringFlag{
-			Name:    "log",
-			Usage:   "log level",
-			Value:   "warn",
-			Aliases: []string{"l"},
+			Name:    "editor",
+			Usage:   "edit with specified `EDITOR` instead of $EDITOR",
+			Aliases: []string{"e"},
+			Action: func(ctx *cli.Context, editor string) error {
+				cfg.Editor = editor
+				return nil
+			},
+		},
+		&cli.StringSliceFlag{
+			Name:  "editor-args",
+			Usage: "`arg`uments to send to the editor",
+			Action: func(ctx *cli.Context, args []string) error {
+				cfg.EditorArgs = args
+				return nil
+			},
+		},
+		&cli.BoolFlag{
+			Name:    "force",
+			Usage:   "re-encrypt the file even if no changes have been made.",
+			Aliases: []string{"f"},
+			Action: func(ctx *cli.Context, b bool) error {
+				force_overwrite = b
+				return nil
+			},
+		},
+		&cli.StringFlag{
+			Name:  "log",
+			Usage: "log `level`",
+			Value: "warn",
 			Action: func(ctx *cli.Context, s string) error {
-				if lvl, err := log.ParseLevel(ctx.String("log")); err == nil {
+				if lvl, err := log.ParseLevel(s); err == nil {
 					logger.SetLevel(lvl)
 					// Some extra info for debug level
 					if logger.GetLevel() == log.DebugLevel {
@ -83,15 +153,6 @@ var (
 				return nil
 			},
 		},
-		&cli.StringFlag{
-			Name:    "editor",
-			Usage:   "specify the editor to use",
-			Aliases: []string{"e"},
-			Action: func(ctx *cli.Context, s string) error {
-				cfg.Editor = ctx.String("editor")
-				return nil
-			},
-		},
 	}
 )

@ -99,23 +160,22 @@ var (
 func before(ctx *cli.Context) error {
 	// check input
 	if input_file = strings.Join(ctx.Args().Slice(), " "); input_file == "" {
-		return errors.New("no file to edit, use agedit -h for help")
+		return fmt.Errorf("no file to edit, use " + name + " -h for help")
 	}

-	// do some setup
+	// set some defaults
 	cfg = config.Defaults
 	cfg.Editor = env.GetEditor()
-	cfg_dir := env.GetConfigDir("agedit")
+	cfg_dir := env.GetConfigDir(name)
 	cfg.IdentityFile = cfg_dir + "identity.key"
-	configFile = cfg_dir + "agedit.yaml"
+	configFile = cfg_dir + name + ".yaml"
 	logger = log.NewWithOptions(os.Stderr, log.Options{
 		ReportTimestamp: true,
 		TimeFormat:      time.TimeOnly,
 	})

 	// load config from file
-	_, err := os.Open(configFile)
-	if err != nil && errors.Is(err, os.ErrNotExist) {
+	if _, err := os.Stat(configFile); err != nil && errors.Is(err, os.ErrNotExist) {
 		// or not
 		logger.Debug("couldn't load config file", "file", configFile)
 	} else {
@ -125,12 +185,16 @@ func before(ctx *cli.Context) error {
 		}
 	}

+	// setup editor with loaded config options
+	edt = editor.New(cfg.Editor, cfg.EditorArgs, cfg.Prefix, cfg.Suffix, cfg.RandomLength)
+
 	return nil
 }

 // action does the actual thing
 func action(ctx *cli.Context) error {
-	if _, err := os.Open(input_file); os.IsNotExist(err) {
+	// make sure input file exists
+	if _, err := os.Stat(input_file); os.IsNotExist(err) {
 		return err
 	}

@ -139,35 +203,75 @@ func action(ctx *cli.Context) error {
 		logger.Debug("out file not specified, using input", "outfile", output_file)
 	}

-	if _, err := os.Open(cfg.IdentityFile); os.IsNotExist(err) {
-		return errors.New("identity file unset, use -i or set one in the config file")
+	// read from identity file if exists and no identities have been supplied
+	if len(identities) == 0 {
+		if _, err := os.Stat(cfg.IdentityFile); os.IsNotExist(err) {
+			return fmt.Errorf("identity file unset and no identities supplied, use -i to specify an idenitity file or set one in the config file, or use -I to specify an age private key")
+		} else {
+			f, err := os.Open(cfg.IdentityFile)
+			if err != nil {
+				return fmt.Errorf("couldn't open identity file: %v", err)
+			}
+			if ids, err := age.ParseIdentities(f); err != nil {
+				return fmt.Errorf("couldn't parse identities: %v", err)
+			} else {
+				identities = append(identities, ids...)
+			}
+		}
 	}

-	if id, err := encrypt.ReadIdentityFromFile(cfg.IdentityFile); err != nil {
-		return err
-	} else {
-		identity = id
+	// read from recipient file if it exists and no recipients have been supplied
+	if len(recipients) == 0 {
+		if _, err := os.Stat(cfg.RecipientFile); os.IsNotExist(err) {
+			return fmt.Errorf("recipient file doesn't exist")
+		} else {
+			f, err := os.Open(cfg.RecipientFile)
+			if err != nil {
+				return fmt.Errorf("couldn't open recipient file: %v", err)
+			}
+			if rs, err := age.ParseRecipients(f); err != nil {
+				return fmt.Errorf("couldn't parse recipients: %v", err)
+			} else {
+				recipients = append(recipients, rs...)
+			}
+		}
 	}
-	logger.Debug("read identity from file", "id", identity.Recipient())

-	decrypted, err := encrypt.Decrypt(input_file, identity)
+	// get recipients from specified identities
+	for _, id := range identities {
+		// TODO: figure out how age actually intends for
+		// TODO: a recpient to be retrieved from an age.Identity
+		// TODO: beccause this is stupid and I hate it
+		actual_id, err := age.ParseX25519Identity(fmt.Sprint(id))
+		if err != nil {
+			return fmt.Errorf("couldn't get recipient? %v", err)
+		}
+
+		recipients = append(recipients, actual_id.Recipient())
+	}
+
+	// try to decrypt the file
+	decrypted, err := encrypt.Decrypt(input_file, identities...)
 	if err != nil {
 		return err
 	}
 	logger.Debug("decrypted " + input_file + " sucessfully")

-	edited, err := editor.EditTempFile(cfg.Editor, string(decrypted), cfg.Prefix, cfg.Suffix, cfg.RandomLength)
+	// open decrypted data in the editor
+	edited, err := edt.EditTempFile(string(decrypted))
 	if err != nil {
 		return err
 	}
 	logger.Debug("got data back from editor")

-	if string(edited) == string(decrypted) {
+	// don't overwrite same data, unless specified
+	if string(edited) == string(decrypted) && !force_overwrite {
 		logger.Warn("No edits made, not writing " + output_file)
 		return nil
 	}

-	err = encrypt.Encrypt(edited, output_file, identity)
+	// actually re-encrypt the data
+	err = encrypt.Encrypt(edited, output_file, recipients...)
 	if err != nil {
 		return err
 	}
--- a/cmd/agedit/main.go
+++ b/cmd/agedit/main.go
@ -4,6 +4,7 @@ import (
 	"os"

 	"git.burning.moe/celediel/agedit/internal/config"
+	"git.burning.moe/celediel/agedit/pkg/editor"

 	"filippo.io/age"
 	"github.com/charmbracelet/log"
@ -11,24 +12,27 @@ import (
 )

 var (
-	identity   *age.X25519Identity
-	logger     *log.Logger
-	cfg        config.Config
-	configFile string
-
+	identities              []age.Identity
+	recipients              []age.Recipient
+	logger                  *log.Logger
+	cfg                     config.Config
+	edt                     editor.Editor
+	configFile              string
 	input_file, output_file string
+	force_overwrite         bool
 )

 func main() {
 	app := &cli.App{
-		Name:                  name,
-		Usage:                 usage,
-		Version:               version,
-		Authors:               authors,
-		Flags:                 flags,
-		Before:                before,
-		Action:                action,
-		CustomAppHelpTemplate: help_template,
+		Name:                   name,
+		Usage:                  usage,
+		Version:                version,
+		Authors:                authors,
+		Flags:                  flags,
+		Before:                 before,
+		Action:                 action,
+		CustomAppHelpTemplate:  help_template,
+		UseShortOptionHandling: true,
 	}

 	if err := app.Run(os.Args); err != nil {
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -1,11 +1,13 @@
 package config

 type Config struct {
-	IdentityFile string `json:"identityfile" yaml:"identityfile" toml:"identityfile"`
-	Editor       string `json:"editor" yaml:"editor" toml:"editor"`
-	Prefix       string `json:"randomfileprefix" yaml:"randomfileprefix" toml:"randomfileprefix"`
-	Suffix       string `json:"randomfilesuffix" yaml:"randomfilesuffix" toml:"randomfilesuffix"`
-	RandomLength int    `json:"randomfilenamelength" yaml:"randomfilenamelength" toml:"randomfilenamelength"`
+	IdentityFile  string   `json:"identityfile" yaml:"identityfile" toml:"identityfile"`
+	RecipientFile string   `json:"recipientfile" yaml:"recipientfile" toml:"recipientfile"`
+	Editor        string   `json:"editor" yaml:"editor" toml:"editor"`
+	EditorArgs    []string `json:"editorargs" yaml:"editorargs" toml:"editorargs"`
+	Prefix        string   `json:"randomfileprefix" yaml:"randomfileprefix" toml:"randomfileprefix"`
+	Suffix        string   `json:"randomfilesuffix" yaml:"randomfilesuffix" toml:"randomfilesuffix"`
+	RandomLength  int      `json:"randomfilenamelength" yaml:"randomfilenamelength" toml:"randomfilenamelength"`
 }

 var Defaults = Config{
--- a/pkg/editor/editor.go
+++ b/pkg/editor/editor.go
@ -1,7 +1,6 @@
 package editor

 import (
-	"errors"
 	"io/fs"
 	"os"
 	"os/exec"
@ -9,14 +8,17 @@ import (
 	"git.burning.moe/celediel/agedit/pkg/tmpfile"
 )

-// EditFile opens the specified file in the configured editor
-func EditFile(editor, filename string) error {
-	if editor == "" {
-		return errors.New("editor not set")
-	}
+type Editor struct {
+	Command   string
+	Args      []string
+	generator tmpfile.Generator
+}

-	// TODO: handle editors that require arguments
-	cmd := exec.Command(editor, filename)
+// EditFile opens the specified file in the configured editor
+func (e *Editor) EditFile(filename string) error {
+	args := append(e.Args, filename)
+
+	cmd := exec.Command(e.Command, args...)
 	cmd.Stdin = os.Stdin
 	cmd.Stdout = os.Stdout
 	cmd.Stderr = os.Stderr
@ -30,7 +32,7 @@ func EditFile(editor, filename string) error {

 // EditTempFile creates a temporary file with a random name, opens it in the
 // editor, and returns the byte slice of its contents.
-func EditTempFile(editor, start, prefix, suffix string, filename_length int) ([]byte, error) {
+func (e *Editor) EditTempFile(start string) ([]byte, error) {
 	var (
 		filename string
 		bytes    []byte
@ -38,10 +40,7 @@ func EditTempFile(editor, start, prefix, suffix string, filename_length int) ([]
 		file     *os.File
 	)

-	// generator := tmpfile.NewGenerator("agedit_", ".txt", 13)
-	generator := tmpfile.NewGenerator(prefix, suffix, filename_length)
-
-	filename = generator.GenerateFullPath()
+	filename = e.generator.GenerateFullPath()
 	if file, err = os.Create(filename); err != nil {
 		return nil, err
 	}
@ -50,7 +49,7 @@ func EditTempFile(editor, start, prefix, suffix string, filename_length int) ([]
 		return nil, err
 	}

-	if err = EditFile(editor, filename); err != nil {
+	if err = e.EditFile(filename); err != nil {
 		return nil, err
 	}

@ -68,3 +67,14 @@ func EditTempFile(editor, start, prefix, suffix string, filename_length int) ([]

 	return bytes, nil
 }
+
+// New returns an Editor configured to open files with `command` + `args`.
+// The prefix and suffix will be added to the randomly generated
+// filename of `length` characters.
+func New(command string, args []string, prefix, suffix string, length int) Editor {
+	return Editor{
+		Command:   command,
+		Args:      args,
+		generator: tmpfile.NewGenerator(prefix, suffix, length),
+	}
+}
--- a/pkg/encrypt/encrypt.go
+++ b/pkg/encrypt/encrypt.go
@ -11,18 +11,18 @@ import (
 )

 // Encrypt encrypts bytes into filename
-func Encrypt(data []byte, filename string, identity *age.X25519Identity) error {
+func Encrypt(data []byte, filename string, recipients ...age.Recipient) error {
 	var (
 		w   io.WriteCloser
 		out = &bytes.Buffer{}
 		err error
 	)

-	if identity == nil {
-		return errors.New("nil identity??")
+	if len(recipients) == 0 {
+		return errors.New("no recepients? who's trying to encrypt?")
 	}

-	if w, err = age.Encrypt(out, identity.Recipient()); err != nil {
+	if w, err = age.Encrypt(out, recipients...); err != nil {
 		return err
 	}

@ -40,7 +40,7 @@ func Encrypt(data []byte, filename string, identity *age.X25519Identity) error {
 }

 // Decrypt decrypts bytes from filename
-func Decrypt(filename string, identity *age.X25519Identity) ([]byte, error) {
+func Decrypt(filename string, identities ...age.Identity) ([]byte, error) {
 	var (
 		f   *os.File
 		r   io.Reader
@ -51,7 +51,7 @@ func Decrypt(filename string, identity *age.X25519Identity) ([]byte, error) {
 		return nil, err
 	}

-	if r, err = age.Decrypt(f, identity); err != nil {
+	if r, err = age.Decrypt(f, identities...); err != nil {
 		return nil, err
 	}

--- a/pkg/encrypt/encrypt_test.go
+++ b/pkg/encrypt/encrypt_test.go
@ -5,29 +5,29 @@ import (
 	"os"
 	"testing"

+	"filippo.io/age"
 	"git.burning.moe/celediel/agedit/pkg/tmpfile"
 )

-var generator = tmpfile.NewGenerator("test_", ".txt", 18)
+var (
+	generator        = tmpfile.NewGenerator("test_", ".txt", 18)
+	strings_to_write = []string{
+		"hello world",
+		"hola mundo",
+		"مرحبا بالعالم",
+		"こんにちは世界",
+		"你好世界",
+		"Γειά σου Κόσμε",
+		"Привіт Світ",
+		"Բարեւ աշխարհ",
+		"გამარჯობა მსოფლიო",
+		"अभिवादन पृथ्वी",
+	}
+)

 // TestEncryptionDecryption writes a string to a file, encrypts it, then decrypts it, and reads the string.
 func TestEncryptionDecryption(t *testing.T) {
-	var (
-		strings_to_write = []string{
-			"hello world",
-			"hola mundo",
-			"مرحبا بالعالم",
-			"こんにちは世界",
-			"你好世界",
-			"Γειά σου Κόσμε",
-			"Привіт Світ",
-			"Բարեւ աշխարհ",
-			"გამარჯობა მსოფლიო",
-			"अभिवादन पृथ्वी",
-		}
-	)
-
-	id, err := NewIdentity()
+	id, err := age.GenerateX25519Identity()
 	if err != nil {
 		t.Fatal(err)
 	}
@ -49,7 +49,7 @@ func TestEncryptionDecryption(t *testing.T) {
 				t.Fatal(err)
 			}

-			if err = Encrypt(b, encrypted_outname, id); err != nil {
+			if err = Encrypt(b, encrypted_outname, id.Recipient()); err != nil {
 				t.Fatal(err)
 			}

@ -73,6 +73,73 @@ func TestEncryptionDecryption(t *testing.T) {
 	}
 }

+func TestMultipleIdentities(t *testing.T) {
+	var (
+		identities []age.Identity
+		recipients []age.Recipient
+	)
+
+	for i := 0; i <= 10; i++ {
+		id, err := age.GenerateX25519Identity()
+		if err != nil {
+			t.Fatalf("age broke: %v", err)
+		}
+		identities = append(identities, id)
+		recipients = append(recipients, id.Recipient())
+	}
+
+	for _, str := range strings_to_write {
+		var (
+			outname           string = generator.GenerateFullPath()
+			encrypted_outname string = outname + ".age"
+			b                 []byte
+			err               error
+		)
+
+		t.Run("testing writing "+str, func(t *testing.T) {
+			if err = os.WriteFile(outname, []byte(str), fs.FileMode(0600)); err != nil {
+				t.Fatal(err)
+			}
+
+			if b, err = os.ReadFile(outname); err != nil {
+				t.Fatal(err)
+			}
+
+			if err = Encrypt(b, encrypted_outname, recipients...); err != nil {
+				t.Fatal(err)
+			}
+
+			// try decrypting with each identity
+			for _, id := range identities {
+				if b, err = Decrypt(encrypted_outname, id); err != nil {
+					t.Fatal(err)
+				}
+				if string(b) != str {
+					t.Fatal(string(b) + " isn't the same as " + str)
+				}
+			}
+
+			// then all of them because why not
+			if b, err = Decrypt(encrypted_outname, identities...); err != nil {
+				t.Fatal(err)
+			}
+
+			if string(b) != str {
+				t.Fatal(string(b) + " isn't the same as " + str)
+			}
+
+			if err = os.Remove(outname); err != nil {
+				t.Fatal(err)
+			}
+
+			if err = os.Remove(encrypted_outname); err != nil {
+				t.Fatal(err)
+			}
+
+		})
+	}
+}
+
 // TestNewIdentity creats a new identity, writes it to file, then re-reads it back from the file.
 func TestNewIdentity(t *testing.T) {
 	for i := 0; i <= 1000; i++ {
Author	SHA1	Message	Date
Lilian Jónsdóttir	79ffb9d9b6	version bump - v0.1.0 - add support for editor arguments - add support for encrypting to multiple recipients - add support for trying to decrypt with multiple identites - add cli flag to re-encrypt even if data wasn't changed	2024-03-23 14:15:48 -07:00
Lilian Jónsdóttir	790bc635ab	update readme	2024-03-23 14:13:09 -07:00
Lilian Jónsdóttir	da5adc9828	add support for encrypting to multiple recipients / decrypting with multiple identities - config options for reading identities/recipients from file - command line flags for both files, and identities/recipients straight from the command line - some cleanup and better help strings	2024-03-23 14:08:38 -07:00
Lilian Jónsdóttir	f4df6f35eb	add support for editors that need arguments	2024-03-23 13:57:15 -07:00
Lilian Jónsdóttir	e96bac3d9d	add force flag to re-encrypt even if data hasn't changed	2024-03-22 23:46:51 -07:00
Lilian Jónsdóttir	9c0c3ee788	some cleanup	2024-03-22 23:46:51 -07:00
Lilian Jónsdóttir	37601be04f	use cli flag action like it should be	2024-03-19 10:49:02 -07:00