celediel/agedit
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: celediel:79ffb9d9b67a0af6b47a723c1fe40946f8229089
Branches Tags
celediel:main
celediel:v0.3.1
celediel:v0.3.0
celediel:v0.2.3
celediel:v0.2.2
celediel:v0.2.1
celediel:v0.2.0
celediel:v0.1.1
celediel:v0.1.0
celediel:v0.0.2
celediel:v0.0.1
..
compare: celediel:5a96e7969444ee0f812e85e408914fb8102e8915
Branches Tags
celediel:main
celediel:v0.3.1
celediel:v0.3.0
celediel:v0.2.3
celediel:v0.2.2
celediel:v0.2.1
celediel:v0.2.0
celediel:v0.1.1
celediel:v0.1.0
celediel:v0.0.2
celediel:v0.0.1

No commits in common. "79ffb9d9b67a0af6b47a723c1fe40946f8229089" and "5a96e7969444ee0f812e85e408914fb8102e8915" have entirely different histories.
79ffb9d9b6 ... 5a96e79694

7 changed files with 108 additions and 303 deletions
Show stats Expand all files Collapse all files

20
README.md
View file

@ -10,23 +10,15 @@ open an [age](https://github.com/FiloSottile/age) encrypted file in $EDITOR
### flags ### flags
```text ```text
--identity identity, -I identity [ --identity identity, -I identity ] age identity (or identities) to decrypt with --identity value, -i value age identity file to use
--identity-file FILE, -i FILE read identity from FILE --out value, -o value write to this file instead of the input file
--recipient recipient, -R recipient [ --recipient recipient, -R recipient ] age recipients to encrypt to --log value, -l value log level (default: "warn")
--recipient-file FILE, -r FILE read recipients from FILE --editor value, -e value specify the editor to use
--out FILE, -o FILE write to FILE instead of the input file --help, -h show help
--editor EDITOR, -e EDITOR edit with specified EDITOR instead of $EDITOR --version, -v print the version
--editor-args arg [ --editor-args arg ] arguments to send to the editor
--force, -f re-encrypt the file even if no changes have been made. (default: false)
--log level log level (default: "warn")
--help, -h show help
--version, -v print the version
``` ```
## library ## library
`go get git.burning.moe/celediel/agedit@latest` `go get git.burning.moe/celediel/agedit@latest`
See `./cmd/agedit` for example usage. See `./cmd/agedit` for example usage.
## TODO
- support for password encrypted key files

198
cmd/agedit/cli.go
View file

@ -2,12 +2,10 @@ package main
import ( import (
"errors" "errors"
"fmt"
"os" "os"
"strings" "strings"
"time" "time"
"filippo.io/age"
"git.burning.moe/celediel/agedit/internal/config" "git.burning.moe/celediel/agedit/internal/config"
"git.burning.moe/celediel/agedit/pkg/editor" "git.burning.moe/celediel/agedit/pkg/editor"
"git.burning.moe/celediel/agedit/pkg/encrypt" "git.burning.moe/celediel/agedit/pkg/encrypt"
@ -19,10 +17,10 @@ import (
) )
const ( const (
name string = "agedit" name = "agedit"
usage string = "Edit age encrypted files with your $EDITOR" usage = "Edit age encrypted files with your $EDITOR"
version string = "0.1.0" version = "0.0.2"
help_template string = `NAME: help_template = `NAME:
{{.Name}} {{if .Version}}v{{.Version}}{{end}} - {{.Usage}} {{.Name}} {{if .Version}}v{{.Version}}{{end}} - {{.Usage}}
USAGE: USAGE:
@ -47,101 +45,33 @@ var (
}} }}
flags = []cli.Flag{ flags = []cli.Flag{
&cli.StringSliceFlag{ &cli.StringFlag{
Name: "identity", Name: "identity",
Usage: "age `identity` (or identities) to decrypt with", Usage: "age identity file to use",
Aliases: []string{"I"},
Action: func(ctx *cli.Context, inputs []string) error {
for _, input := range inputs {
id, err := age.ParseX25519Identity(input)
if err != nil {
return err
}
identities = append(identities, id)
}
return nil
},
},
&cli.PathFlag{ // I dunno why PathFlag exists because cli.Path is just string
Name: "identity-file",
Usage: "read identity from `FILE`",
Aliases: []string{"i"}, Aliases: []string{"i"},
Action: func(ctx *cli.Context, identity_file cli.Path) error { Action: func(ctx *cli.Context, s string) error {
if identity_file != "" { if identity_file := ctx.String("identity"); identity_file != "" {
cfg.IdentityFile = identity_file cfg.IdentityFile = identity_file
} }
return nil return nil
}, },
}, },
&cli.StringSliceFlag{
Name: "recipient",
Usage: "age `recipient`s to encrypt to",
Aliases: []string{"R"},
Action: func(ctx *cli.Context, inputs []string) error {
for _, input := range inputs {
logger.Debugf("parsing public key from string %s", input)
r, err := age.ParseX25519Recipient(input)
if err != nil {
return err
}
recipients = append(recipients, r)
}
return nil
},
},
&cli.PathFlag{
Name: "recipient-file",
Usage: "read recipients from `FILE`",
Aliases: []string{"r"},
Action: func(ctx *cli.Context, recipient_file cli.Path) error {
if recipient_file != "" {
cfg.RecipientFile = recipient_file
}
return nil
},
},
&cli.StringFlag{ &cli.StringFlag{
Name: "out", Name: "out",
Usage: "write to `FILE` instead of the input file", Usage: "write to this file instead of the input file",
Aliases: []string{"o"}, Aliases: []string{"o"},
Action: func(ctx *cli.Context, out string) error {
output_file = out
return nil
},
},
&cli.StringFlag{
Name: "editor",
Usage: "edit with specified `EDITOR` instead of $EDITOR",
Aliases: []string{"e"},
Action: func(ctx *cli.Context, editor string) error {
cfg.Editor = editor
return nil
},
},
&cli.StringSliceFlag{
Name: "editor-args",
Usage: "`arg`uments to send to the editor",
Action: func(ctx *cli.Context, args []string) error {
cfg.EditorArgs = args
return nil
},
},
&cli.BoolFlag{
Name: "force",
Usage: "re-encrypt the file even if no changes have been made.",
Aliases: []string{"f"},
Action: func(ctx *cli.Context, b bool) error {
force_overwrite = b
return nil
},
},
&cli.StringFlag{
Name: "log",
Usage: "log `level`",
Value: "warn",
Action: func(ctx *cli.Context, s string) error { Action: func(ctx *cli.Context, s string) error {
if lvl, err := log.ParseLevel(s); err == nil { output_file = ctx.String("out")
return nil
},
},
&cli.StringFlag{
Name: "log",
Usage: "log level",
Value: "warn",
Aliases: []string{"l"},
Action: func(ctx *cli.Context, s string) error {
if lvl, err := log.ParseLevel(ctx.String("log")); err == nil {
logger.SetLevel(lvl) logger.SetLevel(lvl)
// Some extra info for debug level // Some extra info for debug level
if logger.GetLevel() == log.DebugLevel { if logger.GetLevel() == log.DebugLevel {
@ -153,6 +83,15 @@ var (
return nil return nil
}, },
}, },
&cli.StringFlag{
Name: "editor",
Usage: "specify the editor to use",
Aliases: []string{"e"},
Action: func(ctx *cli.Context, s string) error {
cfg.Editor = ctx.String("editor")
return nil
},
},
} }
) )
@ -160,22 +99,23 @@ var (
func before(ctx *cli.Context) error { func before(ctx *cli.Context) error {
// check input // check input
if input_file = strings.Join(ctx.Args().Slice(), " "); input_file == "" { if input_file = strings.Join(ctx.Args().Slice(), " "); input_file == "" {
return fmt.Errorf("no file to edit, use " + name + " -h for help") return errors.New("no file to edit, use agedit -h for help")
} }
// set some defaults // do some setup
cfg = config.Defaults cfg = config.Defaults
cfg.Editor = env.GetEditor() cfg.Editor = env.GetEditor()
cfg_dir := env.GetConfigDir(name) cfg_dir := env.GetConfigDir("agedit")
cfg.IdentityFile = cfg_dir + "identity.key" cfg.IdentityFile = cfg_dir + "identity.key"
configFile = cfg_dir + name + ".yaml" configFile = cfg_dir + "agedit.yaml"
logger = log.NewWithOptions(os.Stderr, log.Options{ logger = log.NewWithOptions(os.Stderr, log.Options{
ReportTimestamp: true, ReportTimestamp: true,
TimeFormat: time.TimeOnly, TimeFormat: time.TimeOnly,
}) })
// load config from file // load config from file
if _, err := os.Stat(configFile); err != nil && errors.Is(err, os.ErrNotExist) { _, err := os.Open(configFile)
if err != nil && errors.Is(err, os.ErrNotExist) {
// or not // or not
logger.Debug("couldn't load config file", "file", configFile) logger.Debug("couldn't load config file", "file", configFile)
} else { } else {
@ -185,16 +125,12 @@ func before(ctx *cli.Context) error {
} }
} }
// setup editor with loaded config options
edt = editor.New(cfg.Editor, cfg.EditorArgs, cfg.Prefix, cfg.Suffix, cfg.RandomLength)
return nil return nil
} }
// action does the actual thing // action does the actual thing
func action(ctx *cli.Context) error { func action(ctx *cli.Context) error {
// make sure input file exists if _, err := os.Open(input_file); os.IsNotExist(err) {
if _, err := os.Stat(input_file); os.IsNotExist(err) {
return err return err
} }
@ -203,75 +139,35 @@ func action(ctx *cli.Context) error {
logger.Debug("out file not specified, using input", "outfile", output_file) logger.Debug("out file not specified, using input", "outfile", output_file)
} }
// read from identity file if exists and no identities have been supplied if _, err := os.Open(cfg.IdentityFile); os.IsNotExist(err) {
if len(identities) == 0 { return errors.New("identity file unset, use -i or set one in the config file")
if _, err := os.Stat(cfg.IdentityFile); os.IsNotExist(err) {
return fmt.Errorf("identity file unset and no identities supplied, use -i to specify an idenitity file or set one in the config file, or use -I to specify an age private key")
} else {
f, err := os.Open(cfg.IdentityFile)
if err != nil {
return fmt.Errorf("couldn't open identity file: %v", err)
}
if ids, err := age.ParseIdentities(f); err != nil {
return fmt.Errorf("couldn't parse identities: %v", err)
} else {
identities = append(identities, ids...)
}
}
} }
// read from recipient file if it exists and no recipients have been supplied if id, err := encrypt.ReadIdentityFromFile(cfg.IdentityFile); err != nil {
if len(recipients) == 0 { return err
if _, err := os.Stat(cfg.RecipientFile); os.IsNotExist(err) { } else {
return fmt.Errorf("recipient file doesn't exist") identity = id
} else {
f, err := os.Open(cfg.RecipientFile)
if err != nil {
return fmt.Errorf("couldn't open recipient file: %v", err)
}
if rs, err := age.ParseRecipients(f); err != nil {
return fmt.Errorf("couldn't parse recipients: %v", err)
} else {
recipients = append(recipients, rs...)
}
}
} }
logger.Debug("read identity from file", "id", identity.Recipient())
// get recipients from specified identities decrypted, err := encrypt.Decrypt(input_file, identity)
for _, id := range identities {
// TODO: figure out how age actually intends for
// TODO: a recpient to be retrieved from an age.Identity
// TODO: beccause this is stupid and I hate it
actual_id, err := age.ParseX25519Identity(fmt.Sprint(id))
if err != nil {
return fmt.Errorf("couldn't get recipient? %v", err)
}
recipients = append(recipients, actual_id.Recipient())
}
// try to decrypt the file
decrypted, err := encrypt.Decrypt(input_file, identities...)
if err != nil { if err != nil {
return err return err
} }
logger.Debug("decrypted " + input_file + " sucessfully") logger.Debug("decrypted " + input_file + " sucessfully")
// open decrypted data in the editor edited, err := editor.EditTempFile(cfg.Editor, string(decrypted), cfg.Prefix, cfg.Suffix, cfg.RandomLength)
edited, err := edt.EditTempFile(string(decrypted))
if err != nil { if err != nil {
return err return err
} }
logger.Debug("got data back from editor") logger.Debug("got data back from editor")
// don't overwrite same data, unless specified if string(edited) == string(decrypted) {
if string(edited) == string(decrypted) && !force_overwrite {
logger.Warn("No edits made, not writing " + output_file) logger.Warn("No edits made, not writing " + output_file)
return nil return nil
} }
// actually re-encrypt the data err = encrypt.Encrypt(edited, output_file, identity)
err = encrypt.Encrypt(edited, output_file, recipients...)
if err != nil { if err != nil {
return err return err
} }

30
cmd/agedit/main.go
View file

@ -4,7 +4,6 @@ import (
"os" "os"
"git.burning.moe/celediel/agedit/internal/config" "git.burning.moe/celediel/agedit/internal/config"
"git.burning.moe/celediel/agedit/pkg/editor"
"filippo.io/age" "filippo.io/age"
"github.com/charmbracelet/log" "github.com/charmbracelet/log"
@ -12,27 +11,24 @@ import (
) )
var ( var (
identities []age.Identity identity *age.X25519Identity
recipients []age.Recipient logger *log.Logger
logger *log.Logger cfg config.Config
cfg config.Config configFile string
edt editor.Editor
configFile string
input_file, output_file string input_file, output_file string
force_overwrite bool
) )
func main() { func main() {
app := &cli.App{ app := &cli.App{
Name: name, Name: name,
Usage: usage, Usage: usage,
Version: version, Version: version,
Authors: authors, Authors: authors,
Flags: flags, Flags: flags,
Before: before, Before: before,
Action: action, Action: action,
CustomAppHelpTemplate: help_template, CustomAppHelpTemplate: help_template,
UseShortOptionHandling: true,
} }
if err := app.Run(os.Args); err != nil { if err := app.Run(os.Args); err != nil {

12
internal/config/config.go
View file

@ -1,13 +1,11 @@
package config package config
type Config struct { type Config struct {
IdentityFile string `json:"identityfile" yaml:"identityfile" toml:"identityfile"` IdentityFile string `json:"identityfile" yaml:"identityfile" toml:"identityfile"`
RecipientFile string `json:"recipientfile" yaml:"recipientfile" toml:"recipientfile"` Editor string `json:"editor" yaml:"editor" toml:"editor"`
Editor string `json:"editor" yaml:"editor" toml:"editor"` Prefix string `json:"randomfileprefix" yaml:"randomfileprefix" toml:"randomfileprefix"`
EditorArgs []string `json:"editorargs" yaml:"editorargs" toml:"editorargs"` Suffix string `json:"randomfilesuffix" yaml:"randomfilesuffix" toml:"randomfilesuffix"`
Prefix string `json:"randomfileprefix" yaml:"randomfileprefix" toml:"randomfileprefix"` RandomLength int `json:"randomfilenamelength" yaml:"randomfilenamelength" toml:"randomfilenamelength"`
Suffix string `json:"randomfilesuffix" yaml:"randomfilesuffix" toml:"randomfilesuffix"`
RandomLength int `json:"randomfilenamelength" yaml:"randomfilenamelength" toml:"randomfilenamelength"`
} }
var Defaults = Config{ var Defaults = Config{

36
pkg/editor/editor.go
View file

@ -1,6 +1,7 @@
package editor package editor
import ( import (
"errors"
"io/fs" "io/fs"
"os" "os"
"os/exec" "os/exec"
@ -8,17 +9,14 @@ import (
"git.burning.moe/celediel/agedit/pkg/tmpfile" "git.burning.moe/celediel/agedit/pkg/tmpfile"
) )
type Editor struct {
Command string
Args []string
generator tmpfile.Generator
}
// EditFile opens the specified file in the configured editor // EditFile opens the specified file in the configured editor
func (e *Editor) EditFile(filename string) error { func EditFile(editor, filename string) error {
args := append(e.Args, filename) if editor == "" {
return errors.New("editor not set")
}
cmd := exec.Command(e.Command, args...) // TODO: handle editors that require arguments
cmd := exec.Command(editor, filename)
cmd.Stdin = os.Stdin cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr cmd.Stderr = os.Stderr
@ -32,7 +30,7 @@ func (e *Editor) EditFile(filename string) error {
// EditTempFile creates a temporary file with a random name, opens it in the // EditTempFile creates a temporary file with a random name, opens it in the
// editor, and returns the byte slice of its contents. // editor, and returns the byte slice of its contents.
func (e *Editor) EditTempFile(start string) ([]byte, error) { func EditTempFile(editor, start, prefix, suffix string, filename_length int) ([]byte, error) {
var ( var (
filename string filename string
bytes []byte bytes []byte
@ -40,7 +38,10 @@ func (e *Editor) EditTempFile(start string) ([]byte, error) {
file *os.File file *os.File
) )
filename = e.generator.GenerateFullPath() // generator := tmpfile.NewGenerator("agedit_", ".txt", 13)
generator := tmpfile.NewGenerator(prefix, suffix, filename_length)
filename = generator.GenerateFullPath()
if file, err = os.Create(filename); err != nil { if file, err = os.Create(filename); err != nil {
return nil, err return nil, err
} }
@ -49,7 +50,7 @@ func (e *Editor) EditTempFile(start string) ([]byte, error) {
return nil, err return nil, err
} }
if err = e.EditFile(filename); err != nil { if err = EditFile(editor, filename); err != nil {
return nil, err return nil, err
} }
@ -67,14 +68,3 @@ func (e *Editor) EditTempFile(start string) ([]byte, error) {
return bytes, nil return bytes, nil
} }
// New returns an Editor configured to open files with `command` + `args`.
// The prefix and suffix will be added to the randomly generated
// filename of `length` characters.
func New(command string, args []string, prefix, suffix string, length int) Editor {
return Editor{
Command: command,
Args: args,
generator: tmpfile.NewGenerator(prefix, suffix, length),
}
}

12
pkg/encrypt/encrypt.go
View file

@ -11,18 +11,18 @@ import (
) )
// Encrypt encrypts bytes into filename // Encrypt encrypts bytes into filename
func Encrypt(data []byte, filename string, recipients ...age.Recipient) error { func Encrypt(data []byte, filename string, identity *age.X25519Identity) error {
var ( var (
w io.WriteCloser w io.WriteCloser
out = &bytes.Buffer{} out = &bytes.Buffer{}
err error err error
) )
if len(recipients) == 0 { if identity == nil {
return errors.New("no recepients? who's trying to encrypt?") return errors.New("nil identity??")
} }
if w, err = age.Encrypt(out, recipients...); err != nil { if w, err = age.Encrypt(out, identity.Recipient()); err != nil {
return err return err
} }
@ -40,7 +40,7 @@ func Encrypt(data []byte, filename string, recipients ...age.Recipient) error {
} }
// Decrypt decrypts bytes from filename // Decrypt decrypts bytes from filename
func Decrypt(filename string, identities ...age.Identity) ([]byte, error) { func Decrypt(filename string, identity *age.X25519Identity) ([]byte, error) {
var ( var (
f *os.File f *os.File
r io.Reader r io.Reader
@ -51,7 +51,7 @@ func Decrypt(filename string, identities ...age.Identity) ([]byte, error) {
return nil, err return nil, err
} }
if r, err = age.Decrypt(f, identities...); err != nil { if r, err = age.Decrypt(f, identity); err != nil {
return nil, err return nil, err
} }

103
pkg/encrypt/encrypt_test.go
View file

@ -5,29 +5,29 @@ import (
"os" "os"
"testing" "testing"
"filippo.io/age"
"git.burning.moe/celediel/agedit/pkg/tmpfile" "git.burning.moe/celediel/agedit/pkg/tmpfile"
) )
var ( var generator = tmpfile.NewGenerator("test_", ".txt", 18)
generator = tmpfile.NewGenerator("test_", ".txt", 18)
strings_to_write = []string{
"hello world",
"hola mundo",
"مرحبا بالعالم",
"こんにちは世界",
"你好世界",
"Γειά σου Κόσμε",
"Привіт Світ",
"Բարեւ աշխարհ",
"გამარჯობა მსოფლიო",
"अभिवादन पृथ्वी",
}
)
// TestEncryptionDecryption writes a string to a file, encrypts it, then decrypts it, and reads the string. // TestEncryptionDecryption writes a string to a file, encrypts it, then decrypts it, and reads the string.
func TestEncryptionDecryption(t *testing.T) { func TestEncryptionDecryption(t *testing.T) {
id, err := age.GenerateX25519Identity() var (
strings_to_write = []string{
"hello world",
"hola mundo",
"مرحبا بالعالم",
"こんにちは世界",
"你好世界",
"Γειά σου Κόσμε",
"Привіт Світ",
"Բարեւ աշխարհ",
"გამარჯობა მსოფლიო",
"अभिवादन पृथ्वी",
}
)
id, err := NewIdentity()
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -49,7 +49,7 @@ func TestEncryptionDecryption(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
if err = Encrypt(b, encrypted_outname, id.Recipient()); err != nil { if err = Encrypt(b, encrypted_outname, id); err != nil {
t.Fatal(err) t.Fatal(err)
} }
@ -73,73 +73,6 @@ func TestEncryptionDecryption(t *testing.T) {
} }
} }
func TestMultipleIdentities(t *testing.T) {
var (
identities []age.Identity
recipients []age.Recipient
)
for i := 0; i <= 10; i++ {
id, err := age.GenerateX25519Identity()
if err != nil {
t.Fatalf("age broke: %v", err)
}
identities = append(identities, id)
recipients = append(recipients, id.Recipient())
}
for _, str := range strings_to_write {
var (
outname string = generator.GenerateFullPath()
encrypted_outname string = outname + ".age"
b []byte
err error
)
t.Run("testing writing "+str, func(t *testing.T) {
if err = os.WriteFile(outname, []byte(str), fs.FileMode(0600)); err != nil {
t.Fatal(err)
}
if b, err = os.ReadFile(outname); err != nil {
t.Fatal(err)
}
if err = Encrypt(b, encrypted_outname, recipients...); err != nil {
t.Fatal(err)
}
// try decrypting with each identity
for _, id := range identities {
if b, err = Decrypt(encrypted_outname, id); err != nil {
t.Fatal(err)
}
if string(b) != str {
t.Fatal(string(b) + " isn't the same as " + str)
}
}
// then all of them because why not
if b, err = Decrypt(encrypted_outname, identities...); err != nil {
t.Fatal(err)
}
if string(b) != str {
t.Fatal(string(b) + " isn't the same as " + str)
}
if err = os.Remove(outname); err != nil {
t.Fatal(err)
}
if err = os.Remove(encrypted_outname); err != nil {
t.Fatal(err)
}
})
}
}
// TestNewIdentity creats a new identity, writes it to file, then re-reads it back from the file. // TestNewIdentity creats a new identity, writes it to file, then re-reads it back from the file.
func TestNewIdentity(t *testing.T) { func TestNewIdentity(t *testing.T) {
for i := 0; i <= 1000; i++ { for i := 0; i <= 1000; i++ {