celediel/agedit
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

Compare commits

base: celediel:79ffb9d9b67a0af6b47a723c1fe40946f8229089
Branches Tags
celediel:main
celediel:v0.3.1
celediel:v0.3.0
celediel:v0.2.3
celediel:v0.2.2
celediel:v0.2.1
celediel:v0.2.0
celediel:v0.1.1
celediel:v0.1.0
celediel:v0.0.2
celediel:v0.0.1
..
compare: celediel:5a96e7969444ee0f812e85e408914fb8102e8915
Branches Tags
celediel:main
celediel:v0.3.1
celediel:v0.3.0
celediel:v0.2.3
celediel:v0.2.2
celediel:v0.2.1
celediel:v0.2.0
celediel:v0.1.1
celediel:v0.1.0
celediel:v0.0.2
celediel:v0.0.1

No commits in common. "79ffb9d9b67a0af6b47a723c1fe40946f8229089" and "5a96e7969444ee0f812e85e408914fb8102e8915" have entirely different histories.
79ffb9d9b6 ... 5a96e79694

7 changed files with 108 additions and 303 deletions
Show stats Expand all files Collapse all files

16
README.md
View file

@ -10,15 +10,10 @@ open an [age](https://github.com/FiloSottile/age) encrypted file in $EDITOR
### flags
```text
--identity identity, -I identity [ --identity identity, -I identity ] age identity (or identities) to decrypt with
--identity-file FILE, -i FILE read identity from FILE
--recipient recipient, -R recipient [ --recipient recipient, -R recipient ] age recipients to encrypt to
--recipient-file FILE, -r FILE read recipients from FILE
--out FILE, -o FILE write to FILE instead of the input file
--editor EDITOR, -e EDITOR edit with specified EDITOR instead of $EDITOR
--editor-args arg [ --editor-args arg ] arguments to send to the editor
--force, -f re-encrypt the file even if no changes have been made. (default: false)
--log level log level (default: "warn")
--identity value, -i value age identity file to use
--out value, -o value write to this file instead of the input file
--log value, -l value log level (default: "warn")
--editor value, -e value specify the editor to use
--help, -h show help
--version, -v print the version
```
@ -27,6 +22,3 @@ open an [age](https://github.com/FiloSottile/age) encrypted file in $EDITOR
`go get git.burning.moe/celediel/agedit@latest`
See `./cmd/agedit` for example usage.
## TODO
- support for password encrypted key files

184
cmd/agedit/cli.go
View file

@ -2,12 +2,10 @@ package main
import (
"errors"
"fmt"
"os"
"strings"
"time"
"filippo.io/age"
"git.burning.moe/celediel/agedit/internal/config"
"git.burning.moe/celediel/agedit/pkg/editor"
"git.burning.moe/celediel/agedit/pkg/encrypt"
@ -19,10 +17,10 @@ import (
)
const (
name string = "agedit"
usage string = "Edit age encrypted files with your $EDITOR"
version string = "0.1.0"
help_template string = `NAME:
name = "agedit"
usage = "Edit age encrypted files with your $EDITOR"
version = "0.0.2"
help_template = `NAME:
{{.Name}} {{if .Version}}v{{.Version}}{{end}} - {{.Usage}}
USAGE:
@ -47,101 +45,33 @@ var (
}}
flags = []cli.Flag{
&cli.StringSliceFlag{
&cli.StringFlag{
Name: "identity",
Usage: "age `identity` (or identities) to decrypt with",
Aliases: []string{"I"},
Action: func(ctx *cli.Context, inputs []string) error {
for _, input := range inputs {
id, err := age.ParseX25519Identity(input)
if err != nil {
return err
}
identities = append(identities, id)
}
return nil
},
},
&cli.PathFlag{ // I dunno why PathFlag exists because cli.Path is just string
Name: "identity-file",
Usage: "read identity from `FILE`",
Usage: "age identity file to use",
Aliases: []string{"i"},
Action: func(ctx *cli.Context, identity_file cli.Path) error {
if identity_file != "" {
Action: func(ctx *cli.Context, s string) error {
if identity_file := ctx.String("identity"); identity_file != "" {
cfg.IdentityFile = identity_file
}
return nil
},
},
&cli.StringSliceFlag{
Name: "recipient",
Usage: "age `recipient`s to encrypt to",
Aliases: []string{"R"},
Action: func(ctx *cli.Context, inputs []string) error {
for _, input := range inputs {
logger.Debugf("parsing public key from string %s", input)
r, err := age.ParseX25519Recipient(input)
if err != nil {
return err
}
recipients = append(recipients, r)
}
return nil
},
},
&cli.PathFlag{
Name: "recipient-file",
Usage: "read recipients from `FILE`",
Aliases: []string{"r"},
Action: func(ctx *cli.Context, recipient_file cli.Path) error {
if recipient_file != "" {
cfg.RecipientFile = recipient_file
}
return nil
},
},
&cli.StringFlag{
Name: "out",
Usage: "write to `FILE` instead of the input file",
Usage: "write to this file instead of the input file",
Aliases: []string{"o"},
Action: func(ctx *cli.Context, out string) error {
output_file = out
return nil
},
},
&cli.StringFlag{
Name: "editor",
Usage: "edit with specified `EDITOR` instead of $EDITOR",
Aliases: []string{"e"},
Action: func(ctx *cli.Context, editor string) error {
cfg.Editor = editor
return nil
},
},
&cli.StringSliceFlag{
Name: "editor-args",
Usage: "`arg`uments to send to the editor",
Action: func(ctx *cli.Context, args []string) error {
cfg.EditorArgs = args
return nil
},
},
&cli.BoolFlag{
Name: "force",
Usage: "re-encrypt the file even if no changes have been made.",
Aliases: []string{"f"},
Action: func(ctx *cli.Context, b bool) error {
force_overwrite = b
Action: func(ctx *cli.Context, s string) error {
output_file = ctx.String("out")
return nil
},
},
&cli.StringFlag{
Name: "log",
Usage: "log `level`",
Usage: "log level",
Value: "warn",
Aliases: []string{"l"},
Action: func(ctx *cli.Context, s string) error {
if lvl, err := log.ParseLevel(s); err == nil {
if lvl, err := log.ParseLevel(ctx.String("log")); err == nil {
logger.SetLevel(lvl)
// Some extra info for debug level
if logger.GetLevel() == log.DebugLevel {
@ -153,6 +83,15 @@ var (
return nil
},
},
&cli.StringFlag{
Name: "editor",
Usage: "specify the editor to use",
Aliases: []string{"e"},
Action: func(ctx *cli.Context, s string) error {
cfg.Editor = ctx.String("editor")
return nil
},
},
}
)
@ -160,22 +99,23 @@ var (
func before(ctx *cli.Context) error {
// check input
if input_file = strings.Join(ctx.Args().Slice(), " "); input_file == "" {
return fmt.Errorf("no file to edit, use " + name + " -h for help")
return errors.New("no file to edit, use agedit -h for help")
}
// set some defaults
// do some setup
cfg = config.Defaults
cfg.Editor = env.GetEditor()
cfg_dir := env.GetConfigDir(name)
cfg_dir := env.GetConfigDir("agedit")
cfg.IdentityFile = cfg_dir + "identity.key"
configFile = cfg_dir + name + ".yaml"
configFile = cfg_dir + "agedit.yaml"
logger = log.NewWithOptions(os.Stderr, log.Options{
ReportTimestamp: true,
TimeFormat: time.TimeOnly,
})
// load config from file
if _, err := os.Stat(configFile); err != nil && errors.Is(err, os.ErrNotExist) {
_, err := os.Open(configFile)
if err != nil && errors.Is(err, os.ErrNotExist) {
// or not
logger.Debug("couldn't load config file", "file", configFile)
} else {
@ -185,16 +125,12 @@ func before(ctx *cli.Context) error {
}
}
// setup editor with loaded config options
edt = editor.New(cfg.Editor, cfg.EditorArgs, cfg.Prefix, cfg.Suffix, cfg.RandomLength)
return nil
}
// action does the actual thing
func action(ctx *cli.Context) error {
// make sure input file exists
if _, err := os.Stat(input_file); os.IsNotExist(err) {
if _, err := os.Open(input_file); os.IsNotExist(err) {
return err
}
@ -203,75 +139,35 @@ func action(ctx *cli.Context) error {
logger.Debug("out file not specified, using input", "outfile", output_file)
}
// read from identity file if exists and no identities have been supplied
if len(identities) == 0 {
if _, err := os.Stat(cfg.IdentityFile); os.IsNotExist(err) {
return fmt.Errorf("identity file unset and no identities supplied, use -i to specify an idenitity file or set one in the config file, or use -I to specify an age private key")
} else {
f, err := os.Open(cfg.IdentityFile)
if err != nil {
return fmt.Errorf("couldn't open identity file: %v", err)
}
if ids, err := age.ParseIdentities(f); err != nil {
return fmt.Errorf("couldn't parse identities: %v", err)
} else {
identities = append(identities, ids...)
}
}
if _, err := os.Open(cfg.IdentityFile); os.IsNotExist(err) {
return errors.New("identity file unset, use -i or set one in the config file")
}
// read from recipient file if it exists and no recipients have been supplied
if len(recipients) == 0 {
if _, err := os.Stat(cfg.RecipientFile); os.IsNotExist(err) {
return fmt.Errorf("recipient file doesn't exist")
if id, err := encrypt.ReadIdentityFromFile(cfg.IdentityFile); err != nil {
return err
} else {
f, err := os.Open(cfg.RecipientFile)
if err != nil {
return fmt.Errorf("couldn't open recipient file: %v", err)
}
if rs, err := age.ParseRecipients(f); err != nil {
return fmt.Errorf("couldn't parse recipients: %v", err)
} else {
recipients = append(recipients, rs...)
}
}
identity = id
}
logger.Debug("read identity from file", "id", identity.Recipient())
// get recipients from specified identities
for _, id := range identities {
// TODO: figure out how age actually intends for
// TODO: a recpient to be retrieved from an age.Identity
// TODO: beccause this is stupid and I hate it
actual_id, err := age.ParseX25519Identity(fmt.Sprint(id))
if err != nil {
return fmt.Errorf("couldn't get recipient? %v", err)
}
recipients = append(recipients, actual_id.Recipient())
}
// try to decrypt the file
decrypted, err := encrypt.Decrypt(input_file, identities...)
decrypted, err := encrypt.Decrypt(input_file, identity)
if err != nil {
return err
}
logger.Debug("decrypted " + input_file + " sucessfully")
// open decrypted data in the editor
edited, err := edt.EditTempFile(string(decrypted))
edited, err := editor.EditTempFile(cfg.Editor, string(decrypted), cfg.Prefix, cfg.Suffix, cfg.RandomLength)
if err != nil {
return err
}
logger.Debug("got data back from editor")
// don't overwrite same data, unless specified
if string(edited) == string(decrypted) && !force_overwrite {
if string(edited) == string(decrypted) {
logger.Warn("No edits made, not writing " + output_file)
return nil
}
// actually re-encrypt the data
err = encrypt.Encrypt(edited, output_file, recipients...)
err = encrypt.Encrypt(edited, output_file, identity)
if err != nil {
return err
}

8
cmd/agedit/main.go
View file

@ -4,7 +4,6 @@ import (
"os"
"git.burning.moe/celediel/agedit/internal/config"
"git.burning.moe/celediel/agedit/pkg/editor"
"filippo.io/age"
"github.com/charmbracelet/log"
@ -12,14 +11,12 @@ import (
)
var (
identities []age.Identity
recipients []age.Recipient
identity *age.X25519Identity
logger *log.Logger
cfg config.Config
edt editor.Editor
configFile string
input_file, output_file string
force_overwrite bool
)
func main() {
@ -32,7 +29,6 @@ func main() {
Before: before,
Action: action,
CustomAppHelpTemplate: help_template,
UseShortOptionHandling: true,
}
if err := app.Run(os.Args); err != nil {

2
internal/config/config.go
View file

@ -2,9 +2,7 @@ package config
type Config struct {
IdentityFile string `json:"identityfile" yaml:"identityfile" toml:"identityfile"`
RecipientFile string `json:"recipientfile" yaml:"recipientfile" toml:"recipientfile"`
Editor string `json:"editor" yaml:"editor" toml:"editor"`
EditorArgs []string `json:"editorargs" yaml:"editorargs" toml:"editorargs"`
Prefix string `json:"randomfileprefix" yaml:"randomfileprefix" toml:"randomfileprefix"`
Suffix string `json:"randomfilesuffix" yaml:"randomfilesuffix" toml:"randomfilesuffix"`
RandomLength int `json:"randomfilenamelength" yaml:"randomfilenamelength" toml:"randomfilenamelength"`

36
pkg/editor/editor.go
View file

@ -1,6 +1,7 @@
package editor
import (
"errors"
"io/fs"
"os"
"os/exec"
@ -8,17 +9,14 @@ import (
"git.burning.moe/celediel/agedit/pkg/tmpfile"
)
type Editor struct {
Command string
Args []string
generator tmpfile.Generator
// EditFile opens the specified file in the configured editor
func EditFile(editor, filename string) error {
if editor == "" {
return errors.New("editor not set")
}
// EditFile opens the specified file in the configured editor
func (e *Editor) EditFile(filename string) error {
args := append(e.Args, filename)
cmd := exec.Command(e.Command, args...)
// TODO: handle editors that require arguments
cmd := exec.Command(editor, filename)
cmd.Stdin = os.Stdin
cmd.Stdout = os.Stdout
cmd.Stderr = os.Stderr
@ -32,7 +30,7 @@ func (e *Editor) EditFile(filename string) error {
// EditTempFile creates a temporary file with a random name, opens it in the
// editor, and returns the byte slice of its contents.
func (e *Editor) EditTempFile(start string) ([]byte, error) {
func EditTempFile(editor, start, prefix, suffix string, filename_length int) ([]byte, error) {
var (
filename string
bytes []byte
@ -40,7 +38,10 @@ func (e *Editor) EditTempFile(start string) ([]byte, error) {
file *os.File
)
filename = e.generator.GenerateFullPath()
// generator := tmpfile.NewGenerator("agedit_", ".txt", 13)
generator := tmpfile.NewGenerator(prefix, suffix, filename_length)
filename = generator.GenerateFullPath()
if file, err = os.Create(filename); err != nil {
return nil, err
}
@ -49,7 +50,7 @@ func (e *Editor) EditTempFile(start string) ([]byte, error) {
return nil, err
}
if err = e.EditFile(filename); err != nil {
if err = EditFile(editor, filename); err != nil {
return nil, err
}
@ -67,14 +68,3 @@ func (e *Editor) EditTempFile(start string) ([]byte, error) {
return bytes, nil
}
// New returns an Editor configured to open files with `command` + `args`.
// The prefix and suffix will be added to the randomly generated
// filename of `length` characters.
func New(command string, args []string, prefix, suffix string, length int) Editor {
return Editor{
Command: command,
Args: args,
generator: tmpfile.NewGenerator(prefix, suffix, length),
}
}

12
pkg/encrypt/encrypt.go
View file

@ -11,18 +11,18 @@ import (
)
// Encrypt encrypts bytes into filename
func Encrypt(data []byte, filename string, recipients ...age.Recipient) error {
func Encrypt(data []byte, filename string, identity *age.X25519Identity) error {
var (
w io.WriteCloser
out = &bytes.Buffer{}
err error
)
if len(recipients) == 0 {
return errors.New("no recepients? who's trying to encrypt?")
if identity == nil {
return errors.New("nil identity??")
}
if w, err = age.Encrypt(out, recipients...); err != nil {
if w, err = age.Encrypt(out, identity.Recipient()); err != nil {
return err
}
@ -40,7 +40,7 @@ func Encrypt(data []byte, filename string, recipients ...age.Recipient) error {
}
// Decrypt decrypts bytes from filename
func Decrypt(filename string, identities ...age.Identity) ([]byte, error) {
func Decrypt(filename string, identity *age.X25519Identity) ([]byte, error) {
var (
f *os.File
r io.Reader
@ -51,7 +51,7 @@ func Decrypt(filename string, identities ...age.Identity) ([]byte, error) {
return nil, err
}
if r, err = age.Decrypt(f, identities...); err != nil {
if r, err = age.Decrypt(f, identity); err != nil {
return nil, err
}

79
pkg/encrypt/encrypt_test.go
View file

@ -5,12 +5,14 @@ import (
"os"
"testing"
"filippo.io/age"
"git.burning.moe/celediel/agedit/pkg/tmpfile"
)
var generator = tmpfile.NewGenerator("test_", ".txt", 18)
// TestEncryptionDecryption writes a string to a file, encrypts it, then decrypts it, and reads the string.
func TestEncryptionDecryption(t *testing.T) {
var (
generator = tmpfile.NewGenerator("test_", ".txt", 18)
strings_to_write = []string{
"hello world",
"hola mundo",
@ -25,9 +27,7 @@ var (
}
)
// TestEncryptionDecryption writes a string to a file, encrypts it, then decrypts it, and reads the string.
func TestEncryptionDecryption(t *testing.T) {
id, err := age.GenerateX25519Identity()
id, err := NewIdentity()
if err != nil {
t.Fatal(err)
}
@ -49,7 +49,7 @@ func TestEncryptionDecryption(t *testing.T) {
t.Fatal(err)
}
if err = Encrypt(b, encrypted_outname, id.Recipient()); err != nil {
if err = Encrypt(b, encrypted_outname, id); err != nil {
t.Fatal(err)
}
@ -73,73 +73,6 @@ func TestEncryptionDecryption(t *testing.T) {
}
}
func TestMultipleIdentities(t *testing.T) {
var (
identities []age.Identity
recipients []age.Recipient
)
for i := 0; i <= 10; i++ {
id, err := age.GenerateX25519Identity()
if err != nil {
t.Fatalf("age broke: %v", err)
}
identities = append(identities, id)
recipients = append(recipients, id.Recipient())
}
for _, str := range strings_to_write {
var (
outname string = generator.GenerateFullPath()
encrypted_outname string = outname + ".age"
b []byte
err error
)
t.Run("testing writing "+str, func(t *testing.T) {
if err = os.WriteFile(outname, []byte(str), fs.FileMode(0600)); err != nil {
t.Fatal(err)
}
if b, err = os.ReadFile(outname); err != nil {
t.Fatal(err)
}
if err = Encrypt(b, encrypted_outname, recipients...); err != nil {
t.Fatal(err)
}
// try decrypting with each identity
for _, id := range identities {
if b, err = Decrypt(encrypted_outname, id); err != nil {
t.Fatal(err)
}
if string(b) != str {
t.Fatal(string(b) + " isn't the same as " + str)
}
}
// then all of them because why not
if b, err = Decrypt(encrypted_outname, identities...); err != nil {
t.Fatal(err)
}
if string(b) != str {
t.Fatal(string(b) + " isn't the same as " + str)
}
if err = os.Remove(outname); err != nil {
t.Fatal(err)
}
if err = os.Remove(encrypted_outname); err != nil {
t.Fatal(err)
}
})
}
}
// TestNewIdentity creats a new identity, writes it to file, then re-reads it back from the file.
func TestNewIdentity(t *testing.T) {
for i := 0; i <= 1000; i++ {