// ExportPrivate PEM-encodes the locked private key. The private key is secured // with the passphrase using LockKey. func ExportPrivate(priv *PrivateKey, passphrase []byte) ([]byte, error) { locked, ok := LockKey(priv, passphrase) if !ok { return nil, ErrCorruptPrivateKey } block := pem.Block{ Type: PrivateType, Headers: map[string]string{ "Version": fmt.Sprintf("%s", util.VersionString()), }, Bytes: locked, } return pem.EncodeToMemory(&block), nil }
func main() { baseFile := filepath.Join(os.Getenv("HOME"), ".secrets.db") doInit := flag.Bool("init", false, "initialize a new store") doMerge := flag.Bool("merge", false, "merge another store into this store") doExport := flag.Bool("export", false, "export store to PEM") doImport := flag.Bool("import", false, "import store from PEM") doMulti := flag.Bool("multi", false, "enter multiple passwords") doChPass := flag.Bool("c", false, "change the store's password") storePath := flag.String("f", baseFile, "path to password store") doList := flag.Bool("l", false, "list accounts") withMeta := flag.Bool("m", false, "include metadata") doRemove := flag.Bool("r", false, "remove entries") doStore := flag.Bool("s", false, "store password") clipExport := flag.Bool("x", false, "dump secrets for clipboard") overWrite := flag.Bool("w", false, "overwrite existing secrets") doVersion := flag.Bool("V", false, "display version and exit") scryptInteractive := flag.Bool("i", false, "use scrypt interactive") flag.Parse() if *doVersion { fmt.Println("secrets version", util.VersionString()) os.Exit(0) } scryptMode := secret.ScryptStandard if *scryptInteractive { scryptMode = secret.ScryptInteractive } var cfg = &config{ Args: flag.Args(), Clip: *clipExport, WithMeta: *withMeta, Overwrite: *overWrite, } var cmd command switch { case *doInit: cmd = commandSet["init"] err := initStore(*storePath, scryptMode) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } return case *doChPass: cmd = commandSet["passwd"] case *doStore: cmd = commandSet["store"] case *doRemove: cmd = commandSet["remove"] case *doList: cmd = commandSet["list"] case *doMulti: cmd = commandSet["multi"] case *doMerge: cmd = commandSet["merge"] case *doExport: if flag.NArg() != 1 { util.Errorf("No output file specified.") } err := exportStore(*storePath, flag.Arg(0)) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } return case *doImport: if flag.NArg() != 1 { util.Errorf("No input file specified.") } err := importStore(*storePath, flag.Arg(0)) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } return default: cmd = commandSet["show"] } if flag.NArg() < cmd.RequiredArgc { util.Errorf("Not enough arguments: want %d, have %d.", cmd.RequiredArgc, flag.NArg()) util.Errorf("Want: %v", strings.Join(cmd.Args, ", ")) os.Exit(1) } passwords := loadStore(*storePath, scryptMode) if passwords == nil { util.Errorf("Failed to open password store") os.Exit(1) } defer passwords.Zero() err := cmd.Run(passwords, cfg, scryptMode) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } if cmd.ShouldWrite { passwords.Timestamp = time.Now().Unix() if !writeStore(passwords, *storePath, scryptMode) { util.Errorf("Failed to write store!") os.Exit(1) } } }
func main() { flArmour := flag.Bool("a", false, "armour output") flOutDir := flag.String("o", ".", "output directory") flOutfile := flag.String("f", "passcrypt.enc", "pack file") flShowManifest := flag.Bool("l", false, "list the files in the archive") flUnpack := flag.Bool("u", false, "unpack the archive") flag.BoolVar(&verbose, "v", false, "verbose mode") flVersion := flag.Bool("V", false, "display version and exit") flag.Parse() if *flVersion { fmt.Println("passcrypt version", util.VersionString()) os.Exit(0) } if *flUnpack || *flShowManifest { if flag.NArg() != 1 { util.Errorf("Only one file may be unpacked at a time.\n") os.Exit(1) } in, err := ioutil.ReadFile(flag.Arg(0)) if err != nil { util.Errorf("%v\n", err) os.Exit(1) } if p, _ := pem.Decode(in); p != nil { if p.Type != header { util.Errorf("Wrong header for archive.\n") os.Exit(1) } in = p.Bytes } if len(in) <= saltLength { util.Errorf("Invalid archive.\n") os.Exit(1) } salt := in[:saltLength] in = in[saltLength:] passphrase, err := readpass.PasswordPromptBytes("Password: "******"%v\n", err) os.Exit(1) } key := secret.DeriveKey(passphrase, salt) if key == nil { util.Errorf("Failed to derive key.n\n") os.Exit(1) } in, ok := secret.Decrypt(key, in) if !ok { util.Errorf("Decryption failed.\n") os.Exit(1) } defer util.Zero(in) if *flUnpack { err = unpackFiles(in, *flOutDir) if err != nil { util.Errorf("%v\n", err) os.Exit(1) } } else if *flShowManifest { var files []File _, err := asn1.Unmarshal(in, &files) if err != nil { util.Errorf("%v\n", err) os.Exit(1) } fmt.Println("Manifest for", flag.Arg(0)) fmt.Printf("\n") for _, file := range files { fmt.Printf("\t%s", file.Path) if os.FileMode(file.Mode).IsDir() { fmt.Printf("/") } fmt.Printf("\n") } } return } if flag.NArg() == 0 { return } passphrase, err := readpass.PasswordPromptBytes("Password: "******"%v\n", err) os.Exit(1) } salt := util.RandBytes(saltLength) if salt == nil { util.Errorf("Failed to generate a random salt.\n") os.Exit(1) } key := secret.DeriveKey(passphrase, salt) if key == nil { util.Errorf("Failed to derive key.n\n") os.Exit(1) } out, err := packFiles(flag.Args()) if err != nil { util.Errorf("%v\n", err) os.Exit(1) } var ok bool out, ok = secret.Encrypt(key, out) if !ok { util.Errorf("Encryption failed.\n") os.Exit(1) } out = append(salt, out...) if *flArmour { p := &pem.Block{ Type: header, Bytes: out, } out = pem.EncodeToMemory(p) } err = ioutil.WriteFile(*flOutfile, out, 0644) if err != nil { util.Errorf("%v\n", err) os.Exit(1) } }
func main() { baseFile := filepath.Join(os.Getenv("HOME"), ".otpc.db") doInit := flag.Bool("init", false, "initialize a new store") doStore := flag.Bool("s", false, "store a new two-factor token") storePath := flag.String("f", baseFile, "path to password store") otpKind := flag.String("t", "", "OTP type (TOTP, HOTP, GOOGLE)") doQR := flag.Bool("qr", false, "dump QR code for secret") doVersion := flag.Bool("V", false, "display version and exit") scryptInteractive := flag.Bool("i", false, "use scrypt interactive") flag.Parse() if *doVersion { fmt.Println("otpc version", util.VersionString()) os.Exit(0) } scryptMode := secret.ScryptStandard if *scryptInteractive { scryptMode = secret.ScryptInteractive } var cfg = &config{ Args: flag.Args(), OTPType: parseOTPKind(*otpKind), } var cmd command switch { case *doInit: cmd = commandSet["init"] err := initStore(*storePath, scryptMode) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } return case *doStore: cmd = commandSet["store"] case *doQR: cmd = commandSet["qr"] default: cmd = commandSet["show"] } if flag.NArg() < cmd.RequiredArgc { util.Errorf("Not enough arguments: want %d, have %d.", cmd.RequiredArgc, flag.NArg()) util.Errorf("Want: %v", strings.Join(cmd.Args, ", ")) os.Exit(1) } ps := loadStore(*storePath, scryptMode) if ps == nil { util.Errorf("Failed to open two-factor store.") os.Exit(1) } defer ps.Zero() err := cmd.Run(ps, cfg) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } if cmd.ShouldWrite || cfg.Updated { ps.Timestamp = time.Now().Unix() if !writeStore(ps, *storePath, scryptMode) { util.Errorf("Failed to write store!") os.Exit(1) } } }
func main() { baseFile := filepath.Join(os.Getenv("HOME"), ".cu_journal") doInit := flag.Bool("init", false, "initialize a new store") currentEditor := os.Getenv("EDITOR") editor := flag.String("editor", currentEditor, "editor for writing entries") doEdit := flag.Bool("e", false, "edit entry") storePath := flag.String("f", baseFile, "path to journal") doList := flag.Bool("l", false, "list entries") doWrite := flag.Bool("w", false, "write new entry") doVersion := flag.Bool("V", false, "display version and exit") scryptInteractive := flag.Bool("i", false, "use scrypt interactive") flag.Parse() if *doVersion { fmt.Println("journal version", util.VersionString()) os.Exit(0) } scryptMode := secret.ScryptStandard if *scryptInteractive { scryptMode = secret.ScryptInteractive } var cfg = &config{ Args: flag.Args(), Editor: *editor, } var cmd command switch { case *doInit: cmd = commandSet["init"] err := initStore(*storePath, scryptMode) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } return case *doEdit: cmd = commandSet["edit"] case *doList: cmd = commandSet["list"] case *doWrite: cmd = commandSet["write"] default: cmd = commandSet["show"] } if flag.NArg() < cmd.RequiredArgc { util.Errorf("Not enough arguments: want %d, have %d.", cmd.RequiredArgc, flag.NArg()) util.Errorf("Want: %v", strings.Join(cmd.Args, ", ")) os.Exit(1) } passwords := loadStore(*storePath, scryptMode) if passwords == nil { util.Errorf("Failed to open password store") os.Exit(1) } defer passwords.Zero() err := cmd.Run(passwords, cfg) if err != nil { util.Errorf("Failed: %v", err) os.Exit(1) } if cmd.ShouldWrite { passwords.Timestamp = time.Now().Unix() if !writeStore(passwords, *storePath, scryptMode) { util.Errorf("Failed to write store!") os.Exit(1) } } }