Example #1
0
func loadStore(path string, m secret.ScryptMode) *store.SecretStore {
	passphrase, err := util.PassPrompt("Secrets passphrase> ")
	if err != nil {
		util.Errorf("Failed to read passphrase: %v", err)
		return nil
	}

	var passwords *store.SecretStore
	if ok, _ := util.Exists(path); ok {
		defer util.Zero(passphrase)
		fileData, err := util.ReadFile(path)
		if err != nil {
			util.Errorf("%v", err)
			return nil
		}
		var ok bool
		passwords, ok = store.UnmarshalSecretStore(fileData, passphrase, m)
		if !ok {
			return nil
		}
		return passwords
	}
	util.Errorf("could not find %s", path)
	return nil
}
Example #2
0
func loadStore(path string) *store.KeyStore {
	// If keystore is newly created, we'll want to write it to
	// disk before leaving this function.
	var flush bool
	if exists, _ := util.Exists(path); !exists {
		flush = true
	}

	passphrase, err := util.PassPrompt("keystore passphrase> ")
	if err != nil {
		util.Errorf("%v", err)
		return nil
	}
	defer util.Zero(passphrase)

	keystore, ok := store.LoadKeyStore(path, true)
	if !ok {
		fmt.Printf("error in LoadKeyStore")
		return nil
	}
	if !keystore.Valid(false) {
		fmt.Println("keystore not valid")
		return nil
	}

	if !flush {
		if !keystore.Unlock(passphrase) {
			return nil
		}
		return keystore
	}

	if !keystore.LockWith(passphrase) {
		util.Errorf("Failed to set initial passphrase.")
		return nil
	} else if !keystore.Unlock(passphrase) {
		util.Errorf("Flushing keystore failed.")
		return nil
	}

	out, err := keystore.Dump()
	if err != nil {
		log.Printf("WARNING: failed to dump keystore: %v", err)
		return nil
	}
	err = ioutil.WriteFile(path, out, 0644)
	if err != nil {
		log.Printf("WARNING: failed to write keystore: %v", err)
	}

	return keystore
}
Example #3
0
func loadStore() {
	if ok, failed := util.Exists(storePath); !failed {
		log.Fatal("can't access store file")
	} else if !ok {
		store = map[string]*User{}
		return
	}

	in, err := ioutil.ReadFile(storePath)
	dieIfError(err)

	err = json.Unmarshal(in, &store)
	dieIfError(err)
}
Example #4
0
func main() {
	baseFile := filepath.Join(os.Getenv("HOME"), ".cukeystore.db")
	doCheck := flag.Bool("check", false, "check keystore's integrity'")
	doExport := flag.Bool("export", false, "export a verified key")
	doImport := flag.Bool("import", false, "import a key")
	doArmour := flag.Bool("a", false, "armour output")
	doDecrypt := flag.Bool("d", false, "decrypt file")
	doEncrypt := flag.Bool("e", false, "encrypt file")
	keystorePath := flag.String("f", baseFile, "path to keystore")
	doList := flag.Bool("k", false, "list keys")
	label := flag.String("l", "self", "label selecting a key")
	doRemove := flag.Bool("r", false, "remove named key")
	doSign := flag.Bool("s", false, "sign file")
	untrustedOK := flag.Bool("u", false, "accept untrusted keys when importing")
	doVerify := flag.Bool("v", false, "verify signature")
	flag.Parse()

	cfg := &config{
		Args:   flag.Args(),
		Label:  *label,
		Armour: *doArmour,
	}

	var cmd command
	switch {
	case *doCheck:
		cmd = commandSet["check"]
	case *doSign && *doEncrypt:
		cfg.Armour = true
		cmd = commandSet["cryptsign"]
	case *doSign:
		cmd = commandSet["sign"]
	case *doVerify:
		cmd = commandSet["verify"]
	case *doEncrypt:
		cmd = commandSet["encrypt"]
	case *doDecrypt:
		cmd = commandSet["decrypt"]
	case *doRemove:
		cmd = commandSet["remove"]
	case *doList:
		cmd = commandSet["list"]
	case *doExport && *label == "self":
		cmd = commandSet["exportself"]
	case *doExport:
		cmd = commandSet["export"]
	case *doImport:
		if *untrustedOK {
			cmd = commandSet["uimport"]
		} else {
			cmd = commandSet["import"]
		}
	default:
		util.Errorf("Nothing to do.")
		return
	}

	if flag.NArg() < cmd.RequiredArgc {
		util.Errorf("Not enough arguments: want %d, have %d.",
			cmd.RequiredArgc, flag.NArg())
		util.Errorf("Want: %v", strings.Join(cmd.Args, ", "))
		os.Exit(1)
	}

	ks := loadStore(*keystorePath)
	if ks == nil {
		util.Errorf("Failed to load keystore.")
		os.Exit(1)
	}
	if *doCheck && ks.ExportKey == nil {
		cmd.ShouldWrite = true
	}

	if cmd.NeedsUnlock {
		if !unlockStore(ks) {
			os.Exit(1)
		}
		defer ks.Lock()
	}

	err := cmd.Run(ks, cfg)
	if err != nil {
		util.Errorf("Failed: %v", err)
		os.Exit(1)
	}

	shouldWrite := cmd.ShouldWrite
	exists, ok := util.Exists(*keystorePath)
	if !ok {
		util.Errorf("Error checking %s", *keystorePath)
		os.Exit(1)
	}
	shouldWrite = shouldWrite || !exists
	if shouldWrite {
		ks.Timestamp = time.Now().Unix()
		fmt.Println("Writing keystore.")
		if !writeStore(ks, *keystorePath) {
			os.Exit(1)
		}
	}
}