// ExportPrivate PEM-encodes the locked private key. The private key is secured
// with the passphrase using LockKey.
func ExportPrivate(priv *PrivateKey, passphrase []byte) ([]byte, error) {
locked, ok := LockKey(priv, passphrase)
if !ok {
return nil, ErrCorruptPrivateKey
}
block := pem.Block{
Type: PrivateType,
Headers: map[string]string{
"Version": fmt.Sprintf("%s", util.VersionString()),
},
Bytes: locked,
}
return pem.EncodeToMemory(&block), nil
}
func main() {
baseFile := filepath.Join(os.Getenv("HOME"), ".secrets.db")
doInit := flag.Bool("init", false, "initialize a new store")
doMerge := flag.Bool("merge", false, "merge another store into this store")
doExport := flag.Bool("export", false, "export store to PEM")
doImport := flag.Bool("import", false, "import store from PEM")
doMulti := flag.Bool("multi", false, "enter multiple passwords")
doChPass := flag.Bool("c", false, "change the store's password")
storePath := flag.String("f", baseFile, "path to password store")
doList := flag.Bool("l", false, "list accounts")
withMeta := flag.Bool("m", false, "include metadata")
doRemove := flag.Bool("r", false, "remove entries")
doStore := flag.Bool("s", false, "store password")
clipExport := flag.Bool("x", false, "dump secrets for clipboard")
overWrite := flag.Bool("w", false, "overwrite existing secrets")
doVersion := flag.Bool("V", false, "display version and exit")
scryptInteractive := flag.Bool("i", false, "use scrypt interactive")
flag.Parse()
if *doVersion {
fmt.Println("secrets version", util.VersionString())
os.Exit(0)
}
scryptMode := secret.ScryptStandard
if *scryptInteractive {
scryptMode = secret.ScryptInteractive
}
var cfg = &config{
Args: flag.Args(),
Clip: *clipExport,
WithMeta: *withMeta,
Overwrite: *overWrite,
}
var cmd command
switch {
case *doInit:
cmd = commandSet["init"]
err := initStore(*storePath, scryptMode)
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
return
case *doChPass:
cmd = commandSet["passwd"]
case *doStore:
cmd = commandSet["store"]
case *doRemove:
cmd = commandSet["remove"]
case *doList:
cmd = commandSet["list"]
case *doMulti:
cmd = commandSet["multi"]
case *doMerge:
cmd = commandSet["merge"]
case *doExport:
if flag.NArg() != 1 {
util.Errorf("No output file specified.")
}
err := exportStore(*storePath, flag.Arg(0))
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
return
case *doImport:
if flag.NArg() != 1 {
util.Errorf("No input file specified.")
}
err := importStore(*storePath, flag.Arg(0))
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
return
default:
cmd = commandSet["show"]
}
if flag.NArg() < cmd.RequiredArgc {
util.Errorf("Not enough arguments: want %d, have %d.",
cmd.RequiredArgc, flag.NArg())
util.Errorf("Want: %v", strings.Join(cmd.Args, ", "))
os.Exit(1)
}
passwords := loadStore(*storePath, scryptMode)
if passwords == nil {
util.Errorf("Failed to open password store")
os.Exit(1)
}
defer passwords.Zero()
err := cmd.Run(passwords, cfg, scryptMode)
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
if cmd.ShouldWrite {
passwords.Timestamp = time.Now().Unix()
if !writeStore(passwords, *storePath, scryptMode) {
util.Errorf("Failed to write store!")
os.Exit(1)
}
}
}
func main() {
flArmour := flag.Bool("a", false, "armour output")
flOutDir := flag.String("o", ".", "output directory")
flOutfile := flag.String("f", "passcrypt.enc", "pack file")
flShowManifest := flag.Bool("l", false, "list the files in the archive")
flUnpack := flag.Bool("u", false, "unpack the archive")
flag.BoolVar(&verbose, "v", false, "verbose mode")
flVersion := flag.Bool("V", false, "display version and exit")
flag.Parse()
if *flVersion {
fmt.Println("passcrypt version", util.VersionString())
os.Exit(0)
}
if *flUnpack || *flShowManifest {
if flag.NArg() != 1 {
util.Errorf("Only one file may be unpacked at a time.\n")
os.Exit(1)
}
in, err := ioutil.ReadFile(flag.Arg(0))
if err != nil {
util.Errorf("%v\n", err)
os.Exit(1)
}
if p, _ := pem.Decode(in); p != nil {
if p.Type != header {
util.Errorf("Wrong header for archive.\n")
os.Exit(1)
}
in = p.Bytes
}
if len(in) <= saltLength {
util.Errorf("Invalid archive.\n")
os.Exit(1)
}
salt := in[:saltLength]
in = in[saltLength:]
passphrase, err := readpass.PasswordPromptBytes("Password: "******"%v\n", err)
os.Exit(1)
}
key := secret.DeriveKey(passphrase, salt)
if key == nil {
util.Errorf("Failed to derive key.n\n")
os.Exit(1)
}
in, ok := secret.Decrypt(key, in)
if !ok {
util.Errorf("Decryption failed.\n")
os.Exit(1)
}
defer util.Zero(in)
if *flUnpack {
err = unpackFiles(in, *flOutDir)
if err != nil {
util.Errorf("%v\n", err)
os.Exit(1)
}
} else if *flShowManifest {
var files []File
_, err := asn1.Unmarshal(in, &files)
if err != nil {
util.Errorf("%v\n", err)
os.Exit(1)
}
fmt.Println("Manifest for", flag.Arg(0))
fmt.Printf("\n")
for _, file := range files {
fmt.Printf("\t%s", file.Path)
if os.FileMode(file.Mode).IsDir() {
fmt.Printf("/")
}
fmt.Printf("\n")
}
}
return
}
if flag.NArg() == 0 {
return
}
passphrase, err := readpass.PasswordPromptBytes("Password: "******"%v\n", err)
os.Exit(1)
}
salt := util.RandBytes(saltLength)
if salt == nil {
util.Errorf("Failed to generate a random salt.\n")
os.Exit(1)
}
key := secret.DeriveKey(passphrase, salt)
if key == nil {
util.Errorf("Failed to derive key.n\n")
os.Exit(1)
}
out, err := packFiles(flag.Args())
if err != nil {
util.Errorf("%v\n", err)
os.Exit(1)
}
var ok bool
out, ok = secret.Encrypt(key, out)
if !ok {
util.Errorf("Encryption failed.\n")
os.Exit(1)
}
out = append(salt, out...)
if *flArmour {
p := &pem.Block{
Type: header,
Bytes: out,
}
out = pem.EncodeToMemory(p)
}
err = ioutil.WriteFile(*flOutfile, out, 0644)
if err != nil {
util.Errorf("%v\n", err)
os.Exit(1)
}
}
func main() {
baseFile := filepath.Join(os.Getenv("HOME"), ".otpc.db")
doInit := flag.Bool("init", false, "initialize a new store")
doStore := flag.Bool("s", false, "store a new two-factor token")
storePath := flag.String("f", baseFile, "path to password store")
otpKind := flag.String("t", "", "OTP type (TOTP, HOTP, GOOGLE)")
doQR := flag.Bool("qr", false, "dump QR code for secret")
doVersion := flag.Bool("V", false, "display version and exit")
scryptInteractive := flag.Bool("i", false, "use scrypt interactive")
flag.Parse()
if *doVersion {
fmt.Println("otpc version", util.VersionString())
os.Exit(0)
}
scryptMode := secret.ScryptStandard
if *scryptInteractive {
scryptMode = secret.ScryptInteractive
}
var cfg = &config{
Args: flag.Args(),
OTPType: parseOTPKind(*otpKind),
}
var cmd command
switch {
case *doInit:
cmd = commandSet["init"]
err := initStore(*storePath, scryptMode)
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
return
case *doStore:
cmd = commandSet["store"]
case *doQR:
cmd = commandSet["qr"]
default:
cmd = commandSet["show"]
}
if flag.NArg() < cmd.RequiredArgc {
util.Errorf("Not enough arguments: want %d, have %d.",
cmd.RequiredArgc, flag.NArg())
util.Errorf("Want: %v", strings.Join(cmd.Args, ", "))
os.Exit(1)
}
ps := loadStore(*storePath, scryptMode)
if ps == nil {
util.Errorf("Failed to open two-factor store.")
os.Exit(1)
}
defer ps.Zero()
err := cmd.Run(ps, cfg)
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
if cmd.ShouldWrite || cfg.Updated {
ps.Timestamp = time.Now().Unix()
if !writeStore(ps, *storePath, scryptMode) {
util.Errorf("Failed to write store!")
os.Exit(1)
}
}
}
func main() {
baseFile := filepath.Join(os.Getenv("HOME"), ".cu_journal")
doInit := flag.Bool("init", false, "initialize a new store")
currentEditor := os.Getenv("EDITOR")
editor := flag.String("editor", currentEditor, "editor for writing entries")
doEdit := flag.Bool("e", false, "edit entry")
storePath := flag.String("f", baseFile, "path to journal")
doList := flag.Bool("l", false, "list entries")
doWrite := flag.Bool("w", false, "write new entry")
doVersion := flag.Bool("V", false, "display version and exit")
scryptInteractive := flag.Bool("i", false, "use scrypt interactive")
flag.Parse()
if *doVersion {
fmt.Println("journal version", util.VersionString())
os.Exit(0)
}
scryptMode := secret.ScryptStandard
if *scryptInteractive {
scryptMode = secret.ScryptInteractive
}
var cfg = &config{
Args: flag.Args(),
Editor: *editor,
}
var cmd command
switch {
case *doInit:
cmd = commandSet["init"]
err := initStore(*storePath, scryptMode)
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
return
case *doEdit:
cmd = commandSet["edit"]
case *doList:
cmd = commandSet["list"]
case *doWrite:
cmd = commandSet["write"]
default:
cmd = commandSet["show"]
}
if flag.NArg() < cmd.RequiredArgc {
util.Errorf("Not enough arguments: want %d, have %d.",
cmd.RequiredArgc, flag.NArg())
util.Errorf("Want: %v", strings.Join(cmd.Args, ", "))
os.Exit(1)
}
passwords := loadStore(*storePath, scryptMode)
if passwords == nil {
util.Errorf("Failed to open password store")
os.Exit(1)
}
defer passwords.Zero()
err := cmd.Run(passwords, cfg)
if err != nil {
util.Errorf("Failed: %v", err)
os.Exit(1)
}
if cmd.ShouldWrite {
passwords.Timestamp = time.Now().Unix()
if !writeStore(passwords, *storePath, scryptMode) {
util.Errorf("Failed to write store!")
os.Exit(1)
}
}
}
