// Run runs the command. func (r *Read) Run(database store.FileStore, provider providers.Provider) error { value, err := database.Get(*r.name) if err != nil { return err } algo := algorithms.New(value.Algorithm) var decryptionKeyArray [32]byte if algo.NeedsKey() { keyCiphertext, err2 := value.GetKeyCiphertext() if err2 != nil { return err2 } keyPlaintext, err2 := provider.Decrypt(keyCiphertext) if err2 != nil { return err2 } copy(decryptionKeyArray[:], keyPlaintext) } decoded, err := value.GetCiphertext() if err != nil { return err } plaintext, err := algo.Decrypt(&decryptionKeyArray, decoded) if err != nil { return err } fmt.Printf("%s\n", plaintext) return nil }
// Run runs the command. func (w *Write) Run(database store.FileStore, provider providers.Provider) error { if len(*w.keyID) == 0 { existingKeys, err := database.GetKeyIds() if err != nil && !os.IsNotExist(err) { return err } if len(existingKeys) > 1 { return errMultipleKeys } else if len(existingKeys) == 0 { return errNoKeySpecified } for keyID := range existingKeys { fmt.Fprintf(os.Stderr, "Using existing key %s\n", keyID) *w.keyID = keyID break } } envelopeKey, err := provider.GenerateEnvelopeKey(*w.keyID) if err != nil { return err } box := algorithms.New(*w.algo) ciphertext, err := box.Encrypt(envelopeKey.GetPlaintext32(), []byte(*w.value)) if err != nil { return err } encoded := base64.StdEncoding.EncodeToString(ciphertext) value := store.Value{ Algorithm: box.Label(), KeyID: *w.keyID, KeyCiphertext: base64.StdEncoding.EncodeToString(envelopeKey.Ciphertext), Ciphertext: encoded, } return database.Put(*w.name, value) }