예제 #1
0
파일: get.go 프로젝트: dcoker/secrets
// Run runs the command.
func (r *Get) Run(database store.FileStore) error {
	value, err := database.Get(*r.name)
	if err != nil {
		return err
	}
	algo, err := algorithms.New(value.Algorithm)
	if err != nil {
		return err
	}
	var decryptionKeyArray [32]byte
	if algo.NeedsKey() {
		keyManager, err := keymanager.New(value.KeyManager)
		if err != nil {
			return err
		}

		keyCiphertext, err2 := value.GetKeyCiphertext()
		if err2 != nil {
			return err2
		}
		keyPlaintext, err2 := keyManager.Decrypt(keyCiphertext, *r.name)
		if err2 != nil {
			return err2
		}
		copy(decryptionKeyArray[:], keyPlaintext)
	}
	decoded, err := value.GetCiphertext()
	if err != nil {
		return err
	}
	plaintext, err := algo.Decrypt(&decryptionKeyArray, decoded)
	if err != nil {
		return err
	}

	if len(*r.writeTo) > 0 {
		return ioutil.WriteFile(*r.writeTo, plaintext, 0644)
	}

	fmt.Printf("%s", plaintext)
	if !bytes.HasSuffix(plaintext, []byte{'\n'}) {
		fmt.Printf("\n")
	}
	return nil
}
예제 #2
0
파일: put.go 프로젝트: dcoker/secrets
// Run runs the command.
func (w *Put) Run(database store.FileStore) error {
	var value store.Value
	algo, err := algorithms.New(*w.algo)
	if err != nil {
		return err
	}
	value.Algorithm = algo.Label()

	var envelopeKey keymanager.EnvelopeKey
	if algo.NeedsKey() {
		keyManager, err := keymanager.New(*w.keyManager)
		if err != nil {
			return err
		}
		value.KeyManager = keyManager.Label()

		if err := w.chooseKeyID(database); err != nil {
			return err
		}
		value.KeyID = *w.keyID

		envelopeKey, err = keyManager.GenerateEnvelopeKey(*w.keyID, *w.name)
		if err != nil {
			return err
		}
		value.KeyCiphertext = base64.StdEncoding.EncodeToString(envelopeKey.Ciphertext)
	}

	plaintext, err := w.choosePlaintext()
	if err != nil {
		return err
	}

	ciphertext, err := algo.Encrypt(envelopeKey.GetPlaintext32(), plaintext)
	if err != nil {
		return err
	}
	value.Ciphertext = base64.StdEncoding.EncodeToString(ciphertext)

	return database.Put(*w.name, value)
}