// SecureBoxKey secures a box private key with a password.
func SecureBoxKey(password []byte, priv *[box.PrivateKeySize]byte) ([]byte, bool) {
return pwbox.Seal(password, priv[:])
}
// SecureSecretboxKey secures a secretbox key with a password.
func SecureSecretboxKey(password []byte, key *[secretbox.KeySize]byte) ([]byte, bool) {
return pwbox.Seal(password, key[:])
}
func main() {
flDecrypt := flag.Bool("d", false, "Decrypt the file.")
flUsage := flag.Bool("h", false, "Print a usage message and exit.")
flag.Parse()
if *flUsage {
usage()
os.Exit(0)
}
var outputFile string
var inputFile string
nargs := flag.NArg()
switch nargs {
case 0:
usage()
os.Exit(1)
case 1:
inputFile = flag.Args()[0]
if *flDecrypt {
if filepath.Ext(inputFile) == "" {
outputFile = inputFile + ".out"
} else {
outputFile = stripExt(inputFile)
if outputFile == inputFile {
outputFile = inputFile + ".out"
}
}
} else {
outputFile = inputFile + ".enc"
}
case 2:
inputFile = flag.Args()[0]
outputFile = flag.Args()[1]
default:
usage()
os.Exit(1)
}
password, err := readpass.PasswordPromptBytes("Password: "******"[!] Failed to read password.")
fmt.Printf("\t%v\n", err)
os.Exit(1)
}
defer zero(password)
fileData, err := ioutil.ReadFile(inputFile)
if err != nil {
fmt.Println("[!] Failed to open", inputFile)
fmt.Printf("\t%v\n", err)
os.Exit(1)
}
if *flDecrypt {
msg, ok := pwbox.Open(password, fileData)
if !ok {
fmt.Println("[!] Decryption failure.")
os.Exit(1)
}
err = ioutil.WriteFile(outputFile, msg, 0644)
if err != nil {
fmt.Println("[!] Failed to write", outputFile)
fmt.Printf("\t%v\n", err)
os.Exit(1)
}
fmt.Println("[+] Decrypted file written to", outputFile)
fmt.Println("OK")
} else {
box, ok := pwbox.Seal(password, fileData)
if !ok {
fmt.Println("[!] Encryption failure.")
os.Exit(1)
}
err = ioutil.WriteFile(outputFile, box, 0644)
if err != nil {
fmt.Println("[!] Failed to write", outputFile)
fmt.Printf("\t%v\n", err)
os.Exit(1)
}
fmt.Println("[+] Encrypted file written to", outputFile)
fmt.Println("OK")
return
}
}