From 5ad198a35c72c045b2219c09c95c77774d9a937f Mon Sep 17 00:00:00 2001 From: Oleiade Date: Thu, 11 Sep 2014 10:42:28 +0200 Subject: [PATCH 01/14] Restore mandatory global --- globals.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/globals.go b/globals.go index 5e53a1d..c103a1a 100644 --- a/globals.go +++ b/globals.go @@ -15,5 +15,5 @@ var gMasterGpgId string = os.Getenv(ENV_MASTER_GPG_ID_KEY) // Keyring manager service and username to use in order to // retrieve trousseau main gpg key passphrase from system // keyring -//var gKeyringService string = os.Getenv(ENV_KEYRING_SERVICE_KEY) +var gKeyringService string = os.Getenv(ENV_KEYRING_SERVICE_KEY) var gKeyringUser string = os.Getenv(ENV_KEYRING_USER_KEY) From 64919c3bbd3cf0a3862e594e12f3b3165bab811d Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 12:58:06 +0200 Subject: [PATCH 02/14] Throw error when recipient does not exist on create command [fix #89] --- actions.go | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/actions.go b/actions.go index 311c128..4cfd7df 100644 --- a/actions.go +++ b/actions.go @@ -25,9 +25,13 @@ func CreateAction(recipients []string) { CryptoType: ASYMMETRIC_ENCRYPTION, CryptoAlgorithm: GPG_ENCRYPTION, } - tr.Encrypt(store) - err := tr.Write(InferStorePath()) + err := tr.Encrypt(store) + if err != nil { + ErrorLogger.Fatal(err) + } + + err = tr.Write(InferStorePath()) if err != nil { ErrorLogger.Fatal(err) } From 27602dfe053b25eaaa006735e5600c08f2d33ecd Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 13:06:36 +0200 Subject: [PATCH 03/14] Support for multiple recipients on data store creation [fix #95] --- cmd/trousseau/commands.go | 4 ---- 1 file changed, 4 deletions(-) diff --git a/cmd/trousseau/commands.go b/cmd/trousseau/commands.go index 3cfbfef..6729eb4 100644 --- a/cmd/trousseau/commands.go +++ b/cmd/trousseau/commands.go @@ -23,10 +23,6 @@ func CreateCommand() cli.Command { " trousseau create tcrevon@gmail.com\n" + " export TROUSSEAU_STORE=/tmp/test_trousseau.tr && trousseau create 16DB4F3\n", Action: func(c *cli.Context) { - if !hasExpectedArgs(c.Args(), 1) { - trousseau.ErrorLogger.Fatal("Invalid number of arguments provided to create command") - } - var recipients []string = strings.Split(c.Args()[0], ",") trousseau.CreateAction(recipients) }, From 6ec272b02872f703f7c2904fe64658a51241cb61 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 13:19:53 +0200 Subject: [PATCH 04/14] Fix import raises an error when data store does not exist [fix #58] --- actions.go | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/actions.go b/actions.go index 4cfd7df..b722e7d 100644 --- a/actions.go +++ b/actions.go @@ -189,49 +189,49 @@ func ImportAction(from string, strategy ImportStrategy, plain bool) { localTr, err := OpenTrousseau(localFilePath) if err != nil { - ErrorLogger.Fatal(err) + ErrorLogger.Fatal(err) } localStore, err := localTr.Decrypt() if err != nil { - ErrorLogger.Fatal(err) + ErrorLogger.Fatal(err) } if plain == true { - importedData, err := ioutil.ReadFile(from) - if err != nil { - ErrorLogger.Fatal(err) - } + importedData, err := ioutil.ReadFile(from) + if err != nil { + ErrorLogger.Fatal(err) + } - err = json.Unmarshal(importedData, importedStore) - if err != nil { - ErrorLogger.Fatal(err) - } + err = json.Unmarshal(importedData, importedStore) + if err != nil { + ErrorLogger.Fatal(err) + } } else { - importedTr, err := OpenTrousseau(from) - if err != nil { - ErrorLogger.Fatal(err) - } + importedTr, err := OpenTrousseau(from) + if err != nil { + ErrorLogger.Fatal(err) + } - importedStore, err = importedTr.Decrypt() - if err != nil { - ErrorLogger.Fatal(err) - } + importedStore, err = importedTr.Decrypt() + if err != nil { + ErrorLogger.Fatal(err) + } } err = ImportStore(importedStore, localStore, strategy) if err != nil { - ErrorLogger.Fatal(err) + ErrorLogger.Fatal(err) } err = localTr.Encrypt(localStore) if err != nil { - ErrorLogger.Fatal(err) + ErrorLogger.Fatal(err) } err = localTr.Write(localFilePath) if err != nil { - ErrorLogger.Fatal(err) + ErrorLogger.Fatal(err) } InfoLogger.Println(fmt.Sprintf("Trousseau data store imported: %s", from)) From add133d8dd29ab8c52f7b4f362056c7763ae360c Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 13:28:08 +0200 Subject: [PATCH 05/14] Remove useless logging from upgrade command [fix #104] --- upgrade.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/upgrade.go b/upgrade.go index fa17c40..c3493da 100644 --- a/upgrade.go +++ b/upgrade.go @@ -44,8 +44,6 @@ func UpgradeFrom(startVersion string, d []byte, mapping map[string]UpgradeClosur out, err = upgradeClosure(out) if err != nil { return nil, fmt.Errorf("Upgrading trousseau data store to version %s: failure\nReason: %s", versionRepr, err.Error()) - } else { - fmt.Printf("Upgrading trousseau data store to version %s: success\n", versionRepr) } } From 1522a7bff8bb4427909e54995a0246536f5f1168 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 13:36:40 +0200 Subject: [PATCH 06/14] Raise a proper error message when outdated data store format is detected [fix #109] --- trousseau.go | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/trousseau.go b/trousseau.go index b563c11..0de067c 100644 --- a/trousseau.go +++ b/trousseau.go @@ -31,6 +31,15 @@ func OpenTrousseau(fp string) (*Trousseau, error) { err = json.Unmarshal(content, &trousseau) if err != nil { + // Check if the content of the file matches with a legacy + // data store file format. Raise a proper error accordingly. + contentVersion := DiscoverVersion(content, VersionDiscoverClosures) + if contentVersion != "" { + return nil, fmt.Errorf("outdated data store file format detected: %s. " + + "You are currently using incompatible version: %s. " + + "Please upgrade the data store by using the upgrade command.", + contentVersion, TROUSSEAU_VERSION) + } return nil, err } From 992ccd86e6fb81df52eb2a25d2aa256543449da3 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 18:00:35 +0200 Subject: [PATCH 07/14] Enhance logging when no private key able to decrypt data store found [fix #111] --- crypto/openpgp/actions.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/openpgp/actions.go b/crypto/openpgp/actions.go index 8139a93..91db441 100644 --- a/crypto/openpgp/actions.go +++ b/crypto/openpgp/actions.go @@ -64,9 +64,9 @@ func Decrypt(decryptionKeys *openpgp.EntityList, s, passphrase string) ([]byte, "Invalid passphrase supplied.") }, nil) - if err != nil { - return nil, err + return nil, fmt.Errorf("unable to decrypt trousseau data store. " + + "No private key able to decrypt it found in your keyring.") } bytes, err := ioutil.ReadAll(d.UnverifiedBody) From 31910c37f8e0b6d4ab818e77f640fb2ff3689ea4 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sat, 13 Sep 2014 18:33:02 +0200 Subject: [PATCH 08/14] Remove globals.go file [ref #101] --- context.go | 21 +++++++++++++-------- globals.go | 19 ------------------- 2 files changed, 13 insertions(+), 27 deletions(-) delete mode 100644 globals.go diff --git a/context.go b/context.go index 218235d..3b82c61 100644 --- a/context.go +++ b/context.go @@ -1,9 +1,9 @@ package trousseau import ( - "github.com/tmc/keyring" "os" "path/filepath" + "github.com/tmc/keyring" ) // Global variables defining default values for S3 and scp @@ -19,6 +19,11 @@ var ( } ) +// Global data store file path +var gStorePath string +func SetStorePath(storePath string) { gStorePath = storePath } +func GetStorePath() string { return gStorePath } + func InferStorePath() string { envPath := os.Getenv(ENV_TROUSSEAU_STORE) contextPath := GetStorePath() @@ -40,27 +45,27 @@ func InferStorePath() string { func GetPassphrase() (passphrase string) { var err error - // Try to retrieve passphrase from env + // try to retrieve passphrase from env passphrase = os.Getenv(ENV_PASSPHRASE_KEY) if len(passphrase) > 0 { return passphrase } - // If passphrase wasn't found in env, try to fetch it from + // if passphrase wasn't found in env, try to fetch it from // system keyring manager. - passphrase, err = keyring.Get(gKeyringService, gKeyringUser) + passphrase, err = keyring.Get(os.Getenv(ENV_KEYRING_SERVICE_KEY), os.Getenv(ENV_KEYRING_USER_KEY)) if len(passphrase) > 0 { return passphrase } - // If passphrase was enither found in the environment nor + // if passphrase was enither found in the environment nor // system keyring manager try to fetch it from gpg-agent - if os.Getenv("GPG_AGENT_INFO") != "" { - passphrase, err = getGpgPassphrase(gMasterGpgId) + if os.Getenv("gpg_agent_info") != "" { + passphrase, err = getGpgPassphrase(os.Getenv(ENV_MASTER_GPG_ID_KEY)) } if err != nil { - ErrorLogger.Fatal("No passphrase provided. Unable to open data store") + ErrorLogger.Fatal("no passphrase provided. unable to open data store") } return passphrase diff --git a/globals.go b/globals.go deleted file mode 100644 index c103a1a..0000000 --- a/globals.go +++ /dev/null @@ -1,19 +0,0 @@ -package trousseau - -import ( - "os" -) - -// Global data store file path -var gStorePath string -func SetStorePath(storePath string) { gStorePath = storePath } -func GetStorePath() string { return gStorePath } - -// Gnupg trousseau master gpg key id -var gMasterGpgId string = os.Getenv(ENV_MASTER_GPG_ID_KEY) - -// Keyring manager service and username to use in order to -// retrieve trousseau main gpg key passphrase from system -// keyring -var gKeyringService string = os.Getenv(ENV_KEYRING_SERVICE_KEY) -var gKeyringUser string = os.Getenv(ENV_KEYRING_USER_KEY) From 9b7e3863a148824695d8f32e49d34ba882cc4100 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sun, 14 Sep 2014 10:49:48 +0200 Subject: [PATCH 09/14] Explicit Encrypt function and change its signature to take []byte as input --- crypto.go | 5 ++++- crypto/openpgp/actions.go | 22 ++++++++++++++-------- crypto/openpgp/io.go | 7 +++++-- upgrade.go | 2 +- 4 files changed, 24 insertions(+), 12 deletions(-) diff --git a/crypto.go b/crypto.go index f7ad690..0084944 100644 --- a/crypto.go +++ b/crypto.go @@ -41,7 +41,10 @@ func EncryptAsymmetricPGP(plainData []byte, recipients []string) ([]byte, error) return nil, err } - encData := openpgp.Encrypt(encryptionKeys, string(plainData)) + encData, err := openpgp.Encrypt(plainData, encryptionKeys) + if err != nil { + return nil, err + } return encData, nil } diff --git a/crypto/openpgp/actions.go b/crypto/openpgp/actions.go index 91db441..09fc43f 100644 --- a/crypto/openpgp/actions.go +++ b/crypto/openpgp/actions.go @@ -11,28 +11,34 @@ import ( "strings" ) -func Encrypt(encryptionKeys *openpgp.EntityList, s string) []byte { - buf := &bytes.Buffer{} +func Encrypt(d []byte, encryptionKeys *openpgp.EntityList) ([]byte, error) { + var buffer *bytes.Buffer = &bytes.Buffer{} + var armoredWriter io.WriteCloser + var cipheredWriter io.WriteCloser + var err error - wa, err := armor.Encode(buf, "PGP MESSAGE", nil) + // Create an openpgp armored cipher writer pointing on our + // buffer + armoredWriter , err = armor.Encode(buffer, "PGP MESSAGE", nil) if err != nil { NewPgpError(ERR_ENCRYPTION_ENCODING, fmt.Sprintf("Can't make armor: %v", err)) } - w, err := openpgp.Encrypt(wa, *encryptionKeys, nil, nil, nil) + // Create an encrypted writer using + cipheredWriter, err = openpgp.Encrypt(armoredWriter, *encryptionKeys, nil, nil, nil) if err != nil { NewPgpError(ERR_ENCRYPTION_ENCRYPT, fmt.Sprintf("Error encrypting: %v", err)) } - _, err = io.Copy(w, strings.NewReader(s)) + _, err = cipheredWriter.Write(d) if err != nil { log.Fatalf("Error copying encrypted content: %v", err) } - w.Close() - wa.Close() + cipheredWriter.Close() + armoredWriter.Close() - return buf.Bytes() + return buffer.Bytes(), nil } func Decrypt(decryptionKeys *openpgp.EntityList, s, passphrase string) ([]byte, error) { diff --git a/crypto/openpgp/io.go b/crypto/openpgp/io.go index b2a0bf5..6df9cdf 100644 --- a/crypto/openpgp/io.go +++ b/crypto/openpgp/io.go @@ -83,13 +83,16 @@ func (gf *GpgFile) Read(b []byte) (n int, err error) { // Write writes len(b) bytes to the GpgFile. // It returns the number of bytes written and an error, if any. // Write returns a non-nil error when n != len(b). -func (gf *GpgFile) Write(p []byte) (n int, err error) { +func (gf *GpgFile) Write(d []byte) (n int, err error) { encryptionKeys, err := ReadPubRing(PubringFile, gf.Recipients) if err != nil { return 0, err } - encData := Encrypt(encryptionKeys, string(p)) + encData, err := Encrypt(d, encryptionKeys) + if err != nil { + return 0, err + } // As we were able to encrypt data, truncate source // file and write to it diff --git a/upgrade.go b/upgrade.go index c3493da..77b5697 100644 --- a/upgrade.go +++ b/upgrade.go @@ -162,7 +162,7 @@ func upgradeZeroDotThreeToNext(d []byte) ([]byte, error) { } // Encrypt the encoded newStore content - encryptedData := openpgp.Encrypt(encryptionKeys, string(newStoreData)) + encryptedData, err := openpgp.Encrypt(newStoreData, encryptionKeys) if err != nil { return nil, err } From f2424192a2b8b41a464019acd5ce00a717e09bf3 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sun, 14 Sep 2014 10:59:40 +0200 Subject: [PATCH 10/14] Explicit Decrypt function and change its signature to take []byte as input --- crypto.go | 2 +- crypto/openpgp/actions.go | 19 ++++++++++++------- crypto/openpgp/io.go | 2 +- upgrade.go | 2 +- 4 files changed, 15 insertions(+), 10 deletions(-) diff --git a/crypto.go b/crypto.go index 0084944..1051a12 100644 --- a/crypto.go +++ b/crypto.go @@ -27,7 +27,7 @@ func DecryptAsymmetricPGP(encryptedData []byte, passphrase string) ([]byte, erro return nil, err } - plainData, err := openpgp.Decrypt(decryptionKeys, string(encryptedData), passphrase) + plainData, err := openpgp.Decrypt(encryptedData, decryptionKeys, passphrase) if err != nil { return nil, err } diff --git a/crypto/openpgp/actions.go b/crypto/openpgp/actions.go index 09fc43f..cebb499 100644 --- a/crypto/openpgp/actions.go +++ b/crypto/openpgp/actions.go @@ -8,7 +8,6 @@ import ( "io" "io/ioutil" "log" - "strings" ) func Encrypt(d []byte, encryptionKeys *openpgp.EntityList) ([]byte, error) { @@ -41,17 +40,22 @@ func Encrypt(d []byte, encryptionKeys *openpgp.EntityList) ([]byte, error) { return buffer.Bytes(), nil } -func Decrypt(decryptionKeys *openpgp.EntityList, s, passphrase string) ([]byte, error) { - if s == "" { +func Decrypt(d []byte, decryptionKeys *openpgp.EntityList, passphrase string) ([]byte, error) { + var armoredBlock *armor.Block + var message *openpgp.MessageDetails + var plain []byte + var err error + + if d == nil { return nil, nil } - armorBlock, err := armor.Decode(strings.NewReader(s)) + armoredBlock, err = armor.Decode(bytes.NewReader(d)) if err != nil { return nil, err } - d, err := openpgp.ReadMessage(armorBlock.Body, decryptionKeys, + message, err = openpgp.ReadMessage(armoredBlock.Body, decryptionKeys, func(keys []openpgp.Key, symmetric bool) ([]byte, error) { kp := []byte(passphrase) @@ -75,6 +79,7 @@ func Decrypt(decryptionKeys *openpgp.EntityList, s, passphrase string) ([]byte, "No private key able to decrypt it found in your keyring.") } - bytes, err := ioutil.ReadAll(d.UnverifiedBody) - return bytes, err + plain, err = ioutil.ReadAll(message.UnverifiedBody) + + return plain, err } diff --git a/crypto/openpgp/io.go b/crypto/openpgp/io.go index 6df9cdf..65151b1 100644 --- a/crypto/openpgp/io.go +++ b/crypto/openpgp/io.go @@ -56,7 +56,7 @@ func (gf *GpgFile) ReadAll() ([]byte, error) { return nil, err } - plainData, err := Decrypt(decryptionKeys, string(encryptedData), gf.passphrase) + plainData, err := Decrypt(encryptedData, decryptionKeys, gf.passphrase) if err != nil { return nil, err } diff --git a/upgrade.go b/upgrade.go index 77b5697..1a39e38 100644 --- a/upgrade.go +++ b/upgrade.go @@ -121,7 +121,7 @@ func upgradeZeroDotThreeToNext(d []byte) ([]byte, error) { } // Decrypt store version 0.3 (aka legacy) - plainData, err := openpgp.Decrypt(decryptionKeys, string(d), GetPassphrase()) + plainData, err := openpgp.Decrypt(d, decryptionKeys, GetPassphrase()) if err != nil { return nil, err } From 75a740a18439e704fe8fafd1e5819c239174970d Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sun, 14 Sep 2014 12:51:49 +0200 Subject: [PATCH 11/14] Comment crypto/openpgp actions --- crypto/openpgp/actions.go | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/crypto/openpgp/actions.go b/crypto/openpgp/actions.go index cebb499..a6b24e5 100644 --- a/crypto/openpgp/actions.go +++ b/crypto/openpgp/actions.go @@ -10,6 +10,8 @@ import ( "log" ) +// Encrypt the provided bytes for the provided encryption +// keys recipients. Returns the encrypted content bytes. func Encrypt(d []byte, encryptionKeys *openpgp.EntityList) ([]byte, error) { var buffer *bytes.Buffer = &bytes.Buffer{} var armoredWriter io.WriteCloser @@ -23,12 +25,14 @@ func Encrypt(d []byte, encryptionKeys *openpgp.EntityList) ([]byte, error) { NewPgpError(ERR_ENCRYPTION_ENCODING, fmt.Sprintf("Can't make armor: %v", err)) } - // Create an encrypted writer using + // Create an encrypted writer using the provided encryption keys cipheredWriter, err = openpgp.Encrypt(armoredWriter, *encryptionKeys, nil, nil, nil) if err != nil { NewPgpError(ERR_ENCRYPTION_ENCRYPT, fmt.Sprintf("Error encrypting: %v", err)) } + // Write (encrypts on the fly) the provided bytes to + // cipheredWriter _, err = cipheredWriter.Write(d) if err != nil { log.Fatalf("Error copying encrypted content: %v", err) @@ -40,6 +44,8 @@ func Encrypt(d []byte, encryptionKeys *openpgp.EntityList) ([]byte, error) { return buffer.Bytes(), nil } +// Decrypt tries to decrypt an OpenPGP armored block using the provided decryption keys +// and passphrase. If succesfull the plain content of the block is returned as []byte. func Decrypt(d []byte, decryptionKeys *openpgp.EntityList, passphrase string) ([]byte, error) { var armoredBlock *armor.Block var message *openpgp.MessageDetails @@ -50,11 +56,13 @@ func Decrypt(d []byte, decryptionKeys *openpgp.EntityList, passphrase string) ([ return nil, nil } + // Decode the OpenPGP armored block armoredBlock, err = armor.Decode(bytes.NewReader(d)) if err != nil { return nil, err } + // Extract the message from the OpenPGP armored block message, err = openpgp.ReadMessage(armoredBlock.Body, decryptionKeys, func(keys []openpgp.Key, symmetric bool) ([]byte, error) { kp := []byte(passphrase) @@ -66,6 +74,8 @@ func Decrypt(d []byte, decryptionKeys *openpgp.EntityList, passphrase string) ([ for _, k := range keys { err := k.PrivateKey.Decrypt(kp) if err == nil { + // If no error were returned, we could succesfully + // decrypt the message using the provided private key return nil, nil } } @@ -79,7 +89,11 @@ func Decrypt(d []byte, decryptionKeys *openpgp.EntityList, passphrase string) ([ "No private key able to decrypt it found in your keyring.") } + // Read the plain message bytes plain, err = ioutil.ReadAll(message.UnverifiedBody) + if err != nil { + return nil, err + } return plain, err } From b052b644827e79d7823647e0fadcb49f878a5cb1 Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sun, 14 Sep 2014 13:22:22 +0200 Subject: [PATCH 12/14] Generate gnupg pubring and secring at execution time [ref #103] --- crypto.go | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/crypto.go b/crypto.go index 1051a12..8815674 100644 --- a/crypto.go +++ b/crypto.go @@ -2,8 +2,11 @@ package trousseau import ( "github.com/oleiade/trousseau/crypto/openpgp" + "path" + "os" ) + // Declare encryption types type CryptoType int @@ -20,9 +23,15 @@ const ( AES_256_ENCRYPTION CryptoAlgorithm = 1 ) +// Gnupg variables +var GnupgHome = path.Join(os.Getenv("HOME"), ".gnupg") +var GnupgPubring string = func() string { return path.Join(GnupgHome, "pubring.gpg") }() +var GnupgSecring string = func() string { return path.Join(GnupgHome, "secring.gpg") }() + +// DecryptAsymmetricPGP decrypts an OpenPGP message using GnuPG. func DecryptAsymmetricPGP(encryptedData []byte, passphrase string) ([]byte, error) { // Decrypt store data - decryptionKeys, err := openpgp.ReadSecRing(openpgp.SecringFile) + decryptionKeys, err := openpgp.ReadSecRing(GnupgSecring) if err != nil { return nil, err } @@ -36,7 +45,7 @@ func DecryptAsymmetricPGP(encryptedData []byte, passphrase string) ([]byte, erro } func EncryptAsymmetricPGP(plainData []byte, recipients []string) ([]byte, error) { - encryptionKeys, err := openpgp.ReadPubRing(openpgp.PubringFile, recipients) + encryptionKeys, err := openpgp.ReadPubRing(GnupgPubring, recipients) if err != nil { return nil, err } From ec249c61ee375abebd086ae85ec0cc827f679cbd Mon Sep 17 00:00:00 2001 From: Oleiade Date: Sun, 14 Sep 2014 13:54:52 +0200 Subject: [PATCH 13/14] Add support for alternative gnupg home [fix #103] --- cmd/trousseau/before.go | 34 ++++++++++++++-------------------- cmd/trousseau/main.go | 4 ++++ crypto.go | 8 ++++---- 3 files changed, 22 insertions(+), 24 deletions(-) diff --git a/cmd/trousseau/before.go b/cmd/trousseau/before.go index fd397fb..8f4a8c5 100644 --- a/cmd/trousseau/before.go +++ b/cmd/trousseau/before.go @@ -1,22 +1,14 @@ package main import ( - libcli "github.com/codegangsta/cli" + "github.com/codegangsta/cli" "github.com/oleiade/trousseau" ) -func Before(c *libcli.Context) error { - var err error - - err = checkHelp(c) - if err != nil { - return err - } - - err = updateStorePath(c) - if err != nil { - return err - } +func Before(c *cli.Context) error { + checkHelp(c) + updateStorePath(c) + updateGnupgHome(c) return nil } @@ -25,24 +17,26 @@ func Before(c *libcli.Context) error { // provided context. It is used to bypass the gpg key check // before the application runs. So users can print the help // without selecting their master key. -func checkHelp(c *libcli.Context) error { +func checkHelp(c *cli.Context) { if c.GlobalBool("h") || c.GlobalBool("help") { if len(c.Args()) >= 1 { - libcli.ShowCommandHelp(c, c.Args().First()) + cli.ShowCommandHelp(c, c.Args().First()) } else { - libcli.ShowAppHelp(c) + cli.ShowAppHelp(c) } } - - return nil } // updateStorePath selects the default trousseau data store if // none were provided on the command line -func updateStorePath(c *libcli.Context) error { +func updateStorePath(c *cli.Context) { if c.String("store") != "" { trousseau.SetStorePath(c.String("store")) } +} - return nil +func updateGnupgHome(c *cli.Context) { + if c.String("gnupg-home") != "" { + trousseau.GnupgHome = c.String("gnupg-home") + } } diff --git a/cmd/trousseau/main.go b/cmd/trousseau/main.go index 2449fe3..44bd5c9 100644 --- a/cmd/trousseau/main.go +++ b/cmd/trousseau/main.go @@ -42,6 +42,10 @@ func main() { Name: "store, s", Usage: "Path to the trousseau data store to use", }, + cli.StringFlag{ + Name: "gnupg-home", + Usage: "Provide an alternate gnupg home", + }, } app.Before = Before diff --git a/crypto.go b/crypto.go index 8815674..b874699 100644 --- a/crypto.go +++ b/crypto.go @@ -25,13 +25,13 @@ const ( // Gnupg variables var GnupgHome = path.Join(os.Getenv("HOME"), ".gnupg") -var GnupgPubring string = func() string { return path.Join(GnupgHome, "pubring.gpg") }() -var GnupgSecring string = func() string { return path.Join(GnupgHome, "secring.gpg") }() +var GnupgPubring func()string = func()string { return path.Join(GnupgHome, "pubring.gpg") } +var GnupgSecring func()string = func()string { return path.Join(GnupgHome, "secring.gpg") } // DecryptAsymmetricPGP decrypts an OpenPGP message using GnuPG. func DecryptAsymmetricPGP(encryptedData []byte, passphrase string) ([]byte, error) { // Decrypt store data - decryptionKeys, err := openpgp.ReadSecRing(GnupgSecring) + decryptionKeys, err := openpgp.ReadSecRing(GnupgSecring()) if err != nil { return nil, err } @@ -45,7 +45,7 @@ func DecryptAsymmetricPGP(encryptedData []byte, passphrase string) ([]byte, erro } func EncryptAsymmetricPGP(plainData []byte, recipients []string) ([]byte, error) { - encryptionKeys, err := openpgp.ReadPubRing(GnupgPubring, recipients) + encryptionKeys, err := openpgp.ReadPubRing(GnupgPubring(), recipients) if err != nil { return nil, err } From e17d46229f5272c87c6cdd1c55f75ac0be41880b Mon Sep 17 00:00:00 2001 From: Oleiade Date: Mon, 15 Sep 2014 09:36:01 +0200 Subject: [PATCH 14/14] Fix store path evaluation order option > env > default [fix #112] --- context.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/context.go b/context.go index 3b82c61..c983dd8 100644 --- a/context.go +++ b/context.go @@ -28,10 +28,10 @@ func InferStorePath() string { envPath := os.Getenv(ENV_TROUSSEAU_STORE) contextPath := GetStorePath() - if envPath != "" { - return envPath - } else if contextPath != "" { + if contextPath != "" { return contextPath + } else if envPath != "" { + return envPath } return filepath.Join(os.Getenv("HOME"), DEFAULT_STORE_FILENAME)