|
|
|
@ -6,6 +6,7 @@ import ( |
|
|
|
|
"os" |
|
|
|
|
"path/filepath" |
|
|
|
|
|
|
|
|
|
"github.com/keys-pub/keys" |
|
|
|
|
log "github.com/sirupsen/logrus" |
|
|
|
|
flag "github.com/spf13/pflag" |
|
|
|
|
"go.mills.io/salty" |
|
|
|
@ -17,6 +18,8 @@ var ( |
|
|
|
|
|
|
|
|
|
encrypt bool |
|
|
|
|
decrypt bool |
|
|
|
|
sign bool |
|
|
|
|
verify bool |
|
|
|
|
output string |
|
|
|
|
identity string |
|
|
|
|
recipients []string |
|
|
|
@ -28,9 +31,11 @@ func init() { |
|
|
|
|
flag.PrintDefaults() |
|
|
|
|
} |
|
|
|
|
flag.BoolVarP(&help, "help", "h", false, "display help information") |
|
|
|
|
flag.BoolVarP(&version, "version", "v", false, "display version information") |
|
|
|
|
flag.BoolVar(&version, "version", false, "display version information") |
|
|
|
|
flag.BoolVarP(&encrypt, "encrypt", "e", false, "Encrypt the input to the output (Default if omitted)") |
|
|
|
|
flag.BoolVarP(&decrypt, "decrypt", "d", false, "Decrypt the input to the output") |
|
|
|
|
flag.BoolVarP(&sign, "sign", "s", false, "Sign the input to the otput") |
|
|
|
|
flag.BoolVarP(&verify, "verify", "v", false, "Verify the input to the output") |
|
|
|
|
flag.StringVarP(&output, "output", "o", "", "Write the result to the file") |
|
|
|
|
flag.StringSliceVarP(&recipients, "recipient", "r", []string{}, "Encrypt to the specified RECIPIENT (Can be repeated)") |
|
|
|
|
flag.StringVarP(&identity, "identity", "i", "", "Use the identity file at PATH. Can be repeated.") |
|
|
|
@ -49,19 +54,26 @@ func main() { |
|
|
|
|
os.Exit(0) |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if !(encrypt || decrypt) { |
|
|
|
|
if !(encrypt || decrypt) && !(sign || verify) { |
|
|
|
|
encrypt = true |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
id, err := os.Open(identity) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error opening identity file: %q", identity) |
|
|
|
|
} |
|
|
|
|
defer id.Close() |
|
|
|
|
var ( |
|
|
|
|
err error |
|
|
|
|
key *keys.EdX25519Key |
|
|
|
|
) |
|
|
|
|
|
|
|
|
|
key, err := salty.ParseIdentity(id) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error reading private key: %q", identity) |
|
|
|
|
if !verify { |
|
|
|
|
id, err := os.Open(identity) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error opening identity file: %q", identity) |
|
|
|
|
} |
|
|
|
|
defer id.Close() |
|
|
|
|
|
|
|
|
|
key, err = salty.ParseIdentity(id) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error reading private key: %q", identity) |
|
|
|
|
} |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
in := os.Stdin |
|
|
|
@ -100,13 +112,14 @@ func main() { |
|
|
|
|
|
|
|
|
|
var result []byte |
|
|
|
|
|
|
|
|
|
if encrypt { |
|
|
|
|
switch { |
|
|
|
|
case encrypt: |
|
|
|
|
encrypted, err := salty.Encrypt(key, input, recipients) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error encrypting input") |
|
|
|
|
} |
|
|
|
|
result = encrypted[:] |
|
|
|
|
} else if decrypt { |
|
|
|
|
case decrypt: |
|
|
|
|
out, sender, err := salty.Decrypt(key, input) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error decrypting input") |
|
|
|
@ -115,7 +128,20 @@ func main() { |
|
|
|
|
fmt.Fprintf(os.Stderr, "# signed by: %s\n", sender) |
|
|
|
|
} |
|
|
|
|
result = out[:] |
|
|
|
|
} else { |
|
|
|
|
case sign: |
|
|
|
|
signed, err := salty.Sign(key, input) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error signing input") |
|
|
|
|
} |
|
|
|
|
result = signed[:] |
|
|
|
|
case verify: |
|
|
|
|
out, signer, err := salty.Verify(input) |
|
|
|
|
if err != nil { |
|
|
|
|
log.WithError(err).Fatalf("error verifying input") |
|
|
|
|
} |
|
|
|
|
fmt.Fprintf(os.Stderr, "# signed by: %s\n", signer.ID().String()) |
|
|
|
|
result = out |
|
|
|
|
default: |
|
|
|
|
log.Fatalf("one of -e/--encrypt or -d/--decrypt modes not spplied") |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|