age-plugin support

[Mic92]

Updated version of #1335

I wrote the plugin integration in the first place.

[Bert-Proesmans]

What work needs to be done still to get age plugin support merged?
I intend to contribute on this feature, how can I most effectively move this forward?

[Mic92]

What works needs to be done still to get age plugin support merged? I intend to contribute on this feature, how can I most effectively move this forward?

Ideally an age release unless sops is ok with pointing to a master release of age.

[Bert-Proesmans]

The issue creation flow at the age repository points into discussion threads; FiloSottile/age#562
I'm awaiting further feedback from the age team.

[montchr]

https://github.com/FiloSottile/age/releases/tag/v1.2.0

[nazarewk]

FYI: this works perfectly fine in my nixos configs: essentially just applied this PR without go.mod/go.sum parts.

@Mic92 could you rebase?

[Foxboron]

@Mic92 any progress on this? I tried looking at implementing support for TPM keyfiles directly, but I suspect utilizing age-tpm-plugin is just an overall better approach.

[Mic92]

@Foxboron the integration works but I haven't received any feedback from upstream, so a rebase is not high on my priority list

[felixfontein]

Thanks for your contribution! There are two things that make me worry:

1. Quite a lot of the code here is basically copied from https://github.com/FiloSottile/age/blob/main/cmd/age/tui.go and https://github.com/FiloSottile/age/blob/main/cmd/age/parse.go, without indicating that the code originates from there. While it's in some cases not feasible to implement something quite differently (like parseIdentity()), in other cases this is a problem and basically violation of the age license (https://github.com/FiloSottile/age/blob/main/LICENSE).
2. There is quite some age-specific code in here that would be better suited to be kept as part of age itself, or as a library on top of age that makes that code available for other users (like sops). Having to maintain these parts here doesn't sound like a good idea to me. (In particular since they are basically a copy of the code from age, see 1.)

[felixfontein]

Out of curiosity, why isn't this the first if at the top of this function?

[Mic92]

Because /dev/tty is preferred over standard file descriptor. The standard file descriptor might be not connected to a tty.

[felixfontein]

Why having clearLine here and in readCharacter? Why not keep the prompt and simply continue in the next line (maybe after adding some placeholder, like (...))? In the existing code in SOPS that reads a password from the terminal (in the PGP keysource) it doesn't clear the prompt either.

[Mic92]

My thinking was here that most age plugins are most likely only tested with age as the implementation, I don't think it's a good idea to diverge to much from the original behavior.

[felixfontein]

Same here. If programs expect a yes/no (or generic one-letter input) on the terminal they usually echo the final selection and go to the next line, instead of removing the prompt.

[felixfontein]

Why read the character without echo?

[felixfontein]

TBH this condition strings.Count(recipient, "1") > 1 looks rather strange to me. This looks like an implementation detail of age that programs using age as a library really shouldn't know about.

[Mic92]

Because the plugins use 'age1someplugin1' as a prefix. This is the same logic as the age cli. Do you think we should reject prefixes that the age cli accepts?

[felixfontein]

No, I'm mainly saying that this looks like things that the age code should check, and not our code.

[Foxboron]

in other cases this is a problem and basically violation of the age license

This is trivially solved by using REUSE. I don't think the license is the main problem.

[Mic92]

Closed in favour of #1641