Add lib functionality

- Add lib functionality to allow decrypting files by calling a function Call `strongbox.Decode([]byte(keyBytes))` to decode your strongbox key Then execute `strongbox.RecursiveDecrypt(filePath, decodedKey)` to decrypt all files at the given path
uw-labs · Sep 15, 2023 · 0642bce · 0642bce
1 parent 763a355
commit 0642bce
Show file tree

Hide file tree

Showing 12 changed files with 644 additions and 435 deletions.
diff --git a/example/go.mod b/example/go.mod
@@ -0,0 +1,10 @@
+module main.go
+
+go 1.21
+
+require github.com/uw-labs/strongbox v1.1.0
+
+require (
+	github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115 // indirect
+	gopkg.in/yaml.v2 v2.4.0 // indirect
+)
diff --git a/example/go.sum b/example/go.sum
@@ -0,0 +1,26 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115 h1:YuDUUFNM21CAbyPOpOP8BicaTD/0klJEKt5p8yuw+uY=
+github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115/go.mod h1:LadVJg0XuawGk+8L1rYnIED8451UyNxEMdTWCEt5kmU=
+github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd h1:9GCSedGjMcLZCrusBZuo4tyKLpKUPenUUqi34AkuFmA=
+github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd/go.mod h1:TlmyIZDpGmwRoTWiakdr+HA1Tukze6C6XbRVidYq02M=
+github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff h1:2xRHTvkpJ5zJmglXLRqHiZQNjUoOkhUyhTAhEQvPAWw=
+github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff/go.mod h1:gJWba/XXGl0UoOmBQKRWCJdHrr3nE0T65t6ioaj3mLI=
+github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11 h1:BMb8s3ENQLt5ulwVIHVDWFHp8eIXmbfSExkvdn9qMXI=
+github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11/go.mod h1:+DBdDyfoO2McrOyDemRBq0q9CMEByef7sYl7JH5Q3BI=
+github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb h1:uSWBjJdMf47kQlXMwWEfmc864bA1wAC+Kl3ApryuG9Y=
+github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb/go.mod h1:ivcmUvxXWjb27NsPEaiYK7AidlZXS7oQ5PowUS9z3I4=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+github.com/uw-labs/strongbox v1.1.0 h1:gIFhB+YFkY4wbD6ZU4/nZI26d1O6/TnSPg2ADJTV8Z4=
+github.com/uw-labs/strongbox v1.1.0/go.mod h1:MeDTE5Nj3SAPmhZXuqju0KcZWJW3D1HPmU14buyWgqU=
+golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d h1:20cMwl2fHAzkJMEA+8J4JgqBQcQGzbisXo31MIeenXI=
+golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/example/main.go b/example/main.go
@@ -0,0 +1,34 @@
+package main
+
+import (
+	"log"
+	"os"
+
+	"github.com/uw-labs/strongbox"
+)
+
+var (
+	path = "" // Path to encrypted file or directory containing encrypted files
+	keyPath = "" // Path to strongbox key
+)
+
+func main() {
+	key, err := os.ReadFile(keyPath)
+	if err != nil {
+		log.Printf("Error reading file: %v\n", err)
+		return
+	}
+
+	keyBytes := []byte(key) // Convert key string into byte slice
+
+	// Decode the key
+	dk, err := strongbox.Decode([]byte(keyBytes))
+	if err != nil {
+		log.Fatalf("Unable to decode given private key %v", err)
+	}
+
+	// Decrypt file(s) at the path provided
+	if err := strongbox.RecursiveDecrypt(path, dk); err != nil {
+		log.Fatalln(err)
+	}
+}
diff --git a/go.mod b/go.mod
@@ -1,18 +1,17 @@
 module github.com/uw-labs/strongbox
 
+replace github.com/uw-labs/strongbox/strongbox-lib => ./strongbox-lib
+
 go 1.21
 
 require (
-	github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115
-	github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd // indirect
-	github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff // indirect
-	github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11 // indirect
-	github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb // indirect
+	github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115 // indirect
 	github.com/stretchr/testify v1.7.0
-	golang.org/x/net v0.7.0 // indirect
 	gopkg.in/yaml.v2 v2.4.0
 )
 
+require github.com/uw-labs/strongbox/strongbox-lib v0.0.0-00010101000000-000000000000
+
 require (
 	github.com/davecgh/go-spew v1.1.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect

diff --git a/go.sum b/go.sum
@@ -15,8 +15,8 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
-golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8=
+golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=

diff --git a/keyring.go b/keyring.go
@@ -6,6 +6,7 @@ import (
 	"os"
 	"path/filepath"
 
+	"github.com/uw-labs/strongbox/strongbox-lib"
 	"gopkg.in/yaml.v2"
 )
 
@@ -30,17 +31,17 @@ type keyEntry struct {
 func (kr *fileKeyRing) AddKey(desc string, keyID []byte, key []byte) {
 	kr.KeyEntries = append(kr.KeyEntries, keyEntry{
 		Description: desc,
-		KeyID:       string(encode(keyID[:])),
-		Key:         string(encode(key[:])),
+		KeyID:       string(strongbox.Encode(keyID[:])),
+		Key:         string(strongbox.Encode(key[:])),
 	})
 }
 
 func (kr *fileKeyRing) Key(keyID []byte) ([]byte, error) {
-	b64 := string(encode(keyID[:]))
+	b64 := string(strongbox.Encode(keyID[:]))
 
 	for _, ke := range kr.KeyEntries {
 		if ke.KeyID == b64 {
-			dec, err := decode([]byte(ke.Key))
+			dec, err := strongbox.Decode([]byte(ke.Key))
 			if err != nil {
 				return []byte{}, err
 			}

diff --git a/strongbox-lib/go.mod b/strongbox-lib/go.mod
@@ -0,0 +1,16 @@
+module strongbox
+
+go 1.21
+
+require (
+	github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115
+	gopkg.in/yaml.v2 v2.4.0
+)
+
+require (
+	github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd // indirect
+	github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff // indirect
+	github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11 // indirect
+	github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb // indirect
+	golang.org/x/net v0.15.0 // indirect
+)
diff --git a/strongbox-lib/go.sum b/strongbox-lib/go.sum
@@ -0,0 +1,16 @@
+github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115 h1:YuDUUFNM21CAbyPOpOP8BicaTD/0klJEKt5p8yuw+uY=
+github.com/jacobsa/crypto v0.0.0-20190317225127-9f44e2d11115/go.mod h1:LadVJg0XuawGk+8L1rYnIED8451UyNxEMdTWCEt5kmU=
+github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd h1:9GCSedGjMcLZCrusBZuo4tyKLpKUPenUUqi34AkuFmA=
+github.com/jacobsa/oglematchers v0.0.0-20150720000706-141901ea67cd/go.mod h1:TlmyIZDpGmwRoTWiakdr+HA1Tukze6C6XbRVidYq02M=
+github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff h1:2xRHTvkpJ5zJmglXLRqHiZQNjUoOkhUyhTAhEQvPAWw=
+github.com/jacobsa/oglemock v0.0.0-20150831005832-e94d794d06ff/go.mod h1:gJWba/XXGl0UoOmBQKRWCJdHrr3nE0T65t6ioaj3mLI=
+github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11 h1:BMb8s3ENQLt5ulwVIHVDWFHp8eIXmbfSExkvdn9qMXI=
+github.com/jacobsa/ogletest v0.0.0-20170503003838-80d50a735a11/go.mod h1:+DBdDyfoO2McrOyDemRBq0q9CMEByef7sYl7JH5Q3BI=
+github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb h1:uSWBjJdMf47kQlXMwWEfmc864bA1wAC+Kl3ApryuG9Y=
+github.com/jacobsa/reqtrace v0.0.0-20150505043853-245c9e0234cb/go.mod h1:ivcmUvxXWjb27NsPEaiYK7AidlZXS7oQ5PowUS9z3I4=
+golang.org/x/net v0.15.0 h1:ugBLEUaxABaB5AJqW9enI0ACdci2RUd4eP51NTBvuJ8=
+golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
+gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
diff --git a/strongbox-lib/keyring.go b/strongbox-lib/keyring.go
@@ -0,0 +1,84 @@
+package strongbox
+
+import (
+	"fmt"
+	"log"
+	"os"
+	"path/filepath"
+
+	"gopkg.in/yaml.v2"
+)
+
+type keyRing interface {
+	Load() error
+	Save() error
+	AddKey(name string, keyID []byte, key []byte)
+	Key(keyID []byte) ([]byte, error)
+}
+
+type fileKeyRing struct {
+	fileName   string
+	KeyEntries []keyEntry
+}
+
+type keyEntry struct {
+	Description string `yaml:"description"`
+	KeyID       string `yaml:"key-id"`
+	Key         string `yaml:"key"`
+}
+
+func (kr *fileKeyRing) AddKey(desc string, keyID []byte, key []byte) {
+	kr.KeyEntries = append(kr.KeyEntries, keyEntry{
+		Description: desc,
+		KeyID:       string(Encode(keyID[:])),
+		Key:         string(Encode(key[:])),
+	})
+}
+
+func (kr *fileKeyRing) Key(keyID []byte) ([]byte, error) {
+	b64 := string(Encode(keyID[:]))
+
+	for _, ke := range kr.KeyEntries {
+		if ke.KeyID == b64 {
+			dec, err := Decode([]byte(ke.Key))
+			if err != nil {
+				return []byte{}, err
+			}
+			if len(dec) != 32 {
+				return []byte{}, fmt.Errorf("unexpected length of key: %d", len(dec))
+			}
+			return dec, nil
+		}
+	}
+
+	return []byte{}, errKeyNotFound
+}
+
+func (kr *fileKeyRing) Load() error {
+
+	bytes, err := os.ReadFile(kr.fileName)
+	if err != nil {
+		return err
+	}
+
+	err = yaml.Unmarshal(bytes, kr)
+	return err
+}
+
+func (kr *fileKeyRing) Save() error {
+	ser, err := yaml.Marshal(kr)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	path := filepath.Dir(kr.fileName)
+	_, err = os.Stat(path)
+	if os.IsNotExist(err) {
+		err := os.MkdirAll(path, 0700)
+		if err != nil {
+			return fmt.Errorf("error creating strongbox home folder: %s", err)
+		}
+	}
+
+	return os.WriteFile(kr.fileName, ser, 0600)
+}