mirrors/age
1
0
Fork 0
mirror of https://github.com/FiloSottile/age.git synced 2026-02-12 04:31:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
349 Commits 4 Branches 18 Tags
6aae5b48ea52edef6c8bec4864ba140587471b5e
Commit Graph

349 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Simone Ragusa
6aae5b48ea cmd/age: fix terminal escape sequences on Windows 
If possible, we enable virtual terminal processing, which is necessary
for using terminal escape sequences on instances of the Windows Console.
When enabling virtual terminal processing fails, we completely avoid
using escape sequences to prevent weird characters to be printed to the
console.

Fixes #474
Closes #475

Co-authored-by: Filippo Valsorda <hi@filippo.io>
 2025-12-23 22:12:19 +01:00
Filippo Valsorda
d36e4ce2c7 cmd/age-inspect: new command 
Fixes #56
Closes #501
 2025-12-23 21:39:39 +01:00
Filippo Valsorda
ca8a69b1b6 age: improve error on empty files 
Fixes #416
 2025-12-23 15:22:55 +01:00
Filippo Valsorda
38dd222823 age: return better errors from Decrypt for scrypt identities 2025-12-23 14:28:05 +01:00
Filippo Valsorda
c17d0b362c age: add NoIdentityMatchError.StanzaTypes field 
For https://github.com/FiloSottile/age/issues/56#issuecomment-1962622903.
 2025-12-23 13:13:03 +01:00
Filippo Valsorda
a36341de15 cmd/age: improve error message when -i is missing 2025-12-23 13:11:49 +01:00
Filippo Valsorda
f3b008d1b8 plugin: fix returning in-protocol errors from plugins 
Fixes Foxboron/age-plugin-tpm#31
 2025-12-23 13:11:49 +01:00
Filippo Valsorda
9795b63263 cmd/age,plugin: add plugin.NotFoundError and CLI hint 
Fixes #486
 2025-12-23 13:11:49 +01:00
Filippo Valsorda
bfae75d93d age,plugin: wrap more errors 2025-12-23 12:34:03 +01:00
Filippo Valsorda
0d5b598cd0 cmd/age: warn about duplicate command-line arguments 
Fixes #284
 2025-12-22 22:08:21 +01:00
GitHub Actions
50acf91174 doc: regenerate groff and html man pages 2025-12-22 18:42:32 +00:00
Filippo Valsorda
ba67de8a4e tag/internal/age-plugin-tagtest: add plugin for testing tag recipients 2025-12-22 19:41:12 +01:00
Filippo Valsorda
7fa810b20a tag: add Recipient.Tag and Bytes methods, and update tag scheme 2025-12-22 19:41:12 +01:00
Filippo Valsorda
1b18d6b279 age: update c2sp.org/CCTV/age testkit to include hybrid identities 2025-12-22 19:41:12 +01:00
Filippo Valsorda
ad7bb569eb cmd/age: fix testscript setup races 2025-12-22 19:41:12 +01:00
Filippo Valsorda
ed44098807 all: upgrade dependencies 
Closes #610
 2025-12-22 19:41:12 +01:00
Filippo Valsorda
83bab2ae6a plugin: avoid using deprecated math/rand.Read 2025-12-22 19:41:12 +01:00
Filippo Valsorda
96b6476140 armor: reject empty lines in armored data 
Caught by the new CCTV test vectors!
 2025-12-22 19:41:12 +01:00
Filippo Valsorda
d7409cdc74 .github/workflows: update and harden GitHub Actions workflows 2025-12-22 19:41:12 +01:00
Filippo Valsorda
de158f906b cmd/age-plugin-tag,cmd/age-plugin-tagpq: new backward compatibility plugins 2025-12-22 19:41:12 +01:00
Filippo Valsorda
78947d862d age: use native identities first in Decrypt 2025-12-22 19:41:12 +01:00
Filippo Valsorda
c6fcb5300c age,cmd/age,cmd/age-keygen: add post-quantum hybrid keys 2025-12-22 19:41:12 +01:00
Filippo Valsorda
6ece9e45ee tag: use filippo.io/hpke 2025-12-22 19:41:12 +01:00
Filippo Valsorda
e2d30695f2 cmd/age,tag: implement age1tagpq1.../p256mlkem768tag recipients 
Test vectors generated from hpkewg/hpke-pq@19adaeb (hpkewg/hpke-pq#28 +
hpkewg/hpke-pq#32) and cfrg/draft-irtf-cfrg-concrete-hybrid-kems@1bbca40
(cfrg/draft-irtf-cfrg-concrete-hybrid-kems#16), plus the following diff:

diff --git a/reference-implementation/src/bin/generate.rs b/reference-implementation/src/bin/generate.rs
index 25e32e5..bc8f209 100644
--- a/reference-implementation/src/bin/generate.rs
+++ b/reference-implementation/src/bin/generate.rs
@@ -26,6 +26,15 @@ fn generate_test_vectors() -> TestVectors {
     // 5. QSF-P384-MLKEM1024 + SHAKE256 + AES-256-GCM
     vectors.push(TestVector:🆕:<QsfP384MlKem1024, Shake256, Aes256Gcm>());
 
+    vectors = TestVectors::new();
+
+    // age1pq - xwing
+    vectors.push(TestVector:🆕:<QsfX25519MlKem768, HkdfSha256, ChaChaPoly>());
+    // age1tag - p256tag
+    vectors.push(TestVector:🆕:<DhkemP256HkdfSha256, HkdfSha256, ChaChaPoly>());
+    // age1tagpq - p256mlkem768tag
+    vectors.push(TestVector:🆕:<QsfP256MlKem768, HkdfSha256, ChaChaPoly>());
+
     vectors
 }
 
diff --git a/reference-implementation/src/test_vectors.rs b/reference-implementation/src/test_vectors.rs
index 24335aa..4134fb5 100644
--- a/reference-implementation/src/test_vectors.rs
+++ b/reference-implementation/src/test_vectors.rs
@@ -369,6 +369,10 @@ impl TestVector {
             (0x0051, 0x0011, 0x0002) => self.v::<QsfP384MlKem1024, Shake256, Aes256Gcm>(),
             (0x0051, 0x0011, 0xffff) => self.v::<QsfP384MlKem1024, Shake256, ExportOnly>(),
 
+            // age pq combinations
+            (0x647a, 0x0001, 0x0003) => self.v::<QsfX25519MlKem768, HkdfSha256, ChaChaPoly>(),
+            (0x0050, 0x0001, 0x0003) => self.v::<QsfP256MlKem768, HkdfSha256, ChaChaPoly>(),
+
             _ => Err(format!(
                 "Unsupported algorithm combination: KEM={:#x}, KDF={:#x}, AEAD={:#x}",
                 self.kem_id, self.kdf_id, self.aead_id
 2025-12-22 19:41:12 +01:00
Filippo Valsorda
e9295dd867 cmd/age,tag: implement age1tag1.../p256tag recipients 
See C2SP/C2SP#156
 2025-12-22 19:41:12 +01:00
Filippo Valsorda
acab3e5c9f plugin: add framework to implement plugins (#580) 
Fixes #485
 2025-12-07 20:10:01 +01:00
Filippo Valsorda
a8de3de174 age: add ExtractHeader, DecryptHeader, and NewInjectedFileKeyIdentity 2025-12-07 20:01:09 +01:00
Filippo Valsorda
ae74b61b59 cmd/age,internal/stream: improve error messages 2025-12-07 20:01:09 +01:00
Thibault
f882f40aa3 cmd/age: echo terminal input for public plugin prompts 2025-12-07 18:59:13 +01:00
Filippo Valsorda
6d2c4e236c README: move Sigsum instructions to separate file 2025-12-07 16:24:46 +01:00
Filippo Valsorda
75063d25b1 LICENSE: move copyright holders from AUTHORS file 2025-12-07 16:24:46 +01:00
Filippo Valsorda
20eba7e285 cmd/age,cmd/age-keygen: remove unnecessary injected Version 
golang/go#50603 started stamping the VCS tag version.
 2025-12-07 16:24:46 +01:00
Filippo Valsorda
15153e699f README: update Twitter links to GitHub 2025-07-14 18:29:48 +02:00
Helio Machado
fce45118ee .github/workflows: fix actions/setup-go cache (#622) 2025-06-15 20:42:25 +02:00
Richard Burte
c3657aca5c README: add winget installation instructions (#627) 2025-06-15 20:40:38 +02:00
Filippo Valsorda
0447d8d089 age: add links to docs 2025-05-10 14:59:20 +02:00
Filippo Valsorda
3d91014ea0 README: link to typage 2025-02-01 18:15:20 +01:00
Filippo Valsorda
482cf6fc9b plugin: restrict characters in plugin names 
Thanks to ⬡-49016 for reporting this issue.

Fixes GHSA-32gq-x56h-299c
v1.2.1 		2024-12-18 16:01:18 +01:00
Alexander Yastrebov
cda3988cc7 all: fix staticcheck warnings (#589) 
Co-authored-by: Filippo Valsorda <github@bip.filippo.io>
 2024-12-18 15:55:57 +01:00
Filippo Valsorda
176e245b3c README: rotate Sigsum keys 
Switched to a pair of keys, one kept offline and one on a Tillitis key.

The following script provides key continuity from the previous key.

---

cat << EOF > msg.txt
These are the new age Sigsum keys as of 2024-06-28.
The previous one won't be used anymore
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIM1WpnEswJLPzvXJDiswowy48U+G+G1kmgwUE2eaRHZG
ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIAz2WM5CyPLqiNjk7CLl4roDXwKhQ0QExXLebukZEZFS
EOF

cat << EOF > msg.txt.proof
version=1
log=c9e525b98f412ede185ff2ac5abf70920a2e63a6ae31c88b1138b85de328706b
leaf=e2f0 61d17df1ab563aedf70a662d5344b2d163c7a35aaeaa1ecc6c1631c02d46883e c4564b0b0b70ebb4236e26f971cb467c59200575c01c4d07a5d8e298a6d2319c59bbc162363ffb4f690b581851621bd3de311e9559a1a0432522e2b567647e03

size=24226
root_hash=03b0fc19c812e51e764474d161b944db4ea20dfc13815b738fa4f433f56954c0
signature=b95530661d716886926a49ad4e08435c7980348836eefe4706cc611a6af9dc6ddb160189d4aa177c97f807fa0240cb27b9d5f075084cf3a4a2514eade7d40f00
cosignature=1c997261f16e6e81d13f420900a2542a4b6a049c2d996324ee5d82a90ca3360c 1719587282 02d3f9b34d62f1b735e6c13f2ad7766ed2066a167dba25d526a2acbbf628588c58a888f9abab50ff151f8440076e8bf39564e4f893a32be432e97cd18b936c0e
cosignature=70b861a010f25030de6ff6a5267e0b951e70c04b20ba4a3ce41e7fba7b9b7dfc 1719587283 14b8654586763b6798dc7e7b46565236618f2824135076ba71e18908bf893d73be95c143b8c8cbe48de9ea6267ff5f23f8d870ded7d22ed6e54811393d174402

leaf_index=24157
node_hash=c5782abde765bc2c460d25f0bc1f8f89d787e5b8a141e862eeb550631cb61ca2
node_hash=283f014735692dfda045ca9c32352d5d0f99207862c35214dfaa69810eec6e2f
node_hash=24987bf3ec7c3c8932783faf0fe01ff49c7793c3d25925da180165c3292b786d
node_hash=ba14f9dd00a506474251599083e83a4bf7327491f6ebd5cca1ac8a6863456eb5
node_hash=55aceb2864d26c9c04c85a294e92dfdfa13bb45eeda0286d21f19411763237f5
node_hash=69cc9e7f7ad56da996abeb315dc2ffb3e1e1f02e8097facfae75f06f9e8f9bc9
node_hash=1408251ffc0d485551b058813d7b1227bb91a179b9f0851a6e69e9bb99623eec
node_hash=ca99c77b91c6aa9f55fba8d6d9c80058dcc0444a2e9df3f7a616d7e2d274fb58
node_hash=b95d29a868d7e4413dab001a414cfe4cab65e113bc831cf41ab9003250ede3c9
node_hash=5ced132a7cc05272b797b7ad2e71208366d8023d09bad755514cd86e37a849fd
node_hash=95803b981443b4ff080b5a14927e24e5efc8186b327320b633005213ca3aeff4
node_hash=3aad6b63102dede3851d575b01bb60a5832d9f31eb3405b73aa7d629a1acaaa8
node_hash=c929af9f6731f63a493668627f58810d892dc51f8aa1c9a4de1573cd3e51e62f
EOF

sigsum-verify -k age-sigsum-key.pub -p sigsum-trust-policy.txt msg.txt.proof < msg.txt
 2024-08-21 12:36:58 +02:00
Filippo Valsorda
faefdc3c81 README: document Sigsum proofs 2024-06-19 10:44:28 +02:00
Filippo Valsorda
bbe6ce5eeb .github/workflows: update artifacts Actions 
Co-authored-by: Rene Leonhardt <65483435+reneleonhardt@users.noreply.github.com>
v1.2.0 		2024-06-16 16:01:06 +02:00
Filippo Valsorda
1e1badabf7 .github/workflows: go-version stable, not latest 2024-06-16 14:59:53 +02:00
Filippo Valsorda
2293a9afef .github/workflows: use latest Go for bootstrap 2024-06-16 14:51:17 +02:00
Filippo Valsorda
01fe9cd84a README: add pkgx installation instructions 
Closes #529
 2024-06-16 14:49:24 +02:00
Filippo Valsorda
bd0511b415 cmd/age: detect output/input file reuse when possible 
Fixes #491
 2024-06-16 14:40:13 +02:00
Filippo Valsorda
febaaded87 cmd/age: create file for empty decryptions 
Fixes #555
Updates #159
Updates #57
 2024-06-16 13:55:32 +02:00
GitHub Actions
0a40718a93 doc: regenerate groff and html man pages 2024-06-16 10:03:57 +00:00
Filippo Valsorda
7ed486868a .github/workflows: apparently setup-go has no defaults 2024-06-16 06:03:13 -04:00
Filippo Valsorda
2a761fcb8c .github/workflows: update GitHub Actions 2024-06-16 06:03:13 -04:00