feat: Enable signing headers everywhere they can be encrypted
This commit is contained in:
Felicitas Pojtinger
@@ -31,7 +31,11 @@ var deleteCmd = &cobra.Command{
|
||||
return err
|
||||
}
|
||||
|
||||
return checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(recipientFlag))
|
||||
if err := checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(recipientFlag)); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return checkKeyAccessible(viper.GetString(signatureFlag), viper.GetString(identityFlag))
|
||||
},
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
if err := viper.BindPFlags(cmd.PersistentFlags()); err != nil {
|
||||
@@ -52,12 +56,24 @@ var deleteCmd = &cobra.Command{
|
||||
return err
|
||||
}
|
||||
|
||||
privkey, err := readKey(viper.GetString(signatureFlag), viper.GetString(identityFlag))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
identity, err := parseSignerIdentity(viper.GetString(signatureFlag), privkey, viper.GetString(passwordFlag))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return delete(
|
||||
viper.GetString(driveFlag),
|
||||
viper.GetString(metadataFlag),
|
||||
viper.GetString(nameFlag),
|
||||
viper.GetString(encryptionFlag),
|
||||
recipient,
|
||||
viper.GetString(signatureFlag),
|
||||
identity,
|
||||
)
|
||||
},
|
||||
}
|
||||
@@ -68,6 +84,8 @@ func delete(
|
||||
name string,
|
||||
encryptionFormat string,
|
||||
recipient interface{},
|
||||
signatureFormat string,
|
||||
identity interface{},
|
||||
) error {
|
||||
dirty := false
|
||||
tw, _, cleanup, err := openTapeWriter(tape)
|
||||
@@ -118,6 +136,10 @@ func delete(
|
||||
hdr.PAXRecords[pax.STFSRecordVersion] = pax.STFSRecordVersion1
|
||||
hdr.PAXRecords[pax.STFSRecordAction] = pax.STFSRecordActionDelete
|
||||
|
||||
if err := signHeader(hdr, signatureFormat, identity); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := encryptHeader(hdr, encryptionFormat, recipient); err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -207,6 +229,8 @@ func init() {
|
||||
deleteCmd.PersistentFlags().IntP(recordSizeFlag, "z", 20, "Amount of 512-bit blocks per record")
|
||||
deleteCmd.PersistentFlags().StringP(nameFlag, "n", "", "Name of the file to remove")
|
||||
deleteCmd.PersistentFlags().StringP(recipientFlag, "r", "", "Path to public key of recipient to encrypt for")
|
||||
deleteCmd.PersistentFlags().StringP(identityFlag, "i", "", "Path to private key to sign with")
|
||||
deleteCmd.PersistentFlags().StringP(passwordFlag, "p", "", "Password for the private key")
|
||||
|
||||
viper.AutomaticEnv()
|
||||
|
||||
|
||||
@@ -24,7 +24,11 @@ var moveCmd = &cobra.Command{
|
||||
return err
|
||||
}
|
||||
|
||||
return checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(recipientFlag))
|
||||
if err := checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(recipientFlag)); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return checkKeyAccessible(viper.GetString(signatureFlag), viper.GetString(identityFlag))
|
||||
},
|
||||
RunE: func(cmd *cobra.Command, args []string) error {
|
||||
if err := viper.BindPFlags(cmd.PersistentFlags()); err != nil {
|
||||
@@ -45,6 +49,16 @@ var moveCmd = &cobra.Command{
|
||||
return err
|
||||
}
|
||||
|
||||
privkey, err := readKey(viper.GetString(signatureFlag), viper.GetString(identityFlag))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
identity, err := parseSignerIdentity(viper.GetString(signatureFlag), privkey, viper.GetString(passwordFlag))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
return move(
|
||||
viper.GetString(driveFlag),
|
||||
viper.GetString(metadataFlag),
|
||||
@@ -52,6 +66,8 @@ var moveCmd = &cobra.Command{
|
||||
viper.GetString(toFlag),
|
||||
viper.GetString(encryptionFlag),
|
||||
recipient,
|
||||
viper.GetString(signatureFlag),
|
||||
identity,
|
||||
)
|
||||
},
|
||||
}
|
||||
@@ -63,6 +79,8 @@ func move(
|
||||
dst string,
|
||||
encryptionFormat string,
|
||||
recipient interface{},
|
||||
signatureFormat string,
|
||||
identity interface{},
|
||||
) error {
|
||||
dirty := false
|
||||
tw, _, cleanup, err := openTapeWriter(tape)
|
||||
@@ -115,6 +133,10 @@ func move(
|
||||
hdr.PAXRecords[pax.STFSRecordAction] = pax.STFSRecordActionUpdate
|
||||
hdr.PAXRecords[pax.STFSRecordReplacesName] = dbhdr.Name
|
||||
|
||||
if err := signHeader(hdr, signatureFormat, identity); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := encryptHeader(hdr, encryptionFormat, recipient); err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -138,6 +160,8 @@ func init() {
|
||||
moveCmd.PersistentFlags().StringP(fromFlag, "f", "", "Current path of the file or directory to move")
|
||||
moveCmd.PersistentFlags().StringP(toFlag, "t", "", "Path to move the file or directory to")
|
||||
moveCmd.PersistentFlags().StringP(recipientFlag, "r", "", "Path to public key of recipient to encrypt for")
|
||||
moveCmd.PersistentFlags().StringP(identityFlag, "i", "", "Path to private key to sign with")
|
||||
moveCmd.PersistentFlags().StringP(passwordFlag, "p", "", "Password for the private key")
|
||||
|
||||
viper.AutomaticEnv()
|
||||
|
||||
|
||||
@@ -260,6 +260,10 @@ func update(
|
||||
hdrToAppend := *hdr
|
||||
headers = append(headers, &hdrToAppend)
|
||||
|
||||
if err := signHeader(hdr, signatureFormat, identity); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := encryptHeader(hdr, encryptionFormat, recipient); err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -330,6 +334,10 @@ func update(
|
||||
hdrToAppend := *hdr
|
||||
headers = append(headers, &hdrToAppend)
|
||||
|
||||
if err := signHeader(hdr, signatureFormat, identity); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if err := encryptHeader(hdr, encryptionFormat, recipient); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user