diff --git a/cmd/stbak/cmd/archive.go b/cmd/stbak/cmd/archive.go index 9010c98..188f9d0 100644 --- a/cmd/stbak/cmd/archive.go +++ b/cmd/stbak/cmd/archive.go @@ -160,6 +160,9 @@ var archiveCmd = &cobra.Command{ return nil }, 0, + func(hdr *tar.Header) error { + return nil // We sign above, no need to verify + }, ) }, } diff --git a/cmd/stbak/cmd/recovery_index.go b/cmd/stbak/cmd/recovery_index.go index 263d2c2..30efbc7 100644 --- a/cmd/stbak/cmd/recovery_index.go +++ b/cmd/stbak/cmd/recovery_index.go @@ -31,7 +31,11 @@ var recoveryIndexCmd = &cobra.Command{ return err } - return checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(identityFlag)) + if err := checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(identityFlag)); err != nil { + return err + } + + return checkKeyAccessible(viper.GetString(signatureFlag), viper.GetString(recipientFlag)) }, RunE: func(cmd *cobra.Command, args []string) error { if err := viper.BindPFlags(cmd.PersistentFlags()); err != nil { @@ -42,6 +46,16 @@ var recoveryIndexCmd = &cobra.Command{ boil.DebugMode = true } + pubkey, err := readKey(viper.GetString(signatureFlag), viper.GetString(recipientFlag)) + if err != nil { + return err + } + + recipient, err := parseSignerRecipient(viper.GetString(signatureFlag), pubkey) + if err != nil { + return err + } + privkey, err := readKey(viper.GetString(encryptionFlag), viper.GetString(identityFlag)) if err != nil { return err @@ -65,6 +79,9 @@ var recoveryIndexCmd = &cobra.Command{ return decryptHeader(hdr, viper.GetString(encryptionFlag), identity) }, 0, + func(hdr *tar.Header) error { + return verifyHeader(hdr, viper.GetString(signatureFlag), recipient) + }, ) }, } @@ -83,6 +100,9 @@ func index( i int, ) error, offset int, + verifyHeader func( + hdr *tar.Header, + ) error, ) error { if overwrite { f, err := os.OpenFile(metadata, os.O_WRONLY|os.O_CREATE, 0600) @@ -176,6 +196,10 @@ func index( return err } + if err := verifyHeader(hdr); err != nil { + return err + } + if err := indexHeader(record, block, hdr, metadataPersister, compressionFormat, encryptionFormat); err != nil { return nil } @@ -258,6 +282,10 @@ func index( return err } + if err := verifyHeader(hdr); err != nil { + return err + } + if err := indexHeader(record, block, hdr, metadataPersister, compressionFormat, encryptionFormat); err != nil { return nil } @@ -466,6 +494,7 @@ func init() { recoveryIndexCmd.PersistentFlags().BoolP(overwriteFlag, "o", false, "Remove the old index before starting to index") recoveryIndexCmd.PersistentFlags().StringP(identityFlag, "i", "", "Path to private key of recipient that has been encrypted for") recoveryIndexCmd.PersistentFlags().StringP(passwordFlag, "p", "", "Password for the private key") + recoveryIndexCmd.PersistentFlags().StringP(recipientFlag, "r", "", "Path to the public key to verify with") viper.AutomaticEnv() diff --git a/cmd/stbak/cmd/recovery_query.go b/cmd/stbak/cmd/recovery_query.go index 5743b86..80023ff 100644 --- a/cmd/stbak/cmd/recovery_query.go +++ b/cmd/stbak/cmd/recovery_query.go @@ -23,7 +23,11 @@ var recoveryQueryCmd = &cobra.Command{ return err } - return checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(identityFlag)) + if err := checkKeyAccessible(viper.GetString(encryptionFlag), viper.GetString(identityFlag)); err != nil { + return err + } + + return checkKeyAccessible(viper.GetString(signatureFlag), viper.GetString(recipientFlag)) }, RunE: func(cmd *cobra.Command, args []string) error { if err := viper.BindPFlags(cmd.PersistentFlags()); err != nil { @@ -34,6 +38,16 @@ var recoveryQueryCmd = &cobra.Command{ boil.DebugMode = true } + pubkey, err := readKey(viper.GetString(signatureFlag), viper.GetString(recipientFlag)) + if err != nil { + return err + } + + recipient, err := parseSignerRecipient(viper.GetString(signatureFlag), pubkey) + if err != nil { + return err + } + privkey, err := readKey(viper.GetString(encryptionFlag), viper.GetString(identityFlag)) if err != nil { return err @@ -51,6 +65,8 @@ var recoveryQueryCmd = &cobra.Command{ viper.GetInt(recordSizeFlag), viper.GetString(encryptionFlag), identity, + viper.GetString(signatureFlag), + recipient, ) }, } @@ -62,6 +78,8 @@ func query( recordSize int, encryptionFormat string, identity interface{}, + signatureFormat string, + recipient interface{}, ) error { f, isRegular, err := openTapeReadOnly(tape) if err != nil { @@ -133,6 +151,10 @@ func query( return err } + if err := verifyHeader(hdr, signatureFormat, recipient); err != nil { + return err + } + if record == 0 && block == 0 { if err := formatting.PrintCSV(formatting.TARHeaderCSV); err != nil { return err @@ -216,6 +238,10 @@ func query( return err } + if err := verifyHeader(hdr, signatureFormat, recipient); err != nil { + return err + } + if record == 0 && block == 0 { if err := formatting.PrintCSV(formatting.TARHeaderCSV); err != nil { return err @@ -252,6 +278,7 @@ func init() { recoveryQueryCmd.PersistentFlags().IntP(blockFlag, "b", 0, "Block in record to seek too before counting") recoveryQueryCmd.PersistentFlags().StringP(identityFlag, "i", "", "Path to private key of recipient that has been encrypted for") recoveryQueryCmd.PersistentFlags().StringP(passwordFlag, "p", "", "Password for the private key") + recoveryQueryCmd.PersistentFlags().StringP(recipientFlag, "r", "", "Path to the public key to verify with") viper.AutomaticEnv() diff --git a/cmd/stbak/cmd/update.go b/cmd/stbak/cmd/update.go index 2f09c1a..cbe1aa0 100644 --- a/cmd/stbak/cmd/update.go +++ b/cmd/stbak/cmd/update.go @@ -114,6 +114,9 @@ var updateCmd = &cobra.Command{ return nil }, 1, + func(hdr *tar.Header) error { + return nil // We sign above, no need to verify + }, ) }, }