feat: initial commit

Author: ndavd

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Nuno David
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

go.mod

@@ -0,0 +1,11 @@
+module github.com/ndavd/agevault
+
+go 1.23.0
+
+require filippo.io/age v1.2.0
+
+require (
+	golang.org/x/crypto v0.24.0 // indirect
+	golang.org/x/sys v0.23.0 // indirect
+	golang.org/x/term v0.23.0 // indirect
+)

go.sum

@@ -0,0 +1,12 @@
+c2sp.org/CCTV/age v0.0.0-20240306222714-3ec4d716e805 h1:u2qwJeEvnypw+OCPUHmoZE3IqwfuN5kgDfo5MLzpNM0=
+c2sp.org/CCTV/age v0.0.0-20240306222714-3ec4d716e805/go.mod h1:FomMrUJ2Lxt5jCLmZkG3FHa72zUprnhd3v/Z18Snm4w=
+filippo.io/age v1.2.0 h1:vRDp7pUMaAJzXNIWJVAZnEf/Dyi4Vu4wI8S1LBzufhE=
+filippo.io/age v1.2.0/go.mod h1:JL9ew2lTN+Pyft4RiNGguFfOpewKwSHm5ayKD/A4004=
+golang.org/x/crypto v0.24.0 h1:mnl8DM0o513X8fdIkmyFE/5hTYxbwYOjDS/+rK6qpRI=
+golang.org/x/crypto v0.24.0/go.mod h1:Z1PMYSOR5nyMcyAVAIQSKCDwalqy85Aqn1x3Ws4L5DM=
+golang.org/x/sys v0.21.0 h1:rF+pYz3DAGSQAxAu1CbC7catZg4ebC4UIeIhKxBZvws=
+golang.org/x/sys v0.21.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/sys v0.23.0 h1:YfKFowiIMvtgl1UERQoTPPToxltDeZfbj4H7dVUCwmM=
+golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/term v0.23.0 h1:F6D4vR+EHoL9/sWAWgAR1H2DcHr4PareCbAaCo1RpuU=
+golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk=

internal/archive/archive.go

@@ -0,0 +1,91 @@
+package archive
+
+import (
+	"archive/zip"
+	"bytes"
+	"errors"
+	"fmt"
+	"io"
+	"io/fs"
+	"os"
+	"path/filepath"
+	"strings"
+
+	"github.com/ndavd/agevault/internal/utils"
+)
+
+func ZipDirectory(inputSource string, destinationWriter io.Writer) error {
+	exists, isDir := utils.Exists(inputSource)
+	if !exists || !isDir {
+		return errors.New("source does not exist or is not a directory")
+	}
+	writer := zip.NewWriter(destinationWriter)
+	defer writer.Close()
+	return filepath.Walk(inputSource, func(path string, info fs.FileInfo, err error) error {
+		if err != nil {
+			return err
+		}
+		if info.IsDir() {
+			path = fmt.Sprintf("%s%c", path, os.PathSeparator)
+			_, err = writer.Create(path)
+			return err
+		}
+		file, err := os.Open(path)
+		if err != nil {
+			return err
+		}
+		defer file.Close()
+		f, err := writer.Create(path)
+		if err != nil {
+			return err
+		}
+		_, err = io.Copy(f, file)
+		return err
+	})
+}
+
+func UnZip(inputReader bytes.Reader, outputDestination string) error {
+	reader, err := zip.NewReader(&inputReader, inputReader.Size())
+	if err != nil {
+		return err
+	}
+	destination, err := filepath.Abs(outputDestination)
+	if err != nil {
+		return err
+	}
+	for _, f := range reader.File {
+		err := unzipFile(f, destination)
+		if err != nil {
+			return err
+		}
+	}
+	return err
+}
+
+func unzipFile(f *zip.File, destination string) error {
+	path := filepath.Join(destination, f.Name)
+	if !strings.HasPrefix(path, filepath.Clean(destination)+string(os.PathSeparator)) {
+		return fmt.Errorf("invalid file path: %s", path)
+	}
+	if f.FileInfo().IsDir() {
+		if err := os.MkdirAll(path, os.ModePerm); err != nil {
+			return err
+		}
+		return nil
+	}
+	if err := os.MkdirAll(filepath.Dir(path), os.ModePerm); err != nil {
+		return err
+	}
+	destinationFile, err := os.OpenFile(path, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
+	if err != nil {
+		return err
+	}
+	defer destinationFile.Close()
+	zippedFile, err := f.Open()
+	if err != nil {
+		return err
+	}
+	defer zippedFile.Close()
+	_, err = io.Copy(destinationFile, zippedFile)
+	return err
+}

internal/crypt/crypt.go

@@ -0,0 +1,65 @@
+package crypt
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"syscall"
+
+	"filippo.io/age"
+	"golang.org/x/term"
+)
+
+func EncryptToFile(destinationFilename string, data []byte, recipient age.Recipient) error {
+	file, err := os.Create(destinationFilename)
+	if err != nil {
+		return err
+	}
+	defer file.Close()
+	writeCloser, err := age.Encrypt(file, recipient)
+	if err != nil {
+		return err
+	}
+	if _, err = writeCloser.Write(data); err != nil {
+		return err
+	}
+	return writeCloser.Close()
+}
+
+func DecryptToWriter(destinationWriter io.Writer, encryptedDataReader io.Reader, identity age.Identity) error {
+	reader, err := age.Decrypt(encryptedDataReader, identity)
+	if err != nil {
+		return err
+	}
+	_, err = io.Copy(destinationWriter, reader)
+	return err
+}
+
+func ReadSecret(label string, confirm bool) (string, error) {
+	prefix := ""
+	if confirm {
+		prefix = "create "
+	}
+	fmt.Printf("%s%s: ", prefix, label)
+	secretBytes, err := term.ReadPassword(int(syscall.Stdin))
+	fmt.Println()
+	if err != nil {
+		return "", err
+	}
+	if len(secretBytes) == 0 {
+		return "", errors.New("passphrase cannot be empty")
+	}
+	if confirm {
+		fmt.Printf("confirm %s: ", label)
+		confirmSecretBytes, err := term.ReadPassword(int(syscall.Stdin))
+		fmt.Println()
+		if err != nil {
+			return "", err
+		}
+		if string(secretBytes) != string(confirmSecretBytes) {
+			return "", fmt.Errorf("%s not matching", label)
+		}
+	}
+	return string(secretBytes), nil
+}

internal/shredder/shredder.go

@@ -0,0 +1,58 @@
+package shredder
+
+import (
+	"crypto/rand"
+	"errors"
+	"io/fs"
+	"os"
+	"path/filepath"
+
+	"github.com/ndavd/agevault/internal/utils"
+)
+
+func ShredFile(path string, iterations int) error {
+	file, err := os.OpenFile(path, os.O_WRONLY, 0644)
+	if err != nil {
+		return err
+	}
+	info, err := file.Stat()
+	if err != nil {
+		return err
+	}
+	random := make([]byte, info.Size())
+	for i := 0; i < iterations; i++ {
+		if _, err = rand.Read(random); err != nil {
+			return err
+		}
+		if _, err = file.WriteAt(random, 0); err != nil {
+			return err
+		}
+		if err = file.Sync(); err != nil {
+			return err
+		}
+	}
+	if err = file.Close(); err != nil {
+		return err
+	}
+	return os.Remove(path)
+}
+
+func ShredDir(path string, iterations int) error {
+	exists, isDir := utils.Exists(path)
+	if !exists || !isDir {
+		return errors.New("is not a directory or does not exist")
+	}
+	err := filepath.WalkDir(path, func(path string, d fs.DirEntry, err error) error {
+		if err != nil {
+			return err
+		}
+		if !d.IsDir() && d.Type().IsRegular() {
+			ShredFile(path, iterations)
+		}
+		return nil
+	})
+	if err != nil {
+		return err
+	}
+	return os.RemoveAll(path)
+}

internal/utils/utils.go

@@ -0,0 +1,54 @@
+package utils
+
+import (
+	"bytes"
+	"errors"
+	"os"
+	"os/exec"
+)
+
+func RunCmd(name string, args ...string) error {
+	cmd := exec.Command(name, args...)
+	var stderr bytes.Buffer
+	cmd.Stderr = &stderr
+	err := cmd.Run()
+	if err != nil {
+		return errors.New(stderr.String())
+	}
+	return nil
+}
+
+func Exists(path string) (exists bool, isDir bool) {
+	info, err := os.Stat(path)
+	exists = true
+	if err != nil {
+		exists = false
+		return
+	}
+	isDir = info.IsDir()
+	return
+}
+
+type MatcherFunc func(filename string) bool
+
+func FileMatchInCwd(match MatcherFunc) (string, error) {
+	currentDir, err := os.Getwd()
+	if err != nil {
+		return "", err
+	}
+	dir, err := os.Open(currentDir)
+	if err != nil {
+		return "", err
+	}
+	defer dir.Close()
+	files, err := dir.ReadDir(-1)
+	if err != nil {
+		return "", err
+	}
+	for _, file := range files {
+		if !file.IsDir() && match(file.Name()) {
+			return file.Name(), nil
+		}
+	}
+	return "", nil
+}