summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakob Unterwurzacher2017-05-28 17:11:50 +0200
committerJakob Unterwurzacher2017-05-28 17:11:50 +0200
commit7f5ae5f8436442c1243609d0de7fd9678f9c33d5 (patch)
tree67faa1476c0e34dab9bf36bff1dbc5b9d774122d
parentc36a55e98599c96f228eb7ea09c1c71a5e114ee5 (diff)
gocryptfs-xray: add function to dump the master key
Fixes https://github.com/rfjakob/gocryptfs/issues/83
-rw-r--r--gocryptfs-xray/xray_main.go34
1 files changed, 31 insertions, 3 deletions
diff --git a/gocryptfs-xray/xray_main.go b/gocryptfs-xray/xray_main.go
index 0073c3d..6cce1c6 100644
--- a/gocryptfs-xray/xray_main.go
+++ b/gocryptfs-xray/xray_main.go
@@ -7,13 +7,16 @@ import (
"io"
"os"
+ "github.com/rfjakob/gocryptfs/internal/configfile"
"github.com/rfjakob/gocryptfs/internal/contentenc"
"github.com/rfjakob/gocryptfs/internal/cryptocore"
+ "github.com/rfjakob/gocryptfs/internal/readpassword"
)
const (
ivLen = contentenc.DefaultIVBits / 8
blockSize = contentenc.DefaultBS + ivLen + cryptocore.AuthTagLen
+ myName = "gocryptfs-xray"
)
func errExit(err error) {
@@ -27,17 +30,42 @@ func prettyPrintHeader(h *contentenc.FileHeader) {
}
func main() {
+ dumpmasterkey := flag.Bool("dumpmasterkey", false, "Decrypt and dump the master key")
flag.Parse()
if flag.NArg() != 1 {
- fmt.Printf("Usage: xray FILE\n")
+ fmt.Fprintf(os.Stderr, "Usage: %s [OPTIONS] FILE\n"+
+ "\n"+
+ "Options:\n", myName)
+ flag.PrintDefaults()
+ fmt.Fprintf(os.Stderr, "\n"+
+ "Examples:\n"+
+ " gocryptfs-xray myfs/mCXnISiv7nEmyc0glGuhTQ\n"+
+ " gocryptfs-xray -dumpmasterkey myfs/gocryptfs.conf\n")
os.Exit(1)
}
- f := flag.Arg(0)
- fd, err := os.Open(f)
+ fn := flag.Arg(0)
+ fd, err := os.Open(fn)
if err != nil {
errExit(err)
}
+ defer fd.Close()
+ if *dumpmasterkey {
+ dumpMasterKey(fn)
+ } else {
+ inspectCiphertext(fd)
+ }
+}
+
+func dumpMasterKey(fn string) {
+ pw := readpassword.Once("")
+ masterkey, _, err := configfile.LoadConfFile(fn, pw)
+ if err != nil {
+ fmt.Fprintln(os.Stderr, err)
+ }
+ fmt.Println(hex.EncodeToString(masterkey))
+}
+func inspectCiphertext(fd *os.File) {
headerBytes := make([]byte, contentenc.HeaderLen)
n, err := fd.ReadAt(headerBytes, 0)
if err == io.EOF && n == 0 {