diff --git a/go.mod b/go.mod index d78d92d..fd49a80 100644 --- a/go.mod +++ b/go.mod @@ -5,16 +5,17 @@ go 1.21.1 require ( github.com/dchest/bcrypt_pbkdf v0.0.0-20150205184540-83f37f9c154a github.com/opencoff/go-mmap v0.1.2 - github.com/opencoff/go-utils v0.9.0 + github.com/opencoff/go-utils v0.9.3 github.com/opencoff/pflag v1.0.6-sh1 - golang.org/x/crypto v0.17.0 - google.golang.org/protobuf v1.32.0 + golang.org/x/crypto v0.21.0 + google.golang.org/protobuf v1.33.0 gopkg.in/yaml.v2 v2.4.0 ) require ( - golang.org/x/sys v0.16.0 // indirect - golang.org/x/term v0.15.0 // indirect + golang.org/x/sys v0.18.0 // indirect + golang.org/x/term v0.18.0 // indirect ) //replace github.com/opencoff/go-mmap => ../go-mmap +//replace github.com/opencoff/go-utils => ../go-utils diff --git a/go.sum b/go.sum index 7d8bbe4..14b9bf3 100644 --- a/go.sum +++ b/go.sum @@ -4,20 +4,20 @@ github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU= github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= github.com/opencoff/go-mmap v0.1.2 h1:2yrYleq0x9cBruDRTafs7GZt4tCYmsUlvyN77HnY9hA= github.com/opencoff/go-mmap v0.1.2/go.mod h1:+UjRnKQ3l5dLqSNAczz7zKI8LJ7mBhJhaSqU4S91tFs= -github.com/opencoff/go-utils v0.9.0 h1:qJcRsjLHADmej3/BkH6cLX3pxapLwHf9uSN0E7vvZf4= -github.com/opencoff/go-utils v0.9.0/go.mod h1:IHjYSeM+bOKhCD2rBEba4/0C7Apko+KZKKyFgDF43Sc= +github.com/opencoff/go-utils v0.9.3 h1:Gdx1uB6QZ9/8FNU4h+94xGJ+onu8bQLRE4gyKRrrDD8= +github.com/opencoff/go-utils v0.9.3/go.mod h1:nNx572v21m3AkY9JomSXUG8iruY56Fm2zceNKNJDJaU= github.com/opencoff/pflag v1.0.6-sh1 h1:6RO8GgnpH928yu6earGDD01FnFT//bDJ1hCovcVVqY4= github.com/opencoff/pflag v1.0.6-sh1/go.mod h1:2bXtpAD/5h/2LarkbsRwiUxqnvB1nZBzn9Xjad1P41A= -golang.org/x/crypto v0.17.0 h1:r8bRNjWL3GshPW3gkd+RpvzWrZAwPS49OmTGZ/uhM4k= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= -golang.org/x/sys v0.16.0 h1:xWw16ngr6ZMtmxDyKyIgsE93KNKz5HKmMa3b8ALHidU= -golang.org/x/sys v0.16.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.15.0 h1:y/Oo/a/q3IXu26lQgl04j/gjuBDOBlx7X6Om1j2CPW4= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= +golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= +golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= +golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= +golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543 h1:E7g+9GITq07hpfrRu66IVDexMakfv52eLZ2CXBWiKr4= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I= -google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= +google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= +google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY= diff --git a/sign/iomisc.go b/sign/iomisc.go index b405b4f..45ddc05 100644 --- a/sign/iomisc.go +++ b/sign/iomisc.go @@ -26,11 +26,19 @@ import ( // Does MORE than ioutil.WriteFile() - in that it doesn't trash the // existing file with an incomplete write. func writeFile(fn string, b []byte, ovwrite bool, mode uint32) error { - sf, err := utils.NewSafeFile(fn, ovwrite, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(mode)) + var opts uint32 + if ovwrite { + opts |= utils.OPT_OVERWRITE + } + sf, err := utils.NewSafeFile(fn, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, os.FileMode(mode)) if err != nil { return err } - sf.Write(b) + defer sf.Abort() + if _, err = sf.Write(b); err != nil { + return err + } + return sf.Close() } diff --git a/src/crypt.go b/src/crypt.go index ad9cd79..f04b580 100644 --- a/src/crypt.go +++ b/src/crypt.go @@ -140,7 +140,11 @@ func encrypt(args []string) { mode = ist.Mode() } - sf, err := utils.NewSafeFile(outfile, force, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode) + var opts uint32 + if force { + opts |= utils.OPT_OVERWRITE + } + sf, err := utils.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode) if err != nil { Die("%s", err) } @@ -302,7 +306,11 @@ func decrypt(args []string) { mode = ist.Mode() } - sf, err := utils.NewSafeFile(outfile, force, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode) + var opts uint32 + if force { + opts |= utils.OPT_OVERWRITE + } + sf, err := utils.NewSafeFile(outfile, opts, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, mode) if err != nil { Die("%s", err) } diff --git a/src/sign.go b/src/sign.go index 9eb0bc4..154ff4a 100644 --- a/src/sign.go +++ b/src/sign.go @@ -68,7 +68,11 @@ Options: var fd io.WriteCloser = os.Stdout if outf != "-" { - sf, err := utils.NewSafeFile(outf, force, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) + var opts uint32 + if force { + opts |= utils.OPT_OVERWRITE + } + sf, err := utils.NewSafeFile(outf, opts, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, 0644) if err != nil { Die("can't create sig file: %s", err) } diff --git a/tests.sh b/tests.sh index 00c3f6d..a5d81d9 100755 --- a/tests.sh +++ b/tests.sh @@ -80,9 +80,9 @@ $keygen -q -C 'ssk2@foo' -t ed25519 -f $ssk2 -N "" # extract the pk string spk1_str=$(cat $spk1 | awk '{ print $2 }') -$bin s --no-password $ssk1 -o $sig $0 || die "can't sign with $ssk1" -$bin v -q $spk1 $sig $0 || die "can't verify with $spk2" -$bin v -q $spk1_str $sig $0 || die "can't verify with $spk2_str" +$bin s --no-password $ssk1 -o $sig $0 || die "can't sign with $ssk1" +$bin v -q $spk1 $sig $0 || die "can't verify with $spk2" +$bin v -q $spk1_str $sig $0 || die "can't verify with $spk2_str" $bin e --no-password -o $encout $spk2 $0 || die "can't encrypt to $spk2 with $ssk1" $bin d --no-password -o $decout $ssk2 $encout || die "can't decrypt with $ssk2" @@ -101,9 +101,9 @@ pk_str=$(cat $pk | grep 'pk:' | sed -e 's/^pk: //g') pk2_str=$(cat $pk2 | grep 'pk:' | sed -e 's/^pk: //g') # sign and verify -$bin s -E FOO $sk $0 -o $sig || die "can't sign $0" -$bin v -q $pk $sig $0 || die "can't verify signature of $0" -$bin v -q $pk_str $sig $0 || die "can't verify signature of $0" +$bin s -E FOO $sk $0 -o $sig || die "can't sign $0" +$bin v -q $pk $sig $0 || die "can't verify signature of $0" +$bin v -q $pk_str $sig $0 || die "can't verify signature of $0" $bin v -q $pk2 $sig $0 2>/dev/null && die "bad verification with wrong $pk2" $bin v -q $pk2_str $sig $0 2>/dev/null && die "bad verification with wrong $pk2" @@ -115,7 +115,7 @@ cmp -s $decout $0 || die "decrypted file mismatch with $0" # now with sender verification $bin e -E FOO --overwrite -o $encout -s $sk $pk2 $0 || die "can't sender-encrypt to $pk2" $bin d -E FOO --overwrite -o $decout -v $pk $sk2 $encout || die "can't decrypt with $sk2" -cmp -s $decout $0 || die "decrypted file mismatch with $0" +cmp -s $decout $0 || die "decrypted file mismatch with $0" # Only delete if everything worked echo "$Z: All tests pass!"