From ee1a7ffcd0d07a356c66fd230e11c7144842fe9e Mon Sep 17 00:00:00 2001 From: pp-johan Date: Wed, 5 Feb 2020 12:48:20 +0100 Subject: [PATCH] Automatically ask for pass if needed --- cmd/decrypt/decrypt.go | 9 +-------- dec/dec.go | 11 ++++++----- 2 files changed, 7 insertions(+), 13 deletions(-) diff --git a/cmd/decrypt/decrypt.go b/cmd/decrypt/decrypt.go index 3086e6a..ff9f081 100644 --- a/cmd/decrypt/decrypt.go +++ b/cmd/decrypt/decrypt.go @@ -13,7 +13,6 @@ type decryption struct { fileToDecrypt string privateKey string secretKey string - askPass bool } // Decrypt allows decryption of symmetric key using private key @@ -52,12 +51,6 @@ func Decrypt() *cobra.Command { "secret.key.enc", "secret key to decrypt", ) - cmd.Flags().BoolVar( - &decrypt.askPass, - "askPass", - false, - "ask for password for private key", - ) return cmd } @@ -68,7 +61,7 @@ func (e *decryption) run() { secretKey, _ := ioutil.ReadFile(e.secretKey) fileToDecrypt, _ := ioutil.ReadFile(e.fileToDecrypt) - unecryptedSecret := dec.DecryptUsingPrivateKey(secretKey, privateKey, e.askPass) + unecryptedSecret := dec.DecryptUsingPrivateKey(secretKey, privateKey) clearText := dec.DecryptUsingAsymmetricKey(fileToDecrypt, unecryptedSecret) diff --git a/dec/dec.go b/dec/dec.go index 9af3a1b..59f9887 100644 --- a/dec/dec.go +++ b/dec/dec.go @@ -2,6 +2,7 @@ package dec import ( "fmt" + "strings" "crypto/aes" "crypto/cipher" @@ -15,18 +16,18 @@ import ( ) // DecryptUsingPrivateKey decrypt using private key -func DecryptUsingPrivateKey(toDecrypt, pKey []byte, askPass bool) []byte { +func DecryptUsingPrivateKey(toDecrypt, pKey []byte) []byte { var privateKey *rsa.PrivateKey - if askPass { + if strings.Contains(string(pKey), "OPENSSH") { + pk, _ := ssh.ParseRawPrivateKey(pKey) + privateKey = pk.(*rsa.PrivateKey) + } else { pkPassword := getPkPassword() privateKeyPem, _ := pem.Decode(pKey) decPrivateKey, _ := x509.DecryptPEMBlock(privateKeyPem, []byte(pkPassword)) privateKey, _ = x509.ParsePKCS1PrivateKey(decPrivateKey) - } else { - pk, _ := ssh.ParseRawPrivateKey(pKey) - privateKey = pk.(*rsa.PrivateKey) } unecryptedSecret, _ := rsa.DecryptPKCS1v15(rand.Reader, privateKey, toDecrypt)