gitcrypt

package module

v0.0.0-...-0b99b45 Latest Latest Go to latest Published: Jan 27, 2024 License: GPL-3.0 Imports: 19 Imported by: 3

Details

Valid go.mod file

The Go module system was introduced in Go 1.11 and is the official dependency management solution for Go.
Redistributable license

Redistributable licenses place minimal restrictions on how software can be used, modified, and redistributed.
Tagged version

Modules with tagged versions give importers more predictable builds.
Stable version

When a project reaches major version v1 it is considered stable.
Learn more about best practices

Repository

github.com/jbuchbinder/go-git-crypt

Links

Open Source Insights

README ¶

GO-GIT-CRYPT

A Go-flavored attempt to reimplement the git-crypt algorithm in native Go. Primary focus is on providing decryption and key-handling functionality.

WARNING: Until version 0.1 is tagged, the API is subject to arbitrary change.

Features

Decryption
Parsing/interpretation of .gitattributes
Encryption
GPG keys - Add to repository
GPG keys - Remove from repository
New repository initialization

Documentation ¶

Index ¶

type AesCtrEncryptor
- func NewAesCtrEncryptor(rawKey []byte, nonce []byte) AesCtrEncryptor
type GitCrypt
type HMac
- func NewHMac(key []byte) HMac
- func (h *HMac) Result() []byte
- func (h *HMac) Write(w []byte)
type Key
type KeyEntry

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

This section is empty.

Types ¶

type AesCtrEncryptor ¶

type AesCtrEncryptor struct {
	// Debug represents whether debug logging is turned on or not
	Debug bool
	// contains filtered or unexported fields
}

AesCtrEncryptor represents an AES encryptor/decryptor

func NewAesCtrEncryptor ¶

func NewAesCtrEncryptor(rawKey []byte, nonce []byte) AesCtrEncryptor

NewAesCtrEncryptor creates a new AesCtrEncryptor instance with a key and nonce

type GitCrypt ¶

type GitCrypt struct {
	// Debug represents whether debug output will be enabled. Do not turn
	// this on until you really mean it.
	Debug bool
	// Vfs represents an optional virtual filesystem. If it is nil, the
	// standard OS file opening functions will be used.
	Vfs vfs.FileSystem
}

GitCrypt is the namespace

func (*GitCrypt) DecryptRepoKey ¶

func (g *GitCrypt) DecryptRepoKey(keyring openpgp.EntityList, keyName string, keyVersion uint32, secretKeys []string, keysPath string) (Key, error)

DecryptRepoKey decrypts a repository key, given:

keyring: A GPG keyring to use for the decryption.
keyName: Name of the key set being used. Empty defaults to "default".
keyVersion: Version of the git-crypt keys.
secretKeys: Array of private keys to attempt to decrypt
keysPath: Root path to the repository key directory (should be $REPOPATH/.git-crypt/keys)

func (*GitCrypt) DecryptRepoKeys ¶

func (g *GitCrypt) DecryptRepoKeys(keyring openpgp.EntityList, keyVersion uint32, secretKeys []string, keysPath string) ([]Key, error)

DecryptRepoKeys decrypts all available repository keys, given a GPG key

func (*GitCrypt) DecryptStream ¶

func (g *GitCrypt) DecryptStream(keyFile Key, header []byte, in io.ReadSeeker, out io.Writer) error

DecryptStream decrypts a stream of encrypted git-crypt format data given a key file and header

func (*GitCrypt) GpgDecryptFromFile ¶

func (g *GitCrypt) GpgDecryptFromFile(keyring openpgp.EntityList, path string) ([]byte, error)

GpgDecryptFromFile decrypts a file using a PGP/GPG key

func (*GitCrypt) IsGitCrypted ¶

func (g *GitCrypt) IsGitCrypted(fn string) bool

IsGitCrypted returns whether or not a file has been encrypted in the git-crypt encryption format. Supports optional Vfs methods.

func (*GitCrypt) KeyFromFile ¶

func (g *GitCrypt) KeyFromFile(filename string) (Key, error)

KeyFromFile instantiates a new key from a specified file

func (*GitCrypt) ReadFileHeader ¶

func (g *GitCrypt) ReadFileHeader(fp io.ReadSeekCloser) ([]byte, error)

ReadFileHeader fetches the git-crypt file header from an open seekable file

func (*GitCrypt) ReadFileHeaderFromFile ¶

func (g *GitCrypt) ReadFileHeaderFromFile(filename string) ([]byte, error)

ReadFileHeaderFromFile fetches the git-crypt file header from an unopened file

type HMac ¶

type HMac struct {
	// contains filtered or unexported fields
}

HMac represents an HMAC encryptor/decryptor

func NewHMac ¶

func NewHMac(key []byte) HMac

NewHMac creates an HMac encryptor/decryptor

func (*HMac) Result ¶

func (h *HMac) Result() []byte

Result returns the resultant sum

func (*HMac) Write ¶

func (h *HMac) Write(w []byte)

Write adds bytes to the HMAC hash

type Key ¶

type Key struct {
	Parent  *GitCrypt
	Version uint32
	Entries []KeyEntry
	KeyName string
	Debug   bool
}

Key is a git-crypt key structure

func (*Key) Get ¶

func (k *Key) Get(version uint32) (KeyEntry, error)

Get retrieves an entry by version number

func (*Key) Latest ¶

func (k *Key) Latest() (KeyEntry, error)

Latest returns the latest of the entries from the key file

func (*Key) Load ¶

func (k *Key) Load(in io.Reader) error

Load imports a key from an io.Reader

func (*Key) LoadFromFile ¶

func (k *Key) LoadFromFile(filename string) error

LoadFromFile loads a key from a filesystem file

func (Key) Store ¶

func (k Key) Store(out io.Writer) error

Store stores a copy of the key to a file

type KeyEntry ¶

type KeyEntry struct {
	Version uint32
	AesKey  []byte
	HmacKey []byte
}

KeyEntry is a key entry

func (*KeyEntry) Generate ¶

func (k *KeyEntry) Generate(version uint32) error

Generate generates a new key

func (*KeyEntry) Load ¶

func (k *KeyEntry) Load(in io.Reader) error

Load loads an entry from a stream

func (KeyEntry) Store ¶

func (k KeyEntry) Store(out io.Writer) error

Store implements writing a Key TODO: FIXME: XXX: FINISH IMPLEMENT

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
git-crypt-add-key Module
git-decrypt Module
gpg module

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL