Merge branch 'main' of github.com:TLINDEN/anydb

anydb.1

@@ -133,7 +133,7 @@
 .\" ========================================================================
 .\"
 .IX Title "ANYDB 1"
-.TH ANYDB 1 "2025-01-01" "1" "User Commands"
+.TH ANYDB 1 "2025-02-10" "1" "User Commands"
 .\" For nroff, turn off justification.  Always turn off hyphenation; it makes
 .\" way too many mistakes in technical documents.
 .if n .ad l
@@ -608,19 +608,23 @@ required, the template provided applies to every matching entry
 separatley.
 .PP
 The following template variables can be used:
-.IP "\fBKey\fR \- string" 4
-.IX Item "Key - string"
+.IP "\fB.Key\fR \- string" 4
+.IX Item ".Key - string"
 .PD 0
-.IP "\fBValue\fR \- string" 4
-.IX Item "Value - string"
-.IP "\fBBin\fR \- []byte" 4
-.IX Item "Bin - []byte"
-.IP "\fBCreated\fR \- time.Time" 4
-.IX Item "Created - time.Time"
-.IP "\fBTags\fR \- []string" 4
-.IX Item "Tags - []string"
-.IP "\fBEncrypted\fR bool" 4
-.IX Item "Encrypted bool"
+.IP "\fB.Value\fR \- string" 4
+.IX Item ".Value - string"
+.IP "\fB.Bin\fR \- []byte" 4
+.IX Item ".Bin - []byte"
+.IP "\fB.Created\fR \- timestamp.Time" 4
+.IX Item ".Created - timestamp.Time"
+.PD
+To retrieve a string representation of the timestamp, use \f(CW\*(C`.Created.AsTime\*(C'\fR.
+If you need a unix timestamp since epoch, use \f(CW\*(C`.Created.Unix\*(C'\fR.
+.IP "\fB.Tags\fR \- []string" 4
+.IX Item ".Tags - []string"
+.PD 0
+.IP "\fB.Encrypted\fR bool" 4
+.IX Item ".Encrypted bool"
 .PD
 .PP
 Prepend a single dot (\*(L".\*(R") before each variable name.
@@ -637,14 +641,14 @@ Format the list in a way so that is possible to evaluate it in a
 shell:
 .PP
 .Vb 2
-\&    eval $(anydb get foo \-m template \-T "key=\*(Aq{{ .Key }}\*(Aq value=\*(Aq{{ .Value }}\*(Aq ts=\*(Aq{{ .Created}}\*(Aq")
-\&    echo "Key: $key, Value: $value"
+\&    eval $(anydb get foo \-m template \-T "key=\*(Aq{{ .Key }}\*(Aq value=\*(Aq{{ .Value }}\*(Aq ts=\*(Aq{{ .Created.AsTime}}\*(Aq")
+\&    echo "Key: $key, Value: $value, When: $ts"
 .Ve
 .PP
 Print the values in \s-1CSV\s0 format \s-1ONLY\s0 if they have some tag:
 .PP
 .Vb 1
-\&    anydb list \-m template \-T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created}}{{ end }}"
+\&    anydb list \-m template \-T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created.AsTime}}{{ end }}"
 .Ve
 .SH "CONFIGURATION"
 .IX Header "CONFIGURATION"

app/crypto.go

@@ -20,6 +20,7 @@ import (
 	"crypto/rand"
 	"errors"
 	"fmt"
+	"log/slog"
 	"os"
 	"syscall"
 
@@ -34,7 +35,7 @@ const (
 	ArgonParallel uint8  = 2
 	ArgonSaltLen  int    = 16
 	ArgonKeyLen   uint32 = 32
-	B64SaltLen    int    = 22
+	B64SaltLen    int    = 16 //22
 )
 
 type Key struct {
@@ -84,7 +85,11 @@ func DeriveKey(password []byte, salt []byte) (*Key, error) {
 		ArgonKeyLen,
 	)
 
-	return &Key{Key: hash, Salt: salt}, nil
+	key := &Key{Key: hash, Salt: salt}
+
+	slog.Debug("derived key", "key", string(key.Key), "salt", string(key.Salt))
+
+	return key, nil
 }
 
 // Retrieve a random chunk of given size
@@ -124,10 +129,13 @@ func Encrypt(pass []byte, attr *DbAttr) error {
 
 	cipher := aead.Seal(nonce, nonce, attr.Val, nil)
 
-	attr.Val = append(attr.Val, key.Salt...)
+	attr.Val = key.Salt
 	attr.Val = append(attr.Val, cipher...)
 
 	attr.Encrypted = true
+	attr.Preview = "<encrypted-content>"
+
+	slog.Debug("encrypted attr", "salt", string(key.Salt), "cipher", string(attr.Val))
 
 	return nil
 }
@@ -156,5 +164,12 @@ func Decrypt(pass []byte, cipherb []byte) ([]byte, error) {
 
 	nonce, ciphertext := cipher[:aead.NonceSize()], cipher[aead.NonceSize():]
 
-	return aead.Open(nil, nonce, ciphertext, nil)
+	clear, err := aead.Open(nil, nonce, ciphertext, nil)
+	if err != nil {
+		return nil, err
+	}
+
+	slog.Debug("decrypted attr", "salt", string(key.Salt), "clear", string(clear))
+
+	return clear, err
 }

app/db.go

@@ -20,6 +20,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
+	"log/slog"
 	"os"
 	"path/filepath"
 	"regexp"
@@ -84,6 +85,8 @@ func New(file string, bucket string, debug bool) (*DB, error) {
 }
 
 func (db *DB) Open() error {
+	slog.Debug("opening DB", "dbfile", db.Dbfile)
+
 	if _, err := os.Stat(filepath.Dir(db.Dbfile)); os.IsNotExist(err) {
 		if err := os.MkdirAll(filepath.Dir(db.Dbfile), 0700); err != nil {
 			return err
@@ -128,11 +131,15 @@ func (db *DB) List(attr *DbAttr, fulltext bool) (DbEntries, error) {
 			return nil
 		}
 
+		slog.Debug("opened root bucket", "root", root)
+
 		bucket := root.Bucket([]byte("meta"))
 		if bucket == nil {
 			return nil
 		}
 
+		slog.Debug("opened buckets", "root", root, "data", bucket)
+
 		databucket := root.Bucket([]byte("data"))
 		if databucket == nil {
 			return fmt.Errorf("failed to retrieve data sub bucket")
@@ -215,6 +222,7 @@ func (db *DB) Set(attr *DbAttr) error {
 	// check if the  entry already exists and if yes,  check if it has
 	// any  tags. if so,  we initialize  our update struct  with these
 	// tags unless it has new tags configured.
+	// FIXME: use Get()
 	err := db.DB.View(func(tx *bolt.Tx) error {
 		root := tx.Bucket([]byte(db.Bucket))
 		if root == nil {
@@ -226,6 +234,8 @@ func (db *DB) Set(attr *DbAttr) error {
 			return nil
 		}
 
+		slog.Debug("opened buckets", "root", root, "data", bucket)
+
 		pbentry := bucket.Get([]byte(entry.Key))
 		if pbentry == nil {
 			return nil
@@ -267,6 +277,8 @@ func (db *DB) Set(attr *DbAttr) error {
 			return fmt.Errorf("failed to create DB meta sub bucket: %w", err)
 		}
 
+		slog.Debug("opened/created buckets", "root", root, "data", bucket)
+
 		// write meta data
 		err = bucket.Put([]byte(entry.Key), []byte(pbentry))
 		if err != nil {
@@ -316,6 +328,8 @@ func (db *DB) Get(attr *DbAttr) (*DbEntry, error) {
 			return nil
 		}
 
+		slog.Debug("opened buckets", "root", root, "data", bucket)
+
 		// retrieve meta data
 		pbentry := bucket.Get([]byte(attr.Key))
 		if pbentry == nil {
@@ -369,6 +383,8 @@ func (db *DB) Del(attr *DbAttr) error {
 			return nil
 		}
 
+		slog.Debug("opened buckets", "data", bucket)
+
 		return bucket.Delete([]byte(attr.Key))
 	})
 
@@ -421,6 +437,8 @@ func (db *DB) Import(attr *DbAttr) (string, error) {
 			return fmt.Errorf("failed to create DB meta sub bucket: %w", err)
 		}
 
+		slog.Debug("opened buckets", "root", root, "data", bucket)
+
 		for _, entry := range entries {
 			pbentry, err := proto.Marshal(entry)
 			if err != nil {
@@ -528,6 +546,8 @@ func (db *DB) Getall(attr *DbAttr) (DbEntries, error) {
 			return fmt.Errorf("failed to retrieve data sub bucket")
 		}
 
+		slog.Debug("opened buckets", "root", root, "data", bucket)
+
 		// iterate over all db entries in meta sub bucket
 		err := bucket.ForEach(func(key, pbentry []byte) error {
 			var entry DbEntry

cfg/config.go

@@ -26,7 +26,7 @@ import (
 	"github.com/tlinden/anydb/common"
 )
 
-var Version string = "v0.1.4"
+var Version string = "v0.2.0"
 
 type BucketConfig struct {
 	Encrypt bool

cmd/anydb.go

@@ -411,12 +411,16 @@ TEMPLATES
 
     The following template variables can be used:
 
-    Key - string
-    Value - string
-    Bin - []byte
-    Created - time.Time
-    Tags - []string
-    Encrypted bool
+    .Key - string
+    .Value - string
+    .Bin - []byte
+    .Created - timestamp.Time
+        To retrieve a string representation of the timestamp, use
+        ".Created.AsTime". If you need a unix timestamp since epoch, use
+        ".Created.Unix".
+
+    .Tags - []string
+    .Encrypted bool
 
     Prepend a single dot (".") before each variable name.
 
@@ -428,12 +432,12 @@ TEMPLATES
 
     Format the list in a way so that is possible to evaluate it in a shell:
 
-        eval $(anydb get foo -m template -T "key='{{ .Key }}' value='{{ .Value }}' ts='{{ .Created}}'")
-        echo "Key: $key, Value: $value"
+        eval $(anydb get foo -m template -T "key='{{ .Key }}' value='{{ .Value }}' ts='{{ .Created.AsTime}}'")
+        echo "Key: $key, Value: $value, When: $ts"
 
     Print the values in CSV format ONLY if they have some tag:
 
-        anydb list -m template -T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created}}{{ end }}"
+        anydb list -m template -T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created.AsTime}}{{ end }}"
 
 CONFIGURATION
     Anydb looks at the following locations for a configuration file, in that

cmd/crud.go

@@ -124,6 +124,7 @@ func Get(conf *cfg.Config) *cobra.Command {
 				}
 
 				entry.Value = string(clear)
+				entry.Size = uint64(len(entry.Value))
 				entry.Encrypted = false
 			}
 

cmd/root.go

@@ -19,13 +19,15 @@ package cmd
 import (
 	"errors"
 	"fmt"
+	"log/slog"
 	"os"
 	"path/filepath"
+	"runtime/debug"
 
-	"github.com/alecthomas/repr"
 	"github.com/spf13/cobra"
 	"github.com/tlinden/anydb/app"
 	"github.com/tlinden/anydb/cfg"
+	"github.com/tlinden/yadu"
 )
 
 func completion(cmd *cobra.Command, mode string) error {
@@ -67,14 +69,6 @@ func Execute() {
 		Short: "anydb",
 		Long:  `A personal key value store`,
 		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
-			dbfile := app.GetDbFile(conf.Dbfile)
-
-			db, err := app.New(dbfile, conf.Dbbucket, conf.Debug)
-			if err != nil {
-				return err
-			}
-
-			conf.DB = db
 
 			var configs []string
 			if configfile != "" {
@@ -88,9 +82,34 @@ func Execute() {
 			}
 
 			if conf.Debug {
-				repr.Println(conf)
+				buildInfo, _ := debug.ReadBuildInfo()
+				opts := &yadu.Options{
+					Level:     slog.LevelDebug,
+					AddSource: true,
+				}
+
+				slog.SetLogLoggerLevel(slog.LevelDebug)
+
+				handler := yadu.NewHandler(os.Stdout, opts)
+				debuglogger := slog.New(handler).With(
+					slog.Group("program_info",
+						slog.Int("pid", os.Getpid()),
+						slog.String("go_version", buildInfo.GoVersion),
+					),
+				)
+				slog.SetDefault(debuglogger)
+
+				slog.Debug("parsed config", "conf", conf)
 			}
 
+			dbfile := app.GetDbFile(conf.Dbfile)
+
+			db, err := app.New(dbfile, conf.Dbbucket, conf.Debug)
+			if err != nil {
+				return err
+			}
+
+			conf.DB = db
 			return nil
 		},
 

go.mod

@@ -1,6 +1,8 @@
 module github.com/tlinden/anydb
 
-go 1.22.1
+go 1.23
+
+toolchain go1.23.5
 
 require (
 	github.com/alecthomas/repr v0.4.0
@@ -11,14 +13,15 @@ require (
 	github.com/pelletier/go-toml v1.9.5
 	github.com/rogpeppe/go-internal v1.13.1
 	github.com/spf13/cobra v1.8.1
-	go.etcd.io/bbolt v1.3.11
+	go.etcd.io/bbolt v1.4.0
 	golang.org/x/crypto v0.31.0
 	golang.org/x/term v0.27.0
-	google.golang.org/protobuf v1.36.4
+	google.golang.org/protobuf v1.36.5
 )
 
 require (
 	github.com/andybalholm/brotli v1.1.1 // indirect
+	github.com/fatih/color v1.16.0 // indirect
 	github.com/gofiber/fiber/v3 v3.0.0-beta.3 // indirect
 	github.com/gofiber/utils/v2 v2.0.0-beta.4 // indirect
 	github.com/google/uuid v1.6.0 // indirect
@@ -28,9 +31,11 @@ require (
 	github.com/mattn/go-runewidth v0.0.16 // indirect
 	github.com/rivo/uniseg v0.2.0 // indirect
 	github.com/spf13/pflag v1.0.6 // indirect
+	github.com/tlinden/yadu v0.1.3 // indirect
 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 	github.com/valyala/fasthttp v1.55.0 // indirect
 	github.com/valyala/tcplisten v1.0.0 // indirect
 	golang.org/x/sys v0.29.0 // indirect
 	golang.org/x/tools v0.22.0 // indirect
+	gopkg.in/yaml.v3 v3.0.1 // indirect
 )

go.sum

@@ -14,6 +14,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
+github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM=
+github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE=
 github.com/gofiber/fiber/v2 v2.52.5 h1:tWoP1MJQjGEe4GB5TUGOi7P2E0ZMMRx5ZTG4rT+yGMo=
 github.com/gofiber/fiber/v2 v2.52.5/go.mod h1:KEOE+cXMhXG0zHc9d8+E38hoX+ZN7bhOtgeF2oT6jrQ=
 github.com/gofiber/fiber/v2 v2.52.6 h1:Rfp+ILPiYSvvVuIPvxrBns+HJp8qGLDnLJawAu27XVI=
@@ -70,6 +72,8 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An
 github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o=
 github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/tlinden/yadu v0.1.3 h1:5cRCUmj+l5yvlM2irtpFBIJwVV2DPEgYSaWvF19FtcY=
+github.com/tlinden/yadu v0.1.3/go.mod h1:l3bRmHKL9zGAR6pnBHY2HRPxBecf7L74BoBgOOpTcUA=
 github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
 github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
 github.com/valyala/fasthttp v1.51.0 h1:8b30A5JlZ6C7AS81RsWjYMQmrZG6feChmgAolCl1SqA=
@@ -83,6 +87,8 @@ github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3i
 go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=
 go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I=
+go.etcd.io/bbolt v1.4.0 h1:TU77id3TnN/zKr7CO/uk+fBCwF2jGcMuw2B/FMAzYIk=
+go.etcd.io/bbolt v1.4.0/go.mod h1:AsD+OCi/qPN1giOX1aiLAha3o1U8rAz65bvN4j0sRuk=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U=
 golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk=
@@ -108,6 +114,9 @@ google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/g
 google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM=
 google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
+google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM=
+google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=

main.go

@@ -19,6 +19,7 @@ package main
 import (
 	"bufio"
 	"fmt"
+	"log/slog"
 	"os"
 	"runtime"
 
@@ -27,9 +28,31 @@ import (
 )
 
 func main() {
+	const NoLogsLevel = 100
+	slog.SetLogLoggerLevel(NoLogsLevel)
+
 	Main()
 }
 
+func init() {
+	// if we're running on Windows  AND if the user double clicked the
+	// exe  file from explorer, we  tell them and then  wait until any
+	// key has been hit, which  will make the cmd window disappear and
+	// thus give the user time to read it.
+	if runtime.GOOS == "windows" {
+		if mousetrap.StartedByExplorer() {
+			fmt.Println("Do no double click kleingebaeck.exe!")
+			fmt.Println("Please open a command shell and run it from there.")
+			fmt.Println()
+			fmt.Print("Press any key to quit: ")
+			_, err := bufio.NewReader(os.Stdin).ReadString('\n')
+			if err != nil {
+				panic(err)
+			}
+		}
+	}
+}
+
 func Main() int {
 	cmd.Execute()
 	return 0

t/crypt.txtar

@@ -0,0 +1,37 @@
+# 
+# Copyright © 2025 Thomas von Dein
+# 
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+# 
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+# 
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# 
+
+# encrypt something
+exec env ANYDB_PASSWORD=12345 anydb -f test.db set -e secret eshishinusan
+
+# retrieve it
+exec env ANYDB_PASSWORD=12345 anydb -f test.db get secret
+stdout eshishinusan
+
+# but has it really been encrypted?
+! exec env ANYDB_PASSWORD=8d8d8 anydb -f test.db get secret 
+! stdout eshishinusan
+stderr 'message authentication failed'
+
+# what about the listing
+exec anydb -f test.db ls -l
+stdout 'encrypted-content'
+! stdout eshishinusan
+
+# and the export?
+exec anydb -f test.db export -o -
+! stdout eshishinusan