diff --git a/anydb.1 b/anydb.1 index 90953b9..c9345a1 100644 --- a/anydb.1 +++ b/anydb.1 @@ -133,7 +133,7 @@ .\" ======================================================================== .\" .IX Title "ANYDB 1" -.TH ANYDB 1 "2025-01-01" "1" "User Commands" +.TH ANYDB 1 "2025-02-10" "1" "User Commands" .\" For nroff, turn off justification. Always turn off hyphenation; it makes .\" way too many mistakes in technical documents. .if n .ad l @@ -608,19 +608,23 @@ required, the template provided applies to every matching entry separatley. .PP The following template variables can be used: -.IP "\fBKey\fR \- string" 4 -.IX Item "Key - string" +.IP "\fB.Key\fR \- string" 4 +.IX Item ".Key - string" .PD 0 -.IP "\fBValue\fR \- string" 4 -.IX Item "Value - string" -.IP "\fBBin\fR \- []byte" 4 -.IX Item "Bin - []byte" -.IP "\fBCreated\fR \- time.Time" 4 -.IX Item "Created - time.Time" -.IP "\fBTags\fR \- []string" 4 -.IX Item "Tags - []string" -.IP "\fBEncrypted\fR bool" 4 -.IX Item "Encrypted bool" +.IP "\fB.Value\fR \- string" 4 +.IX Item ".Value - string" +.IP "\fB.Bin\fR \- []byte" 4 +.IX Item ".Bin - []byte" +.IP "\fB.Created\fR \- timestamp.Time" 4 +.IX Item ".Created - timestamp.Time" +.PD +To retrieve a string representation of the timestamp, use \f(CW\*(C`.Created.AsTime\*(C'\fR. +If you need a unix timestamp since epoch, use \f(CW\*(C`.Created.Unix\*(C'\fR. +.IP "\fB.Tags\fR \- []string" 4 +.IX Item ".Tags - []string" +.PD 0 +.IP "\fB.Encrypted\fR bool" 4 +.IX Item ".Encrypted bool" .PD .PP Prepend a single dot (\*(L".\*(R") before each variable name. @@ -637,14 +641,14 @@ Format the list in a way so that is possible to evaluate it in a shell: .PP .Vb 2 -\& eval $(anydb get foo \-m template \-T "key=\*(Aq{{ .Key }}\*(Aq value=\*(Aq{{ .Value }}\*(Aq ts=\*(Aq{{ .Created}}\*(Aq") -\& echo "Key: $key, Value: $value" +\& eval $(anydb get foo \-m template \-T "key=\*(Aq{{ .Key }}\*(Aq value=\*(Aq{{ .Value }}\*(Aq ts=\*(Aq{{ .Created.AsTime}}\*(Aq") +\& echo "Key: $key, Value: $value, When: $ts" .Ve .PP Print the values in \s-1CSV\s0 format \s-1ONLY\s0 if they have some tag: .PP .Vb 1 -\& anydb list \-m template \-T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created}}{{ end }}" +\& anydb list \-m template \-T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created.AsTime}}{{ end }}" .Ve .SH "CONFIGURATION" .IX Header "CONFIGURATION" diff --git a/app/crypto.go b/app/crypto.go index 4c65ea9..75f0587 100644 --- a/app/crypto.go +++ b/app/crypto.go @@ -20,6 +20,7 @@ import ( "crypto/rand" "errors" "fmt" + "log/slog" "os" "syscall" @@ -34,7 +35,7 @@ const ( ArgonParallel uint8 = 2 ArgonSaltLen int = 16 ArgonKeyLen uint32 = 32 - B64SaltLen int = 22 + B64SaltLen int = 16 //22 ) type Key struct { @@ -84,7 +85,11 @@ func DeriveKey(password []byte, salt []byte) (*Key, error) { ArgonKeyLen, ) - return &Key{Key: hash, Salt: salt}, nil + key := &Key{Key: hash, Salt: salt} + + slog.Debug("derived key", "key", string(key.Key), "salt", string(key.Salt)) + + return key, nil } // Retrieve a random chunk of given size @@ -124,10 +129,13 @@ func Encrypt(pass []byte, attr *DbAttr) error { cipher := aead.Seal(nonce, nonce, attr.Val, nil) - attr.Val = append(attr.Val, key.Salt...) + attr.Val = key.Salt attr.Val = append(attr.Val, cipher...) attr.Encrypted = true + attr.Preview = "" + + slog.Debug("encrypted attr", "salt", string(key.Salt), "cipher", string(attr.Val)) return nil } @@ -156,5 +164,12 @@ func Decrypt(pass []byte, cipherb []byte) ([]byte, error) { nonce, ciphertext := cipher[:aead.NonceSize()], cipher[aead.NonceSize():] - return aead.Open(nil, nonce, ciphertext, nil) + clear, err := aead.Open(nil, nonce, ciphertext, nil) + if err != nil { + return nil, err + } + + slog.Debug("decrypted attr", "salt", string(key.Salt), "clear", string(clear)) + + return clear, err } diff --git a/app/db.go b/app/db.go index 6a46371..7423c6f 100644 --- a/app/db.go +++ b/app/db.go @@ -20,6 +20,7 @@ import ( "encoding/json" "errors" "fmt" + "log/slog" "os" "path/filepath" "regexp" @@ -84,6 +85,8 @@ func New(file string, bucket string, debug bool) (*DB, error) { } func (db *DB) Open() error { + slog.Debug("opening DB", "dbfile", db.Dbfile) + if _, err := os.Stat(filepath.Dir(db.Dbfile)); os.IsNotExist(err) { if err := os.MkdirAll(filepath.Dir(db.Dbfile), 0700); err != nil { return err @@ -128,11 +131,15 @@ func (db *DB) List(attr *DbAttr, fulltext bool) (DbEntries, error) { return nil } + slog.Debug("opened root bucket", "root", root) + bucket := root.Bucket([]byte("meta")) if bucket == nil { return nil } + slog.Debug("opened buckets", "root", root, "data", bucket) + databucket := root.Bucket([]byte("data")) if databucket == nil { return fmt.Errorf("failed to retrieve data sub bucket") @@ -215,6 +222,7 @@ func (db *DB) Set(attr *DbAttr) error { // check if the entry already exists and if yes, check if it has // any tags. if so, we initialize our update struct with these // tags unless it has new tags configured. + // FIXME: use Get() err := db.DB.View(func(tx *bolt.Tx) error { root := tx.Bucket([]byte(db.Bucket)) if root == nil { @@ -226,6 +234,8 @@ func (db *DB) Set(attr *DbAttr) error { return nil } + slog.Debug("opened buckets", "root", root, "data", bucket) + pbentry := bucket.Get([]byte(entry.Key)) if pbentry == nil { return nil @@ -267,6 +277,8 @@ func (db *DB) Set(attr *DbAttr) error { return fmt.Errorf("failed to create DB meta sub bucket: %w", err) } + slog.Debug("opened/created buckets", "root", root, "data", bucket) + // write meta data err = bucket.Put([]byte(entry.Key), []byte(pbentry)) if err != nil { @@ -316,6 +328,8 @@ func (db *DB) Get(attr *DbAttr) (*DbEntry, error) { return nil } + slog.Debug("opened buckets", "root", root, "data", bucket) + // retrieve meta data pbentry := bucket.Get([]byte(attr.Key)) if pbentry == nil { @@ -369,6 +383,8 @@ func (db *DB) Del(attr *DbAttr) error { return nil } + slog.Debug("opened buckets", "data", bucket) + return bucket.Delete([]byte(attr.Key)) }) @@ -421,6 +437,8 @@ func (db *DB) Import(attr *DbAttr) (string, error) { return fmt.Errorf("failed to create DB meta sub bucket: %w", err) } + slog.Debug("opened buckets", "root", root, "data", bucket) + for _, entry := range entries { pbentry, err := proto.Marshal(entry) if err != nil { @@ -528,6 +546,8 @@ func (db *DB) Getall(attr *DbAttr) (DbEntries, error) { return fmt.Errorf("failed to retrieve data sub bucket") } + slog.Debug("opened buckets", "root", root, "data", bucket) + // iterate over all db entries in meta sub bucket err := bucket.ForEach(func(key, pbentry []byte) error { var entry DbEntry diff --git a/cfg/config.go b/cfg/config.go index dc99502..6f12379 100644 --- a/cfg/config.go +++ b/cfg/config.go @@ -26,7 +26,7 @@ import ( "github.com/tlinden/anydb/common" ) -var Version string = "v0.1.4" +var Version string = "v0.2.0" type BucketConfig struct { Encrypt bool diff --git a/cmd/anydb.go b/cmd/anydb.go index 6a11cd0..3f038fa 100644 --- a/cmd/anydb.go +++ b/cmd/anydb.go @@ -411,12 +411,16 @@ TEMPLATES The following template variables can be used: - Key - string - Value - string - Bin - []byte - Created - time.Time - Tags - []string - Encrypted bool + .Key - string + .Value - string + .Bin - []byte + .Created - timestamp.Time + To retrieve a string representation of the timestamp, use + ".Created.AsTime". If you need a unix timestamp since epoch, use + ".Created.Unix". + + .Tags - []string + .Encrypted bool Prepend a single dot (".") before each variable name. @@ -428,12 +432,12 @@ TEMPLATES Format the list in a way so that is possible to evaluate it in a shell: - eval $(anydb get foo -m template -T "key='{{ .Key }}' value='{{ .Value }}' ts='{{ .Created}}'") - echo "Key: $key, Value: $value" + eval $(anydb get foo -m template -T "key='{{ .Key }}' value='{{ .Value }}' ts='{{ .Created.AsTime}}'") + echo "Key: $key, Value: $value, When: $ts" Print the values in CSV format ONLY if they have some tag: - anydb list -m template -T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created}}{{ end }}" + anydb list -m template -T "{{ if .Tags }}{{ .Key }},{{ .Value }},{{ .Created.AsTime}}{{ end }}" CONFIGURATION Anydb looks at the following locations for a configuration file, in that diff --git a/cmd/crud.go b/cmd/crud.go index 68a0d78..5bef5dc 100644 --- a/cmd/crud.go +++ b/cmd/crud.go @@ -124,6 +124,7 @@ func Get(conf *cfg.Config) *cobra.Command { } entry.Value = string(clear) + entry.Size = uint64(len(entry.Value)) entry.Encrypted = false } diff --git a/cmd/root.go b/cmd/root.go index 88b2586..4879c1d 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -19,13 +19,15 @@ package cmd import ( "errors" "fmt" + "log/slog" "os" "path/filepath" + "runtime/debug" - "github.com/alecthomas/repr" "github.com/spf13/cobra" "github.com/tlinden/anydb/app" "github.com/tlinden/anydb/cfg" + "github.com/tlinden/yadu" ) func completion(cmd *cobra.Command, mode string) error { @@ -67,14 +69,6 @@ func Execute() { Short: "anydb", Long: `A personal key value store`, PersistentPreRunE: func(cmd *cobra.Command, args []string) error { - dbfile := app.GetDbFile(conf.Dbfile) - - db, err := app.New(dbfile, conf.Dbbucket, conf.Debug) - if err != nil { - return err - } - - conf.DB = db var configs []string if configfile != "" { @@ -88,9 +82,34 @@ func Execute() { } if conf.Debug { - repr.Println(conf) + buildInfo, _ := debug.ReadBuildInfo() + opts := &yadu.Options{ + Level: slog.LevelDebug, + AddSource: true, + } + + slog.SetLogLoggerLevel(slog.LevelDebug) + + handler := yadu.NewHandler(os.Stdout, opts) + debuglogger := slog.New(handler).With( + slog.Group("program_info", + slog.Int("pid", os.Getpid()), + slog.String("go_version", buildInfo.GoVersion), + ), + ) + slog.SetDefault(debuglogger) + + slog.Debug("parsed config", "conf", conf) } + dbfile := app.GetDbFile(conf.Dbfile) + + db, err := app.New(dbfile, conf.Dbbucket, conf.Debug) + if err != nil { + return err + } + + conf.DB = db return nil }, diff --git a/go.mod b/go.mod index 55795b8..21ff75c 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,8 @@ module github.com/tlinden/anydb -go 1.22.1 +go 1.23 + +toolchain go1.23.5 require ( github.com/alecthomas/repr v0.4.0 @@ -11,14 +13,15 @@ require ( github.com/pelletier/go-toml v1.9.5 github.com/rogpeppe/go-internal v1.13.1 github.com/spf13/cobra v1.8.1 - go.etcd.io/bbolt v1.3.11 + go.etcd.io/bbolt v1.4.0 golang.org/x/crypto v0.31.0 golang.org/x/term v0.27.0 - google.golang.org/protobuf v1.36.4 + google.golang.org/protobuf v1.36.5 ) require ( github.com/andybalholm/brotli v1.1.1 // indirect + github.com/fatih/color v1.16.0 // indirect github.com/gofiber/fiber/v3 v3.0.0-beta.3 // indirect github.com/gofiber/utils/v2 v2.0.0-beta.4 // indirect github.com/google/uuid v1.6.0 // indirect @@ -28,9 +31,11 @@ require ( github.com/mattn/go-runewidth v0.0.16 // indirect github.com/rivo/uniseg v0.2.0 // indirect github.com/spf13/pflag v1.0.6 // indirect + github.com/tlinden/yadu v0.1.3 // indirect github.com/valyala/bytebufferpool v1.0.0 // indirect github.com/valyala/fasthttp v1.55.0 // indirect github.com/valyala/tcplisten v1.0.0 // indirect golang.org/x/sys v0.29.0 // indirect golang.org/x/tools v0.22.0 // indirect + gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 2ff61a7..6c603e8 100644 --- a/go.sum +++ b/go.sum @@ -14,6 +14,8 @@ github.com/cpuguy83/go-md2man/v2 v2.0.4/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46t github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY= github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto= +github.com/fatih/color v1.16.0 h1:zmkK9Ngbjj+K0yRhTVONQh1p/HknKYSlNT+vZCzyokM= +github.com/fatih/color v1.16.0/go.mod h1:fL2Sau1YI5c0pdGEVCbKQbLXB6edEj1ZgiY4NijnWvE= github.com/gofiber/fiber/v2 v2.52.5 h1:tWoP1MJQjGEe4GB5TUGOi7P2E0ZMMRx5ZTG4rT+yGMo= github.com/gofiber/fiber/v2 v2.52.5/go.mod h1:KEOE+cXMhXG0zHc9d8+E38hoX+ZN7bhOtgeF2oT6jrQ= github.com/gofiber/fiber/v2 v2.52.6 h1:Rfp+ILPiYSvvVuIPvxrBns+HJp8qGLDnLJawAu27XVI= @@ -70,6 +72,8 @@ github.com/spf13/pflag v1.0.5/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An github.com/spf13/pflag v1.0.6 h1:jFzHGLGAlb3ruxLB8MhbI6A8+AQX/2eW4qeyNZXNp2o= github.com/spf13/pflag v1.0.6/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg= github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs= +github.com/tlinden/yadu v0.1.3 h1:5cRCUmj+l5yvlM2irtpFBIJwVV2DPEgYSaWvF19FtcY= +github.com/tlinden/yadu v0.1.3/go.mod h1:l3bRmHKL9zGAR6pnBHY2HRPxBecf7L74BoBgOOpTcUA= github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw= github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc= github.com/valyala/fasthttp v1.51.0 h1:8b30A5JlZ6C7AS81RsWjYMQmrZG6feChmgAolCl1SqA= @@ -83,6 +87,8 @@ github.com/xyproto/randomstring v1.0.5/go.mod h1:rgmS5DeNXLivK7YprL0pY+lTuhNQW3i go.etcd.io/bbolt v1.3.4/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ= go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0= go.etcd.io/bbolt v1.3.11/go.mod h1:dksAq7YMXoljX0xu6VF5DMZGbhYYoLUalEiSySYAS4I= +go.etcd.io/bbolt v1.4.0 h1:TU77id3TnN/zKr7CO/uk+fBCwF2jGcMuw2B/FMAzYIk= +go.etcd.io/bbolt v1.4.0/go.mod h1:AsD+OCi/qPN1giOX1aiLAha3o1U8rAz65bvN4j0sRuk= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= @@ -108,6 +114,9 @@ google.golang.org/protobuf v1.36.1 h1:yBPeRvTftaleIgM3PZ/WBIZ7XM/eEYAaEyCwvyjq/g google.golang.org/protobuf v1.36.1/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= google.golang.org/protobuf v1.36.4 h1:6A3ZDJHn/eNqc1i+IdefRzy/9PokBTPvcqMySR7NNIM= google.golang.org/protobuf v1.36.4/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= +google.golang.org/protobuf v1.36.5 h1:tPhr+woSbjfYvY6/GPufUoYizxw1cF/yFoxJ2fmpwlM= +google.golang.org/protobuf v1.36.5/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= +gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/main.go b/main.go index 7a66dba..178cdad 100644 --- a/main.go +++ b/main.go @@ -19,6 +19,7 @@ package main import ( "bufio" "fmt" + "log/slog" "os" "runtime" @@ -27,9 +28,31 @@ import ( ) func main() { + const NoLogsLevel = 100 + slog.SetLogLoggerLevel(NoLogsLevel) + Main() } +func init() { + // if we're running on Windows AND if the user double clicked the + // exe file from explorer, we tell them and then wait until any + // key has been hit, which will make the cmd window disappear and + // thus give the user time to read it. + if runtime.GOOS == "windows" { + if mousetrap.StartedByExplorer() { + fmt.Println("Do no double click kleingebaeck.exe!") + fmt.Println("Please open a command shell and run it from there.") + fmt.Println() + fmt.Print("Press any key to quit: ") + _, err := bufio.NewReader(os.Stdin).ReadString('\n') + if err != nil { + panic(err) + } + } + } +} + func Main() int { cmd.Execute() return 0 diff --git a/t/crypt.txtar b/t/crypt.txtar new file mode 100644 index 0000000..235d413 --- /dev/null +++ b/t/crypt.txtar @@ -0,0 +1,37 @@ +# +# Copyright © 2025 Thomas von Dein +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# + +# encrypt something +exec env ANYDB_PASSWORD=12345 anydb -f test.db set -e secret eshishinusan + +# retrieve it +exec env ANYDB_PASSWORD=12345 anydb -f test.db get secret +stdout eshishinusan + +# but has it really been encrypted? +! exec env ANYDB_PASSWORD=8d8d8 anydb -f test.db get secret +! stdout eshishinusan +stderr 'message authentication failed' + +# what about the listing +exec anydb -f test.db ls -l +stdout 'encrypted-content' +! stdout eshishinusan + +# and the export? +exec anydb -f test.db export -o - +! stdout eshishinusan