mirror of
https://codeberg.org/scip/gowipe.git
synced 2025-12-16 20:20:58 +01:00
fixes:
- fix encryption, used the wrong nonce size - encrypted files were not deleted - fixed recursion - fixed linter warnings
This commit is contained in:
69
crypto.go
69
crypto.go
@@ -119,7 +119,7 @@ func GetRandomKey() ([]byte, error) {
|
||||
return nil, err
|
||||
}
|
||||
|
||||
salt, err := GenerateSecureRandomBytes(chapo.NonceSize)
|
||||
salt, err := GenerateSecureRandomBytes(chapo.NonceSizeX)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@@ -156,11 +156,17 @@ func Encrypt(c *Conf, filename string) error {
|
||||
for i := 0; i < c.count; i++ {
|
||||
for {
|
||||
if size < chunkSize {
|
||||
EncryptChunk(aead, outfile, size)
|
||||
if err := EncryptChunk(aead, outfile, size); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
break
|
||||
}
|
||||
|
||||
EncryptChunk(aead, outfile, chunkSize)
|
||||
if err := EncryptChunk(aead, outfile, chunkSize); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
size = size - chunkSize
|
||||
|
||||
if size <= 0 {
|
||||
@@ -174,7 +180,7 @@ func Encrypt(c *Conf, filename string) error {
|
||||
|
||||
func EncryptChunk(aead cipher.AEAD, file *os.File, size int64) error {
|
||||
chunk := make([]byte, size)
|
||||
nonce, err := GenerateSecureRandomBytes(int(chapo.NonceSize))
|
||||
nonce, err := GenerateSecureRandomBytes(int(chapo.NonceSizeX))
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
@@ -192,58 +198,3 @@ func EncryptChunk(aead cipher.AEAD, file *os.File, size int64) error {
|
||||
|
||||
return nil
|
||||
}
|
||||
|
||||
/*
|
||||
func Encrypt(c *Conf, filename string) error {
|
||||
salt, err := GetRand(KeySize)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
salt1, err := GetRand(KeySize)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
outfile, err := os.OpenFile(filename, os.O_RDWR|os.O_CREATE, 0666)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
defer outfile.Close()
|
||||
|
||||
key := argon2.IDKey(salt1, salt, KeyTime, KeyMemory, KeyThreads, KeySize)
|
||||
|
||||
aead, err := chacha20poly1305.NewX(key)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
buf := make([]byte, chunkSize)
|
||||
ad_counter := 0 // associated data is a counter
|
||||
|
||||
for {
|
||||
if n > 0 {
|
||||
// Select a random nonce, and leave capacity for the ciphertext.
|
||||
nonce := make([]byte, aead.NonceSize(), aead.NonceSize()+n+aead.Overhead())
|
||||
if m, err := cryptorand.Read(nonce); err != nil || m != aead.NonceSize() {
|
||||
return err
|
||||
}
|
||||
|
||||
msg := buf[:n]
|
||||
// Encrypt the message and append the ciphertext to the nonce.
|
||||
encryptedMsg := aead.Seal(nonce, nonce, msg, []byte(string(ad_counter)))
|
||||
outfile.Write(encryptedMsg)
|
||||
ad_counter += 1
|
||||
}
|
||||
|
||||
if err == io.EOF {
|
||||
break
|
||||
}
|
||||
|
||||
if err != nil {
|
||||
log.Println("Error when reading input file chunk :", err)
|
||||
panic(err)
|
||||
}
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
33
main.go
33
main.go
@@ -18,7 +18,6 @@ package main
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"log"
|
||||
"os"
|
||||
"path/filepath"
|
||||
@@ -28,7 +27,7 @@ import (
|
||||
flag "github.com/spf13/pflag"
|
||||
)
|
||||
|
||||
const VERSION string = "0.0.2"
|
||||
const VERSION string = "0.0.3"
|
||||
const Usage string = `This is gowipe - destruct files in a non-recoverable way.
|
||||
|
||||
Usage: gowipe [-rcvz] <file|directory>...
|
||||
@@ -84,7 +83,7 @@ func main() {
|
||||
flag.BoolVarP(&optzero, "zero", "Z", optzero, "zero mode")
|
||||
flag.BoolVarP(&optsecure, "secure", "S", optsecure, "secure mode")
|
||||
flag.BoolVarP(&optmath, "math", "M", optmath, "math mode")
|
||||
flag.BoolVarP(&optmath, "encrypt", "E", optmath, "encrypt mode")
|
||||
flag.BoolVarP(&optencrypt, "encrypt", "E", optmath, "encrypt mode")
|
||||
|
||||
flag.BoolVarP(&c.recurse, "recursive", "r", c.recurse, "recursive")
|
||||
flag.BoolVarP(&c.nodelete, "nodelete", "n", c.nodelete, "don't delete")
|
||||
@@ -153,7 +152,7 @@ func Wipe(file string, c *Conf, wiper *shred.ShredderConf) {
|
||||
return
|
||||
}
|
||||
|
||||
files, err := ioutil.ReadDir(file)
|
||||
files, err := os.ReadDir(file)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
@@ -162,6 +161,7 @@ func Wipe(file string, c *Conf, wiper *shred.ShredderConf) {
|
||||
Wipe(filepath.Join(file, entry.Name()), c, wiper)
|
||||
}
|
||||
|
||||
// delete dir
|
||||
if !c.nodelete {
|
||||
err = os.Remove(Rename(file, c))
|
||||
if err != nil {
|
||||
@@ -170,14 +170,21 @@ func Wipe(file string, c *Conf, wiper *shred.ShredderConf) {
|
||||
}
|
||||
} else {
|
||||
if c.mode == "encrypt" {
|
||||
err := Encrypt(c, file)
|
||||
if err != nil {
|
||||
if err := Encrypt(c, file); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
|
||||
Rename(file, c)
|
||||
// delete encrypted file
|
||||
if !c.nodelete {
|
||||
err = os.Remove(Rename(file, c))
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
} else {
|
||||
wiper.ShredFile(Rename(file, c))
|
||||
if err := wiper.ShredFile(Rename(file, c)); err != nil {
|
||||
log.Fatal(err)
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@@ -204,7 +211,7 @@ func Rename(file string, c *Conf) string {
|
||||
for i := 0; i < c.count; i++ {
|
||||
for {
|
||||
switch c.mode {
|
||||
case `secure`:
|
||||
case `secure`, `encrypt`:
|
||||
new, err := GenerateSecureRandomString(length)
|
||||
if err != nil {
|
||||
log.Fatal(err)
|
||||
@@ -220,11 +227,9 @@ func Rename(file string, c *Conf) string {
|
||||
}
|
||||
}
|
||||
|
||||
/*
|
||||
if c.verbose {
|
||||
fmt.Printf("renaming %s/%s => %s/%s\n", dir, base, dir, newname)
|
||||
}
|
||||
*/
|
||||
if c.verbose {
|
||||
fmt.Printf("renaming %s/%s => %s/%s\n", dir, base, dir, newname)
|
||||
}
|
||||
|
||||
err := os.Rename(filepath.Join(dir, base), filepath.Join(dir, newname))
|
||||
if err != nil {
|
||||
|
||||
Reference in New Issue
Block a user