Implement decrypt --askagent and --umask

DESIGN.md

@@ -39,3 +39,36 @@ They layers look like this:
 | Interfaces | `pkg/*` | Interfaces and their implementations |
 
 At least that's the goal.  We'll see how well we can achieve this.
+
+
+Version 2.0
+===========
+
+Software architecture.
+
+We try to keep the command-line parsing separate from the business
+logic and all plug-ins.  This keeps things clean and easy to refactor.
+In fact layer 2 could be used as a stand-alone module for projects
+that want to embed blackbox actions.
+
+Layer 1: The command itself
+
+  * cmd/blackbox/blackbox.go -- main() not much more
+  * cmd/blackbox/cli.go      -- Set up and call the ufave/cli flag parser
+  * cmd/blackbox/drive.go    -- Check # of arguments, conflicting flags, and then call the businss logic layer
+
+Layer 2: The business logic
+
+  * pkg/box/box.go      -- The interface to accessing .blackbox (admins, files, etc.)
+  * pkg/box/verbs.go    -- Verbs called by Layer 1. Just the verbs
+  * pkg/box/boxutils.go -- Functions needed by the verbs
+
+Layer 3: The plug-ins
+
+  * pkg/vcs/...      -- Plug-ins for Git, (Mercurial, Subversion, Perforce,) and None
+  * pkg/crypters/... -- Plug-ins for PGP access: GnuPG, (go-openpgp, others in the future)
+
+Layer 4: Support functions for use by Layer 3
+
+  * pkg/bbutil/filestats.go -- File manipulations
+  * pkg/bbutil/runbash.go   -- Safely run external Linux commands

cmd/blackbox/flags.go → cmd/blackbox/cli.go

@@ -1,5 +1,7 @@
 package main
 
+// cli.go -- Create urfave/cli datastructures and apply them.
+
 import (
 	"github.com/urfave/cli/v2"
 )
@@ -17,9 +19,16 @@ func flags() *cli.App {
 		//			Destination: &dryRun,
 		//		},
 		&cli.StringFlag{
-			Name:  "crypto",
-			Usage: "Crypto back-end plugin",
-			Value: "GnuPG",
+			Name:    "crypto",
+			Usage:   "Crypto back-end plugin",
+			Value:   "GnuPG",
+			EnvVars: []string{"BLACKBOX_FLAG_CRYPTO"},
+		},
+		&cli.IntFlag{
+			Name:    "umask",
+			Usage:   "umask to set when decrypting",
+			Value:   0o027,
+			EnvVars: []string{"BLACKBOX_FLAG_UMASK", "DECRYPT_UMASK"},
 		},
 	}
 
@@ -33,9 +42,9 @@ func flags() *cli.App {
 			Usage:   "Decrypt file(s)",
 			Flags: []cli.Flag{
 				&cli.BoolFlag{Name: "all", Usage: "All registered files"},
-				&cli.BoolFlag{Name: "bulk", Usage: "Do not prompt to start gpg-agent"},
+				&cli.BoolFlag{Name: "agentcheck", Usage: "Do not check for gpg-agent when using --all"},
 				&cli.StringFlag{Name: "group", Usage: "Set group ownership"},
-				&cli.StringFlag{Name: "overwrite", Usage: "Overwrite plaintext if it exists"},
+				&cli.BoolFlag{Name: "overwrite", Usage: "Overwrite plaintext if it exists"},
 			},
 			Action: func(c *cli.Context) error { return cmdDecrypt(c) },
 		},

cmd/blackbox/parse.go → cmd/blackbox/drive.go

@@ -1,7 +1,7 @@
 package main
 
-// Processes the flags and arguments and calls the appropriate
-// business logic.
+// Now that cli.go has processed the flags, validate there are no
+// conflicts and drive to the business logic.
 
 import (
 	"fmt"
@@ -21,14 +21,11 @@ func init() {
 }
 
 func allOrSomeFiles(c *cli.Context) error {
-	if c.Bool("all") {
-		if c.Args().Present() {
-			return fmt.Errorf("Can not specify filenames and --all")
-		}
-	} else {
-		if !c.Args().Present() {
-			return fmt.Errorf("Must specify at least one file name or --all")
-		}
+	if c.Bool("all") && c.Args().Present() {
+		return fmt.Errorf("Can not specify filenames and --all")
+	}
+	if (!c.Args().Present()) && (!c.Bool("all")) {
+		return fmt.Errorf("Must specify at least one file name or --all")
 	}
 	return nil
 }
@@ -72,14 +69,18 @@ func cmdDecrypt(c *cli.Context) error {
 	if err := allOrSomeFiles(c); err != nil {
 		return err
 	}
-	bulk := false
-	if c.Bool("all") {
-		bulk = c.Bool("bulk") // Only applies to --all
+
+	// The default for --agentcheck is off normally, and on when using --all.
+	pauseNeeded := c.Bool("all")
+	// If the user used the flag, abide by it.
+	if c.IsSet("agentcheck") {
+		pauseNeeded = c.Bool("agentcheck")
 	}
+
 	bx := box.NewFromFlags(c)
 	return bx.Decrypt(c.Args().Slice(),
 		c.Bool("overwrite"),
-		bulk,
+		pauseNeeded,
 		c.String("group"),
 	)
 }
@@ -177,29 +178,6 @@ func cmdStatus(c *cli.Context) error {
 	return bx.Status(c.Args().Slice(), c.Bool("name-only"), c.String("type"))
 }
 
-// func cmdDecrypt(allFiles bool, filenames []string, group string) error {
-// 	bbu, err := bbutil.New()
-// 	if err != nil {
-// 		return err
-// 	}
-//
-// 	// prepare_keychain
-//
-// 	fnames, valid, err := bbu.FileIterator(allFiles, filenames)
-// 	if err != nil {
-// 		return errors.Wrap(err, "decrypt")
-// 	}
-// 	for i, filename := range fnames {
-// 		if valid[i] {
-// 			bbu.DecryptFile(filename, group, true)
-// 		} else {
-// 			fmt.Fprintf(os.Stderr, "SKIPPING: %q\n", filename)
-// 		}
-// 	}
-//
-// 	return nil
-// }
-
 // func cmdRegList(c *cli.Context) error {
 // 	if len(c.Args()) != 0 {
 // 		fmt.Fprintf(c.App.Writer, "ERROR: Command does not take any arguments\n")

models/crypters.go

@@ -3,5 +3,5 @@ package models
 // Crypter is gpg binaries, go-opengpg, etc.
 type Crypter interface {
 	// Decrypt name+".gpg", possibly overwriting name.
-	Decrypt(filename string, overwrite bool) error
+	Decrypt(filename string, overwrite bool, umask int) error
 }

pkg/bbutil/runbash.go

@@ -22,5 +22,8 @@ func RunBash(command string, args ...string) error {
 		log.Fatal(err)
 	}
 	err = cmd.Wait()
-	return fmt.Errorf("run_bash: %w", err)
+	if err != nil {
+		return fmt.Errorf("run_bash: %w", err)
+	}
+	return nil
 }

pkg/box/box.go

@@ -22,15 +22,16 @@ type Box struct {
 	RepoBaseDir string // Base directory of the repo.
 	ConfigDir   string // Path to the .blackbox config directory.
 	//
-	Admins       []string        // If non-empty, the list of admins.
-	Files        []string        // If non-empty, the list of files.
-	FilesSet     map[string]bool // If non-nil, a set of Files.
-	IsRegistered map[string]bool //
+	Admins   []string        // If non-empty, the list of admins.
+	Files    []string        // If non-empty, the list of files.
+	FilesSet map[string]bool // If non-nil, a set of Files.
 	//
 	Vcs         vcs.Vcs          // Interface access to the VCS.
 	VcsName     string           // name of the VCS
 	Crypter     crypters.Crypter // Inteface access to GPG.
 	CrypterName string           // Name of the crypter in use.
+	//
+	Umask int // umask to set when decrypting
 }
 
 // StatusMode is a type of query.
@@ -64,6 +65,7 @@ func NewFromFlags(c *cli.Context) *Box {
 	}
 	bx.RepoBaseDir = repoBaseDir
 	bx.ConfigDir = configDir
+	bx.Umask = c.Int("umask")
 
 	// Discover which kind of VCS is in use.
 	var h vcs.Vcs

pkg/box/boxutils.go

@@ -1,6 +1,7 @@
 package box
 
 import (
+	"bufio"
 	"fmt"
 	"os"
 	"os/user"
@@ -114,3 +115,20 @@ func parseGroup(userinput string) (int, error) {
 	// Give up.
 	return -1, err
 }
+
+func gpgAgentNotice() {
+	// Is gpg-agent configured?
+	if os.Getenv("GPG_AGENT_INFO") != "" {
+		return
+	}
+
+	// TODO(tlim): v1 verifies that "gpg-agent --version" outputs a version
+	// string that is 2.1.0 or higher.  It seems that 1.x is incompatible.
+
+	fmt.Println("WARNING: You probably want to run gpg-agent as")
+	fmt.Println("you will be asked for your passphrase many times.")
+	fmt.Println("Example: $ eval $(gpg-agent --daemon)")
+	fmt.Print("Press CTRL-C now to stop. ENTER to continue: ")
+	input := bufio.NewScanner(os.Stdin)
+	input.Scan()
+}

pkg/box/verbs.go

@@ -58,31 +58,39 @@ func (bx *Box) Decrypt(names []string, overwrite bool, bulkpause bool, setgroup
 		}
 	}
 
+	if bulkpause {
+		gpgAgentNotice()
+	}
+
 	if len(names) == 0 {
 		names = bx.Files
 	}
 	for _, name := range names {
+		fmt.Printf("========== DECRYPTING %q\n", name)
 		if !bx.FilesSet[name] {
 			logErr.Printf("Skipping %q: File not registered with Blackbox", name)
 		}
 		if (!overwrite) && bbutil.FileExistsOrProblem(name) {
 			logErr.Printf("Skipping %q: Will not overwrite existing file", name)
 			continue
 		}
-		if bx.Crypter == nil {
-			fmt.Printf("NO CRYPTER!!!\n")
-		}
-		err := bx.Crypter.Decrypt(name, overwrite)
+
+		// TODO(tlim) v1 detects zero-length files and removes them, even
+		// if overwrite is disabled. I don't think anyone has ever used that
+		// feature. That said, we could immplement that here.
+
+		err := bx.Crypter.Decrypt(name, overwrite, bx.Umask)
 		if err != nil {
 			logErr.Printf("%q: %v", name, err)
 			continue
 		}
+
 		if groupchange {
 			os.Chown(name, -1, gid)
 		}
 	}
 
-	return fmt.Errorf("NOT IMPLEMENTED: Decrypt")
+	return nil
 }
 
 // Diff ...

pkg/crypters/gnupg/gnupg.go

@@ -1,8 +1,10 @@
 package gnupg
 
 import (
-	"fmt"
+	"os"
+	"os/exec"
 
+	"github.com/StackExchange/blackbox/v2/pkg/bbutil"
 	"github.com/StackExchange/blackbox/v2/pkg/crypters"
 )
 
@@ -12,14 +14,43 @@ func init() {
 
 // CrypterHandle is the handle
 type CrypterHandle struct {
+	GPGCmd string // "gpg2" or "gpg"
 }
 
 func registerNew() (crypters.Crypter, error) {
-	return &CrypterHandle{}, nil
+
+	crypt := &CrypterHandle{}
+
+	// Which binary to use?
+	path, err := exec.LookPath("gpg2")
+	if err != nil {
+		path, err = exec.LookPath("gpg")
+		if err != nil {
+			path = "gpg2"
+		}
+	}
+	crypt.GPGCmd = path
+
+	return crypt, nil
 }
 
 // Decrypt decrypts a file, possibly overwriting the plaintext.
-func (crypt CrypterHandle) Decrypt(name string, overwrite bool) error {
-	fmt.Printf("WOULD decrypt %v (overwrite=%v)\n", name, overwrite)
-	return nil
+func (crypt CrypterHandle) Decrypt(name string, overwrite bool, umask int) error {
+
+	if overwrite {
+		_ = os.Remove(name)
+	}
+
+	crypt.prepareKeyChain()
+
+	//oldumask := syscall.Umask(umask)
+	err := bbutil.RunBash(crypt.GPGCmd,
+		"--use-agent",
+		"-q",
+		"--decrypt",
+		"-o", name,
+		name+".gpg",
+	)
+	//syscall.Umask(oldumask)
+	return err
 }