Now working: init, admin add, file add, encrypt, decrypt, shred

cmd/blackbox/cli.go

@@ -49,8 +49,9 @@ func flags() *cli.App {
 			EnvVars: []string{"BLACKBOX_UMASK", "DECRYPT_UMASK"},
 		},
 		&cli.BoolFlag{
-			Name:  "debug",
-			Usage: "Show debug output",
+			Name:    "debug",
+			Usage:   "Show debug output",
+			EnvVars: []string{"BLACKBOX_DEBUG"},
 		},
 	}
 
@@ -142,7 +143,7 @@ func flags() *cli.App {
 					Name:  "add",
 					Usage: "Registers file with the system",
 					Flags: []cli.Flag{
-						&cli.BoolFlag{Name: "leave", Usage: "Do not remove plaintext version"},
+						&cli.BoolFlag{Name: "shred", Usage: "Remove plaintext afterwords"},
 					},
 					Action: func(c *cli.Context) error { return cmdFileAdd(c) },
 				},
@@ -168,7 +169,7 @@ func flags() *cli.App {
 
 		{
 			Name:  "shred",
-			Usage: "Shred the plaintext",
+			Usage: "Shred files, or --all for all registered files",
 			Flags: []cli.Flag{
 				&cli.BoolFlag{Name: "all", Usage: "All registered files"},
 			},

cmd/blackbox/drive.go

@@ -34,12 +34,12 @@ func allOrSomeFiles(c *cli.Context) error {
 // Keep these functions in alphabetical order.
 
 func cmdAdminAdd(c *cli.Context) error {
-	if !c.Args().Present() {
+	if c.NArg() == 0 || c.NArg() > 2 {
 		return fmt.Errorf(
-			"Must specify at least one admin's GnuPG user-id (i.e. email address)")
+			"Must specify one admin's GnuPG user-id (i.e. email address) and optionally the directory of the pubkey data (default ~/.GnuPG)")
 	}
 	bx := box.NewFromFlags(c)
-	return bx.AdminAdd(c.Args().Slice())
+	return bx.AdminAdd(c.Args().Get(0), c.Args().Get(1))
 }
 
 func cmdAdminList(c *cli.Context) error {
@@ -115,7 +115,7 @@ func cmdFileAdd(c *cli.Context) error {
 		return fmt.Errorf("Must specify at least one file name")
 	}
 	bx := box.NewFromFlags(c)
-	return bx.FileAdd(c.Args().Slice(), c.Bool("overwrite"))
+	return bx.FileAdd(c.Args().Slice(), c.Bool("shred"))
 }
 
 func cmdFileList(c *cli.Context) error {
@@ -163,7 +163,7 @@ func cmdShred(c *cli.Context) error {
 		return err
 	}
 	bx := box.NewFromFlags(c)
-	return bx.Shred(c.Args().Slice()...)
+	return bx.Shred(c.Args().Slice())
 }
 
 func cmdStatus(c *cli.Context) error {

integrationTest/asserts.go

@@ -4,6 +4,8 @@ import (
 	"io/ioutil"
 	"os"
 	"testing"
+
+	"github.com/andreyvit/diff"
 )
 
 func assertFileMissing(t *testing.T, name string) {
@@ -41,6 +43,19 @@ func assertFileEmpty(t *testing.T, name string) {
 	}
 }
 
+func assertFileContents(t *testing.T, name string, contents string) {
+	t.Helper()
+	c, err := ioutil.ReadFile(name)
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	if w, g := contents, string(c); w != g {
+		t.Errorf("assertFileContents(%q) mismatch (-got +want):\n%s",
+			name, diff.LineDiff(g, w))
+	}
+}
+
 func assertFilePerms(t *testing.T, name string, perms os.FileMode) {
 	t.Helper()
 	s, err := os.Stat(name)

integrationTest/integration_test.go

@@ -96,6 +96,17 @@ func TestStatus(t *testing.T) {
 	checkOutput(t, "status", "000-status.txt")
 }
 
+func TestShred(t *testing.T) {
+	compile(t)
+	makeHomeDir(t, "shred")
+	runBB(t, "init", "yes")
+
+	makeFile(t, "shredme.txt", "File with SHREDME in it.")
+	assertFileExists(t, "shredme.txt")
+	runBB(t, "shred", "shredme.txt")
+	assertFileMissing(t, "shredme.txt")
+}
+
 func TestStatus_notreg(t *testing.T) {
 	compile(t)
 	makeHomeDir(t, "init")
@@ -123,36 +134,39 @@ func TestBasic(t *testing.T) {
 	phase("Alice creates a repo.  Creates secret.txt.")
 	makeFile(t, "secret.txt", "this is my secret")
 
-	phase("Alice creates a GPG key...")
-	makeAdmin(t, "alice", "Alice Example", "alice@example.com")
+	phase("Alice creates a GPG key")
+	gpgdir := makeAdmin(t, "alice", "Alice Example", "alice@example.com")
 	become(t, "alice")
 
-	runBB(t, "admin", "add", "alice@example.com")
-
-}
-
-func TestAlice(t *testing.T) {
-	// Create an empty repo with a user named Alice who
-	// performs many operations.  All files are valid.
-	compile(t)
-	setup(t)
-	populateDummyRepo(t, *vcsToTest)
+	phase("Alice enrolls as an admin")
+	runBB(t, "admin", "add", "alice@example.com", gpgdir)
 
 	// encrypt
-	runBB(t, "encrypt", "foo.txt")
+	phase("Alice registers foo.txt")
+	plaintextFoo := "I am the foo.txt file!\n"
+	makeFile(t, "foo.txt", plaintextFoo)
+	runBB(t, "file", "add", "--shred", "foo.txt")
+	//runBB(t, "encrypt", "--shred", "foo.txt")
+	// We shred the plaintext so that we are sure that when Decrypt runs,
+	// we can verify the contents wasn't just sitting there all the time.
 	assertFileMissing(t, "foo.txt")
 	assertFileExists(t, "foo.txt.gpg")
 
+	phase("Alice decrypts foo.txt")
 	// decrypt
 	runBB(t, "decrypt", "foo.txt")
 	assertFileExists(t, "foo.txt")
 	assertFileExists(t, "foo.txt.gpg")
+	assertFileContents(t, "foo.txt", plaintextFoo)
 
-	// reencrypt
+	// encrypts (without shredding)
+	phase("Alice encrypts foo.txt (again)")
+	runBB(t, "encrypt", "foo.txt")
+	assertFileExists(t, "foo.txt")
+	assertFileExists(t, "foo.txt.gpg")
+	assertFileContents(t, "foo.txt", plaintextFoo)
 
-	// edit
-	invalidArgs(t, "edit")
-	invalidArgs(t, "edit", "--all")
+	// reencrypt
 
 	// cat
 
@@ -167,4 +181,11 @@ func TestAlice(t *testing.T) {
 // 	setupUser(t, "bob", "b")
 // 	runBB(t, "init")
 // 	runBB(t, "admin", "add", "alice@")
+
+// FYI: test "admins add" with multiple people.
+
+// Edit requires a name, and doesn't work with --all.
+//	invalidArgs(t, "edit")
+//	invalidArgs(t, "edit", "--all")
+
 // }

integrationTest/ithelpers.go

@@ -105,16 +105,9 @@ func makeHomeDir(t *testing.T, testname string) {
 	}
 }
 
-func populateDummyRepo(t *testing.T, vcsname string) {
+func createDummyFilesAdmin(t *testing.T) {
 	// This creates a repo with real data, except any .gpg file
 	// is just garbage.
-
-	t.Helper()
-	logDebug.Printf("populateDummyRepo()\n")
-
-}
-
-func createDummyFilesAdmin(t *testing.T) {
 	addLineSorted(t, ".blackbox/blackbox-admins.txt", "user1@example.com")
 	addLineSorted(t, ".blackbox/blackbox-admins.txt", "user2@example.com")
 	addLineSorted(t, ".blackbox/blackbox-files.txt", "foo.txt")
@@ -305,7 +298,7 @@ func phase(msg string) {
 	logDebug.Println("********************")
 }
 
-func makeAdmin(t *testing.T, name, fullname, email string) {
+func makeAdmin(t *testing.T, name, fullname, email string) string {
 	testing.Init()
 
 	dir, err := filepath.Abs(filepath.Join(os.Getenv("HOME"), ".gnupg-"+name))
@@ -337,8 +330,10 @@ func makeAdmin(t *testing.T, name, fullname, email string) {
 		"--homedir", u.dir,
 		"--batch",
 		"--passphrase", "",
-		"--quick-generate-key", "u.email",
+		"--quick-generate-key", u.email,
 	)
+
+	return u.dir
 }
 
 func become(t *testing.T, name string) {

integrationTest/run-tests-verbose.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+rm -rf /tmp/bbhome-* && BLACKBOX_DEBUG=true go test -verbose "$@"

integrationTest/run-tests.sh

@@ -0,0 +1,3 @@
+#!/bin/bash
+
+rm -rf /tmp/bbhome-* && go test "$@"

models/crypters.go

@@ -7,5 +7,7 @@ type Crypter interface {
 	// Decrypt name+".gpg", possibly overwriting name.
 	Decrypt(filename string, umask int, overwrite bool) error
 	// Encrypt name, overwriting name+".gpg"
-	Encrypt(filename string, umask int, receivers []string) error
+	Encrypt(filename string, umask int, receivers []string) (string, error)
+	// AddNewKey extracts keyname from sourcedir's GnuPG chain to destdir keychain.
+	AddNewKey(keyname, sourcedir, destdir string) ([]string, error)
 }

models/vcs.go

@@ -12,7 +12,7 @@ type Vcs interface {
 	// IgnoreAnywhere tells the VCS to ignore these files anywhere rin the repo.
 	IgnoreAnywhere(repobasedir string, files ...string) error
 	// SuggestTracking tells the VCS to suggest the user commit these files.
-	SuggestTracking(repobasedir string, message string, files ...string) error
+	SuggestTracking(repobasedir string, message string, files []string) error
 
 	// TestingInitRepo initializes a repo of this type (for use by integration tests)
 	TestingInitRepo() error

pkg/bbutil/filestats.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"os"
+	"os/exec"
 	"sort"
 	"strings"
 	"time"
@@ -49,6 +50,36 @@ func Touch(name string) error {
 	return os.Chtimes(name, currentTime, currentTime)
 }
 
+// ShredFiles securely erases a list of files.
+func ShredFiles(names []string) error {
+	var path, flag string
+	var err error
+	if path, err = exec.LookPath("shred"); err == nil {
+		flag = "-u"
+	} else if path, err = exec.LookPath("srm"); err == nil {
+		flag = "-f"
+	} else if path, err = exec.LookPath("rm"); err == nil {
+		flag = "-f"
+		// FIXME(tlim): Test if "rm -P $tempfile" returns a error.
+		// If it doesn't, flag = "-Pf"
+	}
+
+	// TODO(tlim) DO the shredding in parallel like in v1.
+
+	for _, n := range names {
+		fmt.Printf("SHREDDING (%q, %q): %q\n", path, flag, n)
+		e := RunBash(path, flag, n)
+		if e != nil {
+			err = e
+			fmt.Printf("ERROR: %v", e)
+		} else {
+			fmt.Println()
+		}
+	}
+	fmt.Println("DONE.")
+	return err
+}
+
 // ReadFileLines is like ioutil.ReadFile() but returns an []string.
 func ReadFileLines(filename string) ([]string, error) {
 	b, err := ioutil.ReadFile(filename)

pkg/bbutil/runbash.go

@@ -1,6 +1,7 @@
 package bbutil
 
 import (
+	"bytes"
 	"fmt"
 	"log"
 	"os"
@@ -24,7 +25,7 @@ func RunBash(command string, args ...string) error {
 	return nil
 }
 
-// RunBash runs a Bash command.
+// RunBashOutput runs a Bash command, captures output.
 func RunBashOutput(command string, args ...string) (string, error) {
 	cmd := exec.Command(command, args...)
 	cmd.Stdin = os.Stdin
@@ -35,3 +36,17 @@ func RunBashOutput(command string, args ...string) (string, error) {
 	}
 	return string(out), err
 }
+
+// RunBashInput runs a Bash command, sends input on stdin.
+func RunBashInput(input string, command string, args ...string) error {
+
+	cmd := exec.Command(command, args...)
+	cmd.Stdin = bytes.NewBuffer([]byte(input))
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+	err := cmd.Run()
+	if err != nil {
+		return fmt.Errorf("RunBashInput err=%w", err)
+	}
+	return err
+}

pkg/box/box.go

@@ -4,10 +4,10 @@ package box
 
 import (
 	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"path/filepath"
+	"sort"
 	"strings"
 
 	"github.com/StackExchange/blackbox/v2/pkg/bblog"
@@ -194,9 +194,13 @@ func (bx *Box) getAdmins() error {
 	bx.logDebug.Printf("Admins file: %q", fn)
 	a, err := bbutil.ReadFileLines(fn)
 	if err != nil {
-		return fmt.Errorf("getAdmins can't load admins (%q): %v", fn, err)
+		return fmt.Errorf("getAdmins can't load %q: %v", fn, err)
+	}
+	if !sort.StringsAreSorted(a) {
+		return fmt.Errorf("file corrupt. Lines not sorted: %v", fn)
 	}
 	bx.Admins = a
+
 	return nil
 }
 
@@ -210,15 +214,17 @@ func (bx *Box) getFiles() error {
 
 	// Try the legacy file:
 	fn := filepath.Join(bx.ConfigDir, "blackbox-files.txt")
-	b, err := ioutil.ReadFile(fn)
+	bx.logDebug.Printf("Files file: %q", fn)
+	a, err := bbutil.ReadFileLines(fn)
 	if err != nil {
-		return fmt.Errorf("getFiles can't read %q: %v", fn, err)
+		return fmt.Errorf("getFiles can't load %q: %v", fn, err)
 	}
+	if !sort.StringsAreSorted(a) {
+		return fmt.Errorf("file corrupt. Lines not sorted: %v", fn)
+	}
+	bx.Files = a
 
-	c := strings.TrimSpace(string(b))
-
-	bx.Files = strings.Split(c, "\n")
-	bx.FilesSet = make(map[string]bool)
+	bx.FilesSet = make(map[string]bool, len(bx.Files))
 	for _, s := range bx.Files {
 		bx.FilesSet[s] = true
 	}