commit 245760ac5449108bd06112570622f963ca970fed
parent da19c68595f4901537631f19fe5b1dc6caac3b58
Author: Sean Enck <sean@ttypty.com>
Date: Sun, 3 Sep 2023 06:51:45 -0400
allow key check without loading
Diffstat:
4 files changed, 24 insertions(+), 10 deletions(-)
diff --git a/internal/app/completions.go b/internal/app/completions.go
@@ -81,7 +81,7 @@ func GenerateCompletions(isBash, defaults bool, exe string) ([]string, error) {
if noTOTP {
isTOTP = false
}
- k, err := config.GetKey()
+ k, err := config.GetKey(true)
if err != nil {
return nil, err
}
diff --git a/internal/backend/actions.go b/internal/backend/actions.go
@@ -31,7 +31,7 @@ func (t *Transaction) act(cb action) error {
if !t.valid {
return errors.New("invalid transaction")
}
- key, err := config.GetKey()
+ key, err := config.GetKey(false)
if err != nil {
return err
}
diff --git a/internal/config/vars.go b/internal/config/vars.go
@@ -122,7 +122,7 @@ func GetReKey(args []string) ([]string, error) {
}
// GetKey will get the encryption key setup for lb
-func GetKey() (*Key, error) {
+func GetKey(dryrun bool) (*Key, error) {
useKey := envKey.Get()
keyMode := envKeyMode.Get()
if keyMode == interactiveKeyMode {
@@ -141,6 +141,9 @@ func GetKey() (*Key, error) {
if useKey == "" {
return nil, nil
}
+ if dryrun {
+ return &Key{key: []byte{0}}, nil
+ }
var data []byte
switch keyMode {
case commandKeyMode:
diff --git a/internal/config/vars_test.go b/internal/config/vars_test.go
@@ -79,40 +79,51 @@ func TestTOTP(t *testing.T) {
func TestGetKey(t *testing.T) {
os.Setenv("LOCKBOX_KEY", "aaa")
os.Setenv("LOCKBOX_KEYMODE", "lak;jfea")
- if k, err := config.GetKey(); err.Error() != "unknown keymode" || k != nil {
+ if k, err := config.GetKey(false); err.Error() != "unknown keymode" || k != nil {
t.Errorf("invalid error: %v", err)
}
os.Setenv("LOCKBOX_KEYMODE", "plaintext")
os.Setenv("LOCKBOX_KEY", "")
- if k, err := config.GetKey(); err != nil || k != nil {
+ if k, err := config.GetKey(false); err != nil || k != nil {
t.Errorf("invalid error: %v", err)
}
os.Setenv("LOCKBOX_KEY", "key")
- k, err := config.GetKey()
+ k, err := config.GetKey(false)
if err != nil || k == nil || string(k.Key()) != "key" || k.Interactive() {
t.Error("invalid key retrieval")
}
+ os.Setenv("LOCKBOX_KEY", "key")
+ k, err = config.GetKey(true)
+ if err != nil || k == nil || len(k.Key()) != 1 || k.Key()[0] != 0 || k.Interactive() {
+ t.Error("invalid key retrieval")
+ }
os.Setenv("LOCKBOX_KEYMODE", "command")
os.Setenv("LOCKBOX_KEY", "invalid command text is long and invalid via shlex")
- if k, err := config.GetKey(); err == nil || k != nil {
+ if k, err := config.GetKey(false); err == nil || k != nil {
t.Error("should have failed")
}
os.Setenv("LOCKBOX_INTERACTIVE", "yes")
os.Setenv("LOCKBOX_KEYMODE", "interactive")
os.Setenv("LOCKBOX_KEY", "")
- if k, err := config.GetKey(); err != nil || k == nil || !k.Interactive() {
+ if k, err := config.GetKey(false); err != nil || k == nil || !k.Interactive() {
+ t.Errorf("invalid error: %v", err)
+ }
+ os.Setenv("LOCKBOX_INTERACTIVE", "yes")
+ os.Setenv("LOCKBOX_KEYMODE", "interactive")
+ os.Setenv("LOCKBOX_KEY", "")
+ if k, err := config.GetKey(true); err != nil || k == nil || !k.Interactive() {
t.Errorf("invalid error: %v", err)
}
os.Setenv("LOCKBOX_INTERACTIVE", "no")
os.Setenv("LOCKBOX_KEYMODE", "interactive")
os.Setenv("LOCKBOX_KEY", "")
- if k, err := config.GetKey(); err == nil || err.Error() != "interactive key mode requested in non-interactive mode" || k != nil {
+ if k, err := config.GetKey(false); err == nil || err.Error() != "interactive key mode requested in non-interactive mode" || k != nil {
t.Errorf("invalid error: %v", err)
}
os.Setenv("LOCKBOX_INTERACTIVE", "yes")
os.Setenv("LOCKBOX_KEYMODE", "interactive")
os.Setenv("LOCKBOX_KEY", "aaa")
- if k, err := config.GetKey(); err == nil || err.Error() != "key can NOT be set in interactive mode" || k != nil {
+ if k, err := config.GetKey(false); err == nil || err.Error() != "key can NOT be set in interactive mode" || k != nil {
t.Errorf("invalid error: %v", err)
}
}
