Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Extend acra-keys export/import subcommand #629

Merged
merged 13 commits into from
Feb 6, 2023
Merged

Extend acra-keys export/import subcommand #629

Show file tree
Hide file tree
Changes from 2 commits
Commits
Show all changes
13 commits
Select commit Hold shift + click to select a range
1c6a468
zhars/extend_acra_keys_export_import
Zhaars Jan 31, 2023
ae81d6b
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
edc9fa6
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
4c8144e
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
898f39f
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
d1597b2
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
b661a41
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
e8b1af9
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
bf804f2
zhars/extend_acra_keys_export_import
Zhaars Feb 1, 2023
8da50e3
zhars/extend_acra_keys_export_import
Zhaars Feb 2, 2023
c4ca8c5
zhars/extend_acra_keys_export_import
Zhaars Feb 2, 2023
4688c9e
zhars/extend_acra_keys_export_import
Zhaars Feb 3, 2023
869a3a2
Merge branch 'master' into zhars/extend_acra_keys_export_import
Zhaars Feb 3, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
3 changes: 3 additions & 0 deletions CHANGELOG_DEV.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,6 @@
# 0.94.0 - 2023-01-31
- Extend `acra-keys` `export` and `import` subcommand by V1 keystore support;

# 0.94.0 - 2023-01-24
- Remove testing on the old versions of golang, leave only last fresh version

Expand Down
15 changes: 7 additions & 8 deletions cmd/acra-backup/acra-backup.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,6 @@ import (
"encoding/base64"
"flag"
"fmt"
"io/ioutil"
"os"

"github.com/cossacklabs/acra/cmd"
Expand Down Expand Up @@ -107,25 +106,25 @@ func main() {
os.Exit(1)
}

keysContent, err := ioutil.ReadFile(*file)
keysContent, err := os.ReadFile(*file)
if err != nil {
log.WithError(err).Errorln("Can't read file with exported keys")
os.Exit(1)
}
backup := keystore.KeysBackup{MasterKey: key, Keys: keysContent}
if err := backuper.Import(&backup); err != nil {
backup := keystore.KeysBackup{Keys: key, Data: keysContent}
if _, err := backuper.Import(&backup); err != nil {
log.WithError(err).Errorln("Can't import keys")
os.Exit(1)
}
case actionExport:
backup, err := backuper.Export()
backup, err := backuper.Export(nil, keystore.ExportAllKeys)
if err != nil {
log.WithError(err).Errorln("Can't generate backup")
os.Exit(1)
}
base64MasterKey := base64.StdEncoding.EncodeToString(backup.MasterKey)
utils.ZeroizeSymmetricKey(backup.MasterKey)
if err := ioutil.WriteFile(*file, backup.Keys, filesystem.PrivateFileMode); err != nil {
base64MasterKey := base64.StdEncoding.EncodeToString(backup.Keys)
utils.ZeroizeSymmetricKey(backup.Keys)
if err := os.WriteFile(*file, backup.Keys, filesystem.PrivateFileMode); err != nil {
log.WithError(err).Errorf("Can't write backup to file %s", *file)
os.Exit(1)
}
Expand Down
53 changes: 2 additions & 51 deletions cmd/acra-keys/keys/acra-keys.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,10 +22,10 @@ import (
"io"
"os"

log "github.com/sirupsen/logrus"

"github.com/cossacklabs/acra/keystore"
"github.com/cossacklabs/acra/keystore/v2/keystore/api"
"github.com/cossacklabs/acra/utils"
log "github.com/sirupsen/logrus"
)

func warnKeystoreV2Only(command string) {
Expand All @@ -51,55 +51,6 @@ func ListKeysCommand(params ListKeysParams, keyStore keystore.ServerKeyStore) {
}
}

// ExportKeysCommand implements the "export" command.
func ExportKeysCommand(params ExportKeysParams, keyStore api.KeyStore) {
encryptionKeyData, cryptosuite, err := PrepareExportEncryptionKeys()
if err != nil {
log.WithError(err).Fatal("Failed to prepare encryption keys")
}
defer utils.ZeroizeSymmetricKey(encryptionKeyData)

exportedData, err := ExportKeys(keyStore, cryptosuite, params)
if err != nil {
log.WithError(err).Fatal("Failed to export keys")
}

err = WriteExportedData(exportedData, encryptionKeyData, params)
if err != nil {
log.WithError(err).Fatal("Failed to write exported data")
}

log.Infof("Exported key data is encrypted and saved here: %s", params.ExportDataFile())
log.Infof("New encryption keys for import generated here: %s", params.ExportKeysFile())
log.Infof("DO NOT transport or store these files together")
log.Infof("Import the keys into another keystore like this:\n\tacra-keys import --key_bundle_file \"%s\" --key_bundle_secret \"%s\"", params.ExportDataFile(), params.ExportKeysFile())
}

// ImportKeysCommand implements the "import" command.
func ImportKeysCommand(params ImportKeysParams, keyStore api.MutableKeyStore) {
exportedData, err := ReadExportedData(params)
if err != nil {
log.WithError(err).Fatal("Failed to read exported data")
}

cryptosuite, err := ReadImportEncryptionKeys(params)
if err != nil {
log.WithError(err).Fatal("Failed to prepare encryption keys")
}

descriptions, err := ImportKeys(exportedData, keyStore, cryptosuite, params)
if err != nil {
log.WithError(err).Fatal("Failed to import keys")
}

log.Infof("successfully imported %d keys", len(descriptions))

err = PrintKeys(descriptions, os.Stdout, params)
if err != nil {
log.WithError(err).Fatal("Failed to print imported key list")
}
}

// PrintKeyCommand implements the "read" command.
func (p *ReadKeySubcommand) PrintKeyCommand(params ReadKeyParams, keyStore keystore.ServerKeyStore) {
keyBytes, err := ReadKeyBytes(params, keyStore)
Expand Down