fix(core): Support passing '-o' to decrypt #128

jakedoublev · 2024-04-24T14:41:58Z

@b-long
I think we want to implement this behavior:
./otdfctl decrypt file.txt.tdf goes to stdout
./otdfctl decrypt file.txt.tdf -o file.txt goes to file.txt
./otdfctl decrypt file.txt.tdf -o renamed.txt goes to renamed.txt

In that case ^, the fmt.Print(decrypted.String()) would be if the value of output is the zero value empty string. The implicit behavior of "output to a file named by stripping off the .tdf extension" will go away, and we won't require -o stdout to write to stdout.

I can definitely refactor to support this behavior, unless you'd like to.

I'm not sure I follow what you're saying here 😅 I believe this is the current behavior in my branch.

I have found that if I do not pass -o, that the output := flagHelper.GetOptionalString("out") value will be "stdout" (in the function/scope that I changed).

Here's some redacted output:

me:otdfctl me$ git log -n 1 commit b3e5837f0c4a37710bf0bd1b1f0677e62e1acfe7 (HEAD -> feat/tdf-demo--with-dash-o-support, origin/feat/tdf-demo--with-dash-o-support) Author: b-long <[email protected]> Date: Wed Apr 24 09:43:46 2024 -0400 Cleanup me:otdfctl me$ rm -rf target/ me:otdfctl me$ make 2>&1 > /dev/null me:otdfctl me$ cp otdfctl.yaml target/ && pushd target && { ./--darwin-arm64 --help ; } && popd ~/Desktop/github/opentdf/otdfctl/target ~/Desktop/github/opentdf/otdfctl {"time":"2024-04-24T10:53:12.675435-04:00","level":"DEBUG","msg":"LoadConfig: file and key not provided, using default file","config file":""} otdfctl - OpenTDF Control Tool Usage: otdfctl [command] decrypt Decrypt a TDF file encrypt Encrypt file or stdin as a TDF Additional Commands: auth Manage local authentication session [client-credentials] completion Generate the autocompletion script for the specified shell config Manage Configuration [output] dev Development Tools help Help about any command interactive Interactive Mode policy Manage policy Flags: -h, --help help for otdfctl --host string host:port of the Virtru Data Security Platform gRPC server (default "localhost:8080") --log-level string log level (debug, info, warn, error, fatal, panic) (default "info") Use "otdfctl [command] --help" for more information about a command. ~/Desktop/github/opentdf/otdfctl me:otdfctl me$ cp otdfctl.yaml target/ && pushd target && { ./--darwin-arm64 auth client-credentials --client-id opentdf --client-secret secret --log-level DEBUG ; } && popd ~/Desktop/github/opentdf/otdfctl/target ~/Desktop/github/opentdf/otdfctl {"time":"2024-04-24T10:53:23.354659-04:00","level":"DEBUG","msg":"LoadConfig: file and key not provided, using default file","config file":""} SUCCESS Successfully logged in with client ID and secret ~/Desktop/github/opentdf/otdfctl me:otdfctl me$ cp otdfctl.yaml target/ && pushd target && { echo "Some string" | ./--darwin-arm64 encrypt || echo "Failed to encrypt" ; } && popd ~/Desktop/github/opentdf/otdfctl/target ~/Desktop/github/opentdf/otdfctl {"time":"2024-04-24T10:53:30.004881-04:00","level":"DEBUG","msg":"LoadConfig: file and key not provided, using default file","config file":""} {"time":"2024-04-24T10:53:30.402818-04:00","level":"DEBUG","msg":"getting new access token"} {"time":"2024-04-24T10:53:30.402889-04:00","level":"DEBUG","msg":"Building DPoP Proof"} PK�v�0 0.payload�UE3\�{g�+�$��:�<��Hi�EJ?��f��V�>]�|PI�p((PK�v�00.manifest.json{"encryptionInformation":{"type":"split","policy":"eyJ1dWlkIjoiNmEzMDlkM2EtMDI0YS0xMWVmLThjMTYtMzI0NmVjMmYwZmI1IiwiYm9keSI6eyJkYXRhQXR0cmlidXRlcyI6bnVsbCwiZGlzc2VtIjpudWxsfX0=","keyAccess":[{"type":"wrapped","url":"http://localhost:8080","protocol":"kas","wrappedKey":"eB8OYlzFjBfbl8vxcCO2vbplngz0y+WglEaKqNmoi1a6EG6Qxgz1fZ0qeie562b4GQQ+/3Xpc2W+/c4I9gG5cvV3lDFqsVbqGR1zSBqtIA+IsYF+Pg/hEqOAn9t+eeaj32ns6puQq+kkXyYd654Mu5FfPgPH7szUCjUqPHFvx4swdJggu3175f4O6sy8bE6LhPQTBrKCZ3+zyydoHwHx8cfl7P+07Kdx8xRJUy60C+QnFI4rQtUggtO2S1Kr7qP+48EmWYnNmt9SbIVxPkOyKeP5WpWF9RmyNmStb77mYHzYsI2w85RvSTjfZfvRptdvO1GtysI1/aZ7SAcMp5LjYg==","policyBinding":"OTQ0MTk0OGYzNTBlNTFiMzgyOTZhODkxYTM1MTYxM2MzMTk2MjRhMjNhMjFhNDlhZDA3ZDg2MzFiZTA5ZTU2NQ=="}],"method":{"algorithm":"AES-256-GCM","iv":"","isStreamable":true},"integrityInformation":{"rootSignature":{"alg":"HS256","sig":"YWMxOGIzNWFmMWFkNDM3MzYyYTliZTI0MmFhZDJiZjBiMmRmMGUxMGExYzhkYzA3NWFiNmJkZWQ0NTU5MjFhOA=="},"segmentHashAlg":"GMAC","segmentSizeDefault":2097152,"encryptedSegmentSizeDefault":2097180,"segments":[{"hash":"NDU0YTNmYWZlMTY2YmJkODFjNTYwZjhiM2U1ZDlhN2M=","segmentSize":12,"encryptedSegmentSize":40}]}},"payload":{"type":"reference","url":"0.payload","protocol":"zip","mimeType":"application/octet-stream","isEncrypted":true}}P;�i��PK-�v�0I�p(( 0.payloadPK-�v�0;�i��_0.manifest.jsonPKt�~/Desktop/github/opentdf/otdfctl me:otdfctl me$ cp otdfctl.yaml target/ && pushd target && { ./--darwin-arm64 decrypt sensitive.txt.tdf -o decrypted.txt || echo "Failed to decrypt" ; } && popd ~/Desktop/github/opentdf/otdfctl/target ~/Desktop/github/opentdf/otdfctl {"time":"2024-04-24T10:53:39.058946-04:00","level":"DEBUG","msg":"LoadConfig: file and key not provided, using default file","config file":""} {"time":"2024-04-24T10:53:39.273565-04:00","level":"DEBUG","msg":"getting new access token"} {"time":"2024-04-24T10:53:39.273614-04:00","level":"DEBUG","msg":"Building DPoP Proof"} ~/Desktop/github/opentdf/otdfctl me:otdfctl me$ cp otdfctl.yaml target/ && pushd target && { ./--darwin-arm64 decrypt sensitive.txt.tdf -o renamed.txt || echo "Failed to decrypt" ; } && popd ~/Desktop/github/opentdf/otdfctl/target ~/Desktop/github/opentdf/otdfctl {"time":"2024-04-24T10:53:53.715725-04:00","level":"DEBUG","msg":"LoadConfig: file and key not provided, using default file","config file":""} {"time":"2024-04-24T10:53:53.997192-04:00","level":"DEBUG","msg":"getting new access token"} {"time":"2024-04-24T10:53:53.997229-04:00","level":"DEBUG","msg":"Building DPoP Proof"} ~/Desktop/github/opentdf/otdfctl me:otdfctl me$ ls -lart target/ total 509808 -rwxr-xr-x@ 1 me mygroup 33405520 Apr 24 10:52 --darwin-amd64 drwxr-xr-x@ 29 me mygroup 928 Apr 24 10:52 .. -rwxr-xr-x@ 1 me mygroup 32510194 Apr 24 10:52 --darwin-arm64 -rwxr-xr-x@ 1 me mygroup 33679386 Apr 24 10:52 --linux-amd64 -rwxr-xr-x@ 1 me mygroup 31625097 Apr 24 10:52 --linux-arm -rwxr-xr-x@ 1 me mygroup 32555965 Apr 24 10:53 --linux-arm64 -rwxr-xr-x@ 1 me mygroup 33538560 Apr 24 10:53 --windows-amd64.exe -rwxr-xr-x@ 1 me mygroup 31561728 Apr 24 10:53 --windows-arm.exe -rwxr-xr-x@ 1 me mygroup 32112128 Apr 24 10:53 --windows-arm64.exe -rw-r--r--@ 1 me mygroup 1564 Apr 24 10:53 sensitive.txt.tdf -rw-r--r--@ 1 me mygroup 12 Apr 24 10:53 decrypted.txt -rw-r--r--@ 1 me mygroup 64 Apr 24 10:53 otdfctl.yaml drwxr-xr-x@ 14 me mygroup 448 Apr 24 10:53 . -rw-r--r--@ 1 me mygroup 12 Apr 24 10:53 renamed.txt me:otdfctl me$ cp otdfctl.yaml target/ && pushd target && { ./--darwin-arm64 decrypt sensitive.txt.tdf || echo "Failed to decrypt" ; } && popd ~/Desktop/github/opentdf/otdfctl/target ~/Desktop/github/opentdf/otdfctl {"time":"2024-04-24T10:54:15.299478-04:00","level":"DEBUG","msg":"LoadConfig: file and key not provided, using default file","config file":""} {"time":"2024-04-24T10:54:15.583449-04:00","level":"DEBUG","msg":"getting new access token"} {"time":"2024-04-24T10:54:15.583493-04:00","level":"DEBUG","msg":"Building DPoP Proof"} Some string ~/Desktop/github/opentdf/otdfctl me:otdfctl me$

Ah, I forgot the flag value was being defaulted to "stdout" instead of "". Thanks for your patience. 😅

No worries, and thanks for yours! 🙂 I'm learning, so am sure I'll have some doofus ideas/questions coming along 😆

-Original file line number
+Diff line change
@@ Expand Up / @@ -32,7 +32,24 @@ func dev_tdfDecryptCmd(cmd *cobra.Command, args []string) { @@
     		cli.ExitWithError("Failed to decrypt file", err)
     	}
-    	if output == "file" {
+    	if output == "stdout" {
+    		// Print decrypted content to stdout
+    		fmt.Print(decrypted.String())
+    		return
+    	} else if output != "" {
+    		// Here 'output' is the filename given with -o
+    		f, err := os.Create(output)
+    		if err != nil {
+    			cli.ExitWithError("Failed to write decrypted data to file", err)
+    		}
+    		defer f.Close()
+    		_, err = f.Write(decrypted.Bytes())
+    		if err != nil {
+    			cli.ExitWithError("Failed to write decrypted data to file", err)
+    		}
+    		return
+    	} else {
+    		// Here the 'output' filename is based on the input filename
     		// Write decrypted string to file with stripped .tdf extension
     		f, err := os.Create(strings.Replace(tdfFile, ".tdf", "", 1))
     		if err != nil {
@@ Expand All / @@ -45,8 +62,6 @@ func dev_tdfDecryptCmd(cmd *cobra.Command, args []string) { @@
     		}
     		return
     	}
-    	// Print decrypted content to stdout
-    	fmt.Print(decrypted.String())
     }
     func init() {
@@ Expand Down @@

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix(core): Support passing '-o' to decrypt #128

Uh oh!

Diff view

Diff view

There are no files selected for viewing

jakedoublev Apr 24, 2024

Uh oh!

b-long Apr 24, 2024

Uh oh!

jakedoublev Apr 24, 2024

Uh oh!

b-long Apr 24, 2024

Uh oh!

fix(core): Support passing '-o' to decrypt #128

Uh oh!

fix(core): Support passing '-o' to decrypt #128

Uh oh!

Uh oh!

Diff view

Diff view

There are no files selected for viewing

jakedoublev Apr 24, 2024

Choose a reason for hiding this comment

Uh oh!

b-long Apr 24, 2024

Choose a reason for hiding this comment

Uh oh!

jakedoublev Apr 24, 2024

Choose a reason for hiding this comment

Uh oh!

b-long Apr 24, 2024

Choose a reason for hiding this comment

Uh oh!