add decrypt file function

gek64 · Nov 21, 2023 · 6e2e106 · 6e2e106
1 parent 356e90e
commit 6e2e106
Show file tree

Hide file tree

Showing 11 changed files with 76 additions and 22 deletions.
diff --git a/README.md b/README.md
@@ -35,6 +35,9 @@ wgwd get -remote_interface="pppoe0" -wg_interface="wg0" -interval="5s" webdav -e
 wgwd get -remote_interface="pppoe0" -wg_interface="wg0" nconnect -id="center" -endpoint="http://localhost:1996/"
 ## Loop Get local network information from nconnect server
 wgwd get -remote_interface="pppoe0" -wg_interface="wg0" -interval="5s" nconnect -id="center" -endpoint="http://localhost:1996/"
+
+# Decrypt a encrypted file
+wgwd decrypt -filepath "./center.json" -encryption_key="admin123"
 ```
 
 ## Install

diff --git a/go.mod b/go.mod
@@ -11,7 +11,7 @@ require (
 
 require (
 	github.com/andybalholm/brotli v1.0.6 // indirect
-	github.com/aws/aws-sdk-go v1.48.0 // indirect
+	github.com/aws/aws-sdk-go v1.48.1 // indirect
 	github.com/cloudflare/circl v1.3.6 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.3 // indirect
 	github.com/gaukas/godicttls v0.0.4 // indirect

diff --git a/go.sum b/go.sum
@@ -1,7 +1,7 @@
 github.com/andybalholm/brotli v1.0.6 h1:Yf9fFpf49Zrxb9NlQaluyE92/+X7UVHlhMNJN2sxfOI=
 github.com/andybalholm/brotli v1.0.6/go.mod h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
-github.com/aws/aws-sdk-go v1.48.0 h1:1SeJ8agckRDQvnSCt1dGZYAwUaoD2Ixj6IaXB4LCv8Q=
-github.com/aws/aws-sdk-go v1.48.0/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go v1.48.1 h1:OXPUVL4cLdsDsqkVIuhwY+D389tjI7e1xu0lsDYyeMk=
+github.com/aws/aws-sdk-go v1.48.1/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
 github.com/cloudflare/circl v1.3.6 h1:/xbKIqSHbZXHwkhbrhrt2YOHIwYJlXH94E3tI/gDlUg=
 github.com/cloudflare/circl v1.3.6/go.mod h1:5XYMA4rFBvNIrhs50XuiBJ15vF2pZn4nnUKZrLbUZFA=
 github.com/cpuguy83/go-md2man/v2 v2.0.3 h1:qMCsGGgs+MAzDFyp9LpAe1Lqy/fY/qCovCm0qnXZOBM=

diff --git a/internal/receive/preload/decrypt.go → internal/decrypt/decrypt.go b/internal/receive/preload/decrypt.go → internal/decrypt/decrypt.go
@@ -1,13 +1,15 @@
-package preload
+package decrypt
 
 import (
 	"github.com/gek64/gek/gCrypto"
 	"golang.org/x/crypto/chacha20poly1305"
+	"os"
 )
 
 const AssociatedDataSize = 8
 
-func GetDecryptedPreload(ciphertext []byte, key []byte, associatedDataSize uint) (preload []byte, err error) {
+// FromBytes 从比特切片解密
+func FromBytes(ciphertext []byte, key []byte, associatedDataSize uint) (plaintext []byte, err error) {
 	// 通过密钥长度判断是否使用解密
 	switch len(key) {
 	case 0:
@@ -18,3 +20,12 @@ func GetDecryptedPreload(ciphertext []byte, key []byte, associatedDataSize uint)
 		return gCrypto.NewChaCha20Poly1305(key, associatedDataSize).Decrypt(ciphertext)
 	}
 }
+
+// FromFile 从文件解密
+func FromFile(filepath string, encryptionKey []byte) (plaintext []byte, err error) {
+	d, err := os.ReadFile(filepath)
+	if err != nil {
+		return nil, err
+	}
+	return FromBytes(d, encryptionKey, AssociatedDataSize)
+}
diff --git a/internal/netinfo/definition.go b/internal/netinfo/definition.go
@@ -5,7 +5,7 @@ import (
 	"time"
 )
 
-type Data struct {
+type NetInfo struct {
 	ID            string         `json:"id" xml:"id" form:"id" binding:"required"`
 	UpdatedAt     time.Time      `json:"updatedAt,omitempty" xml:"updatedAt,omitempty" form:"updatedAt,omitempty"`
 	RequestIP     netip.Addr     `json:"requestIP,omitempty" xml:"requestIP,omitempty" form:"requestIP,omitempty"`

diff --git a/internal/netinfo/operation.go b/internal/netinfo/operation.go
@@ -4,11 +4,11 @@ import (
 	"encoding/json"
 	"fmt"
 	"github.com/gek64/gek/gNet"
-	"wgwd/internal/receive/preload"
+	"wgwd/internal/decrypt"
 )
 
 // GetPublicIP 从网络信息中获取公共 IP
-func (r *Data) GetPublicIP(interfaceName string) (ip string, err error) {
+func (r *NetInfo) GetPublicIP(interfaceName string) (ip string, err error) {
 	for _, netInterface := range r.NetInterfaces {
 		if netInterface.Name == interfaceName {
 			for _, ip := range netInterface.IPs {
@@ -22,18 +22,18 @@ func (r *Data) GetPublicIP(interfaceName string) (ip string, err error) {
 	return "", fmt.Errorf("no valid public IP found in network infomation data")
 }
 
-// GetFromJsonBytes 从加密的比特切片中获取 *Data
-func GetFromJsonBytes(jsonBytes []byte, encryptionKey []byte) (data *Data, err error) {
+// FromBytes 从加密的比特切片中获取 *NetInfo
+func FromBytes(ciphertext []byte, encryptionKey []byte) (netInfo *NetInfo, err error) {
 	// 解密, encryptionKey 长度为 0 的情况, 会直接返回输入的密文
-	jsonBytes, err = preload.GetDecryptedPreload(jsonBytes, encryptionKey, preload.AssociatedDataSize)
+	plaintext, err := decrypt.FromBytes(ciphertext, encryptionKey, decrypt.AssociatedDataSize)
 	if err != nil {
 		return nil, err
 	}
 
-	err = json.Unmarshal(jsonBytes, &data)
+	err = json.Unmarshal(plaintext, &netInfo)
 	if err != nil {
 		return nil, err
 	}
 
-	return data, nil
+	return netInfo, nil
 }
diff --git a/internal/receive/file/receiver.go b/internal/receive/file/receiver.go
@@ -9,12 +9,12 @@ import (
 )
 
 // getNetInfo 从 file 文件获取指定 id 的网络信息
-func getNetInfo(filepath string, encryptionKey []byte) (data *netinfo.Data, err error) {
+func getNetInfo(filepath string, encryptionKey []byte) (data *netinfo.NetInfo, err error) {
 	d, err := os.ReadFile(filepath)
 	if err != nil {
 		return nil, err
 	}
-	return netinfo.GetFromJsonBytes(d, encryptionKey)
+	return netinfo.FromBytes(d, encryptionKey)
 }
 
 func ReceiveRequest(filepath string, encryptionKey []byte, remoteInterface string, wgInterface string, wgPeerKey string) (err error) {

diff --git a/internal/receive/nconnect/receiver.go b/internal/receive/nconnect/receiver.go
@@ -10,7 +10,7 @@ import (
 )
 
 // getNetInfo 从 nconnect 服务器获取指定 id 的网络信息
-func getNetInfo(id string, endpoint string, username string, password string, allowInsecure bool) (netInfoInMemoryData *netinfo.Data, err error) {
+func getNetInfo(id string, endpoint string, username string, password string, allowInsecure bool) (netInfoInMemoryData *netinfo.NetInfo, err error) {
 	client := req.C()
 
 	// 默认不启用跳过TLS证书检测

diff --git a/internal/receive/s3/receiver.go b/internal/receive/s3/receiver.go
@@ -10,7 +10,7 @@ import (
 )
 
 // getNetInfo 从 s3 服务器获取指定 id 的网络信息
-func getNetInfo(endpoint string, region string, accessKeyId string, secretAccessKey string, stsToken string, pathStyle bool, allowInsecure bool, bucket string, objectPath string, encryptionKey []byte) (data *netinfo.Data, err error) {
+func getNetInfo(endpoint string, region string, accessKeyId string, secretAccessKey string, stsToken string, pathStyle bool, allowInsecure bool, bucket string, objectPath string, encryptionKey []byte) (data *netinfo.NetInfo, err error) {
 	s := gS3.NewS3Session(endpoint, region, accessKeyId, secretAccessKey, stsToken, pathStyle, allowInsecure)
 	response, err := s.GetObject(bucket, objectPath)
 	if err != nil {
@@ -22,7 +22,7 @@ func getNetInfo(endpoint string, region string, accessKeyId string, secretAccess
 	if err != nil {
 		return nil, err
 	}
-	return netinfo.GetFromJsonBytes(d, encryptionKey)
+	return netinfo.FromBytes(d, encryptionKey)
 }
 
 func ReceiveRequest(endpoint string, region string, accessKeyId string, secretAccessKey string, stsToken string, pathStyle bool, allowInsecure bool, bucket string, objectPath string, encryptionKey []byte, remoteInterface string, wgInterface string, wgPeerKey string) (err error) {

diff --git a/internal/receive/webdav/receiver.go b/internal/receive/webdav/receiver.go
@@ -10,7 +10,7 @@ import (
 )
 
 // getNetInfo 从 webdav 服务器获取指定 id 的网络信息
-func getNetInfo(endpoint string, username string, password string, allowInsecure bool, filepath string, encryptionKey []byte) (data *netinfo.Data, err error) {
+func getNetInfo(endpoint string, username string, password string, allowInsecure bool, filepath string, encryptionKey []byte) (data *netinfo.NetInfo, err error) {
 	client, err := gWebDAV.NewClient(endpoint, username, password, allowInsecure)
 	response, err := client.Download(filepath)
 	if err != nil {
@@ -22,7 +22,7 @@ func getNetInfo(endpoint string, username string, password string, allowInsecure
 	if err != nil {
 		return nil, err
 	}
-	return netinfo.GetFromJsonBytes(d, encryptionKey)
+	return netinfo.FromBytes(d, encryptionKey)
 }
 
 func ReceiveRequest(endpoint string, username string, password string, allowInsecure bool, filepath string, encryptionKey []byte, remoteInterface string, wgInterface string, wgPeerKey string) (err error) {

diff --git a/main.go b/main.go
@@ -6,6 +6,7 @@ import (
 	"log"
 	"os"
 	"time"
+	"wgwd/internal/decrypt"
 	"wgwd/internal/receive/file"
 	"wgwd/internal/receive/nconnect"
 	"wgwd/internal/receive/s3"
@@ -39,28 +40,33 @@ func main() {
 
 	cmds := []*cli.Command{
 		{
-			Name:  "get",
-			Usage: "get wireguard endpoint from network information",
+			Name:    "get",
+			Aliases: []string{"g"},
+			Usage:   "get wireguard endpoint from network information",
 			Flags: []cli.Flag{
 				&cli.StringFlag{
 					Name:        "remote_interface",
+					Aliases:     []string{"r"},
 					Usage:       "set remote interface",
 					Required:    true,
 					Destination: &remote_interface,
 				},
 				&cli.StringFlag{
 					Name:        "wg_interface",
+					Aliases:     []string{"wi"},
 					Usage:       "set wireguard interface",
 					Required:    true,
 					Destination: &wg_interface,
 				},
 				&cli.StringFlag{
 					Name:        "wg_peer_key",
+					Aliases:     []string{"wk"},
 					Usage:       "set wireguard peer key",
 					Destination: &wg_peer_key,
 				},
 				&cli.DurationFlag{
 					Name:        "interval",
+					Aliases:     []string{"i"},
 					Usage:       "set send interval",
 					Destination: &interval,
 				},
@@ -73,12 +79,14 @@ func main() {
 					Flags: []cli.Flag{
 						&cli.StringFlag{
 							Name:        "filepath",
+							Aliases:     []string{"f"},
 							Usage:       "set file path",
 							Required:    true,
 							Destination: &filepath,
 						},
 						&cli.StringFlag{
 							Name:        "encryption_key",
+							Aliases:     []string{"e"},
 							Usage:       "set file encryption key",
 							Destination: &encryption_key,
 						},
@@ -107,6 +115,7 @@ func main() {
 						},
 						&cli.StringFlag{
 							Name:        "encryption_key",
+							Aliases:     []string{"e"},
 							Usage:       "set file encryption key",
 							Destination: &encryption_key,
 						},
@@ -182,6 +191,7 @@ func main() {
 						},
 						&cli.StringFlag{
 							Name:        "encryption_key",
+							Aliases:     []string{"e"},
 							Usage:       "set file encryption key",
 							Destination: &encryption_key,
 						},
@@ -203,6 +213,7 @@ func main() {
 						},
 						&cli.StringFlag{
 							Name:        "filepath",
+							Aliases:     []string{"f"},
 							Usage:       "set webdav server filepath",
 							Required:    true,
 							Destination: &filepath,
@@ -257,6 +268,35 @@ func main() {
 				},
 			},
 		},
+		{
+			Name:    "decrypt",
+			Aliases: []string{"d"},
+			Usage:   "decrypt a file",
+			Flags: []cli.Flag{
+				&cli.StringFlag{
+					Name:        "filepath",
+					Aliases:     []string{"f"},
+					Usage:       "set file path",
+					Required:    true,
+					Destination: &filepath,
+				},
+				&cli.StringFlag{
+					Name:        "encryption_key",
+					Aliases:     []string{"e"},
+					Usage:       "set file encryption key",
+					Required:    true,
+					Destination: &encryption_key,
+				},
+			},
+			Action: func(ctx *cli.Context) error {
+				plaintext, err := decrypt.FromFile(filepath, []byte(encryption_key))
+				if err != nil {
+					return err
+				}
+				fmt.Println(string(plaintext))
+				return nil
+			},
+		},
 	}
 
 	// 打印版本函数