Special-agent GPG
02 May 2016So my security context has me trusting my own computers, totally safe totally, and not-trusting any server I didn’t buy. For arguments sake lets pretend I bought the University server, since at least their balls are in the vice. But I dont trust Github, or Dropbox.
So GPG is pretty cool, and I’m either too lazy to write something better, or smarter than that, so lets wrangle this beast into submission. Ideally I would like to keep only locked files on-disk, and reserve unlocked files to the totally safe totally world of in-memory. Downside, my favourite text-editor doesnt play nice with FIFOs, and working out how to reverse-memmap is…tedious. Good thing I trust my own file-system totally totally…
Time for some funky command-line interception
Lets say i had a locked file foo.gpg.
Normally you have to gpg foo.gpg; use foo to get the thing, far to many keystrokes for an old arthrit like me.
Suppose instead that i could use foo.gpg and the utility could recognise which of its input files it has to decrypt so i can use them.
Hence xgpg, because xargs is totally a thing totally.
Simply look at the arguments of the command the user wants to run, work out which ones are gpg-encrypted files, and gpg-decrypt them before the user needs them.
We can even use gpg-agent to avoid those annoying password prompts, and theres that total total trust of my own machines again.
Some intricacies:
- User might supply non existant files, utility creates a new file for them to use
- Re-encrypt files if they are changed by command
- Use the recipients from the old file if you can
- For new files, user must specify the recipients
- Delete decrypted versions when the script exits
Some fun usages:
xgpg vim foo.gpg # Edit an encrypted file
xgpg cat foo.gpg # Output decrypted contents to terminal
xgpg mv foo.gpg bar # Decrypt-and move, which in effect steals a decrypted version
Unfortunately, my CL-foo is not enough to pass arguments within a bash script, so python implementation to the rescue.
I may have subprocess.check_called with shell=True in there, but the tainted string argument is a file (which must exist) and i escaped it with pipes.quote() so no biggie.