diff --git a/cmd/zeroward/decrypt.go b/cmd/zeroward/decrypt.go index c2d8745..0f94201 100644 --- a/cmd/zeroward/decrypt.go +++ b/cmd/zeroward/decrypt.go @@ -17,8 +17,6 @@ var decryptCmd = &cobra.Command{ Run: func(cmd *cobra.Command, args []string) { filePath, _ := cmd.Flags().GetString("filePath") - // dekkeyPath, _ := cmd.Flags().GetString("dekkey") - kekk := viper.GetString("KEKkey") kekBytes, err := hex.DecodeString(kekk) @@ -56,15 +54,10 @@ var decryptCmd = &cobra.Command{ } } - // if err := os.Remove(dekkeyPath); err != nil { - // fmt.Println("Error:", err) - // return - // } }, } func init() { rootCmd.AddCommand(decryptCmd) - // decryptCmd.Flags().StringP("dekkey", "k", "", "DEK Key to decrypt the file please!") } diff --git a/cmd/zeroward/encrypt.go b/cmd/zeroward/encrypt.go index 7cdaac3..844ebca 100644 --- a/cmd/zeroward/encrypt.go +++ b/cmd/zeroward/encrypt.go @@ -49,16 +49,11 @@ var encryptCmd = &cobra.Command{ cobra.CheckErr(err) if filePath != "" { - if err := encryption.EncryptFile(filePath, dek); err != nil { + if err := encryption.EncryptFile(filePath, dek, kekBytes); err != nil { fmt.Println("Error encrypting File:", err) return } } - if err := encryption.EncryptKey(dek, kekBytes, filePath); err != nil { - fmt.Println("Error encrypting DEK:", err) - return - } - }, } diff --git a/cmd/zeroward/upload.go b/cmd/zeroward/upload.go index ba2aa7d..59515f2 100644 --- a/cmd/zeroward/upload.go +++ b/cmd/zeroward/upload.go @@ -62,9 +62,8 @@ func handleEncryptionAndUpload(accessKeyID, secretAccessKey, bcktName, filePath, if err != nil { return fmt.Errorf("error generating DEK: %v", err) } - if filePath != "" { - if err := encryption.EncryptFile(filePath, dek); err != nil { + if err := encryption.EncryptFile(filePath, dek, kekk); err != nil { return fmt.Errorf("error encrypting file: %v", err) } } diff --git a/pkg/zeroward/downloading/downloadobject.go b/pkg/zeroward/downloading/downloadobject.go index 7115df1..3843e78 100644 --- a/pkg/zeroward/downloading/downloadobject.go +++ b/pkg/zeroward/downloading/downloadobject.go @@ -91,7 +91,8 @@ func DownloadObject(awsRegion, accessKeyId, accessKeySecret, bucketName, localFi if err != nil { return fmt.Errorf("error decrypting DEK key: %v", err) } - + keySize := 60 + encryptedBody = encryptedBody[:len(encryptedBody)-keySize] body, err := decryption.DecryptFile(encryptedBody, dekkey) if err != nil { return fmt.Errorf("error decrypting file body: %v", err) diff --git a/pkg/zeroward/encryption/encrypt.go b/pkg/zeroward/encryption/encrypt.go index 191a0cd..81a2f55 100644 --- a/pkg/zeroward/encryption/encrypt.go +++ b/pkg/zeroward/encryption/encrypt.go @@ -11,34 +11,7 @@ import ( "os" ) -func EncryptKey(dek []byte, kek []byte, filePath string) error { - encryptedData, err := EncryptData(dek, kek) - if err != nil { - return err - } - // outputDEKDir := filepath.Dir(filePath) - // outputDEKFilePath := filepath.Join(outputDEKDir, "DEK.key.enc") - outputFilePath := filePath + ".enc" - file, err := os.OpenFile(outputFilePath, os.O_APPEND|os.O_WRONLY, 0644) - if err != nil { - return err - } - defer file.Close() - // file, err := os.Create(outputDEKFilePath) - // if err != nil { - // return err - // } - // defer file.Close() - - _, err = file.Write(encryptedData) - if err != nil { - return err - } - - return nil -} - -func EncryptFile(filePath string, dek []byte) error { +func EncryptFile(filePath string, dek []byte, kek []byte) error { if _, err := os.Stat(filePath); os.IsNotExist(err) { return err } @@ -92,7 +65,14 @@ func EncryptFile(filePath string, dek []byte) error { if err != nil { return err } - + encryptedKey, err := EncryptData(dek, kek) + if err != nil { + return err + } + _, err = dstFile.Write(encryptedKey) + if err != nil { + return err + } return nil }