/le-golang-1-zvault

Learning exercise : store/restore files with an encrypted vault.

Primary LanguageGo

Disclaimer

This repository is an Golang learning exercise.

Do not use this code in production.

(with all my repositories, the le- prefix mean Learning Exercise)

Synopsis

The goal of this exercise is to write a simple binary used to store/restore files in an encrypted vault.

Encryption will be made with AES_256_GCM and password derivation will be made with PBKDF2.

It will have 4 commands :

  • init (used to init a vault configuration)
  • put (used to put a file in the vault)
  • get (used to get a file given his id)
  • del (used to delete a file given his id)

Build the zvault binary

./build.sh
./zvault --help
./zvault init --help
./zvault put --help
./zvault get --help
./zvault del --help

Init command

The init command is used to initialize a new vault configuration.

By default the configuration is saved in [USER_HOME]/.config/zvault.json

./zvault init

If you want to use a specific configuration file :

./zvault -c /path/to/conf/file.json init

During the init process you will be prompted for :

  • The folder where to store the encrypted blocks,
  • The folder where to store the encrypted file description,
  • A master key password.

Put command

The put command is used to store a file in the encrypted vault.

./zvault put /absolute/path/to/myfile.txt

You will get back the id of the file, like : a1126d9fc7c2fc240d6c44e267ed2097

Get command

The get command is used to get back a stored file.

./zvault get a1126d9fc7c2fc240d6c44e267ed2097

The file will be restored in the current directory.

Del command

The del command is used to delete a stored file.

./zvault del a1126d9fc7c2fc240d6c44e267ed2097

Example of usage

Create a storage folder structure :

mkdir storage
mkdir storage/data
mkdir storage/files

Create a random file :

mkdir data
dd if=/dev/random of=./data/file-9mb.bin bs=1 count=9545925

Initialize the vault :

./zvault init
> Data path : storage/data
> Files path : storage/files
> Enter paswsord: *******
> Repeat paswsord: *******

Store a file in the vault :

./zvault put data/file-9mb.bin
> Enter Password: *******
File stored, id: 9deba552fe5c0b04b4e5dbc84cb65324

Restore a file from the vault :

% ./zvault get 9deba552fe5c0b04b4e5dbc84cb65324
> Enter Password: *******
File restored, name: file-9mb.bin

Verify that files are the same :

% md5 data/file-9mb.bin
MD5 (data/file-9mb.bin) = 0552c4b808193553cfed8bf562a41d8c

% md5 file-9mb.bin
MD5 (file-9mb.bin) = 0552c4b808193553cfed8bf562a41d8c

Delete a file from the vault :

% ./zvault del 9deba552fe5c0b04b4e5dbc84cb65324
> Enter Password: *******
File deleted, name: file-9mb.bin

If using a specific configuration file

./zvault -c /path/to/config.json init
./zvault -c /path/to/config.json put data/file-9mb.bin
./zvault -c /path/to/config.json get 9deba552fe5c0b04b4e5dbc84cb65324
./zvault -c /path/to/config.json del 9deba552fe5c0b04b4e5dbc84cb65324

Roadmap

  • Use CLI package to manage commands (see: https://github.com/urfave/cli)
  • Add del command
  • Clean up already groups if an error occur
  • Better errors handling

Author

Author : @odelbos