首先,我使用gpg,因为openpgp模块不支持gpg-agent。
我的问题:
如果在命令行中运行以下命令,gpg会解密该文件并将其内容写入stdout(就像我想要的那样):
/usr/bin/gpg --decrypt /home/wwalker/castle_keys.asc
然后,我从Go内部运行它,行为发生变化,它将兄弟文件写入asc文件(我已将exec' d app更改为env并运行它并且环境与父级相同(如预期的那样))。我不知道这是Go(我怀疑它)还是gpg(我希望它对写入的位置非常警惕):
wwalker@hatter:~/golang_workspace/src/devops/play$ ./play
You need a passphrase to unlock the secret key for
user: "Wayne Walker (Ruby Hacker) <wwalker@redacted.com>"
4096-bit ELG-E key, ID 39D0C3D7, created 2007-12-31 (main key ID A62B624A)
File `/home/wwalker/Files/castle_keys' exists. Overwrite? (y/N)
Enter new filename: asdf
play.go:
wwalker@hatter:~/golang_workspace/src/devops/play$ cat main.go
// Author wwalker
package main
import (
"bytes"
"fmt"
"os/exec"
)
func decryptFile(filename string) ([]byte, error) {
//cmd := exec.Command("/usr/bin/env")
var cmd exec.Cmd
var output bytes.Buffer
cmd.Path = "/usr/bin/gpg"
cmd.Args = []string{"--decrypt", filename}
cmd.Stdout = &output
if err := cmd.Run(); err != nil {
return nil, err
}
return output.Bytes(), nil
}
func main() {
bytes, err := decryptFile("/home/wwalker/Files/castle_keys.asc")
if err == nil {
fmt.Printf("%s\n", string(bytes))
}
}