read master secret phrase from key rings

lucasepe · Apr 16, 2023 · f6ff18f · f6ff18f
1 parent f3c0d84
commit f6ff18f
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -38,6 +38,11 @@ Secrets are credentials, tokens, secure notes, credit cards, and any info you wa
   - using the environment variable `LOCKER_SECRET` with your master secret phrase
   - encryption will be done using [AES-256-CFB](https://it.wikipedia.org/wiki/Advanced_Encryption_Standard)
 
+**Note**
+
+Locker can read your master secret phrase `LOCKER_SECRET` from the system keyring thanks to the [go keyring library](https://github.com/zalando/go-keyring).
+
+
 ## Namespaces
 
 Namespaces are used to group and organize your secrets.

diff --git a/cmd/root.go b/cmd/root.go
@@ -6,12 +6,14 @@ import (
 	"fmt"
 	"io"
 	"os"
+	"os/user"
 	"path/filepath"
 	"strings"
 
 	"github.com/lucasepe/locker/internal/text"
 	"github.com/lucasepe/subcommands"
 	"github.com/lucasepe/xdg"
+	"github.com/zalando/go-keyring"
 )
 
 const (
@@ -95,10 +97,20 @@ func grabContent(fs *flag.FlagSet) []byte {
 }
 
 func getMasterSecret() (string, error) {
-	mp := os.Getenv(EnvSecret)
-	if len(mp) == 0 {
-		return "", ErrUnsetMasterSecret
+	secret := os.Getenv(EnvSecret)
+	if len(secret) != 0 {
+		return secret, nil
 	}
 
-	return mp, nil
+	user, err := user.Current()
+	if err != nil {
+		return "", err
+	}
+
+	secret, err = keyring.Get(EnvSecret, user.Username)
+	if err == nil {
+		return secret, nil
+	}
+
+	return "", ErrUnsetMasterSecret
 }
diff --git a/go.mod b/go.mod
@@ -8,9 +8,15 @@ require (
 	github.com/lucasepe/subcommands v0.1.1
 	github.com/lucasepe/totp v0.1.0
 	github.com/lucasepe/xdg v0.1.0
+	github.com/zalando/go-keyring v0.2.2
 	go.etcd.io/bbolt v1.3.7
-	golang.org/x/term v0.5.0
+	golang.org/x/term v0.6.0
 	gopkg.in/yaml.v3 v3.0.1
 )
 
-require golang.org/x/sys v0.6.0 // indirect
+require (
+	github.com/alessio/shellescape v1.4.1 // indirect
+	github.com/danieljoos/wincred v1.1.2 // indirect
+	github.com/godbus/dbus/v5 v5.1.0 // indirect
+	golang.org/x/sys v0.6.0 // indirect
+)
diff --git a/go.sum b/go.sum
@@ -1,4 +1,11 @@
+github.com/alessio/shellescape v1.4.1 h1:V7yhSDDn8LP4lc4jS8pFkt0zCnzVJlG5JXy9BVKJUX0=
+github.com/alessio/shellescape v1.4.1/go.mod h1:PZAiSCk0LJaZkiCSkPv8qIobYglO3FPpyFjDCtHLS30=
+github.com/danieljoos/wincred v1.1.2 h1:QLdCxFs1/Yl4zduvBdcHB8goaYk9RARS2SgLLRuAyr0=
+github.com/danieljoos/wincred v1.1.2/go.mod h1:GijpziifJoIBfYh+S7BbkdUTU4LfM+QnGqR5Vl2tAx0=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
+github.com/godbus/dbus/v5 v5.1.0 h1:4KLkAxT3aOY8Li4FRJe/KvhoNFFxo0m6fNuFUO8QJUk=
+github.com/godbus/dbus/v5 v5.1.0/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/lucasepe/strcase v0.1.0 h1:uGKgD/bXvtSRILJG7sHlzP6ZJ/7ol6+4ww0eTWK/pek=
@@ -10,14 +17,22 @@ github.com/lucasepe/totp v0.1.0/go.mod h1:Vw7gdQtcH3aZcv30DHZAbnS/xpcDPin4mP4qqE
 github.com/lucasepe/xdg v0.1.0 h1:ZycjGq20CtCBSOjVF9XQBcNk47MQ6PyHKdn8DorZsGU=
 github.com/lucasepe/xdg v0.1.0/go.mod h1:XruOfGqUIWjoPJHJA0FGIxpe6c+ETsJyEy79jf4WBR0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
+github.com/zalando/go-keyring v0.2.2 h1:f0xmpYiSrHtSNAVgwip93Cg8tuF45HJM6rHq/A5RI/4=
+github.com/zalando/go-keyring v0.2.2/go.mod h1:sI3evg9Wvpw3+n4SqplGSJUMwtDeROfD4nsFz4z9PG0=
 go.etcd.io/bbolt v1.3.7 h1:j+zJOnnEjF/kyHlDDgGnVL/AIqIJPq8UoB2GSNfkUfQ=
 go.etcd.io/bbolt v1.3.7/go.mod h1:N9Mkw9X8x5fupy0IKsmuqVtoGDyxsaDlbk4Rd05IAQw=
+golang.org/x/sys v0.0.0-20210819135213-f52c844e1c1c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
 golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.5.0 h1:n2a8QNdAb0sZNpU9R1ALUXBbY+w51fCQDN+7EdxNBsY=
-golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k=
+golang.org/x/term v0.6.0 h1:clScbb1cHjoCkyRbWwBEUZ5H/tIFu5TAXIqaZD0Gcjw=
+golang.org/x/term v0.6.0/go.mod h1:m6U89DPEgQRMq3DNkDClhWw02AUbt2daBVO4cn4Hv9U=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=