stash

Simple password manager shell script
Log | Files | Refs | README

passphrase-from-stdin.patch (3018B)

      1 From b4f09bfa98e46fa66414cb3d37fab46eb13cb127 Mon Sep 17 00:00:00 2001
      2 From: Alexander Yastrebov <yastrebov.alex@gmail.com>
      3 Date: Fri, 20 Jun 2025 23:12:08 +0200
      4 Subject: [PATCH] Decrypt with passphrase from stdin
      5 
      6 Read passphrase from stdin when it is not used for input data.
      7 
      8 Fixes #603
      9 ---
     10  cmd/age/age.go                   | 12 +++++++++++-
     11  cmd/age/testdata/output_file.txt |  2 +-
     12  cmd/age/testdata/scrypt.txt      |  6 +++---
     13  cmd/age/testdata/terminal.txt    |  9 ++++++++-
     14  4 files changed, 23 insertions(+), 6 deletions(-)
     15 
     16 diff --git a/cmd/age/age.go b/cmd/age/age.go
     17 index e5d17e2b..275e17b2 100644
     18 --- a/cmd/age/age.go
     19 +++ b/cmd/age/age.go
     20 @@ -455,10 +455,20 @@ func decryptNotPass(flags identityFlags, in io.Reader, out io.Writer) {
     21  }
     22  
     23  func decryptPass(in io.Reader, out io.Writer) {
     24 +	passphrase := passphrasePromptForDecryption
     25 +
     26 +	if in != os.Stdin && !term.IsTerminal(int(os.Stdin.Fd())) {
     27 +		passphrase = func() (string, error) {
     28 +			b, err := io.ReadAll(os.Stdin)
     29 +			b = bytes.TrimRight(b, "\n")
     30 +			return string(b), err
     31 +		}
     32 +	}
     33 +
     34  	identities := []age.Identity{
     35  		// If there is an scrypt recipient (it will have to be the only one and)
     36  		// this identity will be invoked.
     37 -		&LazyScryptIdentity{passphrasePromptForDecryption},
     38 +		&LazyScryptIdentity{passphrase},
     39  	}
     40  
     41  	decrypt(identities, in, out)
     42 diff --git a/cmd/age/testdata/output_file.txt b/cmd/age/testdata/output_file.txt
     43 index 5b16d654..24b5219f 100644
     44 --- a/cmd/age/testdata/output_file.txt
     45 +++ b/cmd/age/testdata/output_file.txt
     46 @@ -54,7 +54,7 @@ cmp inputcopy input
     47  # https://github.com/FiloSottile/age/issues/159
     48  ttyin terminal
     49  age -p -a -o test.age input
     50 -ttyin terminalwrong
     51 +ttyin -stdin terminalwrong
     52  ! age -o test.out -d test.age
     53  ttyout 'Enter passphrase'
     54  stderr 'incorrect passphrase'
     55 diff --git a/cmd/age/testdata/scrypt.txt b/cmd/age/testdata/scrypt.txt
     56 index 93298855..abc26895 100644
     57 --- a/cmd/age/testdata/scrypt.txt
     58 +++ b/cmd/age/testdata/scrypt.txt
     59 @@ -10,14 +10,14 @@ ttyout 'Enter passphrase'
     60  ! stdout .
     61  
     62  # decrypt with a provided passphrase
     63 -ttyin terminal
     64 +ttyin -stdin terminal
     65  age -d test.age
     66  ttyout 'Enter passphrase'
     67  ! stderr .
     68  cmp stdout input
     69  
     70  # decrypt with the wrong passphrase
     71 -ttyin wrong
     72 +ttyin -stdin wrong
     73  ! age -d test.age
     74  stderr 'incorrect passphrase'
     75  
     76 @@ -27,7 +27,7 @@ ttyin empty
     77  age -p -o test.age
     78  ! stderr .
     79  ! stdout .
     80 -ttyin autogenerated
     81 +ttyin -stdin autogenerated
     82  age -d test.age
     83  cmp stdout input
     84  
     85 diff --git a/cmd/age/testdata/terminal.txt b/cmd/age/testdata/terminal.txt
     86 index b2cf0078..8923b7d5 100644
     87 --- a/cmd/age/testdata/terminal.txt
     88 +++ b/cmd/age/testdata/terminal.txt
     89 @@ -34,7 +34,12 @@ age -p -a -o test.age
     90  ttyout 'Enter passphrase'
     91  ! stderr .
     92  # check the file was encrypted correctly
     93 -ttyin terminal
     94 +ttyin -stdin terminal
     95 +age -d test.age
     96 +cmp stdout input
     97 +
     98 +# read passphrase from stdin
     99 +stdin password
    100  age -d test.age
    101  cmp stdout input
    102  
    103 @@ -53,5 +58,7 @@ test
    104  -- terminal --
    105  password
    106  password
    107 +-- password --
    108 +password
    109  -- empty --
    110