First, I'm using gpg, because openpgp module doesn't support gpg-agent.
My problem:
If, at the command line, I run the following, gpg decrypts the file and writes its contents to stdout (like I want):
/usr/bin/gpg --decrypt /home/wwalker/castle_keys.asc
So, then, I run it from inside Go, and the behavior changes, it writes to a sibling file to the asc file (I've change the exec'd app to env and run it and the environment is the same as the parent (as expected)). I don't know if this is a Go thing (I doubt it) or a gpg thing (I expect it to be very wary of where it writes to):
wwalker@hatter:~/golang_workspace/src/devops/play$ ./play
You need a passphrase to unlock the secret key for
user: "Wayne Walker (Ruby Hacker) <wwalker@redacted.com>"
4096-bit ELG-E key, ID 39D0C3D7, created 2007-12-31 (main key ID A62B624A)
File `/home/wwalker/Files/castle_keys' exists. Overwrite? (y/N)
Enter new filename: asdf
play.go:
wwalker@hatter:~/golang_workspace/src/devops/play$ cat main.go
// Author wwalker
package main
import (
"bytes"
"fmt"
"os/exec"
)
func decryptFile(filename string) ([]byte, error) {
//cmd := exec.Command("/usr/bin/env")
var cmd exec.Cmd
var output bytes.Buffer
cmd.Path = "/usr/bin/gpg"
cmd.Args = []string{"--decrypt", filename}
cmd.Stdout = &output
if err := cmd.Run(); err != nil {
return nil, err
}
return output.Bytes(), nil
}
func main() {
bytes, err := decryptFile("/home/wwalker/Files/castle_keys.asc")
if err == nil {
fmt.Printf("%s
", string(bytes))
}
}