Add support for multiple password "contexts" in one repo

Context names let you encrypt some files with different passwords for a different audience, such as super-users. The 'default' context applies unless you set a context name. Add a context by reinitialising transcrypt with a context name then add a pattern with crypt-<CONTEXT*NAME> attributes to *.gitattributes*. For example, to encrypt a file \_top-secret* in a "super" context: # Initialise a new "super" context, and set a different password $ transcrypt --context=super # Add a pattern to .gitattributes with "crypt-super" values $ echo >> .gitattributes \\ 'top-secret filter=crypt-super diff=crypt-super merge=crypt-super' # Add and commit your top-secret and .gitattribute files $ git add .gitattributes top-secret $ git commit -m "Add top secret file for super-users only" # List all contexts $ transcrypt --list-contexts # Display the cipher and password for the "super" context $ transcrypt --context=super --display
elasticdog · Oct 23, 2022 · e08c359 · e08c359
1 parent 93f9d4c
commit e08c359
Show file tree

Hide file tree

Showing 9 changed files with 830 additions and 86 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -8,6 +8,15 @@ The format is based on [Keep a Changelog][1], and this project adheres to
 [1]: https://keepachangelog.com/en/1.0.0/
 [2]: https://semver.org/spec/v2.0.0.html
 
+## [Unreleased]
+
+### Added
+
+- Add contexts feature that lets you encrypt different sets of files with
+  different passwords for a different audience, such as super-users versus
+  normal repository users. See `--context=` / `-C` / `--list-context` arguments
+  and documentation for this advanced feature.
+
 ## [2.2.0] - 2022-07-09
 
 ### Added

diff --git a/README.md b/README.md
@@ -154,6 +154,7 @@ by running the `--display` command line option:
     The current repository was configured using transcrypt v0.2.0
     and has the following configuration:
 
+      CONTEXT:  default
       CIPHER:   aes-256-cbc
       PASSWORD: correct horse battery staple
 
@@ -246,6 +247,14 @@ directory.
       -i, --import-gpg=FILE
              import the password and cipher from a gpg encrypted file
 
+      -C, --context=CONTEXT_NAME
+             name for a context  with a different passphrase  and cipher from
+             the  'default' context;   use this  advanced option  to  encrypt
+             different files with different passphrases
+
+      --list-contexts
+             list all contexts configured in the  repository,  and warn about
+             incompletely configured contexts
       -v, --version
              print the version information
 
@@ -300,6 +309,35 @@ password could potentially manipulate the plaintext in limited ways (given that
 the attacker knows the original plaintext). Honestly, I'm not sure if the added
 complexity here would be worth it given transcrypt's use case.
 
+## Advanced
+
+### Contexts
+
+Context names let you encrypt some files with different passwords for a
+different audience, such as super-users. The 'default' context applies unless
+you set a context name.
+
+Add a context by reinitialising transcrypt with a context name then add a
+pattern with crypt-<CONTEXT*NAME> attributes to *.gitattributes*. For example,
+to encrypt a file \_top-secret* in a "super" context:
+
+    # Initialise a new "super" context, and set a different password
+    $ transcrypt --context=super
+
+    # Add a pattern to .gitattributes with "crypt-super" values
+    $ echo >> .gitattributes \\
+      'top-secret filter=crypt-super diff=crypt-super merge=crypt-super'
+
+    # Add and commit your top-secret and .gitattribute files
+    $ git add .gitattributes top-secret
+    $ git commit -m "Add top secret file for super-users only"
+
+    # List all contexts
+    $ transcrypt --list-contexts
+
+    # Display the cipher and password for the "super" context
+    $ transcrypt --context=super --display
+
 ## License
 
 transcrypt is provided under the terms of the

diff --git a/contrib/packaging/pacman/PKGBUILD b/contrib/packaging/pacman/PKGBUILD
@@ -1,6 +1,6 @@
 # Maintainer: Aaron Bull Schaefer <aaron@elasticdog.com>
 pkgname=transcrypt
-pkgver=2.2.0
+pkgver=2.3.0-pre
 pkgrel=1
 pkgdesc='A script to configure transparent encryption of files within a Git repository'
 arch=('any')

diff --git a/man/transcrypt.1.ronn b/man/transcrypt.1.ronn
@@ -68,6 +68,15 @@ The transcrypt source code and full documentation may be downloaded from
   * `-i`, `--import-gpg`=<file>:
     import the password and cipher from a gpg encrypted file
 
+  * `-C`, `--context`=<context_name>
+    name for a context that can use a different passphrase and cipher
+    from the 'default' context; use this advanced option, to permit
+    encrypting different files with different passphrases
+
+  * `--list-contexts`
+    list all contexts configured in the repository, and warn about
+    incompletely configured contexts.
+
   * `-v`, `--version`:
     print the version information
 
@@ -105,6 +114,33 @@ If the origin repository has just rekeyed, all clones should flush their
 transcrypt credentials, fetch and merge the new encrypted files via Git, and
 then re-configure transcrypt with the new credentials.
 
+## ADVANCED
+
+Context names let you encrypt some files with different passwords for a
+different audience, such as super-users. The 'default' context applies unless
+you set a context name.
+
+Add a context by reinitialising transcrypt with a context name then add a
+pattern with crypt-<CONTEXT_NAME> attributes to .gitattributes.
+For example, to encrypt a file 'top-secret' in a "super" context:
+
+    # Initialise a new "super" context, and set a different password
+    $ transcrypt --context=super
+
+    # Add a pattern to .gitattributes with "crypt-super" values
+    $ echo >> .gitattributes \\
+    'top-secret filter=crypt-super diff=crypt-super merge=crypt-super'
+
+    # Add and commit your top-secret and .gitattribute files
+    $ git add .gitattributes top-secret
+    $ git commit -m "Add top secret file for super-users only"
+
+    # List all contexts
+    $ transcrypt --list-contexts
+
+    # Display the cipher and password for the "super" context
+    $ transcrypt --context=super --display
+
 ## AUTHOR
 
 Aaron Bull Schaefer &lt;aaron@elasticdog.com&gt;

diff --git a/tests/_test_helper.bash b/tests/_test_helper.bash
@@ -33,7 +33,7 @@ function nuke_git_repo {
 
 function cleanup_all {
   nuke_git_repo
-  rm "$BATS_TEST_DIRNAME"/.gitattributes
+  rm -f "$BATS_TEST_DIRNAME"/.gitattributes
   rm -f "$BATS_TEST_DIRNAME"/sensitive_file
 }
 
@@ -44,10 +44,15 @@ function init_transcrypt {
 function encrypt_named_file {
   filename="$1"
   content=$2
+  context=${3:-default}
   if [[ "$content" ]]; then
     echo "$content" > "$filename"
   fi
-  echo "\"$filename\" filter=crypt diff=crypt merge=crypt" >> .gitattributes
+  if [[ "$context" = "default" ]]; then
+    echo "\"$filename\" filter=crypt diff=crypt merge=crypt" >> .gitattributes
+  else
+    echo "\"$filename\" filter=crypt-$context diff=crypt-$context merge=crypt-$context" >> .gitattributes
+  fi
   git add .gitattributes "$filename"
   run git commit -m "Encrypt file \"$filename\""
 }
@@ -64,3 +69,7 @@ function teardown {
   cleanup_all
   popd || exit 1
 }
+
+function check_repo_is_clean {
+  git diff-index --quiet HEAD --
+}