Source code

001/*
002 * Copyright 2025 devteam@scivics-lab.com
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing,
011 * software distributed under the License is distributed on an
012 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND,
013 * either express or implied.  See the License for the
014 * specific language governing permissions and limitations
015 * under the License.
016 */
017
018package com.scivicslab.actoriac;
019
020import java.nio.file.Files;
021import java.nio.file.Path;
022
023/**
024 * Command-line tool for managing encrypted secrets.
025 *
026 * <h2>Usage</h2>
027 * <pre>
028 * # Generate a new encryption key
029 * java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool generate-key
030 *
031 * # Encrypt a secrets file
032 * java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool encrypt secrets.ini secrets.enc &lt;key&gt;
033 *
034 * # Decrypt a secrets file (for verification)
035 * java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool decrypt secrets.enc &lt;key&gt;
036 * </pre>
037 *
038 * @author devteam@scivics-lab.com
039 */
040public class SecretTool {
041
042    public static void main(String[] args) {
043        if (args.length == 0) {
044            printUsage();
045            System.exit(1);
046        }
047
048        String command = args[0];
049
050        try {
051            switch (command) {
052                case "generate-key":
053                    generateKey();
054                    break;
055
056                case "encrypt":
057                    if (args.length != 4) {
058                        System.err.println("Error: encrypt requires 3 arguments: <input> <output> <key>");
059                        printUsage();
060                        System.exit(1);
061                    }
062                    encrypt(args[1], args[2], args[3]);
063                    break;
064
065                case "decrypt":
066                    if (args.length != 3) {
067                        System.err.println("Error: decrypt requires 2 arguments: <input> <key>");
068                        printUsage();
069                        System.exit(1);
070                    }
071                    decrypt(args[1], args[2]);
072                    break;
073
074                default:
075                    System.err.println("Error: Unknown command: " + command);
076                    printUsage();
077                    System.exit(1);
078            }
079        } catch (Exception e) {
080            System.err.println("Error: " + e.getMessage());
081            e.printStackTrace();
082            System.exit(1);
083        }
084    }
085
086    private static void generateKey() throws SecretEncryptor.EncryptionException {
087        String key = SecretEncryptor.generateKey();
088        System.out.println("Generated encryption key:");
089        System.out.println(key);
090        System.out.println();
091        System.out.println("Save this key securely and set it as an environment variable:");
092        System.out.println("export ACTOR_IAC_SECRET_KEY=\"" + key + "\"");
093    }
094
095    private static void encrypt(String inputPath, String outputPath, String key) throws Exception {
096        // Read plaintext
097        String plaintext = Files.readString(Path.of(inputPath));
098
099        // Encrypt
100        String encrypted = SecretEncryptor.encrypt(plaintext, key);
101
102        // Write encrypted data
103        Files.writeString(Path.of(outputPath), encrypted);
104
105        System.out.println("Successfully encrypted " + inputPath + " -> " + outputPath);
106    }
107
108    private static void decrypt(String inputPath, String key) throws Exception {
109        // Read encrypted data
110        String encrypted = Files.readString(Path.of(inputPath));
111
112        // Decrypt
113        String decrypted = SecretEncryptor.decrypt(encrypted, key);
114
115        // Print decrypted content
116        System.out.println("Decrypted content:");
117        System.out.println("---");
118        System.out.println(decrypted);
119        System.out.println("---");
120    }
121
122    private static void printUsage() {
123        System.out.println("Usage: java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool <command> [args]");
124        System.out.println();
125        System.out.println("Commands:");
126        System.out.println("  generate-key                    Generate a new encryption key");
127        System.out.println("  encrypt <input> <output> <key>  Encrypt a secrets file");
128        System.out.println("  decrypt <input> <key>           Decrypt a secrets file (for verification)");
129        System.out.println();
130        System.out.println("Examples:");
131        System.out.println("  # Generate key");
132        System.out.println("  java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool generate-key");
133        System.out.println();
134        System.out.println("  # Encrypt");
135        System.out.println("  java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool encrypt secrets.ini secrets.enc \"$ACTOR_IAC_SECRET_KEY\"");
136        System.out.println();
137        System.out.println("  # Decrypt (verify)");
138        System.out.println("  java -cp actor-IaC.jar com.scivicslab.actoriac.SecretTool decrypt secrets.enc \"$ACTOR_IAC_SECRET_KEY\"");
139    }
140}