From 098611d8b23ab846338f97748325eb7fc8b53892 Mon Sep 17 00:00:00 2001 From: Tristan Riehs Date: Sat, 3 Jan 2026 22:11:10 +0100 Subject: Rework encryption function Prepare for the decryption when using "ftag export". --- src/main.c | 25 +++++++++++++++++++------ 1 file changed, 19 insertions(+), 6 deletions(-) (limited to 'src/main.c') diff --git a/src/main.c b/src/main.c index 51d84e1..1a2eac8 100644 --- a/src/main.c +++ b/src/main.c @@ -14,6 +14,13 @@ #define DATABASE_PATH (FTAG_ROOT "/ftag.sqlite3") +/* Used when encrypting or decrpyting a file, see the copy_encrypted_file + * function. */ +enum encrypt { + ENCRYPT, + DECRYPT, +}; + /* TODO: read the configuration from a file This would allow working with different databases with the same ftag @@ -117,17 +124,23 @@ static void copy_file(const char *in, const char *out) /* Like copy_file, but OUT is an encrypted version of IN. Encryption is done * using GPG. */ -static void copy_and_encrypt_file(const char *in, const char *out) +static void +copy_file_with_encryption(const char *in, const char *out, enum encrypt encrypt) { int rc = fork(); + char *crypt_param; + assert(encrypt == ENCRYPT || encrypt == DECRYPT); + if (encrypt == ENCRYPT) + crypt_param = "--encrypt"; + else + crypt_param = "--decrypt"; if (rc == 0) { execlp("gpg", "gpg", "--output", out, - /* do not ask for overwriting files, maybe dangerous if - * GPG asks security questions */ - "--yes", - "--encrypt", in, + "--yes", /* do not ask for overwriting files, maybe + * dangerous if GPG asks security questions */ + crypt_param, in, NULL); fprintf(stderr, "exec: gpg:"); perror(""); @@ -612,7 +625,7 @@ ftag_add_one_file(sqlite3 *db, int *next_id, const char *file, uint32_t file_sum char new_path[512]; if (encrypt) { strbuild(new_path, "%s/files/%s.gpg", FTAG_ROOT, canonical_name); - copy_and_encrypt_file(file, new_path); + copy_file_with_encryption(file, new_path, ENCRYPT); } else { strbuild(new_path, "%s/files/%s", FTAG_ROOT, canonical_name); -- cgit v1.2.3