added encryption and encoding

file.go

	if err != nil {
		return err
	}
	b, err = encrypt(encodeBase64(b), passphrase)
	if err != nil {
		return err
	}
	// Compress the contents
	var buffer bytes.Buffer
	decompressed, err := ioutil.ReadAll(gzip)
	gzip.Close()
	// Decrypt the contents
	decompressed, err = decrypt(decompressed, passphrase)
	if err != nil {
		return nil, err
	}
	decompressed = decodeBase64(decompressed)
	// Unmarshal the JSON information
	var sites []Site
	err = json.Unmarshal(decompressed, &sites)

handlers.go

	"os"
	"strconv"
	"text/template"
	"time"
)
type Page struct {
		return
	}
	passphrase = string(decodeBase64([]byte(passphrase)))
	u, err := url.Parse(host)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		return
	}
	book := getBookname(profile)
	passphrase = string(decodeBase64([]byte(passphrase)))
	if cmd == "delete" {
	switch cmd {
	default:
		// This should never happen, but just in case send them back
		http.Redirect(w, r, "/book", http.StatusSeeOther)
		return
	case "delete":
		book := getBookname(profile)
		err := os.Remove(book)
		if err != nil {
			// Return an error
		}
		http.Redirect(w, r, "/", http.StatusSeeOther)
	} else if cmd == "update" {
		break
	case "update":
		if newPassphrase == "" || confirmPassphrase == "" || newPassphrase != confirmPassphrase {
			http.Error(w, "Invalid passphrase provided", http.StatusInternalServerError)
			return
		}
		book := getBookname(profile)
		sites, err := read(book, passphrase)
		if err != nil {
			http.Error(w, err.Error(), http.StatusInternalServerError)
			return
		}
		http.Redirect(w, r, "/book", http.StatusSeeOther)
	} else {
		// This should never happen, but just in case send them back
		http.Redirect(w, r, "/book", http.StatusSeeOther)
		cookiePassphrase := &http.Cookie{
			Name:   "passphrase",
			MaxAge: -1,
		}
		http.SetCookie(w, cookiePassphrase)
		http.Redirect(w, r, "/", http.StatusSeeOther)
		break
	}
}
		return
	}
	passphrase = string(decodeBase64([]byte(passphrase)))
	// Update the revision number and generate a new password
	book := getBookname(profile)
	sites, err := read(book, passphrase)
		return
	}
	passphrase = string(decodeBase64([]byte(passphrase)))
	// Remove the site from our book and save it
	book := getBookname(profile)
	sites, err := read(book, passphrase)
	http.Redirect(w, r, "/book", http.StatusSeeOther)
}
func SignOffHandler(w http.ResponseWriter, r *http.Request) {
func SignOutHandler(w http.ResponseWriter, r *http.Request) {
	cookieProfile := &http.Cookie{
		Name:   "profile",
		MaxAge: -1,
		c, err = r.Cookie("passphrase")
		if err == nil {
			passphrase = c.Value
			passphrase = string(decodeBase64([]byte(c.Value)))
		}
	} else {
		// Set cookies
		expire := time.Now().AddDate(0, 0, 1)
		cookieProfile := &http.Cookie{
			Name:    "profile",
			Value:   profile,
			Expires: expire,
		}
		cookiePassphrase := &http.Cookie{
			Name:    "passphrase",
			Value:   encodeBase64([]byte(passphrase)),
			Expires: expire,
		}
		http.SetCookie(w, cookieProfile)
		http.SetCookie(w, cookiePassphrase)
	}
	if profile == "" || passphrase == "" {
		return
	}
	// Set cookies
	//expire := time.Now().AddDate(0, 0, 1)
	cookieProfile := &http.Cookie{
		Name:  "profile",
		Value: profile,
		//Path:       "/",
		//Domain:     "localhost",
		//Expires:    expire,
		//RawExpires: expire.Format(time.UnixDate),
		//MaxAge:     0,
		//Secure:     false,
		//HttpOnly:   true,
	}
	http.SetCookie(w, cookieProfile)
	cookiePassphrase := &http.Cookie{
		Name:  "passphrase",
		Value: passphrase,
		//Path:       "/",
		//Domain:     "localhost",
		//Expires:    expire,
		//RawExpires: expire.Format(time.UnixDate),
		//MaxAge:     0,
		//Secure:     false,
		//HttpOnly:   true,
	}
	http.SetCookie(w, cookiePassphrase)
	book := getBookname(profile)
	sites, err := read(book, passphrase)
	if err != nil {
		http.Error(w, err.Error(), http.StatusInternalServerError)
		//http.Error(w, "Invalid credentials", http.StatusUnauthorized)
		http.Redirect(w, r, "/", http.StatusSeeOther)
		return
	}
	for i, s := range sites {
	page := Page{
		Profile:    profile,
		Passphrase: passphrase,
		Passphrase: encodeBase64([]byte(passphrase)),
		Sites:      sites,
	}

main.go

	http.HandleFunc("/api/update", ProfileHandler)
	http.HandleFunc("/api/refresh", RefreshHandler)
	http.HandleFunc("/api/remove", RemoveHandler)
	http.HandleFunc("/signout", SignOffHandler)
	http.HandleFunc("/signout", SignOutHandler)
	http.HandleFunc("/book", BookHandler)
	http.HandleFunc("/", DefaultHandler)

security.go

package main
import (
	"crypto/aes"
	"crypto/cipher"
	"crypto/rand"
	"encoding/base64"
	"errors"
	"io"
	"os"
)
func encodeBase64(data []byte) string {
	return base64.StdEncoding.EncodeToString(data)
}
func decodeBase64(data []byte) []byte {
	b, _ := base64.StdEncoding.DecodeString(string(data))
	return b
}
func getLocalKey() string {
	env := os.Getenv("ENIGMA_KEY")
	if env == "" {
		env = "thebrownfoxjumpedoverthefence"
	}
	return env
}
func getSizedKey(key string) string {
	// Get the correct key length
	l := len(key)
	if l < 16 {
		for i := 0; i < 16-l; i++ {
			key += "."
		}
	} else if l < 24 {
		for i := 0; i < 24-l; i++ {
			key += "."
		}
	} else if l < 32 {
		for i := 0; i < 32-l; i++ {
			key += "."
		}
	} else {
		key = key[:32]
	}
	return key
}
// Encrypt the password book
func encrypt(clearText, profile, passphrase string) ([]byte, error) {
	return nil, nil
func encrypt(text, passphrase string) ([]byte, error) {
	key := []byte(getSizedKey(passphrase))
	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}
	cipherText := make([]byte, aes.BlockSize+len(text))
	iv := cipherText[:aes.BlockSize]
	if _, err := io.ReadFull(rand.Reader, iv); err != nil {
		return nil, err
	}
	encrypter := cipher.NewCFBEncrypter(block, iv)
	encrypter.XORKeyStream(cipherText[aes.BlockSize:], []byte(text))
	return cipherText, nil
}
// Decrypt the password book
func decrypt(encryptedText, profile, passphrase string) ([]byte, error) {
	return nil, nil
func decrypt(text []byte, passphrase string) ([]byte, error) {
	key := []byte(getSizedKey(passphrase))
	block, err := aes.NewCipher(key)
	if err != nil {
		return nil, err
	}
	if len(text) < aes.BlockSize {
		return nil, errors.New("Cipher text too short")
	}
	iv := text[:aes.BlockSize]
	data := text[aes.BlockSize:]
	decrypter := cipher.NewCFBDecrypter(block, iv)
	decrypter.XORKeyStream(data, data)
	return data, nil
}