GPG encryption/decryption and recipient resolution.
Procs
proc gpgDecrypt(inPath, outPath: string) {....raises: [OSError, IOError], tags: [ExecIOEffect, ReadIOEffect, RootEffect, WriteIOEffect], forbids: [].}
- Decrypt a GPG-encrypted file to a target path.
proc gpgDecryptToString(inPath: string): string {....raises: [OSError, IOError], tags: [ExecIOEffect, ReadIOEffect, RootEffect, WriteIOEffect], forbids: [].}
- Decrypt a GPG-encrypted file and return contents as a string.
proc gpgEncrypt(cfg: GpgConfig; inPath, outPath: string) {. ...raises: [OSError, IOError], tags: [ExecIOEffect, ReadIOEffect, RootEffect, WriteIOEffect], forbids: [].}
- Encrypt a file using GPG with the configured recipient.
proc initGpgConfig(cliRecipient: string; repo: string): GpgConfig {. ...raises: [IOError], tags: [ReadEnvEffect, ReadDirEffect, ReadIOEffect, WriteIOEffect], forbids: [].}
- Build a GpgConfig by resolving the recipient through the 3-tier chain.
proc resolveRecipient(cli, env, configFile: string): string {....raises: [IOError], tags: [ReadEnvEffect, ReadDirEffect, ReadIOEffect, WriteIOEffect], forbids: [].}
-
3-tier recipient lookup:
- CLI --recipient flag
- NIMVAULT_GPG_RECIPIENT env var
- .vault/config file (key = value format, key: recipient)
proc sha256sum(path: string): string {....raises: [OSError, IOError], tags: [ ExecIOEffect, ReadIOEffect, RootEffect, WriteIOEffect], forbids: [].}
- Returns hex SHA-256 digest of a file.