From bd63b4f630d3c7afcc83e274d7f2cccd0acb63fc Mon Sep 17 00:00:00 2001
From: Sandi Krese <sandi.krese@bitstamp.net>
Date: Sat, 4 Feb 2023 07:59:31 +0100
Subject: [PATCH 1/2] Encrypt in a package and export method encrypt to be used
 in import "go.mozilla.org/sops/v3/encrypt".

---
 cmd/sops/main.go                 | 3 ++-
 {cmd/sops => encrypt}/encrypt.go | 8 ++++----
 2 files changed, 6 insertions(+), 5 deletions(-)
 rename {cmd/sops => encrypt}/encrypt.go (94%)

diff --git a/cmd/sops/main.go b/cmd/sops/main.go
index 2deea8671..3c72c780b 100644
--- a/cmd/sops/main.go
+++ b/cmd/sops/main.go
@@ -28,6 +28,7 @@ import (
 	publishcmd "go.mozilla.org/sops/v3/cmd/sops/subcommand/publish"
 	"go.mozilla.org/sops/v3/cmd/sops/subcommand/updatekeys"
 	"go.mozilla.org/sops/v3/config"
+	"go.mozilla.org/sops/v3/encrypt"
 	"go.mozilla.org/sops/v3/gcpkms"
 	"go.mozilla.org/sops/v3/hcvault"
 	"go.mozilla.org/sops/v3/keys"
@@ -796,7 +797,7 @@ func main() {
 			if err != nil {
 				return toExitError(err)
 			}
-			output, err = encrypt(encryptOpts{
+			output, err = encrypt.Encrypt(encrypt.EncryptOpts{
 				OutputStore:       outputStore,
 				InputStore:        inputStore,
 				InputPath:         fileName,
diff --git a/cmd/sops/encrypt.go b/encrypt/encrypt.go
similarity index 94%
rename from cmd/sops/encrypt.go
rename to encrypt/encrypt.go
index 1aa09eeba..e8801a08b 100644
--- a/cmd/sops/encrypt.go
+++ b/encrypt/encrypt.go
@@ -1,4 +1,4 @@
-package main
+package encrypt
 
 import (
 	"io/ioutil"
@@ -14,7 +14,7 @@ import (
 	"go.mozilla.org/sops/v3/version"
 )
 
-type encryptOpts struct {
+type EncryptOpts struct {
 	Cipher            sops.Cipher
 	InputStore        sops.Store
 	OutputStore       sops.Store
@@ -46,7 +46,7 @@ func (err *fileAlreadyEncryptedError) UserError() string {
 	return wordwrap.WrapString(message, 75)
 }
 
-func ensureNoMetadata(opts encryptOpts, branch sops.TreeBranch) error {
+func ensureNoMetadata(opts EncryptOpts, branch sops.TreeBranch) error {
 	for _, b := range branch {
 		if b.Key == "sops" {
 			return &fileAlreadyEncryptedError{}
@@ -55,7 +55,7 @@ func ensureNoMetadata(opts encryptOpts, branch sops.TreeBranch) error {
 	return nil
 }
 
-func encrypt(opts encryptOpts) (encryptedFile []byte, err error) {
+func Encrypt(opts EncryptOpts) (encryptedFile []byte, err error) {
 	// Load the file
 	fileBytes, err := ioutil.ReadFile(opts.InputPath)
 	if err != nil {

From 59a0398b5e440ac003b0ed2bfaed57a1bbdcdc8a Mon Sep 17 00:00:00 2001
From: Sandi Krese <sandi.krese@bitstamp.net>
Date: Wed, 15 Mar 2023 21:30:50 +0100
Subject: [PATCH 2/2] Decrypt in a package and export method decrypt to be used
 in import "go.mozilla.org/sops/v3/decrypt".

---
 cmd/sops/decrypt.go |  4 ++--
 cmd/sops/main.go    | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/cmd/sops/decrypt.go b/cmd/sops/decrypt.go
index f348b16a7..49cd25b14 100644
--- a/cmd/sops/decrypt.go
+++ b/cmd/sops/decrypt.go
@@ -9,7 +9,7 @@ import (
 	"go.mozilla.org/sops/v3/keyservice"
 )
 
-type decryptOpts struct {
+type DecryptOpts struct {
 	Cipher      sops.Cipher
 	InputStore  sops.Store
 	OutputStore sops.Store
@@ -19,7 +19,7 @@ type decryptOpts struct {
 	KeyServices []keyservice.KeyServiceClient
 }
 
-func decrypt(opts decryptOpts) (decryptedFile []byte, err error) {
+func Decrypt(opts DecryptOpts) (decryptedFile []byte, err error) {
 	tree, err := common.LoadEncryptedFileWithBugFixes(common.GenericDecryptOpts{
 		Cipher:      opts.Cipher,
 		InputStore:  opts.InputStore,
diff --git a/cmd/sops/main.go b/cmd/sops/main.go
index 3c72c780b..aa37a0e06 100644
--- a/cmd/sops/main.go
+++ b/cmd/sops/main.go
@@ -145,7 +145,7 @@ func main() {
 				inputStore := inputStore(c, fileName)
 
 				svcs := keyservices(c)
-				opts := decryptOpts{
+				opts := DecryptOpts{
 					OutputStore: &dotenv.Store{},
 					InputStore:  inputStore,
 					InputPath:   fileName,
@@ -154,7 +154,7 @@ func main() {
 					IgnoreMAC:   c.Bool("ignore-mac"),
 				}
 
-				output, err := decrypt(opts)
+				output, err := Decrypt(opts)
 				if err != nil {
 					return toExitError(err)
 				}
@@ -213,7 +213,7 @@ func main() {
 				outputStore := outputStore(c, fileName)
 
 				svcs := keyservices(c)
-				opts := decryptOpts{
+				opts := DecryptOpts{
 					OutputStore: outputStore,
 					InputStore:  inputStore,
 					InputPath:   fileName,
@@ -222,7 +222,7 @@ func main() {
 					IgnoreMAC:   c.Bool("ignore-mac"),
 				}
 
-				output, err := decrypt(opts)
+				output, err := Decrypt(opts)
 				if err != nil {
 					return toExitError(err)
 				}
@@ -818,7 +818,7 @@ func main() {
 			if err != nil {
 				return common.NewExitError(fmt.Errorf("error parsing --extract path: %s", err), codes.InvalidTreePathFormat)
 			}
-			output, err = decrypt(decryptOpts{
+			output, err = Decrypt(DecryptOpts{
 				OutputStore: outputStore,
 				InputStore:  inputStore,
 				InputPath:   fileName,