summaryrefslogtreecommitdiff
path: root/src/password-store.sh
diff options
context:
space:
mode:
Diffstat (limited to 'src/password-store.sh')
-rwxr-xr-xsrc/password-store.sh94
1 files changed, 71 insertions, 23 deletions
diff --git a/src/password-store.sh b/src/password-store.sh
index 2e1d14b..0fecc79 100755
--- a/src/password-store.sh
+++ b/src/password-store.sh
@@ -29,6 +29,8 @@ Usage:
$program insert [--no-echo,-n | --multiline,-m] pass-name
Insert new password. Optionally, the console can be enabled to not
echo the password back. Or, optionally, it may be multiline.
+ $program edit pass-name
+ Insert a new password or edit an existing password using ${EDITOR:-vi}.
$program generate [--no-symbols,-n] [--clip,-c] pass-name pass-length
Generate a new password of pass-length with optionally no symbols.
Optionally put it on the clipboard and clear board after 45 seconds.
@@ -47,7 +49,7 @@ _EOF
}
isCommand() {
case "$1" in
- init|ls|list|show|insert|generate|remove|rm|delete|push|pull|git|help) return 0 ;;
+ init|ls|list|show|insert|edit|generate|remove|rm|delete|push|pull|git|help|--help) return 0 ;;
*) return 1 ;;
esac
}
@@ -93,7 +95,7 @@ case "$command" in
echo "Password store initialized for $gpg_id."
exit 0
;;
- help)
+ help|--help)
usage
exit 0
;;
@@ -132,9 +134,9 @@ case "$command" in
exit 1
fi
if [ $clip -eq 0 ]; then
- exec gpg -q -d "$passfile"
+ exec gpg -q -d --yes "$passfile"
else
- clip "$(gpg -q -d "$passfile" | head -n 1)" "$path"
+ clip "$(gpg -q -d --yes "$passfile" | head -n 1)" "$path"
fi
fi
;;
@@ -163,30 +165,76 @@ case "$command" in
if [[ $ml -eq 1 ]]; then
echo "Enter contents of $path and press Ctrl+D when finished:"
echo
- cat | gpg -e -r "$ID" > "$passfile"
+ cat | gpg -e -r "$ID" -o "$passfile" --yes
elif [[ $noecho -eq 1 ]]; then
- stty -echo
+ while true; do
+ stty -echo
+ echo -n "Enter password for $path: "
+ read password
+ echo
+ echo -n "Retype password for $path: "
+ read password_again
+ echo
+ stty echo
+ if [[ $password == $password_again ]]; then
+ gpg -q -e -r "$ID" -o "$passfile" --yes <<<"$password"
+ break
+ else
+ echo "Error: the entered passwords do not match."
+ fi
+ done
+ else
echo -n "Enter password for $path: "
- read password
- echo
- echo -n "Retype password for $path: "
- read password_again
- echo
- stty echo
- if [[ $password == $password_again ]]; then
- gpg -e -r "$ID" > "$passfile" <<<"$password"
- else
- echo "Error: the entered passwords do not match."
+ head -n 1 | gpg -q -e -r "$ID" -o "$passfile" --yes
+ fi
+ if [[ -d $GIT ]]; then
+ git add "$passfile"
+ git commit -m "Added given password for $path to store."
+ fi
+ ;;
+ edit)
+ if [[ $# -ne 1 ]]; then
+ echo "Usage $program $command pass-name"
+ exit 1
+ fi
+
+ path="$1"
+ mkdir -p -v "$PREFIX/$(dirname "$path")"
+ passfile="$PREFIX/$path.gpg"
+
+ if [ -d /dev/shm -a -w /dev/shm -a -x /dev/shm ]; then
+ tmp_dir="$(mktemp -d --tmpdir=/dev/shm)"
+ else
+ echo "Your system does not have /dev/shm, which means that it may"
+ echo "be difficult to entirely erase the temporary non-encrypted"
+ echo "password file after editing. Are you sure you would like to"
+ echo -n "continue? [y/N] "
+ read yesno
+ if ! [[ $yesno == "y" || $yesno == "Y" ]]; then
exit 1
fi
+ tmp_dir="$(mktemp -d)"
+ fi
+ tmp_file="$(mktemp --tmpdir="$tmp_dir")"
- else
- echo -n "Enter password for $path: "
- head -n 1 | gpg -e -r "$ID" > "$passfile"
+ action="Added"
+ if [[ -f $passfile ]]; then
+ if ! gpg -q -d -o "$tmp_file" --yes "$passfile"; then
+ rm -rf "$tmp_file" "$tmp_dir"
+ exit 1
+ fi
+ action="Edited"
fi
+ "${EDITOR:-vi}" "$tmp_file"
+ while ! gpg -q -e -r "$ID" -o "$passfile" --yes "$tmp_file"; do
+ echo "GPG encryption failed. Retrying."
+ sleep 1
+ done
+ rm -rf "$tmp_file" "$tmp_dir"
+
if [[ -d $GIT ]]; then
git add "$passfile"
- git commit -m "Added given password for $path to store."
+ git commit -m "$action password for $path using ${EDITOR:-vi}."
fi
;;
generate)
@@ -216,7 +264,7 @@ case "$command" in
mkdir -p -v "$PREFIX/$(dirname "$path")"
pass="$(pwgen -s $symbols $length 1)"
passfile="$PREFIX/$path.gpg"
- echo $pass | gpg -e -r "$ID" > "$passfile"
+ gpg -q -e -r "$ID" -o "$passfile" --yes <<<"$pass"
if [[ -d $GIT ]]; then
git add "$passfile"
git commit -m "Added generated password for $path to store."
@@ -248,7 +296,7 @@ case "$command" in
;;
push|pull)
if [[ -d $GIT ]]; then
- exec git $command $@
+ exec git $command "$@"
else
echo "Error: the password store is not a git repository."
exit 1
@@ -256,7 +304,7 @@ case "$command" in
;;
git)
if [[ $1 == "init" ]] || [[ -d $GIT ]]; then
- exec git $@
+ exec git "$@"
else
echo "Error: the password store is not a git repository."
exit 1